mail.google.com
- Google Inc -
Issued by Google Internet Authority G2
About this certificate
This digital certificate with serial number 59:11:d9:41:c0:76:70:21 was issued on by Google Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Google Inc
Organization:
Google Inc
State / Province:
California
Locality: Mountain View
Country: US
Locality: Mountain View
Country: US
Google Inc
Organization:
Google Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 59:11:d9:41:c0:76:70:21Serial Number (int): 6418149820404756513
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: 9b:98:a1:df:52:fa:48:ff:8b:5d:15:1d:a4:b7:4b:ea:6f:1b:70:1b
AuthorityKeyId: 4a:dd:06:16:1b:bc:f6:68:b5:76:f5:81:b6:bb:62:1a:ba:5a:81:2f
Fingerprint (sha1): bf:40:4c:3e:e1:56:ca:6b:ab:8d:91:35:7c:8c:2d:4b:e7:a6:d5:f8
Fingerprint (sha256): 00:44:03:46:a5:73:c2:cd:e0:90:6b:90:42:ad:49:3b:ae:71:be:44:c9:00:3a:27:9d:09:fc:14:15:54:58:d3
Issuing Certificate URL: http://pki.google.com/GIAG2.crt
Revocation information
OCSP Server: http://clients1.google.com/ocspCRL Distribution Point: http://pki.google.com/GIAG2.crl
Check the revocation status for certificate mail.google.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mail.google.com
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mail.google.com
inbox.google.com
inbox.google.com
Other certificates including the domain name google.com
(limited to 100 certificates)
netcracker-staging.corp.google.com
*.google.com
m.google.com
mx.google.com
*.vp.video.l.google.com
uberproxy-cctlds.corp.google.com
ax-uat-ingestion02.corp.google.com
misc.google.com
www.google.com
*.google.com
*.c.docs.google.com
uberproxy-san.cert.corp.google.com
edge-static.google.com
*.ext.google.com
warpspeed-color.corp.google.com
uberproxy-san.corp.google.com
cert-test.sandbox.google.com
upload.video.google.com
google.com
mail.google.com
uberproxy-san.dclk.google.com
uberproxy-san.x20web.corp.google.com
sandbox.google.com
get.duo.google.com
mail.google.com
misc-sni.google.com
www.google.com
*.mail.google.com
cert-test.sandbox.google.com
*.googlecode.com
upload.video.google.com
misc-sni.google.com
uberproxy-san.printer.corp.google.com
wifi.google.com
wifi.google.com
*.clients.google.com
m.google.com
login.corp.google.com
uberproxy-san.x20web.corp.google.com
time.google.com
login.corp.google.com
mail.google.com
captive.googleapis.com
uberproxy-san.x20web.corp.google.com
*.calljoy.com
uberproxy-san.corp.google.com
upload.video.google.com
misc.google.com
*.rucn.google.com
wifi.google.com
accounts.google.com
edge-static.google.com
*.payments.googleapis.com
*.google.com
login.corp.google.com
supl.google.com
*.googlecode.com
uberproxy-san.dclk.google.com
*.google.com
sandbox.google.com
uberproxy-san.printer.corp.google.com
www.google.com
uberproxy-apphosting.corp.google.com
sandbox.google.com
m.google.com
uberproxy-san.dclk.google.com
cert-test.sandbox.google.com
sandbox.google.com
*.vp.video.l.google.com
ax-prod-ingestion15.corp.google.com
apps-secure-data-connector.google.com
wpri12.hot.corp.google.com
cert-test.sandbox.google.com
*.google.com
sandbox.google.com
devsite-wildcards.corp.google.com
m.google.com
*.mail.google.com
pry-bastion01.tarsier.prod.google.com
*.clients.google.com
parkstreet-color.corp.google.com
wpil13.hot.corp.google.com
adwords.google.com
mail.google.com
ads.google.com
*.google.com
uberproxy.corp.google.com
*.google.com
*.chrome.google.com
uberproxy-cctlds.corp.google.com
da-twd-7.da.ext.google.com
adwords.google.com
*.google.com
*.clients.google.com
edge-static.google.com
*.google.com
www.google.com
sandbox.google.com
uberproxy-san.cnsviewer-static.corp.google.com
mail.google.com
*.google.com
m.google.com
mx.google.com
*.vp.video.l.google.com
uberproxy-cctlds.corp.google.com
ax-uat-ingestion02.corp.google.com
misc.google.com
www.google.com
*.google.com
*.c.docs.google.com
uberproxy-san.cert.corp.google.com
edge-static.google.com
*.ext.google.com
warpspeed-color.corp.google.com
uberproxy-san.corp.google.com
cert-test.sandbox.google.com
upload.video.google.com
google.com
mail.google.com
uberproxy-san.dclk.google.com
uberproxy-san.x20web.corp.google.com
sandbox.google.com
get.duo.google.com
mail.google.com
misc-sni.google.com
www.google.com
*.mail.google.com
cert-test.sandbox.google.com
*.googlecode.com
upload.video.google.com
misc-sni.google.com
uberproxy-san.printer.corp.google.com
wifi.google.com
wifi.google.com
*.clients.google.com
m.google.com
login.corp.google.com
uberproxy-san.x20web.corp.google.com
time.google.com
login.corp.google.com
mail.google.com
captive.googleapis.com
