*.bridge.one.org
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0c:bc:0f:c6:47:75:50:09:57:97:54:5f:b7:d6:06:29 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.bridge.one.org
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:bc:0f:c6:47:75:50:09:57:97:54:5f:b7:d6:06:29Serial Number (int): 16927207704259028648265964664498030121
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: e4:ca:b3:eb:57:9d:b9:98:23:5e:3c:38:70:41:57:14:a3:2c:73:27
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 06:89:01:28:69:18:32:94:2d:66:c3:4a:d6:6e:13:91:c7:c7:28:69
Fingerprint (sha256): 0a:1c:72:41:4b:3d:86:18:99:c3:f3:b7:e0:69:87:af:ad:4b:0c:71:dc:df:49:40:be:44:2d:92:e3:10:ec:00
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.bridge.one.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.bridge.one.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.bridge.one.org
bridge.one.org
bridge.one.org
Other certificates including the domain name one.org
(limited to 100 certificates)
www-default.actionkit.com
one.org
one.org
act.one.org
www-default.actionkit.com
ssl7009.cloudflare.com
action.one.org
action.standupamerica.com
helpdesk.nibung.com
ssl278675.cloudflaressl.com
connecttheworld.staging.one.org
girlscount.one.org
www-default.actionkit.com
act.progressiowa.org
*.one.org
www-default.actionkit.com
*.bridge.one.org
*.one.org
one.org
act.ayannapressley.com
girlscount.staging.one.org
one.org
www-default.actionkit.com
one.org
act.represent.us
helpdesk.nibung.com
www-default.actionkit.com
www-default.actionkit.com
www-default.actionkit.com
one.org
ssl278675.cloudflaressl.com
www-default.actionkit.com
ssl278675.cloudflaressl.com
one.org
www-default.actionkit.com
girlscount.one.org
action.wemove.eu
actiontracker.staging.one.org
helpdesk.nibung.com
helpdesk.nibung.com
www-default.actionkit.com
ssl507706.cloudflaressl.com
www-default.actionkit.com
auth.makenaijastronger.one.org
act.represent.us
assets.one.org
helpdesk.nibung.com
www-default.actionkit.com
www-default.actionkit.com
www-default.actionkit.com
helpdesk.nibung.com
africaeurope-storefront.one.org
*.one.org
girlscount.one.org
ssl278675.cloudflaressl.com
www-default.actionkit.com
www-default.actionkit.com
one.org
helpdesk.nibung.com
ssl507704.cloudflaressl.com
www-default.actionkit.com
ssl507705.cloudflaressl.com
helpdesk.nibung.com
www-default.actionkit.com
helpdesk.nibung.com
www-default.actionkit.com
helpdesk.nibung.com
one.org
act.medicare4all.org
ssl310139.cloudflaressl.com
www-default.actionkit.com
www-default.actionkit.com
ssl7009.cloudflare.com
ssl7009.cloudflare.com
helpdesk.nibung.com
ssl507705.cloudflaressl.com
www-default.actionkit.com
www-default.actionkit.com
ssl278675.cloudflaressl.com
act.dirtroaddems.com
www-default.actionkit.com
act.leftnet.org
girlscount.one.org
helpdesk.nibung.com
www-default.actionkit.com
www-default.actionkit.com
ssl7009.cloudflare.com
connecttheworld.one.org
one.org
www-default.actionkit.com
one.org
act.progressnownm.org
one.org
ssl7009.cloudflare.com
www-default.actionkit.com
ssl507705.cloudflaressl.com
assets.one.org
ssl278674.cloudflaressl.com
one.org
ssl278675.cloudflaressl.com
one.org
one.org
act.one.org
www-default.actionkit.com
ssl7009.cloudflare.com
action.one.org
action.standupamerica.com
helpdesk.nibung.com
ssl278675.cloudflaressl.com
