mktg-assets.chimp.net
Issued by Amazon
About this certificate
This digital certificate with serial number 0f:db:e7:e3:0a:c8:de:7b:52:da:68:16:d4:7c:de:10 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=mktg-assets.chimp.net
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:db:e7:e3:0a:c8:de:7b:52:da:68:16:d4:7c:de:10Serial Number (int): 21080236173541885520493143502826036752
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 0f:6b:43:e5:11:01:68:33:e9:fa:50:5f:4d:9e:d4:94:6f:ab:ce:59
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): dd:e3:d8:20:18:0a:cd:46:bf:2e:68:ef:55:2d:bb:d7:b8:c1:31:27
Fingerprint (sha256): 21:f9:8a:44:e5:e5:b2:0f:2b:a8:57:bb:af:b3:de:0a:8c:65:95:1a:9c:21:9b:41:87:5b:9a:d3:73:f1:30:c8
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate mktg-assets.chimp.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mktg-assets.chimp.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mktg-assets.chimp.net
*.mktg-assets.chimp.net
*.mktg-assets.chimp.net
Other certificates including the domain name chimp.net
(limited to 100 certificates)
blog.chimp.net
demo.chimp.net
weare.chimp.net
24467.org
mktg-assets.chimp.net
www.chimp.net
*.chimp.net
*.chimp.net
usa.chimp.net
weare.chimp.net
chimp.net
view.chimp.net
weare.chimp.net
thebeat.chimp.net
staging.chimp.net
view.chimp.net
demo.chimp.net
help.chimp.net
go2.chimp.net
lab.chimp.net
demo.chimp.net
*.sandbox.chimp.net
chimp.net
*.giving.chimp.net
blog.chimp.net
mktg-assets.chimp.net
dev.chimp.net
staging.chimp.net
giving.chimp.net
blog.chimp.net
chimp.net
view.chimp.net
chimp.net
weare.chimp.net
demo.chimp.net
view.chimp.net
weare.chimp.net
usa.chimp.net
help.chimp.net
lab-dev.chimp.net
stg.chimp.net
help.chimp.net
blog.chimp.net
weare.chimp.net
view.chimp.net
demo.chimp.net
usa.chimp.net
view.chimp.net
data.chimp.net
24467.org
blog.chimp.net
data.chimp.net
chimp.net
data.chimp.net
go2.chimp.net
help.chimp.net
auth.chimp.net
help.chimp.net
qa.chimp.net
preview.chimp.net
chimp.net
lab-dev.chimp.net
blog.chimp.net
chimp.net
view.chimp.net
giving-dev.chimp.net
view.chimp.net
24467.org
lab-dev.chimp.net
view.chimp.net
help.chimp.net
www.chimp.net
view.chimp.net
weare.chimp.net
blog.chimp.net
view.chimp.net
help.chimp.net
help.chimp.net
stg.chimp.net
24467.org
help.chimp.net
www.chimp.net
demo.chimp.net
auth.chimp.net
giving.chimp.net
lab-dev.chimp.net
demo.chimp.net
qa.chimp.net
go2.chimp.net
chimp.net
*.chimp.net
api.chimp.net
www.chimp.net
*.mktg-assets.chimp.net
sandbox.chimp.net
24467.org
demo.chimp.net
weare.chimp.net
demo.chimp.net
usa.chimp.net
demo.chimp.net
weare.chimp.net
24467.org
mktg-assets.chimp.net
www.chimp.net
*.chimp.net
*.chimp.net
usa.chimp.net
weare.chimp.net
chimp.net
view.chimp.net
weare.chimp.net
thebeat.chimp.net
staging.chimp.net
view.chimp.net
demo.chimp.net
help.chimp.net
go2.chimp.net
lab.chimp.net
demo.chimp.net
*.sandbox.chimp.net
chimp.net
*.giving.chimp.net
blog.chimp.net
mktg-assets.chimp.net
dev.chimp.net
staging.chimp.net
giving.chimp.net
blog.chimp.net
chimp.net
view.chimp.net
chimp.net
weare.chimp.net
demo.chimp.net
view.chimp.net
weare.chimp.net
usa.chimp.net
help.chimp.net
lab-dev.chimp.net
stg.chimp.net
help.chimp.net
blog.chimp.net
weare.chimp.net
view.chimp.net
demo.chimp.net
usa.chimp.net
view.chimp.net
data.chimp.net
24467.org
blog.chimp.net
data.chimp.net
chimp.net
data.chimp.net
go2.chimp.net
help.chimp.net
auth.chimp.net
help.chimp.net
qa.chimp.net
preview.chimp.net
chimp.net
lab-dev.chimp.net
blog.chimp.net
chimp.net
view.chimp.net
giving-dev.chimp.net
view.chimp.net
24467.org
lab-dev.chimp.net
view.chimp.net
help.chimp.net
www.chimp.net
view.chimp.net
weare.chimp.net
blog.chimp.net
view.chimp.net
help.chimp.net
help.chimp.net
stg.chimp.net
24467.org
help.chimp.net
www.chimp.net
demo.chimp.net
auth.chimp.net
giving.chimp.net
lab-dev.chimp.net
demo.chimp.net
qa.chimp.net
go2.chimp.net
chimp.net
*.chimp.net
api.chimp.net
www.chimp.net
*.mktg-assets.chimp.net
sandbox.chimp.net
24467.org
demo.chimp.net
weare.chimp.net
demo.chimp.net
usa.chimp.net
Certificate
