firmapp.ncrec.gov
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 01:f0:37:bf:83:67:91:22:01:ef:00:27:80:73:6d:17 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=firmapp.ncrec.gov
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:f0:37:bf:83:67:91:22:01:ef:00:27:80:73:6d:17Serial Number (int): 2576509947608256586598079340760755479
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 60:24:78:0b:d4:b1:92:af:8e:1a:6d:57:32:c8:bf:c9:01:2b:24:4d
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): e0:f4:d9:8a:71:55:bd:28:e1:24:b5:e8:3f:57:39:f8:bc:f0:5d:60
Fingerprint (sha256): 22:24:20:5f:f8:6f:82:3a:98:ef:fe:fa:75:98:57:48:50:e0:e7:ff:01:3e:5e:e7:13:b0:3d:4e:06:49:df:2b
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate firmapp.ncrec.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for firmapp.ncrec.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
firmapp.ncrec.gov
www.firmapp.ncrec.gov
www.firmapp.ncrec.gov
Other certificates including the domain name ncrec.gov
(limited to 100 certificates)
ncrec-ex-01.ncrec.state.nc.us
www.rem.ncrec.gov
ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.test.ncrec.gov
www.test.ncrec.gov
*.ncrec.gov
bulletins.ncrec.gov
firmapp.ncrec.gov
www.ncrec.gov
bulletins.ncrec.gov
www.ncrec.gov
www.ncrec.gov
ncrec.gov
firmapp.ncrec.gov
instructor.ncrec.gov
firmapp.ncrec.gov
mail.ncrec.gov
firmapp.ncrec.gov
firmapp.ncrec.gov
www.test.ncrec.gov
bulletins.ncrec.gov
mail.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
ncrec-ex.ncrec.state.nc.us
instructortest.ncrec.gov
*.ncrec.state.nc.us
*.ncrec.gov
bulletins.ncrec.gov
www.rem.ncrec.gov
www.ncrec.gov
www.ncrec.gov
*.ncrec.gov
www.ncrec.gov
*.ncrec.gov
*.ncrec.gov
www.ncrec.gov
instructor.ncrec.gov
instructor.ncrec.gov
ncrec.gov
ncrec.gov
bulletins.ncrec.gov
*.ncrec.state.nc.us
awstest.ncrec.gov
rem.ncrec.gov
www.ncrec.gov
www.phones.ncrec.gov
firmapp.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
*.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
rem.ncrec.gov
bulletins.ncrec.gov
*.ogletree.com
bulletins.ncrec.gov
www.remtest.ncrec.gov
firmapp.ncrec.gov
www.test.ncrec.gov
*.ncrec.gov
www.ncrec.gov
www.ncrec.gov
mail.ncrec.gov
www.remtest.ncrec.gov
firmapptest.ncrec.gov
bulletins.ncrec.gov
*.ogletree.com
www.ncrec.gov
instructor.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
instructortest.ncrec.gov
mail.ncrec.gov
mail.ncrec.gov
www.ncrec.gov
instructor.ncrec.gov
bulletins.ncrec.gov
www.ncrec.gov
bulletins.ncrec.gov
www.rem.ncrec.gov
ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.ncrec.gov
www.test.ncrec.gov
www.test.ncrec.gov
*.ncrec.gov
bulletins.ncrec.gov
firmapp.ncrec.gov
www.ncrec.gov
bulletins.ncrec.gov
www.ncrec.gov
www.ncrec.gov
ncrec.gov
firmapp.ncrec.gov
instructor.ncrec.gov
firmapp.ncrec.gov
mail.ncrec.gov
firmapp.ncrec.gov
firmapp.ncrec.gov
www.test.ncrec.gov
bulletins.ncrec.gov
