welcome.alfabank.ru
- AO ALFA-BANK -
Issued by GlobalSign RSA OV SSL CA 2018
About this certificate
This digital certificate with serial number 4e:2a:e4:09:c7:e8:8b:ba:18:1c:7b:4c was issued on by GlobalSign nv-sa.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
AO ALFA-BANK
Organization:
AO ALFA-BANK
State / Province:
Moscow
Locality: Moscow
Country: RU
Locality: Moscow
Country: RU
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 4e:2a:e4:09:c7:e8:8b:ba:18:1c:7b:4cSerial Number (int): 24191682530472437767894498124
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: 87:94:5b:63:7b:95:43:f2:bd:78:ac:04:d9:14:86:26:ef:d7:c1:74
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb
Fingerprint (sha1): f6:cb:4f:53:c5:62:eb:db:e6:c8:f2:e5:b2:5d:0d:50:d7:94:df:4a
Fingerprint (sha256): 03:25:c2:28:16:39:51:e6:6b:c4:f2:e3:65:84:0d:af:00:5a:54:6b:9a:7d:3e:2c:08:08:ea:c5:15:ad:ab:76
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018Check the revocation status for certificate welcome.alfabank.ru
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for welcome.alfabank.ru
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
welcome.alfabank.ru
Other certificates including the domain name alfabank.ru
(limited to 100 certificates)
traveler2.alfabank.ru
agent.alfabank.ru
agent.alfabank.ru
digital.alfabank.ru
ib.alfabank.ru
travelernext.alfabank.ru
zp.alfabank.ru
anketa.alfabank.ru
ib.alfabank.ru
club.alfabank.ru
pilots.alfabank.ru
emp-lead.alfabank.ru
digp.alfabank.ru
alfapartners.alfabank.ru
click.alfabank.ru
welcome.alfabank.ru
cit.alfabank.ru
ctxvdi.alfabank.ru
my.alfabank.ru
settings.alfabank.ru
reg.alfabank.ru
trading.alfabank.ru
groupib-ac.alfabank.ru
anketa.alfabank.ru
rko.alfabank.ru
sense.alfabank.ru
payment.alfabank.ru
id.alfabank.ru
traveler2.alfabank.ru
job.alfabank.ru
zp.alfabank.ru
potok.alfabank.ru
alfapeople.alfabank.ru
telework.alfabank.ru
trade.alfabank.ru
click.alfabank.ru
link.alfabank.ru
travelervip.alfabank.ru
acs.alfabank.ru
emp-anketa.alfabank.ru
message.alfabank.ru
id-hub-sandbox.alfabank.ru
mind.alfabank.ru
testlink.alfabank.ru
blackstar.alfabank.ru
ecom.alfabank.ru
travelernext.alfabank.ru
sandbox.alfabank.ru
travelervip.alfabank.ru
alfago.alfabank.ru
click.alfabank.ru
travel.alfabank.ru
alfabank.ru
investments.alfabank.ru
CC.ALFABANK.RU
design.alfabank.ru
chatkb.alfabank.ru
design.alfabank.ru
link.alfabank.ru
nalog.alfabank.ru
zp.alfabank.ru
private.auth.alfabank.ru
store.alfabank.ru
private.auth.alfabank.ru
alfabank.ru
welcome.alfabank.ru
scf.alfabank.ru
club.alfabank.ru
usability.alfabank.ru
private.auth.alfabank.ru
link.alfabank.ru
digp.alfabank.ru
rko.alfabank.ru
alfapartners.alfabank.ru
megaplan.alfabank.ru
alfainvest.alfabank.ru
guarantees.alfabank.ru
click.alfabank.ru
digp.alfabank.ru
pay2.alfabank.ru
traveler2.alfabank.ru
ipoteka.alfabank.ru
testamcalls.alfabank.ru
abm.alfabank.ru
learn.alfabank.ru
alfabank.ru
atv.alfabank.ru
online.alfabank.ru
kassa.alfabank.ru
pay.alfabank.ru
online.alfabank.ru
baas.alfabank.ru
metrics.alfabank.ru
