mq-ca-central-1.anypoint.mulesoft.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0a:74:94:5a:b8:50:f4:fa:aa:e2:7e:cc:5f:ee:78:61 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=mq-ca-central-1.anypoint.mulesoft.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:74:94:5a:b8:50:f4:fa:aa:e2:7e:cc:5f:ee:78:61
Serial Number (int): 13897595377638278219078781136727341153
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: e1:2e:f1:16:75:80:f2:0d:d4:60:a2:26:3d:cb:9c:00:31:60:89:39
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 26:8f:9b:79:fe:87:c5:0e:2d:11:2b:65:2d:8b:42:48:91:76:b4:37
Fingerprint (sha256): 0a:6e:5e:b4:2b:73:bd:56:64:7a:ab:30:e1:e5:62:03:65:3e:c1:b6:a3:0d:05:77:8f:df:22:d3:44:5c:19:9c

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate mq-ca-central-1.anypoint.mulesoft.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mq-ca-central-1.anypoint.mulesoft.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mq-ca-central-1.anypoint.mulesoft.com

Other certificates including the domain name mulesoft.com

(limited to 100 certificates)
exchange-files.eu1.anypoint.mulesoft.com
cdn-stgx.anypoint.mulesoft.com
statuspage.io
champions.mulesoft.com
eu1-status.mulesoft.com
appstatus.dancecapsules.merce.broadleafclients.com
gov-status.mulesoft.com
statuspage.io
analytics-ingest.eu1.anypoint.mulesoft.com
cdn-gov.anypoint.mulesoft.com
statuspage.io
*.gov.anypoint.mulesoft.com
*.rpa.mulesoft.com
*.rpa.qax.mulesoft.com
champions.mulesoft.com
gov-status.mulesoft.com
appstatus.dancecapsules.merce.broadleafclients.com
*.anypoint.mulesoft.com
blogs.staging.mulesoft.com
*.rpa.qax.mulesoft.com
5646535253557248-fe3.pantheonsite.io
*.rpa.qax.mulesoft.com
appstatus.dancecapsules.merce.broadleafclients.com
5646535253557248-fe3.pantheonsite.io
eu1-status.mulesoft.com
statuspage.io
gov-status.mulesoft.com
*.stgx.mulesoft.com
*.mulesoft.com
exchange-files.anypoint.mulesoft.com
status.affirm.com
*.rpa.qax.mulesoft.com
*.anypoint.mulesoft.com
*.anypoint.mulesoft.com
rpa-x1.demos.mulesoft.com
mulesoft.staging.mulesoft.com
statuspage.io
object-store-ap-northeast-1.stgx.anypoint.mulesoft.com
*.anypoint.mulesoft.com
eu1-status.mulesoft.com
api-notebook.qax.anypoint.mulesoft.com
eu1-status.mulesoft.com
5720605454237696-fe1.pantheonsite.io
meetups.mulesoft.com
resources.mulesoft.com
*.qax.anypoint.mulesoft.com
*.anypoint.mulesoft.com
*.demos.mulesoft.com
*.anypoint.mulesoft.com
statuspage.io
trivia.mulesoft.com
champions.mulesoft.com
blogs.mulesoft.com
*.anypoint.mulesoft.com
ssl403612.cloudflaressl.com
*.devx.anypoint.mulesoft.com
*.rpa.qax.mulesoft.com
meetup18.mulesoft.com
ssl403614.cloudflaressl.com
*.anypoint.mulesoft.com
*.rpa.qax.mulesoft.com
appstatus.dancecapsules.merce.broadleafclients.com
vpnmonitor.env.support.mulesoft.com
eu1-status.mulesoft.com
exchange-files.gstg.anypoint.mulesoft.com
statuspage.io
*.rpa.qax.mulesoft.com
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
cdn-prod-eu.anypoint.mulesoft.com
*.rpa.qax.mulesoft.com
statuspage.io
mq-msg-us-east-2.stage1.platform.mulesoft.com
eu1-status.mulesoft.com
statuspage.io
statuspage.io
gov-status.mulesoft.com
mq-ca-central-1.anypoint.mulesoft.com
beta.docs.mulesoft.com
blogs.staging.mulesoft.com
smart.mulesoft.com
hlsopenemrp360.demos.mulesoft.com
fasttrack.nip.mulesoft.com
connect.mulesoft.com
gov-status.mulesoft.com
mule-manager.devx.anypoint.mulesoft.com
*.anypoint.mulesoft.com
appstatus.dancecapsules.merce.broadleafclients.com
vendorcontent.mulesoft.com
*.anypoint.mulesoft.com
*.gov.anypoint.mulesoft.com
statuspage.io
blogs.mulesoft.com
exchange-files.gov.anypoint.mulesoft.com
*.devx.anypoint.mulesoft.com
connect.staging.mulesoft.com
ssl351735.cloudflaressl.com
mq-ca-central-1.anypoint.mulesoft.com
*.rpa.qax.mulesoft.com
gov-status.mulesoft.com

