chalk.com

- Cloudflare, Inc. -

Issued by Cloudflare Inc ECC CA-3

About this certificate

This digital certificate with serial number 0b:50:a2:d9:77:72:c1:31:93:07:c6:3f:4c:96:88:78 was issued on by Cloudflare, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Cloudflare, Inc.

Organization: Cloudflare, Inc.
State / Province: California
Locality: San Francisco
Country: US

Cloudflare, Inc.

Organization: Cloudflare, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0b:50:a2:d9:77:72:c1:31:93:07:c6:3f:4c:96:88:78
Serial Number (int): 15040194682151364021586693604209231992
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 59:0d:9a:76:dc:17:65:b9:c7:b0:30:8c:85:96:6d:01:8d:88:57:b3
AuthorityKeyId: a5:ce:37:ea:eb:b0:75:0e:94:67:88:b4:45:fa:d9:24:10:87:96:1f

Fingerprint (sha1): 49:94:08:05:e5:89:b2:10:f0:23:25:d4:ca:81:ee:80:e5:b4:14:67
Fingerprint (sha256): 00:c0:e7:21:22:22:a1:3a:09:96:93:01:b6:15:a9:ca:ce:60:73:fc:cc:83:49:00:2b:89:78:ad:6c:7a:c1:87

Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncECCCA-3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/CloudflareIncECCCA-3.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncECCCA-3.crl

Check the revocation status for certificate chalk.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for chalk.com

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA256

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.chalk.com
chalk.com

Other certificates including the domain name chalk.com

(limited to 100 certificates)
firebaseapp.com
chalk.com
ssl380286.cloudflaressl.com
ssl380286.cloudflaressl.com
studentsa.ru
support.chalk.com
firebaseapp.com
imperva.com
ssl380284.cloudflaressl.com
ssl380286.cloudflaressl.com
ssl2357.cloudflare.com
firebaseapp.com
firebaseapp.com
ssl380284.cloudflaressl.com
firebaseapp.com
firebaseapp.com
firebaseapp.com
ssl2357.cloudflare.com
firebaseapp.com
firebaseapp.com
firebaseapp.com
ssl380285.cloudflaressl.com
ssl380284.cloudflaressl.com
ssl380286.cloudflaressl.com
firebaseapp.com
sni.cloudflaressl.com
ssl380284.cloudflaressl.com
ssl380286.cloudflaressl.com
imperva.com
ssl380286.cloudflaressl.com
imperva.com
ssl2357.cloudflare.com
firebaseapp.com
chalk.com
support.chalk.com
ssl256046.cloudflaressl.com
ssl380285.cloudflaressl.com
firebaseapp.com
firebaseapp.com
ssl380285.cloudflaressl.com
ssl256044.cloudflaressl.com
firebaseapp.com
firebaseapp.com
ssl380284.cloudflaressl.com
link.chalk.com
imperva.com
firebaseapp.com
ssl380286.cloudflaressl.com
firebaseapp.com
ssl380285.cloudflaressl.com
ssl380284.cloudflaressl.com
support.chalk.com
ssl256045.cloudflaressl.com
firebaseapp.com
firebaseapp.com
imperva.com
benchmarkassociate.com
firebaseapp.com
ssl380285.cloudflaressl.com
ssl380286.cloudflaressl.com
firebaseapp.com
ssl2357.cloudflare.com
ssl380286.cloudflaressl.com
chalk.com
www.bet323bkk.com
ssl380285.cloudflaressl.com
thetiburondon.com
ssl2357.cloudflare.com
ssl380286.cloudflaressl.com
firebaseapp.com
ssl380286.cloudflaressl.com
ssl2357.cloudflare.com
ssl256046.cloudflaressl.com
ssl256046.cloudflaressl.com
staging.nlalarm.app
ssl380284.cloudflaressl.com
learn.chalk.com
ssl380284.cloudflaressl.com
firebaseapp.com
support.chalk.com
firebaseapp.com
ssl380286.cloudflaressl.com
ssl256045.cloudflaressl.com
sni.cloudflaressl.com
ssl256046.cloudflaressl.com
firebaseapp.com
ssl256046.cloudflaressl.com
ssl380284.cloudflaressl.com
firebaseapp.com
ssl256046.cloudflaressl.com
firebaseapp.com
firebaseapp.com
sni.cloudflaressl.com
ssl380286.cloudflaressl.com
ssl380286.cloudflaressl.com
firebaseapp.com
firebaseapp.com
firebaseapp.com
firebaseapp.com
firebaseapp.com