mail.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
ncrec-ex.ncrec.state.nc.us
instructortest.ncrec.gov
*.ncrec.state.nc.us
*.ncrec.gov
bulletins.ncrec.gov
www.rem.ncrec.gov
www.ncrec.gov
www.ncrec.gov
*.ncrec.gov
www.ncrec.gov
*.ncrec.gov
*.ncrec.gov
www.ncrec.gov
instructor.ncrec.gov
instructor.ncrec.gov
ncrec.gov
ncrec.gov
bulletins.ncrec.gov
*.ncrec.state.nc.us
awstest.ncrec.gov
rem.ncrec.gov
www.ncrec.gov
www.phones.ncrec.gov
firmapp.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
*.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
rem.ncrec.gov
bulletins.ncrec.gov
*.ogletree.com
bulletins.ncrec.gov
www.remtest.ncrec.gov
firmapp.ncrec.gov
www.test.ncrec.gov
*.ncrec.gov
www.ncrec.gov
www.ncrec.gov
mail.ncrec.gov
www.remtest.ncrec.gov
firmapptest.ncrec.gov
bulletins.ncrec.gov
*.ogletree.com
www.ncrec.gov
instructor.ncrec.gov
bulletins.ncrec.gov
bulletins.ncrec.gov
instructortest.ncrec.gov
mail.ncrec.gov
mail.ncrec.gov
www.ncrec.gov
instructor.ncrec.gov
bulletins.ncrec.gov
www.ncrec.gov
bulletins.ncrec.gov
Certificate
The complete raw certificate details for firmapp.ncrec.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5zCCBM+gAwIBAgIQAfA3v4NnkSIB7wAngHNtFzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDMwMTAwMDAwMFoXDTIzMTExNzIzNTk1OVowHDEa MBgGA1UEAxMRZmlybWFwcC5uY3JlYy5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyn1k9TlIRdCHXLA7BZ/6nbGZButgtDi1G/ezcyp/7/SJdIBTO ycw2+O2hpS1lcUPpKJNGNjpau1gbE5faFbpWjL+q/KqjpuiqPi+kpW0wkfJ5zd8h 7/Ayh4IAuQ4jaUd+tlqss3SLKHrcL93YaJ6twXNdFIrELDl/BmH4DcOqtmLPgUJd lfpDdg0TfLTxk+yPJ8yTYAjogIGA7rciRKo/0vKcgmdNzqLjAsXXzHaQvNbRLxSO vPTrAXUEX0/UOrAa34oNbts4skQteYl9dEOLDnl3PFyAgd+iIRfKxzoULHQBL3ju eXVmg5vQM0+omOgiw/ooXKxyvOh6rhfkLcKDAgMBAAGjggMDMIIC/zAfBgNVHSME GDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUYCR4C9Sxkq+OGm1X Msi/yQErJE0wMwYDVR0RBCwwKoIRZmlybWFwcC5uY3JlYy5nb3aCFXd3dy5maXJt YXBwLm5jcmVjLmdvdjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIu YW1hem9udHJ1c3QuY29tL3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1 BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFt YXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6 b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5 AgQCBIIBcASCAWwBagB3AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1u AAABhpp8dcAAAAQDAEgwRgIhAPXIXUdwlU7yXzYjTx9qzQdCso3iq91hJr/h8wWI WQctAiEAzkUUKiS6CtNPEZfOeD+HPN1uEK9ese8Copq50AYqAK8AdwCzc3cH4YRQ +GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYaafHX9AAAEAwBIMEYCIQCiUWA7 raAdH6a8/EswsCE1MmRaz8PcypexDbBvwi0UtAIhAMmd64wbHQ2ycV8SkqQjDwwV y98XO/mzEw3OiPMu2hJVAHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXt tJkAAAGGmnx1swAABAMARzBFAiEAmFSkr3AjVbeEltqCrKUYzFY1nlyZviJkMhGC 5ZxoZhUCICopPetka36um3erVmlL6D6P5G24d5K52/hUqeKeVq/YMA0GCSqGSIb3 DQEBCwUAA4IBAQA4l1MX10pHBGwELzTP4j9J3aMw11BZvTzwwwESyuxWqfcahmsa TeL3dqmvMwMUDDRDKnzH5AdKEKGcCPlI/25KdAHIu7H4b5gGC3kL3FkdNvZYwG8w