bat.iot.api.groupe-seb.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0c:df:5e:f6:b0:88:3d:11:8e:d4:88:0e:12:b5:52:65 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=bat.iot.api.groupe-seb.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:df:5e:f6:b0:88:3d:11:8e:d4:88:0e:12:b5:52:65
Serial Number (int): 17110544240137042830321311065428021861
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: df:6b:2e:05:1d:df:3e:1d:1b:3d:bf:33:38:21:26:ef:86:8c:a0:62
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 71:48:d1:d4:2c:6a:ea:8b:70:27:f2:a4:a2:a3:04:27:f0:8b:5d:24
Fingerprint (sha256): 11:b7:7f:bb:19:f4:1f:ac:19:8b:e4:b4:1b:33:7e:f5:8b:6d:2d:b4:8a:f0:67:cf:b0:bf:a8:93:98:01:00:ea

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate bat.iot.api.groupe-seb.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bat.iot.api.groupe-seb.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bat.iot.api.groupe-seb.com

Other certificates including the domain name groupe-seb.com

(limited to 100 certificates)
preprod-direct.api.groupe-seb.com
cert00088-azurecdn.akamaized.net
preprod.brandsites.api.groupe-seb.com
digital-ready.groupe-seb.com
brandsites.api.groupe-seb.com
*.urlbuilder.groupe-seb.com
digital-ready3.groupe-seb.com
dcp2.groupe-seb.com
mediaplan.groupe-seb.com
preprod-direct.api.groupe-seb.com
digital-ready3.groupe-seb.com
digital-ready2.groupe-seb.com
digital-ready.groupe-seb.com
appstore.dcp.groupe-seb.com
cert00088-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
digital-ready.groupe-seb.com
dcp2.groupe-seb.com
qa.openfoodsystem.com
cert00088-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
appstore.dcp.groupe-seb.com
PREPROD.api.groupe-seb.com
testmpu.groupe-seb.com
cert00088-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
prod.api.groupe-seb.com
dcp2.groupe-seb.com
bat.iot.api.groupe-seb.com
PREPROD.api.groupe-seb.com
digital-ready.groupe-seb.com
preprod-direct.api.groupe-seb.com
digital-ready3.groupe-seb.com
dcp2.groupe-seb.com
cert00088-azurecdn.akamaized.net
freeze.dcp.groupe-seb.com
perf.api.groupe-seb.com
prod.rcu-eai-salesforce.groupe-seb.com
analytics.groupe-seb.com
*.moulinex.fr
cert00088-azurecdn.akamaized.net
brandsites.api.groupe-seb.com
dcp.groupe-seb.com
freeze-direct.iot.api.groupe-seb.com
cert00088-azurecdn.akamaized.net
digital-ready2.groupe-seb.com
dcp.groupe-seb.com
cert00088-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
digital-ready2.groupe-seb.com
digital-ready2.groupe-seb.com
digital-ready2.groupe-seb.com
analytics.groupe-seb.com
digital-ready2.groupe-seb.com
cert00088-azurecdn.akamaized.net
dcp2.groupe-seb.com
apipro.groupe-seb.com
urlbuilder.groupe-seb.com
cert00088-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
brandsites.api.groupe-seb.com
dcp2.groupe-seb.com
cert00088-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
perf.api.groupe-seb.com
analytics.groupe-seb.com
digital-ready3.groupe-seb.com
devops.groupe-seb.com
data.groupe-seb.com
cert00088-azurecdn.akamaized.net
devops.groupe-seb.com
iot.api.groupe-seb.com
sebplatform.bo.groupe-seb.com
bat.bo-new.groupe-seb.com
appstore.dcp.groupe-seb.com
cert00088-azurecdn.akamaized.net
PREPROD.api.groupe-seb.com
preprod.iot.api.groupe-seb.com
brandsites.api.groupe-seb.com
drs.api.groupe-seb.com
freeze.dcp.groupe-seb.com
bat.api.groupe-seb.com
freeze.dcp.groupe-seb.com
cert00088-azurecdn.akamaized.net
datas.groupe-seb.com
freeze.api.groupe-seb.com
digital-ready.groupe-seb.com
freeze.iot.api.groupe-seb.com
digital-ready2.groupe-seb.com
dcp2.groupe-seb.com
digital-ready2.groupe-seb.com
digital-ready2.groupe-seb.com
freeze.dcp.groupe-seb.com
dcp2.groupe-seb.com
cert00088-azurecdn.akamaized.net
digital-ready.groupe-seb.com
mediaplan.groupe-seb.com
jenkins.dcp.seb.com
*.dsm.groupe-seb.com
brandsites.api.groupe-seb.com

