Skip to content

Commit

Permalink
Trust store release 2024.9.0
Browse files Browse the repository at this point in the history 
Rolling trust store release at 2024-09-11T16:02:58+0000.
$ cfssl-trust -d ./cert.db  -b int release 744h
skipping expired certificate (SKI=1e05a3778f6c96e25b874ba6b486ac71000ce738, serial=94545579789686585794948834753815798644, subject='/InCommon RSA Server CA/C=US/O=Internet2/OU=InCommon/L=Ann Arbor/ST=MI')
skipping expired certificate (SKI=5bd08a1c9a325be0b5dd96541be18628b0fdb6bd, serial=235272366020225505967190466882939011429, subject='/TERENA SSL CA 2/C=NL/O=TERENA/L=Amsterdam/ST=Noord-Holland')
skipping expired certificate (SKI=fb9c382350a1d70004992d38066490a3261bdbed, serial=272698964160573185404065776724525029370, subject='/TERENA Personal CA 2/C=NL/O=TERENA/L=Amsterdam/ST=Noord-Holland')
skipping expired certificate (SKI=a95952bf56412703c89996ff68009805efe8e752, serial=323995066540528425709116893431655074441, subject='/TERENA eScience Personal CA 2/C=NL/O=TERENA/L=Amsterdam/ST=Noord-Holland')
skipping expired certificate (SKI=82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf, serial=1372455166, subject='/Entrust Certification Authority - L1K/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only')
skipping expired certificate (SKI=e5e42459153227c920b342026cb0ef32de9b205a, serial=257523152529290810697963498165784021465, subject='/Trustwave Extended Validation SHA256 CA, Level 1/C=US/O=Trustwave Holdings, Inc./L=Chicago/ST=Illinois')
skipping expired certificate (SKI=6d5a7cd6997c71583bce4559bf0dc8976124ed69, serial=121499145618793256630945179199413653034, subject='/DigitalSign CA - G4/C=PT/O=DigitalSign - Certificadora Digital/OU=PT507015851/OU=Class 2 Managed PKI Individual Subscriber CA')
skipping expired certificate (SKI=b5760c3011cec792424d4cc75c2cc8a90ce80b64, serial=20045315772003125868899357870856421858, subject='/Microsoft RSA TLS CA 01/C=US/O=Microsoft Corporation')
skipping expired certificate (SKI=ff2f7fe106f438f32ded258d98c2fe0ef66cfcfa, serial=20806976318031376403207041668542712378, subject='/Microsoft RSA TLS CA 02/C=US/O=Microsoft Corporation')
1431 certificates rolled
9 certificates skipped
Successfully rolled new int release 2024.9.0
$ cfssl-trust -d ./cert.db  -b ca release 744h
354 certificates rolled
0 certificates skipped
Successfully rolled new ca release 2024.9.0
Adding new roots:
--/home/runner/work/_temp/new_roots.txt ---
selected release 2024.9.0
Adding new intermediates:
--/home/runner/work/_temp/new_intermediates.txt ---
selected release 2024.9.0
$ cfssl-trust -d ./cert.db  -r 2024.9.0 -b int bundle int-bundle.crt
selected release 2024.9.0
Selected 1431 certificates for this release.
$ cfssl-trust -d ./cert.db  -r 2024.9.0 -b ca bundle ca-bundle.crt
selected release 2024.9.0
Selected 354 certificates for this release.
$ certdump ca-bundle.crt  > certdata/ca-bundle.txt
$ certdump int-bundle.crt > certdata/int-bundle.txt
$ git status --porcelain -uno
M  cert.db
M  certdata/int-bundle.txt
M  int-bundle.crt
  • Loading branch information
@vasilzhigilei
vasilzhigilei committed Sep 11, 2024
1 parent 0cd9873 commit 1f8fd07
Show file tree
Hide file tree
Showing 3 changed files with 0 additions and 461 deletions.
Binary file modified cert.db
View file
Binary file not shown.