connecttheworld.staging.one.org
girlscount.one.org
www-default.actionkit.com
act.progressiowa.org
*.one.org
www-default.actionkit.com
*.bridge.one.org
*.one.org
one.org
act.ayannapressley.com
girlscount.staging.one.org
one.org
www-default.actionkit.com
one.org
act.represent.us
helpdesk.nibung.com
www-default.actionkit.com
www-default.actionkit.com
www-default.actionkit.com
one.org
ssl278675.cloudflaressl.com
www-default.actionkit.com
ssl278675.cloudflaressl.com
one.org
www-default.actionkit.com
girlscount.one.org
action.wemove.eu
actiontracker.staging.one.org
helpdesk.nibung.com
helpdesk.nibung.com
www-default.actionkit.com
ssl507706.cloudflaressl.com
www-default.actionkit.com
auth.makenaijastronger.one.org
act.represent.us
assets.one.org
helpdesk.nibung.com
www-default.actionkit.com
www-default.actionkit.com
www-default.actionkit.com
helpdesk.nibung.com
africaeurope-storefront.one.org
*.one.org
girlscount.one.org
ssl278675.cloudflaressl.com
www-default.actionkit.com
www-default.actionkit.com
one.org
helpdesk.nibung.com
ssl507704.cloudflaressl.com
www-default.actionkit.com
ssl507705.cloudflaressl.com
helpdesk.nibung.com
www-default.actionkit.com
helpdesk.nibung.com
www-default.actionkit.com
helpdesk.nibung.com
one.org
act.medicare4all.org
ssl310139.cloudflaressl.com
www-default.actionkit.com
www-default.actionkit.com
ssl7009.cloudflare.com
ssl7009.cloudflare.com
helpdesk.nibung.com
ssl507705.cloudflaressl.com
www-default.actionkit.com
www-default.actionkit.com
ssl278675.cloudflaressl.com
act.dirtroaddems.com
www-default.actionkit.com
act.leftnet.org
girlscount.one.org
helpdesk.nibung.com
www-default.actionkit.com
www-default.actionkit.com
ssl7009.cloudflare.com
connecttheworld.one.org
one.org
www-default.actionkit.com
one.org
act.progressnownm.org
one.org
ssl7009.cloudflare.com
www-default.actionkit.com
ssl507705.cloudflaressl.com
assets.one.org
ssl278674.cloudflaressl.com
one.org
ssl278675.cloudflaressl.com
Certificate
The complete raw certificate details for *.bridge.one.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2zCCBMOgAwIBAgIQDLwPxkd1UAlXl1Rft9YGKTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDUyMzAwMDAwMFoXDTI0MDYyMTIzNTk1OVowGzEZ MBcGA1UEAwwQKi5icmlkZ2Uub25lLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKDx/fVQiEn5CUweOfjCkkebp9knhpsPigfDvLQdIiyXOlQrmZGm /67xC9miexxxK2fp5pxvHTonVtHZcUsyvnmCbZjeU+33vd0e6q2F0vpIFoPqTEbu ayyU7hXFPN2Lp3zR/Q7SDBX0OtrBDZPNn2ySmNvER8hd28/m+PE1frQkbQkJHAaE ZeL2LxveLXto8xguqAU8xcmkToCSgl6aJJBm1WpVuJIlocivWIZaLNcAQMCfD4UR ZjJvt5JsV/gUeIv80MYIs4xdt981I445qeqQ6WU0U2b44D/HVsZCE1wrfCGtcslw W8yjukmy510t5tgIy16sUyOZJEJgHoLZOQkCAwEAAaOCAvgwggL0MB8GA1UdIwQY MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTkyrPrV525mCNePDhw QVcUoyxzJzArBgNVHREEJDAighAqLmJyaWRnZS5vbmUub3Jngg5icmlkZ2Uub25l Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1 c3QuY29tL3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcB AQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0 LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5j b20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSC AWkBZwB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiEb/ROgA AAQDAEcwRQIhAN5qJ6Eiprt+v4VTlI0kGx2gWsQ2Kt4NoPPyZkPKlausAiAXPO9V W2hWGI+RnXG8wni38I2M/8Sfj0tBhOMLGBfMPwB2AEiw42vapkc0D+VqAvqdMOsc UgHLVt0sgdm7v6s52IRzAAABiEb/RLMAAAQDAEcwRQIhAMdFXJWpbBtvmqh+m9cL