The complete raw certificate details for mktg-assets.chimp.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgIQD9vn4wrI3ntS2mgW1HzeEDANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA2MjQwMDAwMDBaFw0yMDA3MjQx MjAwMDBaMCAxHjAcBgNVBAMTFW1rdGctYXNzZXRzLmNoaW1wLm5ldDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxzD8qFOaRfy+MymzvTPV2zvvnV4EgK 332JJTBrkkLJH95ySn/0Pn1PINDlEwG+JWF4zIreRF5xfPU3bN7nIyQtxL87yD/r y3Zb1NNfMYwpAv44+iVtG+gYDt03DTWTMobStm25mbckUoqGkgo+5y5RqPyIKLw9 io5GT+JeRw32q9OkkfaZa+mUIuxgz5+wx4choAp80JJbW1YzMIo9Dvy3UvvEmLS2 P67aOKvvop8pr+aKke7HsK/6Dfjf+A0jRuX+j6RZawKkPwQrhC01/d4qYNS96Q8C zWPS8vhkPPCSWCoRWXTYUW7bE/O8N/qoaywzTul1lSNde+yRvgWSvykCAwEAAaOC ApswggKXMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQW BBQPa0PlEQFoM+n6UF9NntSUb6vOWTA5BgNVHREEMjAwghVta3RnLWFzc2V0cy5j aGltcC5uZXSCFyoubWt0Zy1hc3NldHMuY2hpbXAubmV0MA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6g LIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAG A1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcw LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2 BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2Nh MWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCk uQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuK0q+bAAAEAwBHMEUC IB0+mUi2jhRW4sNnGvrlzGeunSj8Zn8h2Y81mD3BNiphAiEAwiPg8YpDeNEwkh/w FrKBjILkaHLsVRODNUBYPtk7Ce0AdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDB tOr/XqCDDwAAAWuK0q/lAAAEAwBIMEYCIQDVR1s/GDyvq1kU3OO5LUKc6gQDOfos UoCojdBEmsvHmAIhAIME/t7pSzUuLQbpREMk0Aj2BGzGnhMAM3jooJBm0WyLMA0G CSqGSIb3DQEBCwUAA4IBAQCgaoQMZRp8D1Y4z6BRaFq8yaUOt5o3WVbt1a8mh/f7 2VD+S6lkoJXslp/LmifsWb5bDH+6SL+UMNw4UvnqE6NrEZkgyTRMZ2UdLy9SXPqn wNPDqM4FnOsdiqa4FZnFAa+ujkk0dDmDjVvddP1aEkIRtt2iR79aqt+iKyiJvt/K IwEVG3wdsYGyEVzdOEPC9BVH4DSG/jumwOXMzMF8nTc+Emc8n+snYVxcMDDzoy/Z /oOZhwUKnr9y82LQyg+kg0GDbnRCCyFTBqrjbMBMt76PEd7IDNpn6uNKrnEzZqIR O/Q3KvXFfShAfnQ4cbiZhk77KgMknsC4z+0xaDbmqfCc -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHMPyoU5pF/L4zKbO9M9 XbO++dXgSArffYklMGuSQskf3nJKf/Q+fU8g0OUTAb4lYXjMit5EXnF89Tds3ucj JC3EvzvIP+vLdlvU018xjCkC/jj6JW0b6BgO3TcNNZMyhtK2bbmZtyRSioaSCj7n LlGo/IgovD2KjkZP4l5HDfar06SR9plr6ZQi7GDPn7DHhyGgCnzQkltbVjMwij0O /LdS+8SYtLY/rto4q++inymv5oqR7sewr/oN+N/4DSNG5f6PpFlrAqQ/BCuELTX9 3ipg1L3pDwLNY9Ly+GQ88JJYKhFZdNhRbtsT87w3+qhrLDNO6XWVI1177JG+BZK/ KQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 21080236173541885520493143502826036752 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mktg-assets.chimp.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21769727485218477961562727431008645718455281054667477577641175239137627811010082357328662913020471022250632703018810079505242305331835486338859387157336912104824098753490849397309790794240312956243832099279155957687497677723735978462901799031569207839525263504544512005939890240214390735873267674232310799025482632941162228639012763932492783070623063469966390046194800241380834352368742858162825607493707999886667287052886894550904585563660568871197054155009482150861417824187714824408577521651369935338977178430939037864200439107665410173635649484814512938981504559884687065354498691292248660984481400082242206875433 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0f6b43e511016833e9fa505f4d9ed4946fabce59 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mktg-assets.chimp.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mktg-assets.chimp.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016b8ad2af9b000004030047304502201d3e9948b68e1456e2c3671afae5cc67ae9d28fc667f21d98f35983dc1362a61022100c223e0f18a4378d130921ff016b2818c82e46872ec5513833540583ed93b09ed0077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016b8ad2afe50000040300483046022100d5475b3f183cafab5914dce3b92d429cea040339fa2c5280a88dd0449acbc7980221008304fedee94b352e2d06e9444324d008f6046cc69e13003378e8a09066d16c8b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a06a840c651a7c0f5638cfa051685abcc9a50eb79a375956edd5af2687f7fbd950fe4ba964a095ec969fcb9a27ec59be5b0c7fba48bf9430dc3852f9ea13a36b119920c9344c67651d2f2f525cfaa7c0d3c3a8ce059ceb1d8aa6b81599c501afae8e49347439838d5bdd74fd5a124211b6dda247bf5aaadfa22b2889bedfca2301151b7c1db181b2115cdd3843c2f41547e03486fe3ba6c0e5ccccc17c9d373e12673c9feb27615c5c3030f3a32fd9fe839987050a9ebf72f362d0ca0fa48341836e74420b215306aae36cc04cb7be8f11dec80cda67eae34aae713366a2113bf4372af5c57d28407e743871b899864efb2a03249ec0b8cfed316836e6a9f09c