backend.beta.sokos.fi
Issued by Amazon
About this certificate
This digital certificate with serial number 09:71:e8:79:f7:36:4c:6e:a3:4f:d2:4b:99:6d:1d:ee was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=backend.beta.sokos.fi
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:71:e8:79:f7:36:4c:6e:a3:4f:d2:4b:99:6d:1d:eeSerial Number (int): 12554496689222830152575237933864132078
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: e7:13:99:5a:13:fc:e9:cb:93:fb:fa:c0:c9:22:e7:dd:f7:7d:66:36
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): b5:a2:0b:07:24:0a:d0:05:54:69:58:9a:99:c2:b1:69:38:2e:a3:4b
Fingerprint (sha256): 1c:0f:c8:bd:62:23:38:fd:19:43:d5:75:95:1b:56:64:ad:18:ca:1e:04:50:fb:97:7e:a8:2f:dd:88:9e:b4:cb
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate backend.beta.sokos.fi
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for backend.beta.sokos.fi
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
backend.beta.sokos.fi
Other certificates including the domain name sokos.fi
(limited to 100 certificates)
varnish.test.sokos.fi
www.sokos.fi
backend.beta.sokos.fi
www.qa.sokos.fi
www.sokos.fi
varnish.test.sokos.fi
*.test.sokos.fi
*.test.sokos.fi
go.sokos.fi
varnish.qa.sokos.fi
test.sokos.fi
storefront-api.beta.sokos.fi
test.sokos.fi
api-storefront.beta.sokos.fi
backend.beta.sokos.fi
varnish.test.sokos.fi
varnish-perf.test.sokos.fi
www.sokos.fi
varnish-perf.test.sokos.fi
sokos.fi
*.test.sokos.fi
palautus.prisma.fi
*.sokos.fi
storefront-api.beta.sokos.fi
*.sokos.fi
www.sokos.fi
test.sokos.fi
test.sokos.fi
www.sokos.fi
api-reo.beta.sokos.fi
go.sokos.fi
sokos.fi
*.test.sokos.fi
inspiroidu.sokos.fi
www.sokos.fi
sokos.fi
palautus.prisma.fi
varnish.sokos.fi
varnish-perf.test.sokos.fi
test.sokos.fi
www.sokos.fi
*.qa.sokos.fi
www.test.sokos.fi
*.test.sokos.fi
*.test.sokos.fi
sokos.fi
beta.sokos.fi
beta.sokos.fi
www.sokos.fi
qa.sokos.fi
backend.beta.sokos.fi
varnish.test.sokos.fi
*.qa.sokos.fi
reo-api.beta.sokos.fi
varnish.sokos.fi
*.sokos.fi
go.sokos.fi
varnish.qa.sokos.fi
sokos.fi
go.sokos.fi
varnish.test.sokos.fi
www.sokos.fi
www.sokos.fi
varnish.qa.sokos.fi
palautus.prisma.fi
www.test.sokos.fi
test.sokos.fi
www.sokos.fi
varnish-perf.test.sokos.fi
varnish.test.sokos.fi
*.sokos.fi
www.sokos.fi
go.sokos.fi
varnish-perf.test.sokos.fi
palautus.prisma.fi
varnish.qa.sokos.fi
origin.backend.beta.sokos.fi
go.sokos.fi
www.sokos.fi
qa.sokos.fi
sokos.fi
open-lauri-alternate.test.sokos.fi
*.test.sokos.fi
qa.sokos.fi
*.test.sokos.fi
palautus.prisma.fi
www.sokos.fi
backend.beta.sokos.fi
www.qa.sokos.fi
www.sokos.fi
varnish.test.sokos.fi
*.test.sokos.fi
*.test.sokos.fi
go.sokos.fi
varnish.qa.sokos.fi
test.sokos.fi
storefront-api.beta.sokos.fi
test.sokos.fi
api-storefront.beta.sokos.fi
backend.beta.sokos.fi
varnish.test.sokos.fi
varnish-perf.test.sokos.fi
www.sokos.fi
varnish-perf.test.sokos.fi
sokos.fi
*.test.sokos.fi
palautus.prisma.fi
*.sokos.fi
