themaineidea.bynder.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 01:e1:5a:f0:d7:e0:25:5a:0f:0f:b1:66:88:ea:8f:5b was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=themaineidea.bynder.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:e1:5a:f0:d7:e0:25:5a:0f:0f:b1:66:88:ea:8f:5bSerial Number (int): 2499339287388837047137327048374783835
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: b6:b8:6f:91:62:64:47:2e:50:2f:6b:19:09:3a:a5:db:4d:4c:10:dd
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): c7:3a:07:9f:cd:3c:df:12:b9:db:1d:4b:61:32:be:e3:4d:8c:0c:53
Fingerprint (sha256): 05:46:cc:2e:6a:a0:0a:3b:e3:71:8b:78:d3:a4:1b:fa:53:4b:f5:98:2d:b8:f9:42:65:3d:1a:d4:a3:77:a8:57
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate themaineidea.bynder.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for themaineidea.bynder.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
themaineidea.bynder.com
Other certificates including the domain name bynder.com
(limited to 100 certificates)
amazonconsumertalent.bynder.com
okstate.bynder.com
dns-vetting1d.map.fastly.net
seidor-demo.bynder.com
motherspolishco.bynder.com
sandbox-mediebibliotek-cancer.bynder.com
mindbody.bynder.com
japan-status.dialpad.com
davidlloyd.bynder.com
tece.bynder.com
statuspage.io
educationtest.bynder.com
now.phtech.com
blog.bynder.com
gls.bynder.com
developer.bynder.com
customersuccess.bynder.com
dns-vetting1d.map.fastly.net
secure0039.hubspot.com
testted.bynder.com
monash.bynder.com
nicolefranchina-demo.bynder.com
amnesty.bynder.com
dns-vetting1d.map.fastly.net
san-1-s51.tlsprovisioning.exacttarget.com
mit.bynder.com
kreon.bynder.com
dns-vetting1d.map.fastly.net
niko-demo.bynder.com
whitecap.bynder.com
vbs-acc-cmek.bynder.com
scotforge.bynder.com
christiannebakker-demo.bynder.com
dns-vetting1d.map.fastly.net
leo-furlan.bynder.com
chloe-vervialle.bynder.com
playstationdemo.bynder.com
easee.bynder.com
now.phtech.com
miele-demo.bynder.com
geoip.bynder.com
curology.bynder.com
japan-status.dialpad.com
now.phtech.com
lnw.bynder.com
statuspage.io
statuspage.io
bas-van-reeuwijk.bynder.com
statuspage.io
glenraven.bynder.com
netgear.bynder.com
twentythree.net
dns-vetting1d.map.fastly.net
tvh.bynder.com
infobip.bynder.com
interwellhealth.bynder.com
japan-status.dialpad.com
static-fonts-production-us-only.bynder.com
newportalnurah.bynder.com
knapp.bynder.com
statuspage.io
jiskalocal.bynder.com
otis.bynder.com
tkdigital-demo.bynder.com
natashatest.bynder.com
vi-mera-sandbox.bynder.com
ubrands.bynder.com
nicole-fournier.bynder.com
menashapackaging.bynder.com
twentythree.net
themaineidea.bynder.com
oneskycollective.bynder.com
ssl419912.cloudflaressl.com
twentythree.net
now.phtech.com
dns-vetting1d.map.fastly.net
pattisonag.bynder.com
visitmonaco.bynder.com
ticketswap.bynder.com
formswim.bynder.com
testted.bynder.com
adventures.bynder.com
brand.bynder.com
norgine.bynder.com
dampioneers-sandbox.bynder.com
dns-vetting1d.map.fastly.net