173 changes: 0 additions & 173 deletions certdata/int-bundle.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3009,128 +3009,6 @@ Details:
OCSP server:
- http://rootcar2-ocsp.disig.sk/ocsp/rootcar2
CERTIFICATE
Subject: /InCommon RSA Server CA/C=US/O=Internet2/OU=InCommon/L=Ann
Arbor/ST=MI
Issuer: /USERTrust RSA Certification Authority/C=US/O=The USERTRUST
Network/L=Jersey City/ST=New Jersey
Signature algorithm: RSA / SHA384
Details:
Public key: RSA-2048
Serial number: 94545579789686585794948834753815798644
AKI: 53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB
SKI: 1E:05:A3:77:8F:6C:96:E2:5B:87:4B:A6:B4:86:AC:71:00:0C:E7:38
Valid from: 2014-10-06T00:00:00+0000
until: 2024-10-05T23:59:59+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, server auth
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
1 AIA:
http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt
OCSP server:
- http://ocsp.usertrust.com
CERTIFICATE
Subject: /TERENA SSL CA 2/C=NL/O=TERENA/L=Amsterdam/ST=Noord-Holland
Issuer: /USERTrust RSA Certification Authority/C=US/O=The USERTRUST
Network/L=Jersey City/ST=New Jersey
Signature algorithm: RSA / SHA384
Details:
Public key: RSA-2048
Serial number: 235272366020225505967190466882939011429
AKI: 53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB
SKI: 5B:D0:8A:1C:9A:32:5B:E0:B5:DD:96:54:1B:E1:86:28:B0:FD:B6:BD
Valid from: 2014-10-09T00:00:00+0000
until: 2024-10-08T23:59:59+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, server auth
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
1 AIA:
http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt
OCSP server:
- http://ocsp.usertrust.com
CERTIFICATE
Subject: /TERENA Personal CA 2/C=NL/O=TERENA/L=Amsterdam/ST=Noord-Holland
Issuer: /USERTrust RSA Certification Authority/C=US/O=The USERTRUST
Network/L=Jersey City/ST=New Jersey
Signature algorithm: RSA / SHA384
Details:
Public key: RSA-2048
Serial number: 272698964160573185404065776724525029370
AKI: 53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB
SKI: FB:9C:38:23:50:A1:D7:00:04:99:2D:38:06:64:90:A3:26:1B:DB:ED
Valid from: 2014-10-09T00:00:00+0000
until: 2024-10-08T23:59:59+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, s/mime
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
1 AIA:
http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt
OCSP server:
- http://ocsp.usertrust.com
CERTIFICATE
Subject: /TERENA eScience Personal CA
2/C=NL/O=TERENA/L=Amsterdam/ST=Noord-Holland
Issuer: /USERTrust RSA Certification Authority/C=US/O=The USERTRUST
Network/L=Jersey City/ST=New Jersey
Signature algorithm: RSA / SHA384
Details:
Public key: RSA-2048
Serial number: 323995066540528425709116893431655074441
AKI: 53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB
SKI: A9:59:52:BF:56:41:27:03:C8:99:96:FF:68:00:98:05:EF:E8:E7:52
Valid from: 2014-10-09T00:00:00+0000
until: 2024-10-08T23:59:59+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, s/mime
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
1 AIA:
http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt
OCSP server:
- http://ocsp.usertrust.com
CERTIFICATE
Subject: /Entrust Certification Authority - L1K/C=US/O=Entrust, Inc./OU=See
www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use
only
Issuer: /Entrust.net Certification Authority
(2048)/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
liab.)/OU=(c) 1999 Entrust.net Limited
Signature algorithm: RSA / SHA256
Details:
Public key: RSA-2048
Serial number: 1372455166
AKI: 55:E4:81:D1:11:80:BE:D8:89:B9:08:A3:31:F9:A1:24:09:16:B9:70
SKI: 82:A2:70:74:DD:BC:53:3F:CF:7B:D4:F7:CD:7F:A7:60:C6:0A:4C:BF
Valid from: 2014-10-10T15:23:17+0000