Certificate

The complete raw certificate details for bat.iot.api.groupe-seb.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEijCCA3KgAwIBAgIQDN9e9rCIPRGO1IgOErVSZTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA1MDcwMDAwMDBaFw0yMDA2MDcx
MjAwMDBaMCUxIzAhBgNVBAMTGmJhdC5pb3QuYXBpLmdyb3VwZS1zZWIuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+EFK/Ic1mQLvKBvucyTFIvz
azMmrMDKFIZma8uxfgXEmOf4otdg7p7/02IlHmsLY7+LYlzkPUU5Ny5XUlm8u6Ep
p80Dmd4IAIGJaCC/2pGkDi21MnUNiTx+CDzP4TLEV8JRhetwff5ey7vHTHi0zgdq
K9ip9WznURxJf3qpfZgbYgsuIfYILVwOJ+uQCfYuxd6Qs77DbCaGyFUihtxYcdfI
L/HdJ+KEXuyVqbeOFoYLXjj9lNnDSusWVTFeFEd8gZdpRMO5DTE62wKeB/SjAw/n
PrVbgYPXW5bLVYBQF+/DULCqoApUpDd3e7Z61Bop/cR2kjkyZvbOSREcl7HYVwID
AQABo4IBkzCCAY8wHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYD
VR0OBBYEFN9rLgUd3z4dGz2/MzghJu+GjKBiMCUGA1UdEQQeMByCGmJhdC5pb3Qu
YXBpLmdyb3VwZS1zZWIuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5z
Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZI
AYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0
dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0
cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB
/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJea
WmqhcrvDCJ9E3C//yiEb8NxaI0nfp/j1d3VJhnu4E/VyLpPLFM3eZRU38mm/kRRx
kuFHDVLo+2SwK7LHMtZUvQLjYti0x8Yx+LKRtj/R5dUnE1Pj/gRBwCVrky16XQp4
7Nhyq37e4zakJ55Rh96jkixd7CVOfxG+iacr9xpKEgcqcPapBD1Zw6yBLtKhTSQO
t6lXqnK9V2JLxF2D33zJca3+XipI/nwlBVvNovH8XurgDAK6IvmlsTMOVW4nolJP
RZ6Q4qHGIMljhva4rGVucfkyoEbt4BPwCzRrJNWGPyS5jPUmjbG0wkGHdCVprij8
nZmaIamSz/zkY4G8rB8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+EFK/Ic1mQLvKBvucyT
FIvzazMmrMDKFIZma8uxfgXEmOf4otdg7p7/02IlHmsLY7+LYlzkPUU5Ny5XUlm8
u6Epp80Dmd4IAIGJaCC/2pGkDi21MnUNiTx+CDzP4TLEV8JRhetwff5ey7vHTHi0
zgdqK9ip9WznURxJf3qpfZgbYgsuIfYILVwOJ+uQCfYuxd6Qs77DbCaGyFUihtxY
cdfIL/HdJ+KEXuyVqbeOFoYLXjj9lNnDSusWVTFeFEd8gZdpRMO5DTE62wKeB/Sj
Aw/nPrVbgYPXW5bLVYBQF+/DULCqoApUpDd3e7Z61Bop/cR2kjkyZvbOSREcl7HY
VwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17110544240137042830321311065428021861
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-07 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bat.iot.api.groupe-seb.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25232384285353027372320416860049283709663275074885700748163020747230179169059301582210777712688911328980031492399570673247420117550238014711593192988778793640828644053920250134810138395209376164668946380922522875699393562329539905306082381981910626550829103252529247462061082618518508441035455890232654381626632186556348912452184141718586035258386314604137829812032470902422844620470708387172276569254375576606576025103331866572723868916376191143562064547175851339200801775451025965181634185931521788668670260669127380056893528887867311761050519954286863669264110224129505644828989599492653443224749569710157473110103
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							df6b2e051ddf3e1d1b3dbf33382126ef868ca062
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bat.iot.api.groupe-seb.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00979a5a6aa172bbc3089f44dc2fffca211bf0dc5a2349dfa7f8f5777549867bb813f5722e93cb14cdde651537f269bf91147192e1470d52e8fb64b02bb2c732d654bd02e362d8b4c7c631f8b291b63fd1e5d5271353e3fe0441c0256b932d7a5d0a78ecd872ab7edee336a4279e5187dea3922c5dec254e7f11be89a72bf71a4a12072a70f6a9043d59c3ac812ed2a14d240eb7a957aa72bd57624bc45d83df7cc971adfe5e2a48fe7c25055bcda2f1fc5eeae00c02ba22f9a5b1330e556e27a2524f459e90e2a1c620c96386f6b8ac656e71f932a046ede013f00b346b24d5863f24b98cf5268db1b4c24187742569ae28fc9d999a21a992cffce46381bcac1f