etonshirts.bynder.com
archant.bynder.com
niko-demo.bynder.com
now.phtech.com
redseaglobal.bynder.com
now.phtech.com
creative-demo.bynder.com
ben-purzak.bynder.com
ariadnelabs.bynder.com
otis.bynder.com
ielts.bynder.com
quantresolutions-demo.bynder.com
dns-vetting1d.map.fastly.net
lg.bynder.com
okstate.bynder.com
dns-vetting1d.map.fastly.net
seidor-demo.bynder.com
motherspolishco.bynder.com
sandbox-mediebibliotek-cancer.bynder.com
mindbody.bynder.com
japan-status.dialpad.com
davidlloyd.bynder.com
tece.bynder.com
statuspage.io
educationtest.bynder.com
now.phtech.com
blog.bynder.com
gls.bynder.com
developer.bynder.com
customersuccess.bynder.com
dns-vetting1d.map.fastly.net
secure0039.hubspot.com
testted.bynder.com
monash.bynder.com
nicolefranchina-demo.bynder.com
amnesty.bynder.com
dns-vetting1d.map.fastly.net
san-1-s51.tlsprovisioning.exacttarget.com
mit.bynder.com
kreon.bynder.com
dns-vetting1d.map.fastly.net
niko-demo.bynder.com
whitecap.bynder.com
vbs-acc-cmek.bynder.com
scotforge.bynder.com
christiannebakker-demo.bynder.com
dns-vetting1d.map.fastly.net
leo-furlan.bynder.com
chloe-vervialle.bynder.com
playstationdemo.bynder.com
easee.bynder.com
now.phtech.com
miele-demo.bynder.com
geoip.bynder.com
curology.bynder.com
japan-status.dialpad.com
now.phtech.com
lnw.bynder.com
statuspage.io
statuspage.io
bas-van-reeuwijk.bynder.com
statuspage.io
glenraven.bynder.com
netgear.bynder.com
twentythree.net
dns-vetting1d.map.fastly.net
tvh.bynder.com
infobip.bynder.com
interwellhealth.bynder.com
japan-status.dialpad.com
static-fonts-production-us-only.bynder.com
newportalnurah.bynder.com
knapp.bynder.com
statuspage.io
jiskalocal.bynder.com
otis.bynder.com
tkdigital-demo.bynder.com
natashatest.bynder.com
vi-mera-sandbox.bynder.com
ubrands.bynder.com
nicole-fournier.bynder.com
menashapackaging.bynder.com
twentythree.net
themaineidea.bynder.com
oneskycollective.bynder.com
ssl419912.cloudflaressl.com
twentythree.net
now.phtech.com
dns-vetting1d.map.fastly.net
pattisonag.bynder.com
visitmonaco.bynder.com
ticketswap.bynder.com
formswim.bynder.com
testted.bynder.com
adventures.bynder.com
brand.bynder.com
norgine.bynder.com
dampioneers-sandbox.bynder.com
dns-vetting1d.map.fastly.net
etonshirts.bynder.com
archant.bynder.com
niko-demo.bynder.com
now.phtech.com
redseaglobal.bynder.com
now.phtech.com
creative-demo.bynder.com
ben-purzak.bynder.com
ariadnelabs.bynder.com
otis.bynder.com
ielts.bynder.com
quantresolutions-demo.bynder.com
dns-vetting1d.map.fastly.net
lg.bynder.com
Certificate
The complete raw certificate details for themaineidea.bynder.