uc3-ezid-ui-prd.cdlib.org

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 07:13:1e:05:fd:b9:c9:a0:b6:b3:35:f5:be:a1:5e:7b was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=uc3-ezid-ui-prd.cdlib.org

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 07:13:1e:05:fd:b9:c9:a0:b6:b3:35:f5:be:a1:5e:7b
Serial Number (int): 9403858557759805878439178079697985147
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 10:f9:48:15:e3:88:1d:dc:d2:5a:13:78:d8:b2:a0:05:a8:99:c6:16
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): f3:55:e9:48:fa:a6:a5:ac:1d:72:c6:19:40:7b:7b:08:bc:85:96:59
Fingerprint (sha256): 1a:82:57:dd:04:16:6e:7e:97:b7:c7:59:90:e8:3e:04:cb:de:16:13:24:b1:1e:41:a3:0d:52:d2:91:42:18:bf

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate uc3-ezid-ui-prd.cdlib.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for uc3-ezid-ui-prd.cdlib.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

uc3-ezid-ui-prd.cdlib.org
ezid.cdlib.org

Other certificates including the domain name cdlib.org

(limited to 100 certificates)
pub-xtfweb2-prd.cdlib.org
uc3-mrtui03x2-prd.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
xtf.cdlib.org
datadryad.org
5758048710688768-fe3.pantheonsite.io
www.cdlib.org
5648554290839552-fe1.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
hg.cdlib.org
aspace.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
uc3-ingest03x2-prd.cdlib.org
registry-stg.cdlib.org
uc3-ingest01x2-stg.cdlib.org
5704837555552256-fe2.pantheonsite.io
hg.cdlib.org
5704837555552256-fe2.pantheonsite.io
registry-dev.cdlib.org
5758048710688768-fe3.pantheonsite.io
cdlib.org
5758048710688768-fe3.pantheonsite.io
registry.cdlib.org
5704837555552256-fe2.pantheonsite.io
nuxeo.cdlib.org
5648554290839552-fe1.pantheonsite.io
massdig.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
pub-xtfweb2-prd.cdlib.org
5758048710688768-fe3.pantheonsite.io
uc3-ingest01x2-prd.cdlib.org
5758048710688768-fe3.pantheonsite.io
analytics.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
cdl-aws-nagios.cdlib.org
5758048710688768-fe3.pantheonsite.io
help.oac.cdlib.org
datamirror.org
5758048710688768-fe3.pantheonsite.io
uc3-wasredirectx2-prd.cdlib.org
5653164804014080-fe1.pantheonsite.io
uc3-dryadsolr-stg.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
oac.cdlib.org
dash.cdlib.org
5758048710688768-fe3.pantheonsite.io
cdlib.org
fdus-31.freshdesk.com
help.oac.cdlib.org
5758048710688768-fe3.pantheonsite.io
ftps-stg.cdlib.org
5758048710688768-fe3.pantheonsite.io
5704837555552256-fe2.pantheonsite.io
agua-stage.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
d2d-pid2-prd.cdlib.org
redmine.cdlib.org
voro.cdlib.org
uc3-dryaduix2-stg-2c.cdlib.org
5758048710688768-fe3.pantheonsite.io
mylibrary.cdlib.org
5758048710688768-fe3.pantheonsite.io
5648554290839552-fe1.pantheonsite.io
5653164804014080-fe1.pantheonsite.io
5704837555552256-fe2.pantheonsite.io
oac.cdlib.org
libraries.universityofcalifornia.edu
melvyl.cdlib.org
uc3-ezid-ui-prd.cdlib.org
5653164804014080-fe1.pantheonsite.io
help.oac.cdlib.org
uc3-dryad-stg.cdlib.org
help.oac.cdlib.org
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
tls.automattic.com
5648554290839552-fe1.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
uc3-ingest02x2-stg.cdlib.org
5758048710688768-fe3.pantheonsite.io
uc3-dryaduix2-dev.cdlib.org
5648554290839552-fe1.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
5758048710688768-fe3.pantheonsite.io
help.oac.cdlib.org
5758048710688768-fe3.pantheonsite.io

