*.dia.vaillant-group.com

Issued by GlobalSign RSA DV SSL CA 2018

About this certificate

This digital certificate with serial number 57:a5:ae:9f:53:03:23:15:27:8c:7d:c6 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.dia.vaillant-group.com,OU=Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 57:a5:ae:9f:53:03:23:15:27:8c:7d:c6
Serial Number (int): 27125493245475425134811315654
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 00:54:23:72:53:2e:03:b9:5d:7e:db:b5:cd:a9:b1:c4:56:f5:af:92
AuthorityKeyId: 81:80:d6:28:79:35:4a:5b:79:35:89:39:8f:12:17:6e:11:7b:2c:11

Fingerprint (sha1): 79:5d:8f:34:14:67:3e:4e:90:25:ba:be:c7:12:cf:56:fe:3f:ad:f2
Fingerprint (sha256): 09:8d:10:52:d3:81:c2:a6:fa:bb:cb:53:c4:05:0a:a1:fa:a2:bc:2a:24:26:12:78:73:4f:99:67:8d:09:d1:95

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsadvsslca2018.crt

Revocation information

OCSP Server: http://ocsp.globalsign.com/gsrsadvsslca2018
CRL Distribution Point: http://crl.globalsign.com/gsrsadvsslca2018.crl

Check the revocation status for certificate *.dia.vaillant-group.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.dia.vaillant-group.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.dia.vaillant-group.com
dia.vaillant-group.com

Other certificates including the domain name vaillant-group.com

(limited to 100 certificates)
wrm3.vaillant-group.com
sip.eb-com.com
vstart.vaillant-group.com
*.gorecord.vaillant-group.com
pool04.eb-com.com
ga.vaillant-group.com
*.vaillant-group.com
cn-shanghai-800b.vaillant-group.com
ga.vaillant-group.com
access.vaillant-group.com
jobs.vaillant-group.com
supplierquality.vaillant-group.com
*.vaillant-group.com
gb-vaillant-cssp-stage.vaillant-group.com
*.dia.vaillant-group.com
sip.eb-com.com
sync.vaillant-group.com
pool04.eb-com.com
sip.eb-com.com
jobs.vaillant-group.com
prometheus.apidev-dev.azure.vaillant-group.com
pool04.eb-com.com
www.vaillant.com
mdm.vaillant-group.com
mender.prod.azure.vaillant-group.com
akamai-san150.exacttarget.com
sync.vaillant-group.com
pool04.eb-com.com
jobs.vaillant-group.com
mailcrypt.vaillant-group.com
pool04.eb-com.com
pool04.eb-com.com
*.sslvpn.vaillant-group.com
sip.eb-com.com
san-18-s50.tlsprovisioning.exacttarget.com
sip.eb-com.com
www.vaillant.lt
www.vaillant.com
groupnet.vaillant-group.com
webshare.vaillant-group.com
sip.eb-com.com
tsbc-uk-be2.vaillant-group.com
ldaps.vaillant-group.com
groupspace.vaillant-group.com
www.vaillant-group.com
www.vaillant.com
dk-vaillant-cssp-stage.vaillant-group.com
mdm.vaillant-group.com
be-vaillant-cssp-stage.vaillant-group.com
pool04.eb-com.com
mdm.vaillant-group.com
vstart.vaillant-group.com
grafana.apidev-dev.azure.vaillant-group.com
pool04.eb-com.com
jira.vaillant-group.com
merchandising.vaillant-group.com
be-vaillant-cssp-stage.vaillant-group.com
www.vaillant.lt
vstart.vaillant-group.com
*.vaillant-group.com
akamai-san150.exacttarget.com
sip.eb-com.com
pool04.eb-com.com
sip.eb-com.com
awb.consent-portal-dev.azure.vaillant-group.com
sip.eb-com.com
www.vaillant.com
pool04.eb-com.com
at-vaillant-cssp-stage.vaillant-group.com
webshare.vaillant-group.com
mailcrypt.vaillant-group.com
futureclima.ziggu.app
jobs.vaillant-group.com
*.sslvpn.vaillant-group.com
pool04.eb-com.com
vaillant-demo.bee2bee.vaillant-group.com
sip.eb-com.com
jira.vaillant-group.com
jira-test.vaillant-group.com
vstart.vaillant-group.com
sds.vaillant-group.com
pool04.eb-com.com
vstart.vaillant-group.com
t04int01.vaillant-group.com
sip.eb-com.com
pool04.eb-com.com
*.gorecord.vaillant-group.com
*.vaillant-group.com
pool04.eb-com.com
sentry2.vaillant-group.com
sip.eb-com.com
*.gorecord.vaillant-group.com
teamshare.vaillant-group.com
pool04.eb-com.com
pool04.eb-com.com
sip.eb-com.com
sip.eb-com.com
sip.eb-com.com
sip.eb-com.com
be-bulex-cssp-stage.vaillant-group.com