CK9O3d2l3adhavAh6ZS5sFPAmFglEjC7wI1cv74+6CWE/2UCeNzoWrXxhr7EuUfI re/wYN/rycJlLngPuCjOzZ5pUHK7hZ0I91e+nyL8MO6d1wrAao+Xa71MAZEr0Bp+ /RfN6taNq3X2mD+ylEvAXN/Mfl72to1sNRn7TZUnZwAdggKjBkhRXVXRBPDTuhOX 8So8Tcv4lOJSVloSrQFjeKU+COy2Pe7OKsy4 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp9ZPU5SEXQh1ywOwWf+ p2xmQbrYLQ4tRv3s3Mqf+/0iXSAUzsnMNvjtoaUtZXFD6SiTRjY6WrtYGxOX2hW6 Voy/qvyqo6boqj4vpKVtMJHyec3fIe/wMoeCALkOI2lHfrZarLN0iyh63C/d2Gie rcFzXRSKxCw5fwZh+A3DqrZiz4FCXZX6Q3YNE3y08ZPsjyfMk2AI6ICBgO63IkSq P9LynIJnTc6i4wLF18x2kLzW0S8Ujrz06wF1BF9P1DqwGt+KDW7bOLJELXmJfXRD iw55dzxcgIHfoiEXysc6FCx0AS947nl1ZoOb0DNPqJjoIsP6KFyscrzoeq4X5C3C gwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2576509947608256586598079340760755479 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firmapp.ncrec.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22548996003159576937988486209269773827730558855566036570779521504751694865528129337806040438950293211159498730872375755552175426158668888306354429999711830636501009270218486968028075195507773385359852747797799410530463706730054978818541619743739333850617997094794721634125865225722998505208252553267960978049866137132167283727059983570505610773701256857395979858061848363369109558112559317301789881184667707319661260944190607040437862784615915032670677467680749353472768009009370264039844889730093028114647198090002165417301783332166198564155675563572731275192145233943814478163290134403814188825543346770104902599299 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6024780bd4b192af8e1a6d5732c8bfc9012b244d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firmapp.ncrec.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firmapp.ncrec.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001869a7c75c00000040300483046022100f5c85d4770954ef25f36234f1f6acd0742b28de2abdd6126bfe1f3058859072d022100ce45142a24ba0ad34f1197ce783f873cdd6e10af5eb1ef02a29ab9d0062a00af007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001869a7c75fd0000040300483046022100a251603bada01d1fa6bcfc4b30b0213532645acfc3dcca97b10db06fc22d14b4022100c99deb8c1b1d0db2715f1292a4230f0c15cbdf173bf9b3130dce88f32eda1255007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001869a7c75b300000403004730450221009854a4af702355b78496da82aca518cc56359e5c99be2264321182e59c68661502202a293deb646b7eae9b77ab56694be83e8fe46db87792b9dbf854a9e29e56afd8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0038975317d74a47046c042f34cfe23f49dda330d75059bd3cf0c30112caec56a9f71a866b1a4de2f776a9af3303140c34432a7cc7e4074a10a19c08f948ff6e4a7401c8bbb1f86f98060b790bdc591d36f658c06f3008af4edddda5dda7616af021e994b9b053c09858251230bbc08d5cbfbe3ee82584ff650278dce85ab5f186bec4b947c8adeff060dfebc9c2652e780fb828cecd9e695072bb859d08f757be9f22fc30ee9dd70ac06a8f976bbd4c01912bd01a7efd17cdead68dab75f6983fb2944bc05cdfcc7e5ef6b68d6c3519fb4d952767001d8202a30648515d55d104f0d3ba1397f12a3c4dcbf894e252565a12ad016378a53e08ecb63deece2accb8