diff --git a/secure/caroot/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem b/secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem similarity index 100% rename from secure/caroot/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem rename to secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem diff --git a/secure/caroot/trusted/VeriSign_Universal_Root_Certification_Authority.pem b/secure/caroot/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem similarity index 100% rename from secure/caroot/trusted/VeriSign_Universal_Root_Certification_Authority.pem rename to secure/caroot/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem diff --git a/secure/caroot/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem b/secure/caroot/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem new file mode 100644 index 000000000000..21d2c4f13bc6 --- /dev/null +++ b/secure/caroot/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem @@ -0,0 +1,67 @@ +## +## AC RAIZ FNMT-RCM SERVIDORES SEGUROS +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss). +## +## Extracted from nss +## with $FreeBSD$ +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 62:f6:32:6c:e5:c4:e3:68:5c:1b:62:dd:9c:2e:9d:95 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C = ES, O = FNMT-RCM, OU = Ceres, organizationIdentifier = VATES-Q2826004J, CN = AC RAIZ FNMT-RCM SERVIDORES SEGUROS + Validity + Not Before: Dec 20 09:37:33 2018 GMT + Not After : Dec 20 09:37:33 2043 GMT + Subject: C = ES, O = FNMT-RCM, OU = Ceres, organizationIdentifier = VATES-Q2826004J, CN = AC RAIZ FNMT-RCM SERVIDORES SEGUROS + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:f6:ba:57:53:c8:ca:ab:df:36:4a:52:21:e4:97: + d2:83:67:9e:f0:65:51:d0:5e:87:c7:47:b1:59:f2: + 57:47:9b:00:02:93:44:17:69:db:42:c7:b1:b2:3a: + 18:0e:b4:5d:8c:b3:66:5d:a1:34:f9:36:2c:49:db: + f3:46:fc:b3:44:69:44:13:66:fd:d7:c5:fd:af:36: + 4d:ce:03:4d:07:71:cf:af:6a:05:d2:a2:43:5a:0a: + 52:6f:01:03:4e:8e:8b + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + 01:B9:2F:EF:BF:11:86:60:F2:4F:D0:41:6E:AB:73:1F:E7:D2:6E:49 + Signature Algorithm: ecdsa-with-SHA384 + 30:66:02:31:00:ae:4a:e3:2b:40:c3:74:11:f2:95:ad:16:23: + de:4e:0c:1a:e6:5d:a5:24:5e:6b:44:7b:fc:38:e2:4f:cb:9c: + 45:17:11:4c:14:27:26:55:39:75:4a:03:cc:13:90:9f:92:02: + 31:00:fa:4a:6c:60:88:73:f3:ee:b8:98:62:a9:ce:2b:c2:d9: + 8a:a6:70:31:1d:af:b0:94:4c:eb:4f:c6:e3:d1:f3:62:a7:3c: + ff:93:2e:07:5c:49:01:67:69:12:02:72:bf:e7 +SHA1 