ent-saas.people.com

Issued by Amazon

About this certificate

This digital certificate with serial number 04:4f:1e:b3:07:e6:1f:39:2f:99:99:3b:4c:53:72:dc was issued on by Amazon.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=ent-saas.people.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:4f:1e:b3:07:e6:1f:39:2f:99:99:3b:4c:53:72:dc
Serial Number (int): 5727726091537709933214387535919411932
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 96:05:2e:8d:85:d7:9d:d1:cb:27:69:d6:f0:e4:76:81:4e:a0:b6:f1
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 2b:4d:09:7a:e9:e6:8b:f1:44:01:bf:08:0d:7e:f0:6b:5c:60:9c:e2
Fingerprint (sha256): 0a:66:22:cc:5e:a2:e5:6f:81:fd:2c:ca:ca:b2:6e:c5:d0:c5:90:f6:52:d9:4a:c1:09:9e:f3:09:05:9f:0d:12

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate ent-saas.people.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ent-saas.people.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ent-saas.people.com
qa-sdk-ent-saas.people.com
dev-sdk-ent-saas.people.com
sdk-ent-saas.people.com
qa-ent-saas.people.com
dev-ent-saas.people.com

Other certificates including the domain name people.com

(limited to 100 certificates)
*.allyou.com
office.timeinc.com
subscription.timeinc.com
www.oxmoorhouse.com
subscription.timeinc.com
qa-subscription.ecommerce.timeinc.com
accounts.bhg.com
coupon-site.people.com
*.secure.meredith.com
secure.meredith.com
www.timeinclistrental.com
qa-subscription.ecommerce.timeinc.com
qa-subscription.ecommerce.timeinc.com
cgi.pathfinder.com
www.perkssignup.people.com
celebritybabies.people.com
smetrics.people.com
sli.dailypaws.com
office.timeinc.com
webreader.people.com
people.com
tracking.promocodesforyou.com
qa-subscription.ecommerce.timeinc.com
subscription.timeinc.com
app.dreader.timeinc.net
smetrics.people.com
www.meredith.com
xid.people.com
ent-saas.people.com
petbox.people.com
*.people.com
people.com
smetrics.people.com
specialoffers.meredith.com
celebritybabies.people.com
people.com
qa-www.oxmoorhouse.com
gdpr.ew.com
people.com
membership.people.com
qa-profiles-uat.timeinc.net
qa-profiles.timeinc.net
people.com
premium.people.com
games.people.com
tmpcaa.enterprise.corpad.timeinc.com
profiles.timeinc.net
dev-profiles.timeinc.net
sli.dailypaws.com
*.people.com
qa-www.oxmoorhouse.com
*.membership.people.com
www.timeinclistrental.com
cmbuild-aws-www.oxmoorhouse.com
dev.secure.meredith.com
celebritybabies.people.com
*.people.com
rails.timeinc.net
sli.dailypaws.com
xid.coastalliving.com
promotions.rslifestylers.com
xid.coastalliving.com
xid.coastalliving.com
celebritybabies.people.com
xid.people.com
www.reference.dcms-sa.timeinc.net
secure.meredith.com
celebritybabies.people.com
pages.email.coastalliving.com
accounts.bhg.com
office.timeinc.com
xid.coastalliving.com
subscription.timeinc.com
accounts.bhg.com
www.oxmoorhouse.com
accounts.people.com
subscription.timeinc.com
people.com
www.timeinclistrental.com
qa-www.oxmoorhouse.com
petbox.people.com
www.perkssignup.people.com
membership.people.com
coupon-site.people.com
smetrics.people.com
accounts.people.com
subscription.timeinc.com
www.meredith.com
subscription.timeinc.com
qa-profiles.timeinc.net
smetrics.people.com
secure.meredith.com
accounts.bhg.com
www.timeinclistrental.com
www.oxmoorhouse.com
qa-ucs.timeinc.net
celebritybabies.people.com
people.com
celebritybabies.people.com
dev-ucs.timeinc.net

