昨日の oath に引き続き、コンボ発動中
$ echo | openssl s_client -connect ftp.jaist.ac.jp:443 CONNECTED(00000004) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R3 verify return:1 depth=0 CN = ftp.jaist.ac.jp verify error:num=10:certificate has expired notAfter=Sep 9 15:41:09 2023 GMT verify return:1 depth=0 CN = ftp.jaist.ac.jp notAfter=Sep 9 15:41:09 2023 GMT verify return:1 --- Certificate chain 0 s:CN = ftp.jaist.ac.jp i:C = US, O = Let's Encrypt, CN = R3 1 s:C = US, O = Let's Encrypt, CN = R3 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1 i:O = Digital Signature Trust Co., CN = DST Root CA X3 --- Server certificate -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISA4wVDPAxOLd+vaaef7d2LRGAMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA2MTExNTQxMTBaFw0yMzA5MDkxNTQxMDlaMBoxGDAWBgNVBAMT D2Z0cC5qYWlzdC5hYy5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AJyh1DncviS3aYkIcoTKYBHThGXcAgciLzeI9SnRSrIDSc/NBHPVcxnA12m+nAOd qV8l/rJhseW6Cfh91XS1BISuRzyJkss8fu1XoPO9TWlxgwisO8UbSzi1mR7GvL7k +FWhyEI7h0MJYCkPpqtklqr/2DMGOlc2iql2nxhlRuYWr06yMcCvYF3o1mKLZa5D 6rnBPV3aK+NomLsgJ9elOTMb3T67UiLlL+a57CtWw9aQHomcwnw/O4VDzLGZNuNq Sq+Ug+02XRuBBO5gKOBtzK8VRqlyl7saPb9bNr28Fms/pdwgasWinlWr0UeidcIg ubj1R0PzNce6JwErJUkEEIcCAwEAAaOCAkowggJGMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQULQqyHtV1hFScfAPhiutuP+XhdY0wHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wGgYDVR0RBBMwEYIPZnRwLmphaXN0LmFjLmpwMEwGA1UdIARFMEMwCAYGZ4EM AQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0 c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAejKMVNi3LbYg 6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGIq1U+KgAABAMARzBFAiEAk1EpvrDV m6Ub8y8E92MKE7bgEZ+5cjtZWaMuYIJZyZcCICnk461oZR7T1s9RcZa6n4tFKpVc w38tLFFNqvw6OqLVAHYArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooA AAGIq1U+NQAABAMARzBFAiEA0ZlZg+qUNV50bp2cILA9RMyF/MVW71cYGPA4Ko6G J8ACICy36fu3cVzW/i9pZZ/HqTo0IC+J4JxmKkm1tygFEaJuMA0GCSqGSIb3DQEB CwUAA4IBAQCqXlgsAmO8RceRsT6aUXsQrgKHSzHaaLyEIn6msvvoZbZvFnH+p4m/ Pto9R7w+eX5Gz/4ai6AEzWJLg2ZmX08rSM1enueDOtl7rx8JVPZ20tEjUTi0XOzZ 1Ul+YwXRLHK7XRMz1JQ0J6dOVvkNLdkM25X37A6unbcEU+IgvN+JgqrkOXAjXpRK 5cREddvy1kH5gLSXcpoxXlpUaKG0adOJWc42BJZJV6v417hi88h6Z3mfY+nqE42w KOOFfi3+kTqI8sn8ipHfL2yQ6OgL29CmKDqlKylCHqvWeI5EkyJivJUjIniyEAAD AjmPy+h9gLG1MArkqiT71hDGcjjKNwte -----END CERTIFICATE----- subject=CN = ftp.jaist.ac.jp issuer=C = US, O = Let's Encrypt, CN = R3 --- No client certificate CA names sent Peer signing