Fingerprint=62:FF:D9:9E:C0:65:0D:03:CE:75:93:D2:ED:3F:2D:32:C9:E3:E5:4A +-----BEGIN CERTIFICATE----- +MIICbjCCAfOgAwIBAgIQYvYybOXE42hcG2LdnC6dlTAKBggqhkjOPQQDAzB4MQsw +CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgw +FgYDVQRhDA9WQVRFUy1RMjgyNjAwNEoxLDAqBgNVBAMMI0FDIFJBSVogRk5NVC1S +Q00gU0VSVklET1JFUyBTRUdVUk9TMB4XDTE4MTIyMDA5MzczM1oXDTQzMTIyMDA5 +MzczM1oweDELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQtUkNNMQ4wDAYDVQQL +DAVDZXJlczEYMBYGA1UEYQwPVkFURVMtUTI4MjYwMDRKMSwwKgYDVQQDDCNBQyBS +QUlaIEZOTVQtUkNNIFNFUlZJRE9SRVMgU0VHVVJPUzB2MBAGByqGSM49AgEGBSuB +BAAiA2IABPa6V1PIyqvfNkpSIeSX0oNnnvBlUdBeh8dHsVnyV0ebAAKTRBdp20LH +sbI6GA60XYyzZl2hNPk2LEnb80b8s0RpRBNm/dfF/a82Tc4DTQdxz69qBdKiQ1oK +Um8BA06Oi6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD +VR0OBBYEFAG5L++/EYZg8k/QQW6rcx/n0m5JMAoGCCqGSM49BAMDA2kAMGYCMQCu +SuMrQMN0EfKVrRYj3k4MGuZdpSRea0R7/DjiT8ucRRcRTBQnJlU5dUoDzBOQn5IC +MQD6SmxgiHPz7riYYqnOK8LZiqZwMR2vsJRM60/G49HzYqc8/5MuB1xJAWdpEgJy +v+c= +-----END CERTIFICATE----- diff --git a/secure/caroot/trusted/GlobalSign_Root_E46.pem b/secure/caroot/trusted/GlobalSign_Root_E46.pem new file mode 100644 index 000000000000..c353dba208db --- /dev/null +++ b/secure/caroot/trusted/GlobalSign_Root_E46.pem @@ -0,0 +1,64 @@ +## +## GlobalSign Root E46 +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss). +## +## Extracted from nss +## with $FreeBSD$ +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 11:d2:bb:ba:33:6e:d4:bc:e6:24:68:c5:0d:84:1d:98:e8:43 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root E46 + Validity + Not Before: Mar 20 00:00:00 2019 GMT + Not After : Mar 20 00:00:00 2046 GMT + Subject: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root E46 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:9c:0e:b1:cf:b7:e8:9e:52:77:75:34:fa:a5:46: + a7:ad:32:19:32:b4:07:a9:27:ca:94:bb:0c:d2:0a: + 10:c7:da:89:b0:97:0c:70:13:09:01:8e:d8:ea:47: + ea:be:b2:80:2b:cd:fc:28:0d:db:ac:bc:a4:86:37: + ed:70:08:00:75:ea:93:0b:7b:2e:52:9c:23:68:23: + 06:43:ec:92:2f:53:84:db:fb:47:14:07:e8:5f:94: + 67:5d:c9:7a:81:3c:20 + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 31:0A:90:8F:B6:C6:9D:D2:44:4B:80:B5:A2:E6:1F:B1:12:4F:1B:95 + Signature Algorithm: ecdsa-with-SHA384 + 30:65:02:31:00:df:54:90:ed:9b:ef:8b:94:02:93:17:82:99: + be:b3:9e:2c:f6:0b:91:8c:9f:4a:14:b1:f6:64:bc:bb:68:51: + 13:0c:03:f7:15:8b:84:60:b9:8b:ff:52:8e:e7:8c:bc:1c:02: + 30:3c:f9:11:d4:8c:4e:c0:c1:61:c2:15:4c:aa:ab:1d:0b:31: + 5f:3b:1c:e2:00:97:44:31:e6:fe:73:96:2f:da:96:d3:fe:08: + 07:b3:34:89:bc:05:9f:f7:1e:86:ee:8b:70 +SHA1 Fingerprint=39:B4:6C:D5:FE:80:06:EB:E2:2F:4A:BB:08:33:A0:AF:DB:B9:DD:84 +-----BEGIN CERTIFICATE----- +MIICCzCCAZGgAwIBAgISEdK7ujNu1LzmJGjFDYQdmOhDMAoGCCqGSM49BAMDMEYx +CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYDVQQD +ExNHbG9iYWxTaWduIFJvb3QgRTQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMyMDAw +MDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2Ex +HDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBFNDYwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAAScDrHPt+ieUnd1NPqlRqetMhkytAepJ8qUuwzSChDH2omwlwxwEwkBjtjq +R+q+soArzfwoDdusvKSGN+1wCAB16pMLey5SnCNoIwZD7JIvU4Tb+0cUB+hflGdd +yXqBPCCjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBQxCpCPtsad0kRLgLWi5h+xEk8blTAKBggqhkjOPQQDAwNoADBlAjEA31SQ +7Zvvi5QCkxeCmb6zniz2C5GMn0oUsfZkvLtoURMMA/cVi4RguYv/Uo7njLwcAjA8 ++RHUjE7AwWHCFUyqqx0LMV87HOIAl0Qx5v5zli/altP+CAezNIm8BZ/3Hobui3A= +-----END CERTIFICATE----- diff --git a/secure/caroot/trusted/GlobalSign_Root_R46.pem b/secure/caroot/trusted/GlobalSign_Root_R46.pem new file mode 100644 index 000000000000..de107cd328c4 --- /dev/null +++ b/secure/caroot/trusted/GlobalSign_Root_R46.pem @@ -0,0 +1,132 @@ +## +## GlobalSign Root R46 +## +## This is a single X.509 certificate for a public Certificate +## Authority (CA). It was automatically extracted from Mozilla's +## root CA list (the file `certdata.txt' in security/nss). +## +## Extracted from nss +## with $FreeBSD$ +## +## @generated +## +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 11:d2:bb:b9:d7:23:18:9e:40:5f:0a:9d:2d:d0:df:25:67:d1 + Signature Algorithm: sha384WithRSAEncryption + Issuer: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root R46 + Validity + Not Before: Mar 20 00:00:00 2019 GMT + Not After : Mar 20 00:00:00 2046 GMT + Subject: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root R46 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (4096 bit) + Modulus: + 00:ac:ac:74:32:e8:b3:65:e5:ba:ed:43:26:1d:a6: + 89:0d:45:ba:29:88:b2:a4:1d:63:dd:d3:c1:2c:09: + 57:89:39:a1:55:e9:67:34:77:0c:6e:e4:55:1d:52: + 25:d2:13:6b:5e:e1:1d:a9:b7:7d:89:32:5f:0d:9e: + 9f:2c:7a:63:60:40:1f:a6:b0:b6:78:8f:99:54:96: + 08:58:ae:e4:06:bc:62:05:02:16:bf:af:a8:23:03: + b6:94:0f:bc:6e:6c:c2:cb:d5:a6:bb:0c:e9:f6:c1: + 02:fb:21:de:66:dd:17:ab:74:42:ef:f0:74:2f:25: + f4:ea:6b:55:5b:90:db:9d:df:5e:87:0a:40:fb:ad: + 19:6b:fb:f7:ca:60:88:de:da:c1:8f:d6:ae:d5:7f: + d4:3c:83:ee:d7:16:4c:83:45:33:6b:27:d0:86:d0: + 1c:2d:6b:f3:ab:7d:f1:85:a9:f5:28:d2:ad:ef:f3: + 84:4b:1c:87:fc:13:a3:3a:72:a2:5a:11:2b:d6:27: + 71:27:ed:81:2d:6d:66:81:92:87:b4:1b:58:7a:cc: + 3f:0a:fa:46:4f:4d:78:5c:f8:2b:48:e3:04:84:cb: + 5d:f6:b4:6a:b3:65:fc:42:9e:51:26:23:20:cb:3d: + 14:f9:81:ed:65:16:00:4f:1a:64:97:66:08:cf:8c: + 7b:e3:2b:c0:9d:f9:14:f2:1b:f1:56:6a:16:bf:2c: + 85:85:cd:78:38:9a:eb:42:6a:02:34:18:83:17:4e: + 94:56:f8:b6:82:b5:f3:96:dd:3d:f3:be:7f:20:77: + 3e:7b:19:23:6b:2c:d4:72:73:43:57:7d:e0:f8:d7: + 69:4f:17:36:04:f9:c0:90:60:37:45:de:e6:0c:d8: + 74:8d:ae:9c:a2:6d:74:5d:42:be:06:f5:d9:64:6e: + 02:10:ac:89:b0:4c:3b:07:4d:40:7e:24:c5:8a:98: + 82:79:8e:a4:a7:82:20:8d:23:fa:27:71:c9:df:c6: + 41:74:a0:4d:f6:91:16:dc:46:8c:5f:29:63:31:59: + 71:0c:d8:6f:c2:b6:32:7d:fb:e6:5d:53:a6:7e:15: + fc:bb:75:7c:5d:ec:f8:f6:17:1c:ec:c7:6b:19:cb: + f3:7b:f0:2b:07:a5:d9:6c:79:54:76:6c:9d:1c:a6: + 6e:0e:e9:79:0c:a8:23:6a:a3:df:1b:30:31:9f:b1: + 54:7b:fe:6a:cb:66:aa:dc:65:d0:a2:9e:4a:9a:07: + 21:6b:81:8f:db:c4:59:fa:de:22:c0:04:9c:e3:aa: + 5b:36:93:e8:3d:bd:7a:a1:9d:0b:76:b1:0b:c7:9d: + fd:cf:98:a8:06:c2:f8:2a:a3:a1:83:a0:b7:25:72: + a5:02:e3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 03:5C:AB:73:81:87:A8:CC:B0:A6:D5:94:E2:36:96:49:FF:05:99:2C + Signature Algorithm: sha384WithRSAEncryption + 7c:78:ec:f6:02:2c:bb:5b:7e:92:2b:5d:39:dc:be:d8:1d:a2: + 42:33:4d:f9:ef:a4:2a:3b:44:69:1e:ac:d9:45:a3:4e:3c:a7: + d8:24:51:b2:54:1c:93:4e:c4:ef:7b:93:85:60:26:ea:09:48: + e0:f5:bb:c7:e9:68:d2:bb:6a:31:71:cc:79:ae:11:a8:f0:99: + fd:e5:1f:bc:2f:a8:cc:57:eb:76:c4:21:a6:47:53:55:4d:68: + bf:05:a4:ee:d7:26:ab:62:da:43:37:4b:e2:c6:b5:e5:b2:83: + 19:3a:c7:d3:db:4d:9e:08:7a:f3:ee:cf:3e:62:fb:ac:e8:60: + cc:d1:c7:a1:5c:83:45:c4:45:cc:f3:17:6b:14:c9:04:02:3e: + d2:24:a6:79:e9:1e:ce:a2:e7:c1:59:15:9f:1d:e2:4b:9a:3e: + 9f:76:08:2d:6b:d8:ba:57:14:da:83:ea:fe:8c:55:e9:d0:4e: + a9:cc:77:31:b1:44:11:7a:5c:b1:3e:d3:14:45:15:18:62:24: + 13:d2:cb:4d:ce:5c:83:c1:36:f2:10:b5:0e:88:6d:b8:e1:56: + 9f:89:de:96:66:39:47:64:2c:6e:4d:ae:62:7b:bf:60:74:19: + b8:56:ac:92:ac:16:32:ed:ad:68:55:fe:98:ba:d3:34:de:f4: + c9:61:c3:0e:86:f6:4b:84:60:ee:0d:7b:b5:32:58:79:91:55: + 2c:81:43:b3:74:1f:7a:aa:25:9e:1d:d7:a1:8b:b9:cd:42:2e: + 04:a4:66:83:4d:89:35:b6:6c:a8:36:4a:79:21:78:22:d0:42: + bc:d1:40:31:90:a1:be:04:cf:ca:67:ed:f5:f0:80:d3:60:c9: + 83:2a:22:05:d0:07:3b:52:bf:0c:9e:aa:2b:f9:bb:e6:1f:8f: + 25:ba:85:8d:17:1e:02:fe:5d:50:04:57:cf:fe:2d:bc:ef:5c: + c0:1a:ab:b6:9f:24:c6:df:73:68:48:90:2c:14:f4:3f:52:1a: + e4:d2:cb:14:c3:61:69:cf:e2:f9:18:c5:ba:33:9f:14:a3:04: + 5d:b9:71:f7:b5:94:d8:f6:33:c1:5a:c1:34:8b:7c:9b:dd:93: + 3a:e7:13:a2:70:61:9f:af:8f:eb:d8:c5:75:f8:33:66:d4:74: + 67:3a:37:77:9c:e7:dd:a4:0f:76:43:66:8a:43:f2:9f:fb:0c: + 42:78:63:d1:e2:0f:6f:7b:d4:a1:3d:74:97:85:b7:48:39:41: + d6:20:fc:d0:3a:b3:fa:e8:6f:c4:8a:ba:71:37:be:8b:97:b1: + 78:31:4f:b3:e7:b6:03:13:ce:54:9d:ae:25:59:cc:7f:35:5f: + 08:f7:40:45:31:78:2a:7a +SHA1 Fingerprint=53:A2:B0:4B:CA:6B:D6:45:E6:39:8A:8E:C4:0D:D2:BF:77:C3:A2:90 +-----BEGIN CERTIFICATE----- +MIIFWjCCA0KgAwIBAgISEdK7udcjGJ5AXwqdLdDfJWfRMA0GCSqGSIb3DQEBDAUA +MEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYD +VQQDExNHbG9iYWxTaWduIFJvb3QgUjQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMy +MDAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt +c2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBSNDYwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCsrHQy6LNl5brtQyYdpokNRbopiLKkHWPd08EsCVeJ +OaFV6Wc0dwxu5FUdUiXSE2te4R2pt32JMl8Nnp8semNgQB+msLZ4j5lUlghYruQG +vGIFAha/r6gjA7aUD7xubMLL1aa7DOn2wQL7Id5m3RerdELv8HQvJfTqa1VbkNud +316HCkD7rRlr+/fKYIje2sGP1q7Vf9Q8g+7XFkyDRTNrJ9CG0Bwta/OrffGFqfUo +0q3v84RLHIf8E6M6cqJaESvWJ3En7YEtbWaBkoe0G1h6zD8K+kZPTXhc+CtI4wSE +y132tGqzZfxCnlEmIyDLPRT5ge1lFgBPGmSXZgjPjHvjK8Cd+RTyG/FWaha/LIWF +zXg4mutCagI0GIMXTpRW+LaCtfOW3T3zvn8gdz57GSNrLNRyc0NXfeD412lPFzYE ++cCQYDdF3uYM2HSNrpyibXRdQr4G9dlkbgIQrImwTDsHTUB+JMWKmIJ5jqSngiCN +I/onccnfxkF0oE32kRbcRoxfKWMxWXEM2G/CtjJ9++ZdU6Z+Ffy7dXxd7Pj2Fxzs +x2sZy/N78CsHpdlseVR2bJ0cpm4O6XkMqCNqo98bMDGfsVR7/mrLZqrcZdCinkqa +ByFrgY/bxFn63iLABJzjqls2k+g9vXqhnQt2sQvHnf3PmKgGwvgqo6GDoLclcqUC +4wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUA1yrc4GHqMywptWU4jaWSf8FmSwwDQYJKoZIhvcNAQEMBQADggIBAHx4 +7PYCLLtbfpIrXTncvtgdokIzTfnvpCo7RGkerNlFo048p9gkUbJUHJNOxO97k4Vg +JuoJSOD1u8fpaNK7ajFxzHmuEajwmf3lH7wvqMxX63bEIaZHU1VNaL8FpO7XJqti +2kM3S+LGteWygxk6x9PbTZ4IevPuzz5i+6zoYMzRx6Fcg0XERczzF2sUyQQCPtIk +pnnpHs6i58FZFZ8d4kuaPp92CC1r2LpXFNqD6v6MVenQTqnMdzGxRBF6XLE+0xRF +FRhiJBPSy03OXIPBNvIQtQ6IbbjhVp+J3pZmOUdkLG5NrmJ7v2B0GbhWrJKsFjLt +rWhV/pi60zTe9Mlhww6G9kuEYO4Ne7UyWHmRVSyBQ7N0H3qqJZ4d16GLuc1CLgSk +ZoNNiTW2bKg2SnkheCLQQrzRQDGQob4Ez8pn7fXwgNNgyYMqIgXQBztSvwyeqiv5 +u+YfjyW6hY0XHgL+XVAEV8/+LbzvXMAaq7afJMbfc2hIkCwU9D9SGuTSyxTDYWnP +4vkYxboznxSjBF25cfe1lNj2M8FawTSLfJvdkzrnE6JwYZ+vj+vYxXX4M2bUdGc6 +N3ec592kD3ZDZopD8p/7DEJ4Y9HiD2971KE9dJeFt0g5QdYg/NA6s/rob8SKunE3 +vouXsXgxT7PntgMTzlSdriVZzH81Xwj3QEUxeCp6 +-----END CERTIFICATE-----