Certificate

The complete raw certificate details for ent-saas.people.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgIQBE8eswfmHzkvmZk7TFNy3DANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTAxMDIwMDAwMDBaFw0yMjAxMzAy
MzU5NTlaMB4xHDAaBgNVBAMTE2VudC1zYWFzLnBlb3BsZS5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsZfYIfkkRG0baoPzqNiDDpz8/tfEn/qR9
JX1z3lDQBDyUv0KtL2ILTQVuobWIRsoJ7aaPvGWKxqExayDYJzTfFfJwGT02vRF3
tCrYREX3OcIKtZTfUSRGOSx1ugRjbw9KKXH6vhzcrXE01VFI+wmA7g6tMdcrOLOZ
h1LeASJuClUeqfprbxlpKc9vBQpnjgG7R4Hs9G6+qUM7k7qT+hAfY8SzltiZUvf/
UxCmfiJ7PrdUlugL8g/D07vlok21MSdGgvVoux1VSsnZqEM+AQNM1IBKyyy/lJuE
Bay/nM1AZcP+CQsvUExmCqMJmJsBE1tBft5BFPLOJgDBEiErp81XAgMBAAGjggMD
MIIC/zAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU
lgUujYXXndHLJ2nW8OR2gU6gtvEwgaMGA1UdEQSBmzCBmIITZW50LXNhYXMucGVv
cGxlLmNvbYIacWEtc2RrLWVudC1zYWFzLnBlb3BsZS5jb22CG2Rldi1zZGstZW50
LXNhYXMucGVvcGxlLmNvbYIXc2RrLWVudC1zYWFzLnBlb3BsZS5jb22CFnFhLWVu
dC1zYWFzLnBlb3BsZS5jb22CF2Rldi1lbnQtc2Fhcy5wZW9wbGUuY29tMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0f
BDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2Nh
MWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEF
BQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRy
dXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVz
dC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggECBgorBgEEAdZ5AgQCBIHz
BIHwAO4AdQApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAXbAm1Tg
AAAEAwBGMEQCIGVJXW/ms4bLmkbvKWcVEyJBUxjwHgrkgOjyL6sywGkVAiBuere+
QtH5PnFJw6cfUoe3Z2rqk3CwHtwpUDQn1ym1ywB1ACJFRQdZVSRWlj+hL/H3bYbg
IyZjrcBLf13Gg1xu4g8CAAABdsCbVS4AAAQDAEYwRAIgEVcXDTHfl1clvJSdtGXA
eIb2S/EnIjTq2yZEYQE1UiMCIGJRMVeySOrymAdyXTzRz6qXQD8DwaOR3/FhFTfD
ByZEMA0GCSqGSIb3DQEBCwUAA4IBAQCpuIcWLuS0WDwVYBmeZGEEUgDJeaJ4sQ/c
DEXMITedSaf51tdFjj//5xn00LlXuJC1LUJdZ/vnjI76c97/Bw9OjKpdoKaY6xu1
0vo1CEx1WT0LScrBV84RKvrZlpZjyW7ZshpQ5yQ+Z37KSNGDtE6jWrcTve4Y29Ut
fv/KJ3h6l8d5Td/BtFtgonm+RfDCPjdffnOntEyR3LbspTwx6tQiSRYDN5fYFVn2
+zUxuuRIIBDePyx6u1cYZuEqchp9J2e5USwI7N4gIKzYPjME8mjClRUA2K6tQYDG
ZjFlr4+p1DRROzrxLGYrJ5A+FAu6voOss0OnJVKAD1PrNB2xL6FD
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGX2CH5JERtG2qD86jYg
w6c/P7XxJ/6kfSV9c95Q0AQ8lL9CrS9iC00FbqG1iEbKCe2mj7xlisahMWsg2Cc0
3xXycBk9Nr0Rd7Qq2ERF9znCCrWU31EkRjksdboEY28PSilx+r4c3K1xNNVRSPsJ
gO4OrTHXKzizmYdS3gEibgpVHqn6a28ZaSnPbwUKZ44Bu0eB7PRuvqlDO5O6k/oQ
H2PEs5bYmVL3/1MQpn4iez63VJboC/IPw9O75aJNtTEnRoL1aLsdVUrJ2ahDPgED
TNSASsssv5SbhAWsv5zNQGXD/gkLL1BMZgqjCZibARNbQX7eQRTyziYAwRIhK6fN
VwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5727726091537709933214387535919411932
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ent-saas.people.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21763267330267240159369268593403634943242968172344218533966221825924995419362152214666036107365644804913801534715062052085068720627327161280601495473731062489849747173130905917815615602924427340834628886537144468971613177362306710441000867476025921965145863585469944739600488647575924603643805757462433541562461835795871740409232570986556684363256286656854708293727081623249179599996666043797620630576130628186048794852481808516500266372033038013376837931936347799530716272801360832115694698052193654527986077710938281322924090478981955008913350516627211319880104600525414520251235120615615214665770162081408683068759
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							96052e8d85d79dd1cb2769d6f0e476814ea0b6f1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (155 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ent-saas.people.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-sdk-ent-saas.people.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-sdk-ent-saas.people.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sdk-ent-saas.people.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-ent-saas.people.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-ent-saas.people.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee0075002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc78400000176c09b54e00000040300463044022065495d6fe6b386cb9a46ef2967151322415318f01e0ae480e8f22fab32c0691502206e7ab7be42d1f93e7149c3a71f5287b7676aea9370b01edc29503427d729b5cb0075002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f0200000176c09b552e000004030046304402201157170d31df975725bc949db465c07886f64bf1272234eadb26446101355223022062513157b248eaf29807725d3cd1cfaa97403f03c1a391dff1611537c3072644
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a9b887162ee4b4583c1560199e6461045200c979a278b10fdc0c45cc21379d49a7f9d6d7458e3fffe719f4d0b957b890b52d425d67fbe78c8efa73deff070f4e8caa5da0a698eb1bb5d2fa35084c75593d0b49cac157ce112afad9969663c96ed9b21a50e7243e677eca48d183b44ea35ab713bdee18dbd52d7effca27787a97c7794ddfc1b45b60a279be45f0c23e375f7e73a7b44c91dcb6eca53c31ead4224916033797d81559f6fb3531bae4482010de3f2c7abb571866e12a721a7d2767b9512c08ecde2020acd83e3304f268c2951500d8aead4180c6663165af8fa9d434513b3af12c662b27903e140bbabe83acb343a72552800f53eb341db12fa143