until: 2024-10-11T06:22:47+0000
Key usages: cert sign, crl sign
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
OCSP server:
- http://ocsp.entrust.net
CERTIFICATE
Subject: /Trustwave Extended Validation SHA256 CA, Level 1/C=US/O=Trustwave
Holdings, Inc./L=Chicago/ST=Illinois
Issuer: /SecureTrust CA/C=US/O=SecureTrust Corporation
Signature algorithm: RSA / SHA256
Details:
Public key: RSA-2048
Serial number: 257523152529290810697963498165784021465
AKI: 42:32:B6:16:FA:04:FD:FE:5D:4B:7A:C3:FD:F7:4C:40:1D:5A:43:AF
SKI: E5:E4:24:59:15:32:27:C9:20:B3:42:02:6C:B0:EF:32:DE:9B:20:5A
Valid from: 2014-10-13T18:17:39+0000
until: 2024-10-10T18:17:39+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, server auth
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
1 AIA:
http://ssl.trustwave.com/issuers/STCA.crt
OCSP server:
- http://ocsp.trustwave.com
CERTIFICATE
Subject: /CertAssure RSA Client Personal ID CA/C=US/O=CertAssure Inc./L=San
Jose/ST=CA
Issuer: /USERTrust RSA Certification Authority/C=US/O=The USERTRUST
Expand Down Expand Up @@ -13494,23 +13372,6 @@ Details:
OCSP server:
- http://scrootca2.ocsp.secomtrust.net
CERTIFICATE
Subject: /DigitalSign CA - G4/C=PT/O=DigitalSign - Certificadora
Digital/OU=PT507015851/OU=Class 2 Managed PKI Individual Subscriber CA
Issuer: /BT Class 2 CA - G3/C=GB/O=British Telecommunications plc/OU=Symantec
Trust Network
Signature algorithm: RSA / SHA256
Details:
Public key: RSA-2048
Serial number: 121499145618793256630945179199413653034
AKI: E8:7C:F3:AC:7F:E8:DD:64:04:87:BB:5B:65:BE:8F:90:FD:64:19:5B
SKI: 6D:5A:7C:D6:99:7C:71:58:3B:CE:45:59:BF:0D:C8:97:61:24:ED:69
Valid from: 2018-10-09T00:00:00+0000
until: 2024-10-08T23:59:59+0000
Key usages: cert sign, crl sign
Extended usages: client auth, s/mime
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
CERTIFICATE
Subject: /TWCA InfoSec User CA/C=TW/O=TAIWAN-CA Inc./OU=User CA
Issuer: /TWCA Root Certification Authority/C=TW/O=TAIWAN-CA/OU=Root CA
Signature algorithm: RSA / SHA1
Expand Down Expand Up @@ -23614,40 +23475,6 @@ Details:
OCSP server:
- http://ocsp.quovadisglobal.com
CERTIFICATE
Subject: /Microsoft RSA TLS CA 01/C=US/O=Microsoft Corporation
Issuer: /Baltimore CyberTrust Root/C=IE/O=Baltimore/OU=CyberTrust
Signature algorithm: RSA / SHA256
Details:
Public key: RSA-4096
Serial number: 20045315772003125868899357870856421858
AKI: E5:9D:59:30:82:47:58:CC:AC:FA:08:54:36:86:7B:3A:B5:04:4D:F0
SKI: B5:76:0C:30:11:CE:C7:92:42:4D:4C:C7:5C:2C:C8:A9:0C:E8:0B:64
Valid from: 2020-07-21T23:00:00+0000
until: 2024-10-08T07:00:00+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, server auth
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
OCSP server:
- http://ocsp.digicert.com
CERTIFICATE
Subject: /Microsoft RSA TLS CA 02/C=US/O=Microsoft Corporation
Issuer: /Baltimore CyberTrust Root/C=IE/O=Baltimore/OU=CyberTrust
Signature algorithm: RSA / SHA256
Details:
Public key: RSA-4096
Serial number: 20806976318031376403207041668542712378
AKI: E5:9D:59:30:82:47:58:CC:AC:FA:08:54:36:86:7B:3A:B5:04:4D:F0
SKI: FF:2F:7F:E1:06:F4:38:F3:2D:ED:25:8D:98:C2:FE:0E:F6:6C:FC:FA
Valid from: 2020-07-21T23:00:00+0000
until: 2024-10-08T07:00:00+0000
Key usages: cert sign, crl sign, digital signature
Extended usages: client auth, server auth
Basic constraints: valid, is a CA certificate, max path length 0
SANs (0):
OCSP server:
- http://ocsp.digicert.com
CERTIFICATE
Subject: /JPRS Organization Validation Authority - G4/C=JP/O=Japan Registry
Services Co., Ltd.
Issuer: /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication RootCA2
Expand Down
Loading

0 comments on commit 1f8fd07

Please sign in to comment.