digest: SHA512 Peer signature type: RSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 4718 bytes and written 451 bytes Verification error: certificate has expired --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: 79A6B488E0228FF633F8D42EC1B120C612E0DE98C5859ED0C9A8D4541FE9A2BF Session-ID-ctx: Master-Key: 543F67F63006CF95B330290D25DFA3AFEEFCF39D262246B5F718571FEBCF2EC79D5E9BD370C1DF4562DAEFF91DA5BDC4 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 7b d3 6f d9 e7 22 14 96-77 dd ba 39 82 4d 2c 82 {.o.."..w..9.M,. 0010 - 90 b2 71 37 73 16 ae 84-d3 da 50 35 e2 d1 a9 4f ..q7s.....P5...O 0020 - 57 e1 fc 59 5c 75 4a 8a-b1 61 54 96 83 34 75 6e W..Y\uJ..aT..4un 0030 - 0b 55 ad e5 04 e9 f9 8f-96 2e a5 3d 59 a6 db ac .U.........=Y... 0040 - 3c 96 15 c9 91 ab 10 0e-dd f5 bd 6d 1f c7 4d 2d <..........m..M- 0050 - 41 a4 a9 61 7b 4d f8 11-c5 08 c3 02 41 c4 53 ad A..a{M......A.S. 0060 - ad 9a 75 44 c2 d0 de a6-21 b0 65 e5 61 03 41 cf ..uD....!.e.a.A. 0070 - 6e f0 ce b9 8b 92 b2 05-37 69 d3 cc 14 55 92 7c n.......7i...U.| 0080 - 4f 15 b7 07 47 0a 9d 40-da 14 19 f5 84 2f 35 2d O...G..@...../5- 0090 - c2 35 e4 d9 28 f0 45 cd-da 07 01 cb b2 a1 97 8f .5..(.E......... 00a0 - 1a 39 60 a5 e7 9e 19 94-50 46 c4 13 38 d1 5f e6 .9`.....PF..8._. 00b0 - 25 3e ca b9 d9 f9 0c 81-76 e8 09 df 12 b4 8c 6d %>......v......m 00c0 - 5e d2 b7 33 50 0d d3 74-69 cf 2c 6e 38 83 81 4f ^..3P..ti.,n8..O Start Time: 1694306772 Timeout : 7200 (sec) Verify return code: 10 (certificate has expired) Extended master secret: no --- DONE
$ openssl s_client -connect ftp.jaist.ac.jp:443 | openssl x509 -noout -text depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R3 verify return:1 depth=0 CN = ftp.jaist.ac.jp verify error:num=10:certificate has expired notAfter=Sep 9 15:41:09 2023 GMT verify return:1 depth=0 CN = ftp.jaist.ac.jp notAfter=Sep 9 15:41:09 2023 GMT verify return:1 Certificate: Data: Version: 3 (0x2) Serial Number: 03:8c:15:0c:f0:31:38:b7:7e:bd:a6:9e:7f:b7:76:2d:11:80 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, O = Let's Encrypt, CN = R3 Validity Not Before: Jun 11 15:41:10 2023 GMT Not After : Sep 9 15:41:09 2023 GMT Subject: CN = ftp.jaist.ac.jp Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:a1:d4:39:dc:be:24:b7:69:89:08:72:84:ca: 60:11:d3:84:65:dc:02:07:22:2f:37:88:f5:29:d1: 4a:b2:03:49:cf:cd:04:73:d5:73:19:c0:d7:69:be: 9c:03:9d:a9:5f:25:fe:b2:61:b1:e5:ba:09:f8:7d: d5:74:b5:04:84:ae:47:3c:89:92:cb:3c:7e:ed:57: a0:f3:bd:4d:69:71:83:08:ac:3b:c5:1b:4b:38:b5: 99:1e:c6:bc:be:e4:f8:55:a1:c8:42:3b:87:43:09: 60:29:0f:a6:ab:64:96:aa:ff:d8:33:06:3a:57:36: 8a:a9:76:9f:18:65:46:e6:16:af:4e:b2:31:c0:af: 60:5d:e8:d6:62:8b:65:ae:43:ea:b9:c1:3d:5d:da: 2b:e3:68:98:bb:20:27:d7:a5:39:33:1b:dd:3e:bb: 52:22:e5:2f:e6:b9:ec:2b:56:c3:d6:90:1e:89:9c: c2:7c:3f:3b:85:43:cc:b1:99:36:e3:6a:4a:af:94: 83:ed:36:5d:1b:81:04:ee:60:28:e0:6d:cc:af:15: 46:a9:72:97:bb:1a:3d:bf:5b:36:bd:bc:16:6b:3f: a5:dc:20:6a:c5:a2:9e:55:ab:d1:47:a2:75:c2:20: b9:b8:f5:47:43:f3:35:c7:ba:27:01:2b:25:49:04: 10:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 2D:0A:B2:1E:D5:75:84:54:9C:7C:03:E1:8A:EB:6E:3F:E5:E1:75:8D X509v3 Authority Key Identifier: keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:ftp.jaist.ac.jp X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84: 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52 Timestamp : Jun 11 16:41:10.442 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:93:51:29:BE:B0:D5:9B:A5:1B:F3:2F: 04:F7:63:0A:13:B6:E0:11:9F:B9:72:3B:59:59:A3:2E: 60:82:59:C9:97:02:20:29:E4:E3:AD:68:65:1E:D3:D6: CF:51:71:96:BA:9F:8B:45:2A:95:5C:C3:7F:2D:2C:51: 4D:AA:FC:3A:3A:A2:D5 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A: B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A Timestamp : Jun 11 16:41:10.453 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:D1:99:59:83:EA:94:35:5E:74:6E:9D: 9C:20:B0:3D:44:CC:85:FC:C5:56:EF:57:18:18:F0:38: 2A:8E:86:27:C0:02:20:2C:B7:E9:FB:B7:71:5C:D6:FE: 2F:69:65:9F:C7:A9:3A:34:20:2F:89:E0:9C:66:2A:49: B5:B7:28:05:11:A2:6E Signature Algorithm: sha256WithRSAEncryption aa:5e:58:2c:02:63:bc:45:c7:91:b1:3e:9a:51:7b:10:ae:02: 87:4b:31:da:68:bc:84:22:7e:a6:b2:fb:e8:65:b6:6f:16:71: fe:a7:89:bf:3e:da:3d:47:bc:3e:79:7e:46:cf:fe:1a:8b:a0: 04:cd:62:4b:83:66:66:5f:4f:2b:48:cd:5e:9e:e7:83:3a:d9: 7b:af:1f:09:54:f6:76:d2:d1:23:51:38:b4:5c:ec:d9:d5:49: 7e:63:05:d1:2c:72:bb:5d:13:33:d4:94:34:27:a7:4e:56:f9: 0d:2d:d9:0c:db:95:f7:ec:0e:ae:9d:b7:04:53:e2:20:bc:df: 89:82:aa:e4:39:70:23:5e:94:4a:e5:c4:44:75:db:f2:d6:41: f9:80:b4:97:72:9a:31:5e:5a:54:68:a1:b4:69:d3:89:59:ce: 36:04:96:49:57:ab:f8:d7:b8:62:f3:c8:7a:67:79:9f:63:e9: ea:13:8d:b0:28:e3:85:7e:2d:fe:91:3a:88:f2:c9:fc:8a:91: df:2f:6c:90:e8:e8:0b:db:d0:a6:28:3a:a5:2b:29:42:1e:ab: d6:78:8e:44:93:22:62:bc:95:23:22:78:b2:10:00:03:02:39: 8f:cb:e8:7d:80:b1:b5:30:0a:e4:aa:24:fb:d6:10:c6:72:38: ca:37:0b:5e
タグ
コメントをかく