api-mr-mr-301.ult-sandbox.controlant.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 08:66:79:3c:ef:f6:56:c8:49:47:b1:1d:a3:68:15:f6 was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=api-mr-mr-301.ult-sandbox.controlant.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 08:66:79:3c:ef:f6:56:c8:49:47:b1:1d:a3:68:15:f6
Serial Number (int): 11165897245366395026395515900433798646
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 4f:53:f2:69:ab:69:dc:94:62:0a:6c:3f:6b:18:1e:f8:1c:67:0e:2c
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 2d:9b:5c:bf:cc:1a:fb:d3:f6:cf:97:83:95:80:6a:20:0c:ba:0b:2a
Fingerprint (sha256): 0b:f2:5d:a9:f4:f9:98:73:f6:d4:d4:ce:49:9e:6a:64:db:9b:27:03:8b:3a:0e:ad:2c:bc:56:dc:90:5d:84:9a

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate api-mr-mr-301.ult-sandbox.controlant.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api-mr-mr-301.ult-sandbox.controlant.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api-mr-mr-301.ult-sandbox.controlant.com

Other certificates including the domain name controlant.com

(limited to 100 certificates)
ult-mfe-stub-mr-mr-451.ult-sandbox.controlant.com
ult-host-mr-dg.ult-sandbox.controlant.com
private.zacharyhill.dev
ui-api-mr-mr-307.ult-sandbox.controlant.com
ult-host-mr-mr-302.ult-sandbox.controlant.com
ult-host-mr-mr-307.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-303.ult-sandbox.controlant.com
ult-mfe-mr-tz.ult-sandbox.controlant.com
ult-mfe-mr-mr-306.ult-sandbox.controlant.com
private.zacharyhill.dev
controlant.com
www.feriaganaderachile.cl
private.zacharyhill.dev
ult-host-mr-mr-284.ult-sandbox.controlant.com
sharing.controlant.com
private.zacharyhill.dev
status-pre.cardiff.ac.uk
private.zacharyhill.dev
private.zacharyhill.dev
private.zacharyhill.dev
api-mr-mr-303.ult-sandbox.controlant.com
ult-mfe-mr-mr-387.ult-sandbox.controlant.com
bob.controlant.com
sharing.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
www.controlant.com
in.controlant.com
freebirdfindings.com
api-mr-mr-301.ult-sandbox.controlant.com
api-mr-mr-304.ult-sandbox.controlant.com
merck.bi.controlant.com
private.zacharyhill.dev
bi.test.controlant.com
modalforms.controlant.com
private.zacharyhill.dev
bi.live.controlant.com
ult-mfe-mr-dg.ult-sandbox.controlant.com
status-pre.cardiff.ac.uk
*.bi.dev.controlant.com
am-users.sandbox.controlant.com
api-mr-tz.ult-sandbox.controlant.com
private.zacharyhill.dev
testrail.controlant.com
private.zacharyhill.dev
testrail.controlant.com
api-mr-mr-296.ult-sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
ult-mfe-mr-dg.ult-sandbox.controlant.com
ult-mfe-mr-dg.ult-sandbox.controlant.com
private.zacharyhill.dev
ult-host-mr-mr-304.ult-sandbox.controlant.com
private.zacharyhill.dev
ult-mfe-mr-mr-311.ult-sandbox.controlant.com
ui-api-mr-mr-310.ult-sandbox.controlant.com
uat.controlant.com
confluence.controlant.com
ult-mfe-stub-mr-mr-311.ult-sandbox.controlant.com
registry-staging.tools.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
dev.controlant.com
private.zacharyhill.dev
www.controlant.com
ult-mfe-stub-mr-tz.ult-sandbox.controlant.com
in.controlant.com
*.audit-trail-mfe.sandbox.controlant.com
ult-mfe-stub-mr-mr-301.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-310.ult-sandbox.controlant.com
in.controlant.com
flyingpaperclips.com
private.zacharyhill.dev
private.zacharyhill.dev
private.zacharyhill.dev
test.controlant.com
ult-mfe-mr-mr-310.ult-sandbox.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
testrail.controlant.com
pamacloud.auxswot.com
audit-trail-mfe.uat.controlant.com
staffmeeting.controlant.com
api-mr-mr-284.ult-sandbox.controlant.com
ult-mfe-mr-mr-385.ult-sandbox.controlant.com
test.controlant.com
private.zacharyhill.dev
search.gitlab.tools.controlant.com
ult-mfe-stub-mr-mr-389.ult-sandbox.controlant.com
confluence.controlant.com
private.zacharyhill.dev
private.zacharyhill.dev
ui-api-mr-mr-450.ult-sandbox.controlant.com
ult-mfe-mr-mr-389.ult-sandbox.controlant.com
controlant.com
private.zacharyhill.dev
ult-host-mr-mr-296.ult-sandbox.controlant.com
ult-mfe-mr-mr-450.ult-sandbox.controlant.com
ult-mfe-stub-mr-mr-390.ult-sandbox.controlant.com
ui-api-mr-mr-451.ult-sandbox.controlant.com