uberproxy-san.x20web.corp.google.com
*.calljoy.com
uberproxy-san.corp.google.com
upload.video.google.com
misc.google.com
*.rucn.google.com
wifi.google.com
accounts.google.com
edge-static.google.com
*.payments.googleapis.com
*.google.com
login.corp.google.com
supl.google.com
*.googlecode.com
uberproxy-san.dclk.google.com
*.google.com
sandbox.google.com
uberproxy-san.printer.corp.google.com
www.google.com
uberproxy-apphosting.corp.google.com
sandbox.google.com
m.google.com
uberproxy-san.dclk.google.com
cert-test.sandbox.google.com
sandbox.google.com
*.vp.video.l.google.com
ax-prod-ingestion15.corp.google.com
apps-secure-data-connector.google.com
wpri12.hot.corp.google.com
cert-test.sandbox.google.com
*.google.com
sandbox.google.com
devsite-wildcards.corp.google.com
m.google.com
*.mail.google.com
pry-bastion01.tarsier.prod.google.com
*.clients.google.com
parkstreet-color.corp.google.com
wpil13.hot.corp.google.com
adwords.google.com
mail.google.com
ads.google.com
*.google.com
uberproxy.corp.google.com
*.google.com
*.chrome.google.com
uberproxy-cctlds.corp.google.com
da-twd-7.da.ext.google.com
adwords.google.com
*.google.com
*.clients.google.com
edge-static.google.com
*.google.com
www.google.com
sandbox.google.com
uberproxy-san.cnsviewer-static.corp.google.com
mail.google.com
Certificate
The complete raw certificate details for mail.google.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIID1jCCAr6gAwIBAgIIWRHZQcB2cCEwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl cm5ldCBBdXRob3JpdHkgRzIwHhcNMTcwOTI2MTA1OTAwWhcNMTcxMjE5MTA1OTAw WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEYMBYGA1UEAwwPbWFp bC5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENdK1hAE84X+M L6AYpVGBIuoCy5xSB7DSrrew5PKeEUsXJEnUSbpSfIKu+MbQzG8H8Oj669MDXLFR UbCmNgGxQqOCAWswggFnMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL BgNVHQ8EBAMCB4AwLAYDVR0RBCUwI4IPbWFpbC5nb29nbGUuY29tghBpbmJveC5n b29nbGUuY29tMGgGCCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3Br aS5nb29nbGUuY29tL0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVu dHMxLmdvb2dsZS5jb20vb2NzcDAdBgNVHQ4EFgQUm5ih31L6SP+LXRUdpLdL6m8b cBswDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqB LzAhBgNVHSAEGjAYMAwGCisGAQQB1nkCBQEwCAYGZ4EMAQICMDAGA1UdHwQpMCcw JaAjoCGGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcmwwDQYJKoZIhvcN AQELBQADggEBAHXm9jZUI6rte8ZIW0Qp89Ekte5OkOtrzUDtGmHaJChIsQfsEIe2 dzGDh4nfbhFLTcYRcuZ5sddL0jAKY7fumjlyM+osqaJo26HJg7PLHDLNSqjJHy2m l7rl3TsxFvyZQQPOp3tfbmwyET0gsa06aCwSjFU5/NGD6JVEddu3aJdApuouyMWT WDd2mZIGAwMtsUAagFGXCpuW9muBmDXCBT40FKcuKynAzCNagJXMxwHMQoFSfJTP G3ETXWhM7i+b+ts8tsV81568EpWUATTG/zGUPslMzHqraiNo5CABa+h1sqAA3Ru3 yEmYupPaGilR6Nlnm+zAlCHDO2gemfXWbJU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENdK1hAE84X+ML6AYpVGBIuoCy5xS B7DSrrew5PKeEUsXJEnUSbpSfIKu+MbQzG8H8Oj669MDXLFRUbCmNgGxQg== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6418149820404756513 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Internet Authority G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-26 10:59:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-19 10:59:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Mountain View' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Google Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'mail.google.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 000435d2b584013ce17f8c2fa018a5518122ea02cb9c5207b0d2aeb7b0e4f29e114b172449d449ba527c82aef8c6d0cc6f07f0e8faebd3035cb15151b0a63601b142 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.google.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inbox.google.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.google.com/GIAG2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://clients1.google.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9b98a1df52fa48ff8b5d151da4b74bea6f1b701b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4add06161bbcf668b576f581b6bb621aba5a812f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.google.com/GIAG2.crl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0075e6f6365423aaed7bc6485b4429f3d124b5ee4e90eb6bcd40ed1a61da242848b107ec1087b67731838789df6e114b4dc61172e679b1d74bd2300a63b7ee9a397233ea2ca9a268dba1c983b3cb1c32cd4aa8c91f2da697bae5dd3b3116fc994103cea77b5f6e6c32113d20b1ad3a682c128c5539fcd183e8954475dbb7689740a6ea2ec8c59358377699920603032db1401a8051970a9b96f66b819835c2053e3414a72e2b29c0cc235a8095ccc701cc4281527c94cf1b71135d684cee2f9bfadb3cb6c57cd79ebc1295940134c6ff31943ec94ccc7aab6a2368e420016be875b2a000dd1bb7c84998ba93da1a2951e8d9679becc09421c33b681e99f5d66c95