KYCHFSPCH01.KY.GOV
- Commonwealth of Kentucky -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number e4:17:d3:05:50:a1:89:4e:00:00:00:00:50:f1:72:3a was issued on by Entrust, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DigitalSignature KeyEncipherment] (00000101) inconsistent with ExtKeyUsage clientAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
Commonwealth of Kentucky
Organization:
Commonwealth of Kentucky
State / Province:
Kentucky
Locality: Frankfort
Country: US
Locality: Frankfort
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): e4:17:d3:05:50:a1:89:4e:00:00:00:00:50:f1:72:3aSerial Number (int): 303187685876228389377025103684439208506
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 6f:49:73:50:60:ec:7c:aa:4e:a8:04:44:7e:7f:b4:34:96:d4:46:7d
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): f6:f1:bd:6e:3e:3f:5f:69:ec:0b:65:25:5b:f1:dd:e1:64:fc:71:2b
Fingerprint (sha256): 01:61:10:8a:ce:d7:1d:dd:30:2d:3d:81:59:d9:8d:21:4c:e7:06:7f:82:34:c9:a0:7e:ad:a0:b9:a5:e2:88:03
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate KYCHFSPCH01.KY.GOV
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for KYCHFSPCH01.KY.GOV
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
KYCHFSPCH01.KY.GOV
Other certificates including the domain name KY.GOV
(limited to 100 certificates)
Certificate
The complete raw certificate details for KYCHFSPCH01.KY.GOV in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUDCCBTigAwIBAgIRAOQX0wVQoYlOAAAAAFDxcjowDQYJKoZIhvcNAQELBQAw gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN MTkwNTA5MTgyNzQ4WhcNMjEwODA4MTg1NzQ2WjB0MQswCQYDVQQGEwJVUzERMA8G A1UECBMIS2VudHVja3kxEjAQBgNVBAcTCUZyYW5rZm9ydDEhMB8GA1UEChMYQ29t bW9ud2VhbHRoIG9mIEtlbnR1Y2t5MRswGQYDVQQDExJLWUNIRlNQQ0gwMS5LWS5H T1YwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWzewUA/zAggVfsY1g UzQ4TJD2Kh3Q0Ul4uw3QcL0DPNhLvqNVGkp00bXATnaXruiExdV+6erJg/b3Cceq /u1tw8C3BxTyY+C7rtmzuRpOdgZbo8C5CI700LKs4ATcJdTqy1u5bOSwM1fIQ8K/ k+CEy1vLC6k2gVzr0hkAepzSLBaBSCZ5AhhPoyJAB1FlTRrgGtw/TzKaLtG/VQIl Ldy6t/8ngHCJUuaCmU+xvuqFxxg0J4kLbWZP5TqsIP3ajjmSCcwfAkBT7SQbUpZS 9qfrtQ8K0sU3YUfrNrvsJ4BhVC9ZSPKfLU8o7uK+Y5a+47OitC06oE42tLWXbSUT EDU915bg4C5m+8yb45ThtU1FHRIbpWQp3lvrV/L/AR2W1m4rcqskY/4suzJlTvgw 7NH1OpcXU1bOfJWjn3bVu+nT1Pormuwm0MkqExAFtVFbfP/58QvxJ1V5YhgGu+/u zB/E5UFxE8jpziYbah584BipyzoTZr20HIFa1FjEYbBg6Hiv0GC3HEh71XQl9xmS naTI7Uf9sz7Dw3QN6JzD88P4nTlzktMvaOoCUl1LGHyFEn1U4JSKQx5/yjV7+BJ7 LjT8Q7nvHkRRFQ4VNDd6L+1GkFaNti2q8TIm9W9h/eYRmkSFVbM7dyejJURr/RQ5 b8zkzwLCw/SYrXd84/QiBXKSGQIDAQABo4IBlDCCAZAwEwYKKwYBBAHWeQIEAwEB /wQCBQAwHQYDVR0RBBYwFIISS1lDSEZTUENIMDEuS1kuR09WMA4GA1UdDwEB/wQE AwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJodHRw Oi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMEsGA1UdIAREMEIwNgYKYIZI AYb6bAoBBTAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3Jw YTAIBgZngQwBAgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8v b2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0 Lm5ldC9sMWstY2hhaW4yNTYuY2VyMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/ p2DGCky/MB0GA1UdDgQWBBRvSXNQYOx8qk6oBER+f7Q0ltRGfTAJBgNVHRMEAjAA MA0GCSqGSIb3DQEBCwUAA4IBAQAeAfctb24JjpvsFtPXB8KVY5J45ixXw7Ulxq9K EJa1X0O/lMJ7IoLUd3bpNER2HurQoIY2kC3UVdBiNNIujcYDQpAXc9E/AXXa6qkh luWSxjaioBLqg8IBZR1zWwS/aTrdaytg1Qxhhm9R5Jdzp9VISjhix82xiB+PoWaq ewJidUGZxPF6d3kgD8rM1QtXp7I9rqjtYKCeDl0KND4LIS8eSY/LZVPOuNUy7Lqa