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEbTCCA1WgAwIBAgIQAeFa8NfgJVoPD7FmiOqPWzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDUyNzAwMDAwMFoXDTI1MDYyNjIzNTk1OVowIjEg MB4GA1UEAxMXdGhlbWFpbmVpZGVhLmJ5bmRlci5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDOVwF2X1KpaRkbPAlVC1a+q2OFNvit8jqMbaKP/4Y0 5GzX6hVFg1JfF/KXJMn4csqqoIWk6Vtt3vdNcBUYTCDtqCxDiRhn841E0THNQ/WR zsXPsArR0oet5J7UWznsWk3ehNedy+aJP46XFfOHc8tZcbKrstXzkPlmMoNm6T08 hKa4RyR9anW1xLikFgbLgQ4tDmLngIsUCCD78rD80bKJrHLHsM4rT0vI15pKHQdW sis/jytsrap1umC9zKvuuDk6cWlgBniVTiMOm2uTjJ7Ky4irSCE4I5bOfdtMaZzG CW6pNDg+9Uz9WaoFMdhqZ2FxwiOoTFEpVNHaexdSwHZHAgMBAAGjggGDMIIBfzAf BgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUtrhvkWJk Ry5QL2sZCTql201MEN0wIgYDVR0RBBswGYIXdGhlbWFpbmVpZGVhLmJ5bmRlci5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v Y3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29t L3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G CSqGSIb3DQEBCwUAA4IBAQAiuQKVHFbM+vo2U9IIzg1txhkqI1vLiAgsBYvXPcSj p1WrU5PSpVqZ7+Y9obNj8XRlgAEZiaqMjXa1PDS0CHGpEcQWXZhUahqhLdpFG8n4 FPbHnTOy3zUpuZh+NtuN7mxruEn5UeLYBsTRlMpeVP3oT5Dh3m2L73YDt683/TjC cbS53wd46B3L0sd2zzi0CqDUeUMOMAFsBbKP10XFq3bf2ur4OOnfxI7k+mT2f98z Wo8c7/GFxTCPq/n9SBnNaHQlO9MnezinKP42u+0yK2GaKI98Y2EYV7itqv39YacH CILLuJsn+dxRfGAYY/HupVqa9SknEaqSTk0cj3ryi39z -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlcBdl9SqWkZGzwJVQtW vqtjhTb4rfI6jG2ij/+GNORs1+oVRYNSXxfylyTJ+HLKqqCFpOlbbd73TXAVGEwg 7agsQ4kYZ/ONRNExzUP1kc7Fz7AK0dKHreSe1Fs57FpN3oTXncvmiT+OlxXzh3PL WXGyq7LV85D5ZjKDZuk9PISmuEckfWp1tcS4pBYGy4EOLQ5i54CLFAgg+/Kw/NGy iaxyx7DOK09LyNeaSh0HVrIrP48rbK2qdbpgvcyr7rg5OnFpYAZ4lU4jDptrk4ye ysuIq0ghOCOWzn3bTGmcxgluqTQ4PvVM/VmqBTHYamdhccIjqExRKVTR2nsXUsB2 RwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2499339287388837047137327048374783835 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-26 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'themaineidea.bynder.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26047994938884737054959961090034922609903727645072160862686141348412920511331168621892419779726240022859529327550192329924011677925872564732301235695435886703146517623377121106077815138665702280145790983696720522913797681433335625933244942935927279434831507230147182165129015582869437200742922642980161423459900850186698315615671882267468132259815210355183614699142667156468961458052355672502911676619047218720209071389784013431290744307602583016173643776768449348331435692037761617921051269779941665060539658852697479965757463833828809507372568632402687508451119449264526558963996880291018968673648321988619432654407 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b6b86f916264472e502f6b19093aa5db4d4c10dd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'themaineidea.bynder.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0022b902951c56ccfafa3653d208ce0d6dc6192a235bcb88082c058bd73dc4a3a755ab5393d2a55a99efe63da1b363f1746580011989aa8c8d76b53c34b40871a911c4165d98546a1aa12dda451bc9f814f6c79d33b2df3529b9987e36db8dee6c6bb849f951e2d806c4d194ca5e54fde84f90e1de6d8bef7603b7af37fd38c271b4b9df0778e81dcbd2c776cf38b40aa0d479430e30016c05b28fd745c5ab76dfdaeaf838e9dfc48ee4fa64f67fdf335a8f1ceff185c5308fabf9fd4819cd6874253bd3277b38a728fe36bbed322b619a288f7c63611857b8adaafdfd61a7070882cbb89b27f9dc517c601863f1eea55a9af5292711aa924e4d1c8f7af28b7f73