mj-aws-alb.cba.gov.ar

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 03:3d:41:64:f3:46:19:70:8d:03:9d:4a:43:08:fc:ab was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mj-aws-alb.cba.gov.ar

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:3d:41:64:f3:46:19:70:8d:03:9d:4a:43:08:fc:ab
Serial Number (int): 4305740450455463218381519248159210667
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 1a:a9:f2:d9:32:df:8e:8c:0b:ed:d8:f7:1e:87:0c:79:a1:a2:16:23
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 62:3f:a4:cf:f6:3b:d6:d0:9d:dc:c4:e2:c2:b1:f9:f9:21:77:72:59
Fingerprint (sha256): 13:ea:7f:72:9a:62:cb:2d:b7:c1:e7:e5:2d:9e:19:31:62:ba:bc:aa:01:85:b9:e9:e9:41:54:28:f3:e7:64:38

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate mj-aws-alb.cba.gov.ar

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mj-aws-alb.cba.gov.ar

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mj-aws-alb.cba.gov.ar

Other certificates including the domain name cba.gov.ar

(limited to 100 certificates)
obrasminsp.cba.gov.ar
escrituracionloteos.cba.gov.ar
cordobafilma.cba.gov.ar
obrasminsp.cba.gov.ar
deportes.cba.gov.ar
msp-aws-internal.cba.gov.ar
centrosinfantiles.cba.gov.ar
prensa.cba.gov.ar
*.cajajubilaciones.cba.gov.ar
*.test.cba.gov.ar
deportes.cba.gov.ar
ministeriodeserviciospublicos.cba.gov.ar
mj-aws-alb.cba.gov.ar
lideresas.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
cultura.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
fiscaliatributariaadjunta.cba.gov.ar
mf-aws-alb.cba.gov.ar
fem.cba.gov.ar
tracker.polomujer.cba.gov.ar
ejerciciodememoria.cba.gov.ar
terminaldeomnibus.cba.gov.ar
consejodelasmujeres.cba.gov.ar
ministeriodeserviciospublicos.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
conectasalud.cba.gov.ar
obrasmaaysp.cba.gov.ar
escueladeabogados.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
tocse.cba.gov.ar
sierras.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
fiscaliatributariaadjunta.cba.gov.ar
acif.cba.gov.ar
consejopps.cba.gov.ar
www.cba.gob.ar
habitatyfamilia.cba.gov.ar
*.cba.gov.ar
mm-aws-alb.cba.gov.ar
escueladeabogados.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
mincyt.cba.gov.ar
espaciomujerestec.cba.gov.ar
ambiente.cba.gov.ar
habitatyfamilia.cba.gov.ar
msp-aws-alb.cba.gov.ar
desarrolloyempleo.cba.gov.ar
secretariadeintegracion.cba.gov.ar
cordobajoven.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
mv-aws-internal.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
consejodelasmujeres.cba.gov.ar
comunidadempleados.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
cultura.cba.gov.ar
espaciomujerestec.cba.gov.ar
sgg-aws-alb.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
cba.gov.ar
desarrolloyempleo.cba.gov.ar
admin.polomujer.cba.gov.ar
*.cba.gov.ar
fem.cba.gov.ar
cordobaproduce.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
ceprocor.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
cordobaproduce.cba.gov.ar
senaf.cba.gov.ar
encuestas.cba.gov.ar
gestionabierta.cba.gov.ar
ciudadanodigital.cba.gov.ar
fiscaliatributariaadjunta.cba.gov.ar
ciudadanodigital.cba.gov.ar
fem.cba.gov.ar
ipj.cba.gov.ar
cicytac.cba.gov.ar
tribunalffss.cba.gov.ar
mincyt.cba.gov.ar
ersep.cba.gov.ar
*.cba.gov.ar
lideresas.cba.gov.ar
suprarregionalmujeres.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
ambiente.cba.gov.ar
compraspublicas.cba.gov.ar
minjus.cba.gov.ar
mujer.cba.gov.ar
finanzas.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
compraspublicas.cba.gov.ar
www.cajajubilaciones.cba.gov.ar
boletinoficial.cba.gov.ar
cordobaproduce.cba.gov.ar
lideresas.cba.gov.ar