storefront-api.beta.sokos.fi
*.sokos.fi
www.sokos.fi
test.sokos.fi
test.sokos.fi
www.sokos.fi
api-reo.beta.sokos.fi
go.sokos.fi
sokos.fi
*.test.sokos.fi
inspiroidu.sokos.fi
www.sokos.fi
sokos.fi
palautus.prisma.fi
varnish.sokos.fi
varnish-perf.test.sokos.fi
test.sokos.fi
www.sokos.fi
*.qa.sokos.fi
www.test.sokos.fi
*.test.sokos.fi
*.test.sokos.fi
sokos.fi
beta.sokos.fi
beta.sokos.fi
www.sokos.fi
qa.sokos.fi
backend.beta.sokos.fi
varnish.test.sokos.fi
*.qa.sokos.fi
reo-api.beta.sokos.fi
varnish.sokos.fi
*.sokos.fi
go.sokos.fi
varnish.qa.sokos.fi
sokos.fi
go.sokos.fi
varnish.test.sokos.fi
www.sokos.fi
www.sokos.fi
varnish.qa.sokos.fi
palautus.prisma.fi
www.test.sokos.fi
test.sokos.fi
www.sokos.fi
varnish-perf.test.sokos.fi
varnish.test.sokos.fi
*.sokos.fi
www.sokos.fi
go.sokos.fi
varnish-perf.test.sokos.fi
palautus.prisma.fi
varnish.qa.sokos.fi
origin.backend.beta.sokos.fi
go.sokos.fi
www.sokos.fi
qa.sokos.fi
sokos.fi
open-lauri-alternate.test.sokos.fi
*.test.sokos.fi
qa.sokos.fi
*.test.sokos.fi
palautus.prisma.fi
Certificate
The complete raw certificate details for backend.beta.sokos.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5DCCBMygAwIBAgIQCXHoefc2TG6jT9JLmW0d7jANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTEwMjIwMDAwMDBaFw0yMjExMjAy MzU5NTlaMCAxHjAcBgNVBAMTFWJhY2tlbmQuYmV0YS5zb2tvcy5maTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWPX/6zoupmjDsWi2LHVkGRpLDqrGDf lS+Xtq2fru+yVhhq5gIabJOSoJTzFOSAK6nmtPS7Rr3LxV92AMlJzxY62HldP+2V pfLyJOxB7NJJW/BJaN4X1uBy23JNNTDGE+1YWtk3Fliy1vFRwIF8M57CuR8PQwg2 sDV8fOa7/SbB8j6F0XPm63gKBXp4mokuIJK7kMSiISZSubGrj0WzyfXoK1AHDgtz K6SObQPtRsHQfCt0yUSRBYYSb1Idk8BuPfO99HpwKWJs4Qfi10ehkU44OfuJooFt t0ib9EqTObelF5NY3bm8/7i4di48iZbioxU28JzyiMWzbwVEpqFcwzUCAwEAAaOC AvIwggLuMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQW BBTnE5laE/zpy5P7+sDJIufd931mNjAgBgNVHREEGTAXghViYWNrZW5kLmJldGEu c29rb3MuZmkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnNjYTFiLmFtYXpv bnRydXN0LmNvbS9zY2ExYi0xLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1Bggr BgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpv bnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250 cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5AgQC BIIBcASCAWwBagB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAAB fKgA9qsAAAQDAEgwRgIhAMsnyL6kj94MLqPuiByH0oywXzcdRI5L1sfZNrhxp21L AiEAhby8xGcZsqvBY9N7Nii1AjtbHqTVriIw9vhJ9jgEHZEAdgBRo7D1/QF5nFZt uDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAXyoAPblAAAEAwBHMEUCIEo40cNquXge emonw+imOPdX/LuyJZJeNoWSYAfFq7IeAiEA0KeyJ3LYxfeLz1YN+uDislJqKmmZ KqMz2DmiiEPObCAAdwBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAA AXyoAPa3AAAEAwBIMEYCIQDnARlaWsRiVTUfMyQah9uRmqc6NxtYs1O8FHLwQl4Y vgIhAOG7FUCXnDPTbUVL/CCPhWxPvK6a4JatHKadX8AesJ8+MA0GCSqGSIb3DQEB CwUAA4IBAQC0S+vXJv42PACOGPdu9D2NFo0Tte40Z0PAHaGYqvxaWe0We249mN+8 yffMwRMdgZVNeiUxGiqRuIQXyq3yHcrIi/M+tkSeLlUptXPydHnOtn3+BGCtNTnq /cHEU30uMH/dfaiQ6G4uFQNMmDnaxjzjctFxxvexGGkGJUXvSbx3+gaQeFZ9kDaD RZPtEUZXVvIK6mPOG54G9EauVhBUFnL3LcdJTHwXzCRwAsaDEr5fjh02IlSTY3xt 4JZ33NvMos3EB1tXPdHJkFjdf6PrfKVX3F6OuUL+PO4LY4RScQ5TR3kvgsRKbKVs VEPlpQKv5AH/fCbQDMXIH5zoHUPzCmzB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY9f/rOi6maMOxaLYsdW QZGksOqsYN+VL5e2rZ+u77JWGGrmAhpsk5KglPMU5IArqea09LtGvcvFX3YAyUnP FjrYeV0/7ZWl8vIk7EHs0klb8Elo3hfW4HLbck01MMYT7Vha2TcWWLLW8VHAgXwz nsK5Hw9DCDawNXx85rv9JsHyPoXRc+breAoFeniaiS4gkruQxKIhJlK5sauPRbPJ 9egrUAcOC3MrpI5tA+1GwdB8K3TJRJEFhhJvUh2TwG498730enApYmzhB+LXR6GR Tjg5+4migW23SJv0SpM5t6UXk1jdubz/uLh2LjyJluKjFTbwnPKIxbNvBUSmoVzD NQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12554496689222830152575237933864132078 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'backend.beta.sokos.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24939646916101343312511112378553134138965707207885796254175084272105210264088744942962783536394790403900571644764930014741244588270886080318742994774944381402504943031331020861329234436993966116965800967260250682033859797816773822938963087714449196208886295924191693112677563660818324285764029344531934162197616190140513353517455140072493929627097360314101439606337273706080052716007343586960753570395985744840815593945424476497037653939439891704978116649319563209328108606162523231806689504089869082345020205391389074944717420293130700633089877679603624502241482417277898535959807961406631678389452312871892248478517 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e713995a13fce9cb93fbfac0c922e7ddf77d6636 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'backend.beta.sokos.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a0077002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017ca800f6ab0000040300483046022100cb27c8bea48fde0c2ea3ee881c87d28cb05f371d448e4bd6c7d936b871a76d4b02210085bcbcc46719b2abc163d37b3628b5023b5b1ea4d5ae2230f6f849f638041d9100760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017ca800f6e5000004030047304502204a38d1c36ab9781e7a6a27c3e8a638f757fcbbb225925e3685926007c5abb21e022100d0a7b22772d8c5f78bcf560dfae0e2b2526a2a69992aa333d839a28843ce6c2000770041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017ca800f6b70000040300483046022100e701195a5ac46255351f33241a87db919aa73a371b58b353bc1472f0425e18be022100e1bb1540979c33d36d454bfc208f856c4fbcae9ae096ad1ca69d5fc01eb09f3e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b44bebd726fe363c008e18f76ef43d8d168d13b5ee346743c01da198aafc5a59ed167b6e3d98dfbcc9f7ccc1131d81954d7a25311a2a91b88417caadf21dcac88bf33eb6449e2e5529b573f27479ceb67dfe0460ad3539eafdc1c4537d2e307fdd7da890e86e2e15034c9839dac63ce372d171c6f7b11869062545ef49bc77fa069078567d9036834593ed11465756f20aea63ce1b9e06f446ae5610541672f72dc7494c7c17cc247002c68312be5f8e1d36225493637c6de09677dcdbcca2cdc4075b573dd1c99058dd7fa3eb7ca557dc5e8eb942fe3cee0b638452710e5347792f82c44a6ca56c5443e5a502afe401ff7c26d00cc5c81f9ce81d43f30a6cc1