Certificate

The complete raw certificate details for chalk.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFEDCCBLagAwIBAgIQC1Ci2XdywTGTB8Y/TJaIeDAKBggqhkjOPQQDAjBKMQsw
CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX
Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjIwNzI4MDAwMDAwWhcNMjMwNzI3
MjM1OTU5WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjES
MBAGA1UEAxMJY2hhbGsuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHyJa
AayaQdqEF57ddT54k3pHlqWD5I3M7OKL5UW7y3xt1cLPkMZNuTy+9p1Rm3s+1WRO
IaAXLV/KyB3+XT9tJKOCA10wggNZMB8GA1UdIwQYMBaAFKXON+rrsHUOlGeItEX6
2SQQh5YfMB0GA1UdDgQWBBRZDZp23BdlucewMIyFlm0BjYhXszAhBgNVHREEGjAY
ggsqLmNoYWxrLmNvbYIJY2hhbGsuY29tMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwewYDVR0fBHQwcjA3oDWgM4YxaHR0cDov
L2NybDMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNybDA3oDWg
M4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0z
LmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8v
d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzAB
hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9j
YWNlcnRzLmRpZ2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0EtMy5jcnQwDAYD
VR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcA6D7Q2j71BjUy
51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGCRPCApAAABAMASDBGAiEAhjO6a15G
BfNiM/BNmf3VSlRCxHfBfKtF3Ztwi/uyCNgCIQDqfF7ebSAgwry4zDCjRDtPFWCk
Lniy0AUrfVU+y7VJkQB3ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZM
AAABgkTwgN0AAAQDAEgwRgIhAMZ+d6ebhl9qivnzzRq5sSe+nMoM4a/D00jQWbX7
/IMiAiEA7/0ib7fkcNpebwUns9CIlUDgPdFRsiIqh/vpOZrM3QQAdgC3Pvsk35xN
unXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYJE8IDJAAAEAwBHMEUCIQClaONf
Pz2yh/5u5C1oL0kE6LJLlvIvBA549/c2nPhtOQIgM/FJn0fDtCTfrjKFCn3VPMLx
BREF7plH6uNTvIEDZ8gwCgYIKoZIzj0EAwIDSAAwRQIgMd/ZbNYZ8FrtLkjMz5en
lnUReLV+GmQLeZKCz0irxy0CIQChC9D5cqfqfdxlJXQjPW5j3k4f6QgqH/Vo6668
zFXtpg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHyJaAayaQdqEF57ddT54k3pHlqWD
5I3M7OKL5UW7y3xt1cLPkMZNuTy+9p1Rm3s+1WROIaAXLV/KyB3+XT9tJA==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15040194682151364021586693604209231992
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc ECC CA-3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chalk.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				00041f225a01ac9a41da84179edd753e78937a4796a583e48dccece28be545bbcb7c6dd5c2cf90c64db93cbef69d519b7b3ed5644e21a0172d5fcac81dfe5d3f6d24
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5ce37eaebb0750e946788b445fad9241087961f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							590d9a76dc1765b9c7b0308c85966d018d8857b3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.chalk.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chalk.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncECCCA-3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018244f080a400000403004830460221008633ba6b5e4605f36233f04d99fdd54a5442c477c17cab45dd9b708bfbb208d8022100ea7c5ede6d2020c2bcb8cc30a3443b4f1560a42e78b2d0052b7d553ecbb5499100770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000018244f080dd0000040300483046022100c67e77a79b865f6a8af9f3cd1ab9b127be9cca0ce1afc3d348d059b5fbfc8322022100effd226fb7e470da5e6f0527b3d0889540e03dd151b2222a87fbe9399accdd04007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018244f080c90000040300473045022100a568e35f3f3db287fe6ee42d682f4904e8b24b96f22f040e78f7f7369cf86d39022033f1499f47c3b424dfae32850a7dd53cc2f1051105ee9947eae353bc810367c8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . [c:0|t:3|false] BIT STRING (568 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22558837089204627396840860445003005883137092238545932503346187562386073569069
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 72843246227959981192535526722345137431423104753455264633903409097976791297446