digp.alfabank.ru
- AO ALFA-BANK -
Issued by GlobalSign RSA OV SSL CA 2018
About this certificate
This digital certificate with serial number 39:9c:95:a1:f2:a0:6b:17:b3:a6:71:0b was issued on by GlobalSign nv-sa.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
AO ALFA-BANK
Organization:
AO ALFA-BANK
State / Province:
Moscow
Locality: Moscow
Country: RU
Locality: Moscow
Country: RU
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 39:9c:95:a1:f2:a0:6b:17:b3:a6:71:0bSerial Number (int): 17829944607691386015936049419
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: 03:c9:df:97:80:f0:98:4f:51:ac:1e:f8:97:31:14:58:22:d0:7b:80
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb
Fingerprint (sha1): c2:3e:d8:67:4b:dd:11:26:7a:12:09:33:84:6f:c4:34:f2:20:ca:44
Fingerprint (sha256): 0e:f3:ca:4d:4b:43:04:8f:f4:1e:17:51:94:5c:f3:8d:c3:50:f8:16:e1:62:44:30:e5:8f:1a:9f:fc:d5:17:12
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018Check the revocation status for certificate digp.alfabank.ru
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for digp.alfabank.ru
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digp.alfabank.ru
Other certificates including the domain name alfabank.ru
(limited to 100 certificates)
traveler2.alfabank.ru
agent.alfabank.ru
agent.alfabank.ru
digital.alfabank.ru
ib.alfabank.ru
zp.alfabank.ru
anketa.alfabank.ru
ib.alfabank.ru
club.alfabank.ru
pilots.alfabank.ru
alfapartners.alfabank.ru
click.alfabank.ru
welcome.alfabank.ru
ctxvdi.alfabank.ru
my.alfabank.ru
settings.alfabank.ru
reg.alfabank.ru
trading.alfabank.ru
groupib-ac.alfabank.ru
anketa.alfabank.ru
rko.alfabank.ru
sense.alfabank.ru
payment.alfabank.ru
traveler2.alfabank.ru
zp.alfabank.ru
potok.alfabank.ru
telework.alfabank.ru
trade.alfabank.ru
click.alfabank.ru
link.alfabank.ru
travelervip.alfabank.ru
acs.alfabank.ru
mind.alfabank.ru
testlink.alfabank.ru
blackstar.alfabank.ru
ecom.alfabank.ru
travelernext.alfabank.ru
sandbox.alfabank.ru
travelervip.alfabank.ru
alfago.alfabank.ru
click.alfabank.ru
travel.alfabank.ru
alfabank.ru
investments.alfabank.ru
CC.ALFABANK.RU
design.alfabank.ru
chatkb.alfabank.ru
design.alfabank.ru
link.alfabank.ru
nalog.alfabank.ru
zp.alfabank.ru
private.auth.alfabank.ru
store.alfabank.ru
private.auth.alfabank.ru
welcome.alfabank.ru
scf.alfabank.ru
club.alfabank.ru
usability.alfabank.ru
private.auth.alfabank.ru
link.alfabank.ru
digp.alfabank.ru
rko.alfabank.ru
alfapartners.alfabank.ru
megaplan.alfabank.ru
guarantees.alfabank.ru
click.alfabank.ru
traveler2.alfabank.ru
ipoteka.alfabank.ru
testamcalls.alfabank.ru
learn.alfabank.ru
alfabank.ru
atv.alfabank.ru
online.alfabank.ru
kassa.alfabank.ru
online.alfabank.ru
baas.alfabank.ru
metrics.alfabank.ru
pilots.alfabank.ru
alfapartners.alfabank.ru
my.alfabank.ru
push.alfabank.ru
api.alfabank.ru
pay2.alfabank.ru
partner.alfabank.ru
job.alfabank.ru
linkmsg.alfabank.ru
club.alfabank.ru
acs.alfabank.ru
hr.alfabank.ru
money.alfabank.ru
alfa-mobile.alfabank.ru
smpapi.alfabank.ru
online.alfabank.ru