AmYrXwLvTmkr1ezhm5N33VOfAiBjDThnsx4WVsUQk11aCNzMyYgWQZMINJrzOS0q 09cY4QB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiEb/RIoA AAQDAEYwRAIgfLAJ5xVgjM9BZFPNJx+GW6pAXmavkWxtOKn9fvMgXkgCIE+BF5Ut KO70l0CGgpDUFR4QUgwp3gwrobXU1z8PtbnAMA0GCSqGSIb3DQEBCwUAA4IBAQAD 6QbP8e6QDNh0mx21bnK2TMFKsaUqgzHD0HdLVmQAl95Jvn3z6SAodUShLf52RBuC KJBFF30lSM0em2s8PJk71tDICTgx0crQWSudO1q7qLw4+PZ18e5dP+LKlucWoOB7 WEAjBdI8+R76R2OMlIMJTYxupRyyekHV8NsKVV/aw3MutuP1jFQUCCqr3F1mq7G0 t8TD1k/tvyNBeUrk+0AWK+Urhis0DQ3r+QXwMFs4U2Tb9NPIYGOgV8ewGmnigaIf sEuUPLn5nGPjz5Kqkejq4U2h8IC3LU5Iphy8gWuPk9925ZGWfFBCyIQSyNBGwJGb yIa4WNNQb6JQ0R8z2ZT2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPH99VCISfkJTB45+MKS R5un2SeGmw+KB8O8tB0iLJc6VCuZkab/rvEL2aJ7HHErZ+nmnG8dOidW0dlxSzK+ eYJtmN5T7fe93R7qrYXS+kgWg+pMRu5rLJTuFcU83YunfNH9DtIMFfQ62sENk82f bJKY28RHyF3bz+b48TV+tCRtCQkcBoRl4vYvG94te2jzGC6oBTzFyaROgJKCXpok kGbValW4kiWhyK9Yhlos1wBAwJ8PhRFmMm+3kmxX+BR4i/zQxgizjF233zUjjjmp 6pDpZTRTZvjgP8dWxkITXCt8Ia1yyXBbzKO6SbLnXS3m2AjLXqxTI5kkQmAegtk5 CQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16927207704259028648265964664498030121 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.bridge.one.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20317459509344009532328113829940071367910825631115813160332723755074919843565200755152183379599447739219051214725808165163806019815090827432195244799952087721934562289968286467125687411514501956283806720581183609009903726995176823378626847237615940333766088857414308798548102563145026737562308405058254716207106398744394794876017408764640995807346567349289972965719813496219264822590865436072904736141897023985051859741852983395972573962447879087380072485460136800018734326353204713273610136556424476128037918014162129676861237304510430062698418988600622846828294143766709560559396642089487888354836694629570347350281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e4cab3eb579db998235e3c3870415714a32c7327 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bridge.one.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridge.one.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018846ff44e80000040300473045022100de6a27a122a6bb7ebf8553948d241b1da05ac4362ade0da0f3f26643ca95abac0220173cef555b6856188f919d71bcc278b7f08d8cffc49f8f4b4184e30b1817cc3f00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018846ff44b30000040300473045022100c7455c95a96c1b6f9aa87e9bd70b02662b5f02ef4e692bd5ece19b9377dd539f0220630d3867b31e1656c510935d5a08dcccc98816419308349af3392d2ad3d718e1007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018846ff448a000004030046304402207cb009e715608ccf416453cd271f865baa405e66af916c6d38a9fd7ef3205e4802204f8117952d28eef49740868290d4151e10520c29de0c2ba1b5d4d73f0fb5b9c0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0003e906cff1ee900cd8749b1db56e72b64cc14ab1a52a8331c3d0774b56640097de49be7df3e920287544a12dfe76441b82289045177d2548cd1e9b6b3c3c993bd6d0c8093831d1cad0592b9d3b5abba8bc38f8f675f1ee5d3fe2ca96e716a0e07b58402305d23cf91efa47638c9483094d8c6ea51cb27a41d5f0db0a555fdac3732eb6e3f58c5414082aabdc5d66abb1b4b7c4c3d64fedbf2341794ae4fb40162be52b862b340d0debf905f0305b385364dbf4d3c86063a057c7b01a69e281a21fb04b943cb9f99c63e3cf92aa91e8eae14da1f080b72d4e48a61cbc816b8f93df76e591967c5042c88412c8d046c0919bc886b858d3506fa250d11f33d994f6