Certificate

The complete raw certificate details for mq-ca-central-1.anypoint.mulesoft.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgIQCnSUWrhQ9Pqq4n7MX+54YTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA3MTMwMDAwMDBaFw0yMjA4MTEy
MzU5NTlaMDAxLjAsBgNVBAMTJW1xLWNhLWNlbnRyYWwtMS5hbnlwb2ludC5tdWxl
c29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD8SguwpqY
GMo2JxDyoIJK4k6l9U7vB9/sc5iT9rnk9Q1drSZ5jgFR5X39F32GYLjfbqxVydre
ZFdZkPypCAE7RvAFIVJLvZ2u413rDnqmMkbikigLTWvoGtsSzhxw5ZiRf/kqXEKP
wd7iDKCFfiv2NK910p4WyLkCWlFBNmfIMmZy/QKX9YIdM0AdkiRUlxfQcR2mkrUh
5Cs1GlzEFdL2bIo8fk4fPn8Qs4uokgpjdblPj7iDHn7cwADLO2cYAg7G7g8fdtim
ILQmGpM2Z00xYaGE6qXE3oUvMklZOm7rejVqAuIoY3HbkUihDCdBxY9FERjO0Ou2
WWOMknIidw7FAgMBAAGjggL+MIIC+jAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QH
J5Z0W/k90DAdBgNVHQ4EFgQU4S7xFnWA8g3UYKImPcucADFgiTkwMAYDVR0RBCkw
J4IlbXEtY2EtY2VudHJhbC0xLmFueXBvaW50Lm11bGVzb2Z0LmNvbTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0
MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFi
LmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYB
BQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF
BQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0
MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AEalVet1
+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABep0tVCYAAAQDAEcwRQIgG74l
YYGzlBji4TMDB/2sg1yvu7rBJ5G/8FEKFZ6LWbUCIQDZ8tMC73T1Yhc6edPCpGWC
B2wUuFH7A3YmF54Eycf9HQB3AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7U
iwXlAAABep0tVFgAAAQDAEgwRgIhAJ8dmBskQlwZtul9oyP3u7mZR+ai9Xu3Ph6q
vca5c9ipAiEA7MpgQwASKAcITMDnVvu1eqlgoQZX4NxBlAx6Uz5OMIEAdQBByMqx
3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXqdLVPzAAAEAwBGMEQCIBhG
gckPpXPHsKIu6BTnssdRB6tWjGF/ceac29wdb+1HAiBtfFP8ugqSke2+Of/IL2T+
NETfi8+Qi4ydJ3OqOM3YajANBgkqhkiG9w0BAQsFAAOCAQEALPl5hXh5jYmq30jz
GGTkSO2XIoMk9F9fVYm/g0GCd4zz3djS81vKj/mzIqZvzCjaLJAYch/4z/fCrXps
mmAYpH8bw0yLse0TqJwfFMX9mszCQsq++NwCPHJrAqQeyCk1ogVCFCazQdGUToHF
1E0TxShB1Hui8Auc+cH7FGoAB7oDV91HX8IUCynAIxLyq92yqW08yT8MCq9z8waf
0vXZNxxoxvQTGm0jLoYxC3Ou9zrrPmHZwV0De7Aw27dgSi5Tw/PNM1ehoz2dTyYw
jPaoTx2vcr8iXrWTcJZC/eS29mY0yADCpnwvCT2D7SZsOwRG+yzyvzp9RO5/51Js
sqqmdg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/EoLsKamBjKNicQ8qCC
SuJOpfVO7wff7HOYk/a55PUNXa0meY4BUeV9/Rd9hmC4326sVcna3mRXWZD8qQgB
O0bwBSFSS72druNd6w56pjJG4pIoC01r6BrbEs4ccOWYkX/5KlxCj8He4gyghX4r
9jSvddKeFsi5AlpRQTZnyDJmcv0Cl/WCHTNAHZIkVJcX0HEdppK1IeQrNRpcxBXS
