fashion.kay.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 04:17:4c:07:3d:39:9c:e5:1b:94:67:4e:6d:5a:12:2b was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=fashion.kay.com
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:17:4c:07:3d:39:9c:e5:1b:94:67:4e:6d:5a:12:2bSerial Number (int): 5437876847561214940157143324026343979
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: bf:bf:bb:98:73:e2:bd:0e:f0:a4:fb:b9:0c:53:b3:59:4b:ed:d5:ea
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): df:57:ba:73:42:8e:2d:24:b5:73:b1:35:c3:e3:bc:7d:f1:da:d7:de
Fingerprint (sha256): 1b:8e:3a:56:bf:e6:7d:46:0c:02:65:3f:c3:0d:73:02:98:6b:1d:e3:8c:79:f5:a3:e8:32:e0:07:60:9a:f6:60
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate fashion.kay.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fashion.kay.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
fashion.kay.com
fashion.zales.com
fashion.jared.com
fashion.zales.com
fashion.jared.com
Other certificates including the domain name kay.com
(limited to 100 certificates)
imperva.com
sni191bdgl.wpc.edgecastcdn.net
test.kay.com
mstage.jared.com
credithub-test.azusnc-test.jewels.com
stores.kay.com
www2.kay.com
stores.kay.com
www.kay.com
*.classrings.kay.com
sni1d146gl.wpc.edgecastcdn.net
mstage.jared.com
origin-uat1.kay.com
www.kay.com
em.kay.com
t.kay.com
imperva.com
chat.kay.com
chat.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
san2.yext-cdn.com
san2.yext-cdn.com
www.kay.com
test.kay.com
testbridal.kay.com
classrings.kay.com
san2.yext-cdn.com
classrings.kay.com
link.kay.com
link.kay.com
fashion.kay.com
bridal.kay.com
chat.kay.com
t.kay.com
www2.kay.com
www.kay.com
origin-uat1.kay.com
dtm.kay.com
www.kay.com
www.kay.com
test.kay.com
www.kay.com
signetqa.cbi-rings.com
bridal.kay.com
pay.sterlingjewelers.com
san2.yext-cdn.com
perf-creditapis.jewels.com
san2.yext-cdn.com
familyjewelry.kay.com
imperva.com
em.kay.com
locations.c2crestaurants.com
san2.yext-cdn.com
test.kay.com
stores.kay.com
chat.kay.com
www.kay.com
classrings.kay.com
chat.kay.com
san2.yext-cdn.com
em.kay.com
test.kay.com
testpersonalized.kay.com
www.kay.com
san2.yext-cdn.com
smetrics.kay.com
amp-uat3.kay.com
www.kay.com
pay.sterlingjewelers.com
www.kay.com
sni19bd6gl.wpc.edgecastcdn.net
www.kay.com
www.kay.com
pay.kay.com
*.kay.com
pages.email.kay.com
test.kay.com
pt-stores.iqos.com.yext-cdn.com
familyjewelry.kay.com
www.kay.com
m.kay.com
creditapis.jewels.com
fpc.kay.com
credithub-test.azusnc-test.jewels.com
familyjewelry.kay.com
www.kay.com
classrings.kay.com
www.kay.com
classrings.kay.com
www.kay.com
personalized.jared.com
www.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
www.kay.com
www.kay.com
www.kay.com
san2.yext-cdn.com
sni191bdgl.wpc.edgecastcdn.net
test.kay.com
mstage.jared.com
credithub-test.azusnc-test.jewels.com
stores.kay.com
www2.kay.com
stores.kay.com
www.kay.com
*.classrings.kay.com
sni1d146gl.wpc.edgecastcdn.net
mstage.jared.com
origin-uat1.kay.com
www.kay.com
em.kay.com
t.kay.com
imperva.com
chat.kay.com
chat.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
