gema.georgia.gov

- Cloudflare, Inc. -

Issued by Cloudflare Inc ECC CA-3

About this certificate

This digital certificate with serial number 03:f0:ba:9d:85:41:b5:96:cd:8a:fe:35:bc:15:41:98 was issued on by Cloudflare, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Cloudflare, Inc.

Organization: Cloudflare, Inc.
State / Province: California
Locality: San Francisco
Country: US

Cloudflare, Inc.

Organization: Cloudflare, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:f0:ba:9d:85:41:b5:96:cd:8a:fe:35:bc:15:41:98
Serial Number (int): 5237620241651844214428382005264990616
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: cd:cd:fd:30:1c:f2:18:7d:d4:c5:3e:c2:3d:c0:49:e4:d7:25:02:9b
AuthorityKeyId: a5:ce:37:ea:eb:b0:75:0e:94:67:88:b4:45:fa:d9:24:10:87:96:1f

Fingerprint (sha1): 76:87:01:f6:b3:b2:ce:d0:78:5c:8f:ae:c3:b8:c6:0b:c8:ef:f0:17
Fingerprint (sha256): 11:2d:65:d3:23:86:68:d3:91:ac:3d:c9:8a:6d:a7:18:8d:b6:82:d9:cf:82:d3:c9:2b:38:42:bb:b5:f0:6c:36

Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncECCCA-3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/CloudflareIncECCCA-3.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncECCCA-3.crl

Check the revocation status for certificate gema.georgia.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gema.georgia.gov

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA256

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gema.georgia.gov

Other certificates including the domain name georgia.gov

(limited to 100 certificates)
ada.georgia.gov
atl-expe-01.agr.state.ga.us
data-hub.gio.georgia.gov
dhs.georgia.gov
*.teamworks.georgia.gov
cjcc.georgia.gov
ready.ga.gov
oci.georgia.gov
testservices.georgia.gov
ipas.otfs.georgia.gov
gsfc.georgia.gov
opb.georgia.gov
*.georgia.gov
gateway.ga.gov
*.teamworks.georgia.gov
georgia.gov
gbd.georgia.gov
gsfc.georgia.gov
ipas.otfs.georgia.gov
ipas.otfs.georgia.gov
ssl.smugmug.com
*.mmis.georgia.gov
ipas.otfs.georgia.gov
www.cybercenter.georgia.gov
www.mmis.georgia.gov
portal.gio.georgia.gov
dev.insights.georgia.gov
gosa.georgia.gov
ssl.smugmug.com
adoptastream.georgia.gov
*.sos.ga.gov
*.mmis.georgia.gov
versa.medicalboard.georgia.gov
poab.georgia.gov
*.georgia.gov
gceo.georgia.gov
gvs.georgia.gov
*.sos.ga.gov
digital.georgia.gov
gvs.georgia.gov
testservices.georgia.gov
portal.georgia.gov
ready.ga.gov
dfcs.georgia.gov
mail1.sog.ga.gov
orchard.georgia.gov
law.georgia.gov
services.georgia.gov
gema.georgia.gov
qportal.gets.georgia.gov
hts.betammis.georgia.gov
mrf.georgia.gov
dfcs.georgia.gov
riversalive.georgia.gov
*.opb.georgia.gov
ready.ga.gov
*.betammis.georgia.gov
devdocs.teamworks.georgia.gov
broadband.georgia.gov
portal.gets.georgia.gov
opb.georgia.gov
gsba.georgia.gov
cybercenter.ga.gov
*.opb.georgia.gov
sao.georgia.gov
dbf.georgia.gov
ssl.smugmug.com
medicaid.georgia.gov
medicalboard.georgia.gov
gataxtribunal.georgia.gov
testdocs.teamworks.georgia.gov
gateway.ga.gov
gta.georgia.gov
*.georgia.gov
ssl.smugmug.com
*.georgia.gov
ipas.otfs.georgia.gov
*.georgia.gov
georgia.gov
consumered.georgia.gov
gacc.georgia.gov
gsfic.georgia.gov
sitf.georgia.gov
ng911-hub.gio.georgia.gov
*.georgia.gov
dch.georgia.gov
rules.sos.ga.gov
gsdf.georgia.gov
*.teamworks.georgia.gov
*.sos.ga.gov
ssl.smugmug.com
www.ghp.georgia.gov
ready.ga.gov
holocaust.georgia.gov
consumer.georgia.gov
*.teamworks.georgia.gov
ready.ga.gov
sao.georgia.gov
*.mmis.georgia.gov
sitf.georgia.gov