Certificate

The complete raw certificate details for api-mr-mr-301.ult-sandbox.controlant.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEjzCCA3egAwIBAgIQCGZ5PO/2VshJR7Edo2gV9jANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIwNDAwMDAwMFoXDTI1MDEwMTIzNTk1OVowMzEx
MC8GA1UEAxMoYXBpLW1yLW1yLTMwMS51bHQtc2FuZGJveC5jb250cm9sYW50LmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALcJJfkl9JuwVuXQftN9
Tg0dtiEqAQ1owktwlLJuPW1w3VzhM0VkmqxVndWLXoiuFvM0OxZobsYJiWAZlsng
Xtpwqr00zZk3KBObHlHVPfR9KFnodJyXeAfZh6lU5u5XQ/4PVclntVHFItS5Bz5U
AfwqLWo4hzm/OG9VrURL9Cqaf1d8nY4z+fzsUR0FqPxUE4f8BKrGOopKHQSwptab
UnLPiixofN3eN+6ksfO5cBwY7Q8Xkq+N0TTNz9B8EcbzJL1OA+YYtoKto1D3YIiH
v2mGqXslKPq5Tv895N5//aW0fUX9Zzpq372vhPye55wZcZqs24M3wr7xDi4+pCFZ
kBECAwEAAaOCAZQwggGQMB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664Li
MB0GA1UdDgQWBBRPU/Jpq2nclGIKbD9rGB74HGcOLDAzBgNVHREELDAqgihhcGkt
bXItbXItMzAxLnVsdC1zYW5kYm94LmNvbnRyb2xhbnQuY29tMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6
b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw
AYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC
hipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYD
VR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAXEG5kLmdCLGgEnWTij2l2gJy/pM/T3D+AgxRazVsUkaYPGvU7em9TrZfQluM
S3szO0eCsFAb5RO7BjPV3lZzUoDhzp0p69y594dam32X1LerHt0djhjgFjWqwne3
f8xU03OSU/SVbb94ZsHv21mD2akluBCp7iXGJfno6mHG6qhqe+MAs9iKMBOsjMWa
PK4kGpsW9Yyi93CA+KkxQK5Jxu9NAx5GVwBMoW9iL511R0VwDs/PHC8x/R3zXQd9
lQzagFKJDKAQegTsnQO3wu+DE6XLCWS3nL/8faVQkkLFWeUbEwIHsq/RrY25fZH9
Q2EaTiSHlLfxca0VEYt60pDkBQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwkl+SX0m7BW5dB+031O
DR22ISoBDWjCS3CUsm49bXDdXOEzRWSarFWd1YteiK4W8zQ7FmhuxgmJYBmWyeBe
2nCqvTTNmTcoE5seUdU99H0oWeh0nJd4B9mHqVTm7ldD/g9VyWe1UcUi1LkHPlQB
/CotajiHOb84b1WtREv0Kpp/V3ydjjP5/OxRHQWo/FQTh/wEqsY6ikodBLCm1ptS
cs+KLGh83d437qSx87lwHBjtDxeSr43RNM3P0HwRxvMkvU4D5hi2gq2jUPdgiIe/
aYapeyUo+rlO/z3k3n/9pbR9Rf1nOmrfva+E/J7nnBlxmqzbgzfCvvEOLj6kIVmQ
EQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11165897245366395026395515900433798646
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api-mr-mr-301.ult-sandbox.controlant.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23106121019901908426018844093394157060940168294914039750228876396708891657374731081804998612852387531341809721076951572327408486986301118454461835674186457710545137150864560750195091837201849346532323229426483546310751881006154891400969915250908025166215251097165489083601686838536037349298832919515639190811686387680379349391390560476989375210580367269086956155195770874575504390326611299889370003696007060949348427226564533424669002771853891477980872096364760523042679960630870315375483283644643075822996947644613565305243165518570914734222319668383490918948593704761535896159294127393313640284138988453585420390417
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4f53f269ab69dc94620a6c3f6b181ef81c670e2c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-mr-mr-301.ult-sandbox.controlant.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005c41b990b99d08b1a01275938a3da5da0272fe933f4f70fe020c516b356c5246983c6bd4ede9bd4eb65f425b8c4b7b333b4782b0501be513bb0633d5de56735280e1ce9d29ebdcb9f7875a9b7d97d4b7ab1edd1d8e18e01635aac277b77fcc54d3739253f4956dbf7866c1efdb5983d9a925b810a9ee25c625f9e8ea61c6eaa86a7be300b3d88a3013ac8cc59a3cae241a9b16f58ca2f77080f8a93140ae49c6ef4d031e4657004ca16f622f9d754745700ecfcf1c2f31fd1df35d077d950cda8052890ca0107a04ec9d03b7c2ef8313a5cb0964b79cbffc7da5509242c559e51b130207b2afd1ad8db97d91fd43611a4e248794b7f171ad15118b7ad290e405