Certificate

The complete raw certificate details for uc3-ezid-ui-prd.cdlib.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEgTCCA2mgAwIBAgIQBxMeBf25yaC2szX1vqFeezANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MDUyODAwMDAwMFoXDTI1MDYyNjIzNTk1OVowJDEi
MCAGA1UEAxMZdWMzLWV6aWQtdWktcHJkLmNkbGliLm9yZzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAJivFwUALS7tT1BvIXDuYFOHZnQMmBUNaX0nM/to
eZJvxAQ3gFA57Fu4k2wOmQZ1OL8sKHYC9wqgsDcnBFfyL8fUHBCqIlhLcL4FIVt4
h6xLWRPnAepPKpNJHyTpV1N35faqGxpAxs77nJfvwiPJv08GgWEu3jX3BulHLPL1
M+OgIFdawKIQfY9hBmzqqX/MglwppfbLGUBIpZfmKv8obKOAbHVUBenyzw/3+EA7
+MK2pHGzvT8RiuDbS3TKz0Hq5XYzpITrgUgtM4WePKjOM5a0S3SguAuNjUzC38bp
KIYf4gZlIOrF5BvPn+AF9lW5Ymr175Ag5lDXlVrwzdh+ADECAwEAAaOCAZUwggGR
MB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBQQ+UgV
44gd3NJaE3jYsqAFqJnGFjA0BgNVHREELTArghl1YzMtZXppZC11aS1wcmQuY2Rs
aWIub3Jngg5lemlkLmNkbGliLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1Ud
HwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3Iy
bTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3Nw
LnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5y
Mm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAFXG00OCgE/mKewO
j2pEFuPU6PnIl7nMV7h0StVK3VNOms08Cd5Q3AwvZOWM9ZmvcgXYKUiImFq82nce
5KWVPl7jn/Qm4fbmT/PxmPL9FpynyHH5lWkaA1K3ypC7O/AUR9+tuzXukn47zDtM
bnj7A/j0NYAbBUBn0yPCCwGODat/r1wkwMn/6dUHF/GqKRv2oGEMW0wScIMibX6k
6T94rgUfUXUUTKmZFt3oFeWSs8bXiJu4/XvBGCST23JPD8m5PMSx+MWjy8/Z2YZz
0onxXSAXqfiqJ2pD9D0kKCPC1ditSl0l4oMCXJrJXO6mmsUAzfGZfTTlB8o7Y9WK
7l0USQk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK8XBQAtLu1PUG8hcO5g
U4dmdAyYFQ1pfScz+2h5km/EBDeAUDnsW7iTbA6ZBnU4vywodgL3CqCwNycEV/Iv
x9QcEKoiWEtwvgUhW3iHrEtZE+cB6k8qk0kfJOlXU3fl9qobGkDGzvucl+/CI8m/
TwaBYS7eNfcG6Ucs8vUz46AgV1rAohB9j2EGbOqpf8yCXCml9ssZQEill+Yq/yhs
o4BsdVQF6fLPD/f4QDv4wrakcbO9PxGK4NtLdMrPQerldjOkhOuBSC0zhZ48qM4z
lrRLdKC4C42NTMLfxukohh/iBmUg6sXkG8+f4AX2VbliavXvkCDmUNeVWvDN2H4A
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9403858557759805878439178079697985147
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'uc3-ezid-ui-prd.cdlib.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19274562412357779424808769038119687613562323787860346111224570187611427357747994041370718574809203167598447975063269017353343011137788046258963666935825029867667498517451744819468611632484630814781542248586521207985430244385850884231978020810494043231369529721333571460821528234182345984660889839080204562890110208031306283920629320351455442566015935947961809948914053037245005183343993809883000451018134276860637468492971610137387831810671817198979328767087137946243096128375457282041117864288404968088685392907659470350048900929214074542486587934376745684530993429318706613739617161827339469480106292203268951900209
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							10f94815e3881ddcd25a1378d8b2a005a899c616
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uc3-ezid-ui-prd.cdlib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ezid.cdlib.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0055c6d34382804fe629ec0e8f6a4416e3d4e8f9c897b9cc57b8744ad54add534e9acd3c09de50dc0c2f64e58cf599af7205d8294888985abcda771ee4a5953e5ee39ff426e1f6e64ff3f198f2fd169ca7c871f995691a0352b7ca90bb3bf01447dfadbb35ee927e3bcc3b4c6e78fb03f8f435801b054067d323c20b018e0dab7faf5c24c0c9ffe9d50717f1aa291bf6a0610c5b4c127083226d7ea4e93f78ae051f5175144ca99916dde815e592b3c6d7889bb8fd7bc1182493db724f0fc9b93cc4b1f8c5a3cbcfd9d98673d289f15d2017a9f8aa276a43f43d242823c2d5d8ad4a5d25e283025c9ac95ceea69ac500cdf1997d34e507ca3b63d58aee5d144909