staging-ws.323069526440.wearsafe.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0f:e1:91:28:84:dd:5d:1a:c9:b5:ee:d7:5c:ba:75:a9 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=staging-ws.323069526440.wearsafe.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:e1:91:28:84:dd:5d:1a:c9:b5:ee:d7:5c:ba:75:a9
Serial Number (int): 21109630889582737949546864565357802921
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 05:86:cc:e5:16:c2:a1:14:cf:f2:06:a0:c4:63:06:5b:6b:d8:5a:0a
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 20:e5:20:a5:23:1b:af:01:12:c6:8f:3b:79:66:1c:6c:9a:89:41:91
Fingerprint (sha256): 0a:57:23:02:14:dd:9f:27:69:a5:2f:d1:7e:43:52:de:a8:38:90:77:e9:f1:18:29:72:b1:4a:f7:ed:10:1f:fd

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate staging-ws.323069526440.wearsafe.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for staging-ws.323069526440.wearsafe.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

staging-ws.323069526440.wearsafe.com
*.staging-ws.323069526440.wearsafe.com

Other certificates including the domain name wearsafe.com

(limited to 100 certificates)
sni44311.cloudflaressl.com
ssl372925.cloudflaressl.com
ssl372925.cloudflaressl.com
buy.wearsafe.com
ssl372925.cloudflaressl.com
info.wearsafe.com
perf-ws.323069526440.wearsafe.com
ssl372925.cloudflaressl.com
info.wearsafe.com
*.wearsafe.com
staging-ws.323069526440.wearsafe.com
ssl372925.cloudflaressl.com
www.pinioninnovations.com
www.mission45.be
ssl372925.cloudflaressl.com
threepillarsholdings.com
ssl372924.cloudflaressl.com
enterprise.stratj.app
*.wearsafe.com
ssl372925.cloudflaressl.com
ssl372924.cloudflaressl.com
ssl372924.cloudflaressl.com
sni44311.cloudflaressl.com
buy.wearsafe.com
ssl372924.cloudflaressl.com
ssl372925.cloudflaressl.com
ssl372924.cloudflaressl.com
ssl372924.cloudflaressl.com
sni44311.cloudflaressl.com
ssl372923.cloudflaressl.com
sni44311.cloudflaressl.com
ssl372925.cloudflaressl.com
wearsafe.com
ssl372925.cloudflaressl.com
yabuchin.com
blog.wearsafe.com
ssl372924.cloudflaressl.com
perf-ws.323069526440.wearsafe.com
store.wearsafe.com
admin.buytime.network
patrickb.dev
sni44311.cloudflaressl.com
wearsafe.com
auth.bodyhackers.cloud
sni.cloudflaressl.com
ssl372925.cloudflaressl.com
smartbate.com
sni44311.cloudflaressl.com
*.wearsafe.com
ssl372924.cloudflaressl.com
www.mattandchloe.co.uk
ssl372923.cloudflaressl.com
info.wearsafe.com
quill.morishin.me
www.nox.com.ua
sni44311.cloudflaressl.com
elementsmediaworks.com
*.platform.wearsafe.com
www.mattandchloe.co.uk
staging-ws.323069526440.wearsafe.com
ssl372925.cloudflaressl.com
ssl372923.cloudflaressl.com
*.wearsafe.com
ssl372924.cloudflaressl.com
ssl372924.cloudflaressl.com
ssl372923.cloudflaressl.com
kobratransport.dk
sni44311.cloudflaressl.com
*.wearsafe.com
build-ws.323069526440.wearsafe.com
sni44311.cloudflaressl.com
ssl372925.cloudflaressl.com
sni44311.cloudflaressl.com
ssl372924.cloudflaressl.com
staging.app.upper.ai
ssl372924.cloudflaressl.com
ssl372925.cloudflaressl.com
ssl372923.cloudflaressl.com
www.lenndesign.com
pertubuhansihatjohor.org.my
sni44311.cloudflaressl.com
demo.grobox.co.ke
sni44311.cloudflaressl.com
ssl372925.cloudflaressl.com
wearsafe.com
ssl372924.cloudflaressl.com
ssl372925.cloudflaressl.com
server.myatlasclub.com
buy.wearsafe.com
melbite.com
ssl372923.cloudflaressl.com
sni44311.cloudflaressl.com
ssl372925.cloudflaressl.com
support.wearsafe.com
www.lawlivestream.tk
sni44311.cloudflaressl.com
sni.cloudflaressl.com
tokusetsu4.sanographix.net
ssl372924.cloudflaressl.com
ssl372925.cloudflaressl.com