Certificate

The complete raw certificate details for gema.georgia.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFETCCBLagAwIBAgIQA/C6nYVBtZbNiv41vBVBmDAKBggqhkjOPQQDAjBKMQsw
CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX
Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjIwNjI3MDAwMDAwWhcNMjMwNjI3
MjM1OTU5WjBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEZ
MBcGA1UEAxMQZ2VtYS5nZW9yZ2lhLmdvdjBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABI/q7+YM1TW0eSB1ZAmedH2oG4q5JqwSmc8Pmr7eW7WlbmOGh7VVKPCHOtO5
eXG8yxKAh7sgs9Zvt6ZSqCzbadyjggNWMIIDUjAfBgNVHSMEGDAWgBSlzjfq67B1
DpRniLRF+tkkEIeWHzAdBgNVHQ4EFgQUzc39MBzyGH3UxT7CPcBJ5NclApswGwYD
VR0RBBQwEoIQZ2VtYS5nZW9yZ2lhLmdvdjAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0EtMy5jcmwwN6A1
oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0Et
My5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDov
L3d3dy5kaWdpY2VydC5jb20vQ1BTMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8v
Y2FjZXJ0cy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3J0MAwG
A1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AK33vvp8/xDI
i509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABgaKuxakAAAQDAEcwRQIhANs+Wgmy
Ey3Joz1oHj4sXGQGtt1Uvr1RFrOQUYqD2AFPAiAXKMle/DHErkZOE0VquUN63v+p
Ib1J2qqQNdZDoOIjdgB2ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZM
AAABgaKuxasAAAQDAEcwRQIhAIdW4Kmw3FM6O/+KEFLkQpPHgNyo9xnvln2XX/Ff
evrkAiBecfYV5JTOWemfLLr4IA1hvo8fthmDVbdHMLkOvN0NowB3ALNzdwfhhFD4
Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABgaKuxdIAAAQDAEgwRgIhALK5t0aJ
RVsDNvF0Urv8v8TpzZZLMO5tC3SVKngLNKjjAiEAmtu7M7O/aqbunIecSPOIjH+Z
kqZDL3H6w0hL6lCfDywwCgYIKoZIzj0EAwIDSQAwRgIhAPZsktbWJoAiW8rAQ+2j
9+nrxecBWnKMdWaqk6RfTRqdAiEAsh3KaR9kNjP280iFF3S7ZQwmdXmGrRHzY799
nyqfWbQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEj+rv5gzVNbR5IHVkCZ50fagbirkm
rBKZzw+avt5btaVuY4aHtVUo8Ic607l5cbzLEoCHuyCz1m+3plKoLNtp3A==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5237620241651844214428382005264990616
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc ECC CA-3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gema.georgia.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				00048feaefe60cd535b479207564099e747da81b8ab926ac1299cf0f9abede5bb5a56e638687b55528f0873ad3b97971bccb128087bb20b3d66fb7a652a82cdb69dc
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5ce37eaebb0750e946788b445fad9241087961f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cdcdfd301cf2187dd4c53ec23dc049e4d725029b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gema.georgia.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncECCCA-3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000181a2aec5a90000040300473045022100db3e5a09b2132dc9a33d681e3e2c5c6406b6dd54bebd5116b390518a83d8014f02201728c95efc31c4ae464e13456ab9437adeffa921bd49daaa9035d643a0e2237600760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000181a2aec5ab00000403004730450221008756e0a9b0dc533a3bff8a1052e44293c780dca8f719ef967d975ff15f7afae402205e71f615e494ce59e99f2cbaf8200d61be8f1fb6198355b74730b90ebcdd0da3007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000181a2aec5d20000040300483046022100b2b9b74689455b0336f17452bbfcbfc4e9cd964b30ee6d0b74952a780b34a8e30221009adbbb33b3bf6aa6ee9c879c48f3888c7f9992a6432f71fac3484bea509f0f2c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . [c:0|t:3|false] BIT STRING (576 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 111460793681427483854090267833330679438286125287596795790829006437792845994653
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 80564322599562347777211942188767397252025927603802304844426619459112588499380