Certificate

The complete raw certificate details for mj-aws-alb.cba.gov.ar in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIQAz1BZPNGGXCNA51KQwj8qzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMTAyOTAwMDAwMFoXDTI0MTEyNzIzNTk1OVowIDEe
MBwGA1UEAxMVbWotYXdzLWFsYi5jYmEuZ292LmFyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA5Y0iJbcSi9skCeFnCs7l/WJvNr5m/kL9rqtuVBP81apq
WN9k3Ubj5KI7a1R/yQl132QfMDF2zYpfYdOCC4TxAWVsKdeUP3rbEVc1SMXVybZH
hEm79g2BrtMqZE8/cu4kBN8GoIz5imXpLTRHYz7f+4ObKHW6W6FN8UCBZkHciwt+
IpcqFydzw2lz7N/wX/hBwDSL5eoOQGhptSegOUc0Mn3KjfY3B3qvh8iT5Wa2c949
Ye3NSJkvScWCiX29wB0Pf0Ek4IdKsCEkZH/nZE3iliMbcBUCyQMax+tW8U8XdFMb
sfh5vbChMT9Sv2t1W2mcG1CWlyhy3vmuG5vDRC/U8wIDAQABo4IC7jCCAuowHwYD
VR0jBBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFBqp8tky346M
C+3Y9x6HDHmhohYjMCAGA1UdEQQZMBeCFW1qLWF3cy1hbGIuY2JhLmdvdi5hcjAT
BgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
cjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcw
LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2
BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJt
MDMuY2VyMAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2
AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi3jJ8mEAAAQDAEcw
RQIgB4Skl4KPJp7dwIV2RNoA4S5IO2cCXW3H9c6fatEkTAgCIQD2MjFt4j9hL1Lu
yDa5ymVyOmZoXqc7MhuZ85MQuMdTfwB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSF
NL2kPTBI1/urAAABi3jJ8gIAAAQDAEcwRQIhAKrKkonSV+FR3VL7ZbVX+UfNgcAj
683XZGr+Wle3I0qsAiByhE95bdBDYISvXKM7SEsRVixFXuOkGX6f1o6OaqD8KwB2
AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABi3jJ8kkAAAQDAEcw
RQIhAJELYGdhn7ePP+7yqJe7LULUK0CuMfHe7HTU94LVK1uCAiA/i6FtUalnwpb2
bbMdWbKR4ZwQyT7tyWZFFsRO1VC8xTANBgkqhkiG9w0BAQsFAAOCAQEAdTWigwHg
qVp+BLAm/KlSnltow0irAaHBRLpNtSkppbB+QkUugtsAB4IqjvctN1e6xHf3jkys
vsQYLlsJm7mRF/HbWtsproiIIrtmo9K5uruAqv6p9cFeW7unf7yX19yUnV3QKUfa
GMI0GDxh1ktmv1A4N2weHFGrb+pqlADxxysvOf751+uadQXVxXsUCnhuHRQqW2WZ
rtIXb6hKqrJw7l/MkfNUVHJrYDvJIu+/m/dF7m7tAUEIf9zg6iE1eCLPYzVZa3Vw
zvilkORe+18xYYhNoUUaRBrNNn9jSba7/W4J/E5aKkrPkci5C9tcmaSyCuJ5VU8W
AYjK1Cb0u9FuXw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y0iJbcSi9skCeFnCs7l
/WJvNr5m/kL9rqtuVBP81apqWN9k3Ubj5KI7a1R/yQl132QfMDF2zYpfYdOCC4Tx
AWVsKdeUP3rbEVc1SMXVybZHhEm79g2BrtMqZE8/cu4kBN8GoIz5imXpLTRHYz7f
+4ObKHW6W6FN8UCBZkHciwt+IpcqFydzw2lz7N/wX/hBwDSL5eoOQGhptSegOUc0
Mn3KjfY3B3qvh8iT5Wa2c949Ye3NSJkvScWCiX29wB0Pf0Ek4IdKsCEkZH/nZE3i
liMbcBUCyQMax+tW8U8XdFMbsfh5vbChMT9Sv2t1W2mcG1CWlyhy3vmuG5vDRC/U
8wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4305740450455463218381519248159210667
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mj-aws-alb.cba.gov.ar'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28978167304702489401216863070678246134799556312242407741007219782246856758252379254151018858798740408272749111174045382005677349934880698472432465766000360333508267163079134786609472802170121681507331446504368081017140287554738776206382562499311810977512476577259458578076478523741165346891938079482078775240448806150421354601229659387122356286508994887961552578397723991148692532332196827803850157704951285733495998718375338854657627098424238643912263458685115797411995402290384364866720883021657126807642486085798210180070694072934316282544436447879128837479986531873799454374224991986487211740445323362900366054643
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1aa9f2d932df8e8c0bedd8f71e870c79a1a21623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mj-aws-alb.cba.gov.ar'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b78c9f261000004030047304502200784a497828f269eddc0857644da00e12e483b67025d6dc7f5ce9f6ad1244c08022100f632316de23f612f52eec836b9ca65723a66685ea73b321b99f39310b8c7537f007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b78c9f2020000040300473045022100aaca9289d257e151dd52fb65b557f947cd81c023ebcdd7646afe5a57b7234aac022072844f796dd0436084af5ca33b484b11562c455ee3a4197e9fd68e8e6aa0fc2b0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018b78c9f2490000040300473045022100910b6067619fb78f3feef2a897bb2d42d42b40ae31f1deec74d4f782d52b5b8202203f8ba16d51a967c296f66db31d59b291e19c10c93eedc9664516c44ed550bcc5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007535a28301e0a95a7e04b026fca9529e5b68c348ab01a1c144ba4db52929a5b07e42452e82db0007822a8ef72d3757bac477f78e4cacbec4182e5b099bb99117f1db5adb29ae888822bb66a3d2b9babb80aafea9f5c15e5bbba77fbc97d7dc949d5dd02947da18c234183c61d64b66bf5038376c1e1c51ab6fea6a9400f1c72b2f39fef9d7eb9a7505d5c57b140a786e1d142a5b6599aed2176fa84aaab270ee5fcc91f35454726b603bc922efbf9bf745ee6eed0141087fdce0ea21357822cf6335596b7570cef8a590e45efb5f3161884da1451a441acd367f6349b6bbfd6e09fc4e5a2a4acf91c8b90bdb5c99a4b20ae279554f160188cad426f4bbd16e5f