Certificate

The complete raw certificate details for staging-ws.323069526440.wearsafe.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIQD+GRKITdXRrJte7XXLp1qTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTExMTUwMDAwMDBaFw0yMDEyMTUx
MjAwMDBaMC8xLTArBgNVBAMTJHN0YWdpbmctd3MuMzIzMDY5NTI2NDQwLndlYXJz
YWZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKesEk8onBnk
t3yfTz7Y/M0jmyzuOd1dJnLmj0kMCIFoFUZL33VCnqkqRJYtIwMhiM8Zp7weDjaX
Bb6SSjdMd+pMxe8hSFhe7WL/QlaGb7j8oKkCnJojICLVgmNo96hsSoneRx8TWF3C
sAh4y2mE8dnTd+J07h5OKkcmIF/TD7jvpWdJVi1qIITM9fDq1xw8ro9dX41Bl5pD
46/wd8F8pEE/9XUJjdRm24bZbm0Z6iE1QAoDOO7dhb3g/1FpZGtV3BMdN+lrvpj1
gVg1KH4hcqSW5vvUQhYLUth/Od+RRg1D3O8NpCHEu301XbKmQL7wQug93231LQbu
ZjukwMC6niECAwEAAaOCArgwggK0MB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcn
lnRb+T3QMB0GA1UdDgQWBBQFhszlFsKhFM/yBqDEYwZba9haCjBXBgNVHREEUDBO
giRzdGFnaW5nLXdzLjMyMzA2OTUyNjQ0MC53ZWFyc2FmZS5jb22CJiouc3RhZ2lu
Zy13cy4zMjMwNjk1MjY0NDAud2VhcnNhZmUuY29tMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYq
aHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1Ud
IAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYI
KwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2Bggr
BgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIu
Y3J0MAwGA1UdEwEB/wQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCkuQmQ
tBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAW5xJ/4JAAAEAwBHMEUCIQDK
zDTAOGSZsos7RVxKh5I8gPbCAJrXZBKTqnm4rc4y6AIgEO6R73fY7TxNj1K3LI0J
jai+2kaotlI/eQw4tMaOknoAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/
XqCDDwAAAW5xJ/6dAAAEAwBHMEUCIFmJAOqTzx3X5IqZn4/82z7w8DKkY12yW7qN
NvZoBhDSAiEAy3PiKsIFfQshlA/BsbvNtKCbxJ9Hwdm8gHxm88XZdaowDQYJKoZI
hvcNAQELBQADggEBAFwfPoInVBmtwxvC0Pdz6oLz4VBhtpLdb+74+0XoLpogKIh3
3yehjhebRIjATrOlGUK/zJwKLHUCSqg01a/LtKw0SRFZ1Ewi92MVBsaNmMnIWKAc
7K3WlzAzZM0yzUSrM8siWZKfTcX1ZODJ2tYU3dMU9u8pIdfAe14fzQxIajm6lxXI
OvXZWS3/Wc56BR8esfF4jnH2X9Q1fcKtTObalwmFTPeyOEpHhY8oTeaJJklyYCqa
XS8Y1fSA0c894DeFj3yHFJyutCOO3oc7rZn/vkI+5QvmP9Yt0H0X6cw6dGUbUNpp
gkd4+bXRGGq/0bnqJKC4S5DAbTvvVrC1ReCt8U8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6wSTyicGeS3fJ9PPtj8
zSObLO453V0mcuaPSQwIgWgVRkvfdUKeqSpEli0jAyGIzxmnvB4ONpcFvpJKN0x3
6kzF7yFIWF7tYv9CVoZvuPygqQKcmiMgItWCY2j3qGxKid5HHxNYXcKwCHjLaYTx
2dN34nTuHk4qRyYgX9MPuO+lZ0lWLWoghMz18OrXHDyuj11fjUGXmkPjr/B3wXyk
QT/1dQmN1GbbhtlubRnqITVACgM47t2FveD/UWlka1XcEx036Wu+mPWBWDUofiFy
pJbm+9RCFgtS2H8535FGDUPc7w2kIcS7fTVdsqZAvvBC6D3fbfUtBu5mO6TAwLqe
IQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 21109630889582737949546864565357802921
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-15 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging-ws.323069526440.wearsafe.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21166648558487233002198346142768160849553293475714836049909584208750238781891617504464514393200387318745224315618332176624808160089156605815648857676845539336079834028076690961291558974638841668588805196244138383411950244242962115644821383439899242813641440983770734739915772074753669066244296957278115574770449057868882629512932875153438585222340334376300114791879877834697157474152034997725672296058660920196195571476293759276962374506475393220043821278413627267333690055829519779514561310386551180402203078892517303535908949528475409308130658789793104281460006151896868181274630911392704756457935317307478739951137
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0586cce516c2a114cff206a0c463065b6bd85a0a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-ws.323069526440.wearsafe.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging-ws.323069526440.wearsafe.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016e7127fe090000040300473045022100cacc34c0386499b28b3b455c4a87923c80f6c2009ad7641293aa79b8adce32e8022010ee91ef77d8ed3c4d8f52b72c8d098da8beda46a8b6523f790c38b4c68e927a0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016e7127fe9d00000403004730450220598900ea93cf1dd7e48a999f8ffcdb3ef0f032a4635db25bba8d36f6680610d2022100cb73e22ac2057d0b21940fc1b1bbcdb4a09bc49f47c1d9bc807c66f3c5d975aa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005c1f3e82275419adc31bc2d0f773ea82f3e15061b692dd6feef8fb45e82e9a20288877df27a18e179b4488c04eb3a51942bfcc9c0a2c75024aa834d5afcbb4ac34491159d44c22f7631506c68d98c9c858a01cecadd697303364cd32cd44ab33cb2259929f4dc5f564e0c9dad614ddd314f6ef2921d7c07b5e1fcd0c486a39ba9715c83af5d9592dff59ce7a051f1eb1f1788e71f65fd4357dc2ad4ce6da9709854cf7b2384a47858f284de689264972602a9a5d2f18d5f480d1cf3de037858f7c87149caeb4238ede873bad99ffbe423ee50be63fd62dd07d17e9cc3a74651b50da69824778f9b5d1186abfd1b9ea24a0b84b90c06d3bef56b0b545e0adf14f