san2.yext-cdn.com
san2.yext-cdn.com
www.kay.com
test.kay.com
testbridal.kay.com
classrings.kay.com
san2.yext-cdn.com
classrings.kay.com
link.kay.com
link.kay.com
fashion.kay.com
bridal.kay.com
chat.kay.com
t.kay.com
www2.kay.com
www.kay.com
origin-uat1.kay.com
dtm.kay.com
www.kay.com
www.kay.com
test.kay.com
www.kay.com
signetqa.cbi-rings.com
bridal.kay.com
pay.sterlingjewelers.com
san2.yext-cdn.com
perf-creditapis.jewels.com
san2.yext-cdn.com
familyjewelry.kay.com
imperva.com
em.kay.com
locations.c2crestaurants.com
san2.yext-cdn.com
test.kay.com
stores.kay.com
chat.kay.com
www.kay.com
classrings.kay.com
chat.kay.com
san2.yext-cdn.com
em.kay.com
test.kay.com
testpersonalized.kay.com
www.kay.com
san2.yext-cdn.com
smetrics.kay.com
amp-uat3.kay.com
www.kay.com
pay.sterlingjewelers.com
www.kay.com
sni19bd6gl.wpc.edgecastcdn.net
www.kay.com
www.kay.com
pay.kay.com
*.kay.com
pages.email.kay.com
test.kay.com
pt-stores.iqos.com.yext-cdn.com
familyjewelry.kay.com
www.kay.com
m.kay.com
creditapis.jewels.com
fpc.kay.com
credithub-test.azusnc-test.jewels.com
familyjewelry.kay.com
www.kay.com
classrings.kay.com
www.kay.com
classrings.kay.com
www.kay.com
personalized.jared.com
www.kay.com
www.kay.com
credithub-dev.azusnc-test.jewels.com
www.kay.com
www.kay.com
www.kay.com
san2.yext-cdn.com
Certificate
The complete raw certificate details for fashion.kay.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8TCCBNmgAwIBAgIQBBdMBz05nOUblGdObVoSKzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDMxNzAwMDAwMFoXDTI0MDQxNDIzNTk1OVowGjEY MBYGA1UEAxMPZmFzaGlvbi5rYXkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAt/3p5f4DrmnoXFweI9GXeFR/noT2VOQDIRs3dpgJ6nAYwpLRXYSr 7zQ8KV3HZqQOPPSD9nE/9k7O9Sshi8NSKm9wqpPEQdRbHBIz/lu0JaRqge0CrMnp mQmjGDqjWXrXJJ3fWzW/ztVB2Uojy+bHhSetRv/7RiLXYH6JCTFuGD0EKuqSS3VN hg8+75Yw0Wh6ANKachAi3Oar3NjORH9qc2B81iENRx9Yk7cR7DvKXhftd1rdR/aU pG+OCBp243NQufg1Juu6MvSpfyNphEpCI6b2JRDUpu9C8CGg10euLb477bs6LFFo Yvq3khWIZ4TQ7Ly+Y7zrE+tVJ9YhHjsBhQIDAQABo4IDDzCCAwswHwYDVR0jBBgw FoAUgbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFL+/u5hz4r0O8KT7uQxT s1lL7dXqMEAGA1UdEQQ5MDeCD2Zhc2hpb24ua2F5LmNvbYIRZmFzaGlvbi56YWxl cy5jb22CEWZhc2hpb24uamFyZWQuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov L2NybC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY3JsMBMGA1UdIAQMMAow CAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29j c3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0 LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/BAIwADCC AX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYA7s3QZNXbGs7FXLedtM0TojKHRny8 7N7DUUhZRnEftZsAAAGG8O56pAAABAMARzBFAiA8oAas7y2DUPhhoSOjMfiwGsE6 Yd/IMp368dXqBl6RKQIhAMsW+SJLNoJ7FGcz1dufCrJggKYgTdfALhtNzSSjZWWM AHYAc9meiRtMlnigIH1HneayxhzQUV5xGSqMa4AQesF3crUAAAGG8O57BwAABAMA RzBFAiEAnNpPJvocXE0gnFOzyzQSIegIAHjywlAf6o1HsB3BdYICIAanFhWGvcJq ujMc16hlseQvdYmrydeRLy2tFgUKf1EQAHcASLDja9qmRzQP5WoC+p0w6xxSActW 3SyB2bu/qznYhHMAAAGG8O560wAABAMASDBGAiEAgf5u9lMXMRRcsri5aaHhNt4S wqhNZf8rklUX8fA4GkgCIQC8ux39KxsgWzs06021HwC8LaheC0wrb0uXIQTtfizL BzANBgkqhkiG9w0BAQsFAAOCAQEAP6Pgj15TRo17fvNNls4OrnbkQ1d61+W0XobF