NVlq4FLf0MwauavMldrOgozuPQna9OLZFvoVCYz07yVypC5T3TmBTZqfbzj3Vvyp WwNdhw/KilE7kEIkBus7/TrNQeHVXHGoqDMrY/PS+rCaaS1e -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1s3sFAP8wIIFX7GNYFM0 OEyQ9iod0NFJeLsN0HC9AzzYS76jVRpKdNG1wE52l67ohMXVfunqyYP29wnHqv7t bcPAtwcU8mPgu67Zs7kaTnYGW6PAuQiO9NCyrOAE3CXU6stbuWzksDNXyEPCv5Pg hMtbywupNoFc69IZAHqc0iwWgUgmeQIYT6MiQAdRZU0a4BrcP08ymi7Rv1UCJS3c urf/J4BwiVLmgplPsb7qhccYNCeJC21mT+U6rCD92o45kgnMHwJAU+0kG1KWUvan 67UPCtLFN2FH6za77CeAYVQvWUjyny1PKO7ivmOWvuOzorQtOqBONrS1l20lExA1 PdeW4OAuZvvMm+OU4bVNRR0SG6VkKd5b61fy/wEdltZuK3KrJGP+LLsyZU74MOzR 9TqXF1NWznyVo5921bvp09T6K5rsJtDJKhMQBbVRW3z/+fEL8SdVeWIYBrvv7swf xOVBcRPI6c4mG2oefOAYqcs6E2a9tByBWtRYxGGwYOh4r9BgtxxIe9V0JfcZkp2k yO1H/bM+w8N0Deicw/PD+J05c5LTL2jqAlJdSxh8hRJ9VOCUikMef8o1e/gSey40 /EO57x5EURUOFTQ3ei/tRpBWjbYtqvEyJvVvYf3mEZpEhVWzO3cnoyVEa/0UOW/M 5M8CwsP0mK13fOP0IgVykhkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303187685876228389377025103684439208506 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-09 18:27:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-08 18:57:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kentucky' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Frankfort' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Commonwealth of Kentucky' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KYCHFSPCH01.KY.GOV' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 876325429000828562338863826221266318986408760848052405022308368719356765220539734154357260708667135661595105454225208553838132005754695812495416769050005548048888087406530925676099423230978884443765759837863177151863245787009935988442118489463916536739453427156523467367623152456252797696174350519116369765078146035038242144142352003895596051527903294863613223022058893411303382319913283278067431438798275257835694274945543537214536543084619332342229692062112708392311600767656956613609235393267475665830172892421573253328010856655140805569504898025075779271488184247142382085628256440318226827798349653698704643466240164933276155376813852094545273171215819644379629014332095461831050582646272559044183653909295620486849060807524615445956556987490534654989718308319792939215755935152829836575122706421822342503878154963348780241750936016452872426394709476893946002795285701536275374162739581278712076554723802482014450791692642455379844370865281607935677775880278953408712771654018201821005546893741559250128713474195741006373337864772612603578438526422847446374987003410305415983800714341007970085526977167349631592599120735064346990970368402764886930941691585881664131616925323898247335601187253346971104041998052105836929188270617 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'KYCHFSPCH01.KY.GOV' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6f49735060ec7caa4ea804447e7fb43496d4467d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001e01f72d6f6e098e9bec16d3d707c295639278e62c57c3b525c6af4a1096b55f43bf94c27b2282d47776e93444761eead0a08636902dd455d06234d22e8dc60342901773d13f0175daeaa92196e592c636a2a012ea83c201651d735b04bf693add6b2b60d50c61866f51e49773a7d5484a3862c7cdb1881f8fa166aa7b0262754199c4f17a7779200fcaccd50b57a7b23daea8ed60a09e0e5d0a343e0b212f1e498fcb6553ceb8d532ecba9a35596ae052dfd0cc1ab9abcc95dace828cee3d09daf4e2d916fa15098cf4ef2572a42e53dd39814d9a9f6f38f756fca95b035d870fca8a513b90422406eb3bfd3acd41e1d55c71a8a8332b63f3d2fab09a692d5e