digital.alfabank.ru
blackstar.alfabank.ru
store.alfabank.ru
partner.alfabank.ru
alfapartners.alfabank.ru
traveler.alfabank.ru
alfabox.alfabank.ru
agent.alfabank.ru
agent.alfabank.ru
digital.alfabank.ru
ib.alfabank.ru
zp.alfabank.ru
anketa.alfabank.ru
ib.alfabank.ru
club.alfabank.ru
pilots.alfabank.ru
alfapartners.alfabank.ru
click.alfabank.ru
welcome.alfabank.ru
ctxvdi.alfabank.ru
my.alfabank.ru
settings.alfabank.ru
reg.alfabank.ru
trading.alfabank.ru
groupib-ac.alfabank.ru
anketa.alfabank.ru
rko.alfabank.ru
sense.alfabank.ru
payment.alfabank.ru
traveler2.alfabank.ru
zp.alfabank.ru
potok.alfabank.ru
telework.alfabank.ru
trade.alfabank.ru
click.alfabank.ru
link.alfabank.ru
travelervip.alfabank.ru
acs.alfabank.ru
mind.alfabank.ru
testlink.alfabank.ru
blackstar.alfabank.ru
ecom.alfabank.ru
travelernext.alfabank.ru
sandbox.alfabank.ru
travelervip.alfabank.ru
alfago.alfabank.ru
click.alfabank.ru
travel.alfabank.ru
alfabank.ru
investments.alfabank.ru
CC.ALFABANK.RU
design.alfabank.ru
chatkb.alfabank.ru
design.alfabank.ru
link.alfabank.ru
nalog.alfabank.ru
zp.alfabank.ru
private.auth.alfabank.ru
store.alfabank.ru
private.auth.alfabank.ru
welcome.alfabank.ru
scf.alfabank.ru
club.alfabank.ru
usability.alfabank.ru
private.auth.alfabank.ru
link.alfabank.ru
digp.alfabank.ru
rko.alfabank.ru
alfapartners.alfabank.ru
megaplan.alfabank.ru
guarantees.alfabank.ru
click.alfabank.ru
traveler2.alfabank.ru
ipoteka.alfabank.ru
testamcalls.alfabank.ru
learn.alfabank.ru
alfabank.ru
atv.alfabank.ru
online.alfabank.ru
kassa.alfabank.ru
online.alfabank.ru
baas.alfabank.ru
metrics.alfabank.ru
pilots.alfabank.ru
alfapartners.alfabank.ru
my.alfabank.ru
push.alfabank.ru
api.alfabank.ru
pay2.alfabank.ru
partner.alfabank.ru
job.alfabank.ru
linkmsg.alfabank.ru
club.alfabank.ru
acs.alfabank.ru
hr.alfabank.ru
money.alfabank.ru
alfa-mobile.alfabank.ru
smpapi.alfabank.ru
online.alfabank.ru
digital.alfabank.ru
blackstar.alfabank.ru
store.alfabank.ru
partner.alfabank.ru
alfapartners.alfabank.ru
traveler.alfabank.ru
alfabox.alfabank.ru
Certificate
The complete raw certificate details for digp.alfabank.ru in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIMOZyVofKgaxezpnELMA0GCSqGSIb3DQEBCwUAMFAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yMjEwMjUwNjI2MDJaFw0y MzExMjYwNjI2MDFaMGExCzAJBgNVBAYTAlJVMQ8wDQYDVQQIEwZNb3Njb3cxDzAN BgNVBAcTBk1vc2NvdzEVMBMGA1UEChMMQU8gQUxGQS1CQU5LMRkwFwYDVQQDExBk aWdwLmFsZmFiYW5rLnJ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA wrjVxV5sqB9k6KYoDuqA2Xhiqp/8nQs/kVP+P3AUWYg2k8w4UZs7V1Kx+y5mp9nl FiafCQYssDgaK0mg6wgWrzK2tq3epN6iAeYzAoNBcC+sjZIwKmj4ox4hQACBZgpW xO8FLz4iEfMPMqs2pPBXbHQMZDlH2V5Dcxw7CDRPDOGXNOtMl+jp/wKxB2AcA5Dk kczETHiqx0yiwXffXH2V2YDOZOxa9GK8TX0zX+OkgWnk9a1z73bNlvbKcg23B4P8 jQOLstt22l78XlN2UGJHTYQSSOFM/kfEiuYhRm+WpBCmlewZ0Je8DRvWpZW0RcSq dYdYraHbosG07RNpqyxijwIDAQABo4IBmTCCAZUwDgYDVR0PAQH/BAQDAgWgMIGO BggrBgEFBQcBAQSBgTB/MEQGCCsGAQUFBzAChjhodHRwOi8vc2VjdXJlLmdsb2Jh bHNpZ24uY29tL2NhY2VydC9nc3JzYW92c3NsY2EyMDE4LmNydDA3BggrBgEFBQcw AYYraHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAxODBW BgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3 dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgIwCQYDVR0TBAIw ADAbBgNVHREEFDASghBkaWdwLmFsZmFiYW5rLnJ1MB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBT473/yzXhnqN5vjySNiPGHAwKz6zAd BgNVHQ4EFgQUA8nfl4DwmE9RrB74lzEUWCLQe4AwEwYKKwYBBAHWeQIEAwEB/wQC BQAwDQYJKoZIhvcNAQELBQADggEBAJrs1ZDkJzPmjSZL/fSLhk3Fmqs3bxj7xduk vTLYMGoHMSCsNrUXsZdzPbubPnfQPjNfD3DuU3KPPzYuxD7P+MOt1hx7YQ59XQ3M RWNgjPx+m0SvvrA/ebWHawQoV2Q9dzoFDXtlIF/881+BoctNNwGLnp1a6lYTteqN 8q6F70h8I8/d2FHIirpuvxpln9xVTlHRNuSmoX0MmcUA/umL7d/RdyqUaNv7xGlf rJZsSUVtzm8LFf1hQHXTGqPhwTSTWcQYRCp7t3wYxxYRuPpTJlrUseFVihVRj4Bq +k+JqG4DCuV0ujkdXd/gkUbROJYXaZJ3cPOHSBsINGtXMZykUdI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrjVxV5sqB9k6KYoDuqA 2Xhiqp/8nQs/kVP+P3AUWYg2k8w4UZs7V1Kx+y5mp9nlFiafCQYssDgaK0mg6wgW rzK2tq3epN6iAeYzAoNBcC+sjZIwKmj4ox4hQACBZgpWxO8FLz4iEfMPMqs2pPBX bHQMZDlH2V5Dcxw7CDRPDOGXNOtMl+jp/wKxB2AcA5DkkczETHiqx0yiwXffXH2V 2YDOZOxa9GK8TX0zX+OkgWnk9a1z73bNlvbKcg23B4P8jQOLstt22l78XlN2UGJH TYQSSOFM/kfEiuYhRm+WpBCmlewZ0Je8DRvWpZW0RcSqdYdYraHbosG07RNpqyxi jwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17829944607691386015936049419 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-25 06:26:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-26 06:26:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Moscow' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Moscow' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AO ALFA-BANK' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digp.alfabank.ru' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24581376720090850235944218983971605237238624811375627905236026079221949946426869922288795138355155303858632203702875718551711692414665768371657370663791513283301921152689476786714059325659581802744300204477167802271865033108125694165116320328027235872513205848953729643100861500625879038219417295949431409349788612566756753282696514749472564155550563404092850912301738647848111715663050865740774324239246598787363503802793853494210887094440909105378918564295132831121595436151671449201462789739524117237145539055310911289297828509626827956112357617997772711219252854278311944254441704159553585191253661599340648227471 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digp.alfabank.ru' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 03c9df9780f0984f51ac1ef89731145822d07b80 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009aecd590e42733e68d264bfdf48b864dc59aab376f18fbc5dba4bd32d8306a073120ac36b517b197733dbb9b3e77d03e335f0f70ee53728f3f362ec43ecff8c3add61c7b610e7d5d0dcc4563608cfc7e9b44afbeb03f79b5876b042857643d773a050d7b65205ffcf35f81a1cb4d37018b9e9d5aea5613b5ea8df2ae85ef487c23cfddd851c88aba6ebf1a659fdc554e51d136e4a6a17d0c99c500fee98beddfd1772a9468dbfbc4695fac966c49456dce6f0b15fd614075d31aa3e1c1349359c418442a7bb77c18c71611b8fa53265ad4b1e1558a15518f806afa4f89a86e030ae574ba391d5ddfe09146d138961769927770f387481b08346b57319ca451d2