yYmFOOhi+GZYOYOFAbUKUj01+UFFhxSRR0ZgKpX255RKpA5krybCZLcK44Kmvjz/ oDezVBJIkVAzuQnaptR1wKUvklosjXzM1QByT1JbA64CA1o1jFPYGxnLuTnIkUKO LpfFnZlpTuuhWLGASRFdSGKCb1mKrF+fdfIfVrb2dfK1dUheY1iR2r2Ng0ZEvySg 8LiUvXVuhLRj+azoJFrhExEjaUP08Ss9QsxhmZzdUbCI6Avk2CGMqNvpjGo9FKwY WifroX4Ovsos9/Rl+v+4TzHJnp0O4riKYPSJ/vXM6o0r6Hv2Gg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/3p5f4DrmnoXFweI9GX eFR/noT2VOQDIRs3dpgJ6nAYwpLRXYSr7zQ8KV3HZqQOPPSD9nE/9k7O9Sshi8NS Km9wqpPEQdRbHBIz/lu0JaRqge0CrMnpmQmjGDqjWXrXJJ3fWzW/ztVB2Uojy+bH hSetRv/7RiLXYH6JCTFuGD0EKuqSS3VNhg8+75Yw0Wh6ANKachAi3Oar3NjORH9q c2B81iENRx9Yk7cR7DvKXhftd1rdR/aUpG+OCBp243NQufg1Juu6MvSpfyNphEpC I6b2JRDUpu9C8CGg10euLb477bs6LFFoYvq3khWIZ4TQ7Ly+Y7zrE+tVJ9YhHjsB hQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5437876847561214940157143324026343979 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fashion.kay.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23226819303944079234314121266228123430901057437087473991101799952587920418735579837345536137413518198541845614462991522129209904406198224922175091773367442993898632233981881256918357548409027797039785810598020650351083679132397164143687492092038627275303986733100462497769471007382643282112353655734829063997739190889494949881550212721368619844766853560762222173885660381192312723384989240459636390489043792652085848658363923174154706844735665478538756361965834427847855070492799073832486505050473648005934265624718039842010317404795882624990759046904873829686572468495740539260173129779203212649433595641601896153477 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bfbfbb9873e2bd0ef0a4fbb90c53b3594bedd5ea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fashion.kay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fashion.zales.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fashion.jared.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000186f0ee7aa4000004030047304502203ca006acef2d8350f861a123a331f8b01ac13a61dfc8329dfaf1d5ea065e9129022100cb16f9224b36827b146733d5db9f0ab26080a6204dd7c02e1b4dcd24a365658c00760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000186f0ee7b0700000403004730450221009cda4f26fa1c5c4d209c53b3cb341221e8080078f2c2501fea8d47b01dc17582022006a7161586bdc26aba331cd7a865b1e42f7589abc9d7912f2dad16050a7f511000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000186f0ee7ad3000004030048304602210081fe6ef6531731145cb2b8b969a1e136de12c2a84d65ff2b925517f1f0381a48022100bcbb1dfd2b1b205b3b34eb4db51f00bc2da85e0b4c2b6f4b972104ed7e2ccb07 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003fa3e08f5e53468d7b7ef34d96ce0eae76e443577ad7e5b45e86c5c9898538e862f8665839838501b50a523d35f941458714914746602a95f6e7944aa40e64af26c264b70ae382a6be3cffa037b3541248915033b909daa6d475c0a52f925a2c8d7cccd500724f525b03ae02035a358c53d81b19cbb939c891428e2e97c59d99694eeba158b18049115d4862826f598aac5f9f75f21f56b6f675f2b575485e635891dabd8d834644bf24a0f0b894bd756e84b463f9ace8245ae11311236943f4f12b3d42cc61999cdd51b088e80be4d8218ca8dbe98c6a3d14ac185a27eba17e0ebeca2cf7f465faffb84f31c99e9d0ee2b88a60f489fef5ccea8d2be87bf61a