pilots.alfabank.ru
alfapartners.alfabank.ru
my.alfabank.ru
push.alfabank.ru
api.alfabank.ru
pay2.alfabank.ru
partner.alfabank.ru
agent.alfabank.ru
agent.alfabank.ru
digital.alfabank.ru
ib.alfabank.ru
travelernext.alfabank.ru
zp.alfabank.ru
anketa.alfabank.ru
ib.alfabank.ru
club.alfabank.ru
pilots.alfabank.ru
emp-lead.alfabank.ru
digp.alfabank.ru
alfapartners.alfabank.ru
click.alfabank.ru
welcome.alfabank.ru
cit.alfabank.ru
ctxvdi.alfabank.ru
my.alfabank.ru
settings.alfabank.ru
reg.alfabank.ru
trading.alfabank.ru
groupib-ac.alfabank.ru
anketa.alfabank.ru
rko.alfabank.ru
sense.alfabank.ru
payment.alfabank.ru
id.alfabank.ru
traveler2.alfabank.ru
job.alfabank.ru
zp.alfabank.ru
potok.alfabank.ru
alfapeople.alfabank.ru
telework.alfabank.ru
trade.alfabank.ru
click.alfabank.ru
link.alfabank.ru
travelervip.alfabank.ru
acs.alfabank.ru
emp-anketa.alfabank.ru
message.alfabank.ru
id-hub-sandbox.alfabank.ru
mind.alfabank.ru
testlink.alfabank.ru
blackstar.alfabank.ru
ecom.alfabank.ru
travelernext.alfabank.ru
sandbox.alfabank.ru
travelervip.alfabank.ru
alfago.alfabank.ru
click.alfabank.ru
travel.alfabank.ru
alfabank.ru
investments.alfabank.ru
CC.ALFABANK.RU
design.alfabank.ru
chatkb.alfabank.ru
design.alfabank.ru
link.alfabank.ru
nalog.alfabank.ru
zp.alfabank.ru
private.auth.alfabank.ru
store.alfabank.ru
private.auth.alfabank.ru
alfabank.ru
welcome.alfabank.ru
scf.alfabank.ru
club.alfabank.ru
usability.alfabank.ru
private.auth.alfabank.ru
link.alfabank.ru
digp.alfabank.ru
rko.alfabank.ru
alfapartners.alfabank.ru
megaplan.alfabank.ru
alfainvest.alfabank.ru
guarantees.alfabank.ru
click.alfabank.ru
digp.alfabank.ru
pay2.alfabank.ru
traveler2.alfabank.ru
ipoteka.alfabank.ru
testamcalls.alfabank.ru
abm.alfabank.ru
learn.alfabank.ru
alfabank.ru
atv.alfabank.ru
online.alfabank.ru
kassa.alfabank.ru
pay.alfabank.ru
online.alfabank.ru
baas.alfabank.ru
metrics.alfabank.ru
pilots.alfabank.ru
alfapartners.alfabank.ru
my.alfabank.ru
push.alfabank.ru
api.alfabank.ru
pay2.alfabank.ru
partner.alfabank.ru
Certificate
The complete raw certificate details for welcome.alfabank.ru in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIMTirkCcfoi7oYHHtMMA0GCSqGSIb3DQEBCwUAMFAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yMjEyMTEwOTE2MDFaFw0y NDAxMTIwOTE2MDBaMGQxCzAJBgNVBAYTAlJVMQ8wDQYDVQQIEwZNb3Njb3cxDzAN BgNVBAcTBk1vc2NvdzEVMBMGA1UEChMMQU8gQUxGQS1CQU5LMRwwGgYDVQQDExN3 ZWxjb21lLmFsZmFiYW5rLnJ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs3RIsbLS4UFbiyDyf6TlNPuKrta4I0uV6i7bgLD78x7NKcIFLv3aFzd/EV2j 1eUT5OZfNcy/i7IKakii+SuEvi747kWCEbWFQt3TmfYj5pg+rJjeOUgoDAFeOwta L8Rq5orgZtR6ZnanxUZMot7P6NhJzRgbobMDLBhTF1kGTX4/7dsH2BKMjx3g6C23 U2rvzuJF0PnWK9BPHqztq9MkNlUsiWuS3s6Z5SATBLzvWdQF8P4hvdbsSq0yn3QR 3cG0QvFDxMXUtjB208FT0tHT9jt8NQavLpzgSCXRQOOKdl/3qzENOwo8k1krf1BG wLy3x+oqkxylEr13t9+JwK2BJQIDAQABo4IBnDCCAZgwDgYDVR0PAQH/BAQDAgWg MIGOBggrBgEFBQcBAQSBgTB/MEQGCCsGAQUFBzAChjhodHRwOi8vc2VjdXJlLmds b2JhbHNpZ24uY29tL2NhY2VydC9nc3JzYW92c3NsY2EyMDE4LmNydDA3BggrBgEF BQcwAYYraHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAx ODBWBgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczov L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgIwCQYDVR0T BAIwADAeBgNVHREEFzAVghN3ZWxjb21lLmFsZmFiYW5rLnJ1MB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBT473/yzXhnqN5vjySNiPGH AwKz6zAdBgNVHQ4EFgQUh5RbY3uVQ/K9eKwE2RSGJu/XwXQwEwYKKwYBBAHWeQIE AwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBADpti2Czco/66LmtP+x45SURolI3 k+nDfZyd5A9jqEy2JQg2H4/TurLfLoWLOSJmm25RbbCHJzMotl0MmWtNqfIVliD5 koQYUrwxUnvkoV3rn39MwptwKXIjQEqG5ZsyiqeZbRZ8qy+R6lhX+dw/yw6fOkoP Uh5e+Bwye9A37Z8VVXGn0bp6uu8RjSkyF688dwMucinAM7MEUWpSEl38abVOJfHR aGM2sfJV+fz6pSs92+9hRcPumrnuw9xpTM+8NY8DKqOUXmWBxOm9K3LIOHmfOlpk dHnrovBZ6tMY0hKoLVACRsEJsbQfGIpbP7LZSdg9pS+HQlJndyI1q4vgn3c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3RIsbLS4UFbiyDyf6Tl NPuKrta4I0uV6i7bgLD78x7NKcIFLv3aFzd/EV2j1eUT5OZfNcy/i7IKakii+SuE vi747kWCEbWFQt3TmfYj5pg+rJjeOUgoDAFeOwtaL8Rq5orgZtR6ZnanxUZMot7P 6NhJzRgbobMDLBhTF1kGTX4/7dsH2BKMjx3g6C23U2rvzuJF0PnWK9BPHqztq9Mk NlUsiWuS3s6Z5SATBLzvWdQF8P4hvdbsSq0yn3QR3cG0QvFDxMXUtjB208FT0tHT 9jt8NQavLpzgSCXRQOOKdl/3qzENOwo8k1krf1BGwLy3x+oqkxylEr13t9+JwK2B JQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 24191682530472437767894498124 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-11 09:16:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 09:16:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Moscow' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Moscow' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AO ALFA-BANK' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'welcome.alfabank.ru' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22653998347479192959450453338005038887074888403602800914306232982434434584150676032502703341131962529476500802389292850902735442667432795125232040753765901541098365178176788150751060759367498388356759611825867200361592482487925445983327553189992160788512851650376272962922632268412894345211196832724480342376410319212328719630604345506051394377338335708061157026614128181200164698984633000460535153661583103027814860115970883428598743181949731025615440987499501517206686102262666328455561953693321827803478812645875808565970110848999053665750019675322841130316800875285711245217883786568357136097798601196729740919077 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'welcome.alfabank.ru' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 87945b637b9543f2bd78ac04d9148626efd7c174 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003a6d8b60b3728ffae8b9ad3fec78e52511a2523793e9c37d9c9de40f63a84cb62508361f8fd3bab2df2e858b3922669b6e516db087273328b65d0c996b4da9f2159620f992841852bc31527be4a15deb9f7f4cc29b70297223404a86e59b328aa7996d167cab2f91ea5857f9dc3fcb0e9f3a4a0f521e5ef81c327bd037ed9f155571a7d1ba7abaef118d293217af3c77032e7229c033b304516a52125dfc69b54e25f1d1686336b1f255f9fcfaa52b3ddbef6145c3ee9ab9eec3dc694ccfbc358f032aa3945e6581c4e9bd2b72c838799f3a5a647479eba2f059ead318d212a82d500246c109b1b41f188a5b3fb2d949d83da52f87425267772235ab8be09f77