Certificate

The complete raw certificate details for *.dia.vaillant-group.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIMV6Wun1MDIxUnjH3GMA0GCSqGSIb3DQEBCwUAMFAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H
bG9iYWxTaWduIFJTQSBEViBTU0wgQ0EgMjAxODAeFw0yMDAxMDkxMjQzMDVaFw0y
MjAxMDkxMjQzMDVaMEYxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRl
ZDEhMB8GA1UEAwwYKi5kaWEudmFpbGxhbnQtZ3JvdXAuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BLAuYbhxP+Pzzy3Po4oBISvkDwrHa3CgZK9
cKpbTMxlnUbLoNI4gIS9SLpMSw0bRr/t+GjSTmjeL1svlv6DETsp/XQpzuv77v27
g3grhkVRtQ47mMygIdBxVbTbLaaCcU/IreI7yP5Xxr8AU+3SCBMCsU+LinUFT8N7
+KvTjGk/Y0NvygDlyGmOYZtjgJHH4OAaq0YXHbR0YQd8r1OY4I/pgOhIjABomn8T
WWrWNCTOZv/w9mvR/Ph2DpODGAx8h56E7N3fnLddfICXdPus6W3xgc6p1qPa6odd
gMZYAMijfSGvr0+ps+yEQZ2Sc6b4I3Bjaz+azyNrFKJytmSMgwIDAQABo4IB+jCC
AfYwDgYDVR0PAQH/BAQDAgWgMIGOBggrBgEFBQcBAQSBgTB/MEQGCCsGAQUFBzAC
hjhodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc3JzYWR2c3Ns
Y2EyMDE4LmNydDA3BggrBgEFBQcwAYYraHR0cDovL29jc3AuZ2xvYmFsc2lnbi5j
b20vZ3Nyc2FkdnNzbGNhMjAxODBWBgNVHSAETzBNMEEGCSsGAQQBoDIBCjA0MDIG
CCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5
LzAIBgZngQwBAgEwCQYDVR0TBAIwADA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8v
Y3JsLmdsb2JhbHNpZ24uY29tL2dzcnNhZHZzc2xjYTIwMTguY3JsMDsGA1UdEQQ0
MDKCGCouZGlhLnZhaWxsYW50LWdyb3VwLmNvbYIWZGlhLnZhaWxsYW50LWdyb3Vw
LmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU
gYDWKHk1Slt5NYk5jxIXbhF7LBEwHQYDVR0OBBYEFABUI3JTLgO5XX7btc2pscRW
9a+SMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBOFukh
akazryOUBiUnYenO5Vj3xgMhM25e3moxQJZ74L2Asfjjg4e259gyUNX8HdgdEbcT
qqS936cMDC2HO9PuPcdUFbWbmCe/lbf3GN6ZrpfqgkLXH2EQhV24tEn+b40FPOQD
jRz1/rXcsbcSRpLhQ+64GQOoBrLXV233yZh7gF5vxIvj2cgnDD4MbOgpmb23+kSH
woDH4VgzgtoB0rVdFaQwcQpWXRACwzViYcCLK/d4KB7fpK9aDQXz1USMbUIbqPXB
r6BsGK0sayphT9eAtRILaOiq26kfwYhfCd9OOB+3zYjWmQN5ZXchpvjB7zrBXQ6f
CF1IsS9qMqsxl7zm
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BLAuYbhxP+Pzzy3Po4o
BISvkDwrHa3CgZK9cKpbTMxlnUbLoNI4gIS9SLpMSw0bRr/t+GjSTmjeL1svlv6D
ETsp/XQpzuv77v27g3grhkVRtQ47mMygIdBxVbTbLaaCcU/IreI7yP5Xxr8AU+3S
CBMCsU+LinUFT8N7+KvTjGk/Y0NvygDlyGmOYZtjgJHH4OAaq0YXHbR0YQd8r1OY
4I/pgOhIjABomn8TWWrWNCTOZv/w9mvR/Ph2DpODGAx8h56E7N3fnLddfICXdPus
6W3xgc6p1qPa6oddgMZYAMijfSGvr0+ps+yEQZ2Sc6b4I3Bjaz+azyNrFKJytmSM
gwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 27125493245475425134811315654
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA DV SSL CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-09 12:43:05 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-09 12:43:05 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.dia.vaillant-group.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28286627677975631505693885229960234445539382917595107167315808447712966936301579270612667632623186354031632049395009981566379123342561683140586697220412121117068885571650531469961349470348371195897617226524000770283200923159151627274189553984241577481943783290251966140800793227570228737359065041203534643748718682758192063174245960050856061015141461632968115214127205534232067893708828474683794149700613750380328468558001249346175858610506330763345012425247896599554550562311730043195323583396713724937961899590112112351840768543328023179177001699822559418322797627901540353439250960432489138323053691217043840601219
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsadvsslca2018.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsadvsslca2018'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsrsadvsslca2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dia.vaillant-group.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dia.vaillant-group.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8180d62879354a5b793589398f12176e117b2c11
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							00542372532e03b95d7edbb5cda9b1c456f5af92
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004e16e9216a46b3af239406252761e9cee558f7c60321336e5ede6a3140967be0bd80b1f8e38387b6e7d83250d5fc1dd81d11b713aaa4bddfa70c0c2d873bd3ee3dc75415b59b9827bf95b7f718de99ae97ea8242d71f6110855db8b449fe6f8d053ce4038d1cf5feb5dcb1b7124692e143eeb81903a806b2d7576df7c9987b805e6fc48be3d9c8270c3e0c6ce82999bdb7fa4487c280c7e1583382da01d2b55d15a430710a565d1002c3356261c08b2bf778281edfa4af5a0d05f3d5448c6d421ba8f5c1afa06c18ad2c6b2a614fd780b5120b68e8aadba91fc1885f09df4e381fb7cd88d6990379657721a6f8c1ef3ac15d0e9f085d48b12f6a32ab3197bce6