9myKPH5OHz5/ELOLqJIKY3W5T4+4gx5+3MAAyztnGAIOxu4PH3bYpiC0JhqTNmdN
MWGhhOqlxN6FLzJJWTpu63o1agLiKGNx25FIoQwnQcWPRREYztDrtlljjJJyIncO
xQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13897595377638278219078781136727341153
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mq-ca-central-1.anypoint.mulesoft.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24735388399254302993278087967494123336362713829021784545646557818510446629724790757956690433437526915982161136441390573439955908836156428273533164158813644344790781321933003943815272655116243942618396435949474145434080678640561925036804621104374059601308505690003271326282972114533956281881746190935870172588145438036929212222339569893636899143582886446655590933014857044890120307981550634083714224209057196267951594402013428230254564126202792833141438827447708367530402551703409482403337344643057805652077752027810366218584460632913371216115539604174147871932590818839309253386065644842644233762889878186996000034501
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e12ef1167580f20dd460a2263dcb9c0031608939
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mq-ca-central-1.anypoint.mulesoft.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017a9d2d5426000004030047304502201bbe256181b39418e2e1330307fdac835cafbbbac12791bff0510a159e8b59b5022100d9f2d302ef74f562173a79d3c2a46582076c14b851fb037626179e04c9c7fd1d00770051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017a9d2d545800000403004830460221009f1d981b24425c19b6e97da323f7bbb99947e6a2f57bb73e1eaabdc6b973d8a9022100ecca604300122807084cc0e756fbb57aa960a10657e0dc41940c7a533e4e308100750041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017a9d2d53f300000403004630440220184681c90fa573c7b0a22ee814e7b2c75107ab568c617f71e69cdbdc1d6fed4702206d7c53fcba0a9291edbe39ffc82f64fe3444df8bcf908b8c9d2773aa38cdd86a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002cf9798578798d89aadf48f31864e448ed97228324f45f5f5589bf834182778cf3ddd8d2f35bca8ff9b322a66fcc28da2c9018721ff8cff7c2ad7a6c9a6018a47f1bc34c8bb1ed13a89c1f14c5fd9accc242cabef8dc023c726b02a41ec82935a205421426b341d1944e81c5d44d13c52841d47ba2f00b9cf9c1fb146a0007ba0357dd475fc2140b29c02312f2abddb2a96d3cc93f0c0aaf73f3069fd2f5d9371c68c6f4131a6d232e86310b73aef73aeb3e61d9c15d037bb030dbb7604a2e53c3f3cd3357a1a33d9d4f26308cf6a84f1daf72bf225eb593709642fde4b6f66634c800c2a67c2f093d83ed266c3b0446fb2cf2bf3a7d44ee7fe7526cb2aaa676