www.sc.tcu.ac.jp

- TOKYO CITY UNIVERSITY -

Issued by NII Open Domain CA - G5

About this certificate

This digital certificate with serial number 0d:d6:13:2a:68:7d:d6:0f was issued on by National Institute of Informatics.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

TOKYO CITY UNIVERSITY

Organization: TOKYO CITY UNIVERSITY
Organization unit: Information Technology
Locality: tokyo
Country: JP

National Institute of Informatics

Organization: National Institute of Informatics
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:d6:13:2a:68:7d:d6:0f
Serial Number (int): 997005440371774991
Serial Number lenght: 60 bits, 8 octets

SubjectKeyId: a8:68:f9:00:e1:9e:d1:ec:b2:b2:e5:16:2b:dc:4f:db:4a:f1:a3:e5
AuthorityKeyId: 67:3a:3a:c1:6b:b7:1c:a6:41:46:39:30:84:c8:69:00:59:11:58:c1

Fingerprint (sha1): 32:f1:bb:7b:43:2a:2c:5e:8d:5c:3d:12:51:e5:98:8b:ad:c7:ff:45
Fingerprint (sha256): 23:24:b5:92:4c:9a:de:10:93:bf:0b:9b:f3:c2:4f:70:86:5f:31:ef:5f:6f:a6:c9:ce:ab:b2:16:19:7f:70:0c


Revocation information

OCSP Server: http://niig5.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/sppca/nii/odca3/fullcrlg5.crl

Check the revocation status for certificate www.sc.tcu.ac.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.sc.tcu.ac.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.sc.tcu.ac.jp

Other certificates including the domain name tcu.ac.jp

(limited to 100 certificates)
it.tcu.ac.jp
athena.vm.cs.tcu.ac.jp
yumecampus.tcu.ac.jp
pobox.ns.tcu.ac.jp
www.tcu.ac.jp
www.eng.tcu.ac.jp
www.comm.tcu.ac.jp
www.cs.tcu.ac.jp
websrv.tcu.ac.jp
vpn.yc.tcu.ac.jp
ldap.yc.tcu.ac.jp
vpn.sc.tcu.ac.jp
www.comm.tcu.ac.jp
portal.off.tcu.ac.jp
meibo.tcu.ac.jp
www05s.ufinity.jp
cpf.tcu.ac.jp
tc-poweb.tc.tcu.ac.jp
www.tc.tcu.ac.jp
ufinity03.jp.fujitsu.com
90th.tcu.ac.jp
ycwzstream01.win.tcu.ac.jp
webclass.tcu.ac.jp
mail.tcu.ac.jp
www.cs.tcu.ac.jp
minakanusi.ns.tcu.ac.jp
supply2.tcu.ac.jp
www.itc.tcu.ac.jp
www.ns.tcu.ac.jp
minakanusi.ns.tcu.ac.jp
meibo.tcu.ac.jp
amateras.ma.ns.tcu.ac.jp
supply2.tcu.ac.jp
www.csac.tcu.ac.jp
www.imc.ese.tcu.ac.jp
vgl.cs.tcu.ac.jp
ekessai.tcu.ac.jp
pobox.ns.tcu.ac.jp
ufinity03.jp.fujitsu.com
pa1.sc.tcu.ac.jp
www.tcu.ac.jp
www.cs.tcu.ac.jp
www.risys.gl.tcu.ac.jp
www.tc.tcu.ac.jp
ipsc2.itc.tcu.ac.jp
cn.yc.tcu.ac.jp
cpf.tcu.ac.jp
tsap.tcu.ac.jp
www.sc.tcu.ac.jp
apuer.tcu.ac.jp
kinkyu.tcu.ac.jp
vpn.tcu.ac.jp
portal.off.tcu.ac.jp
scnwmon.itc.tcu.ac.jp
www.ma.ns.tcu.ac.jp
anpi.tcu.ac.jp
pobox.ns.tcu.ac.jp
mail.tcu.ac.jp
koyu-online.tcu.ac.jp
pw.tcu.ac.jp
web-yc.tcu.ac.jp
athena.vm.cs.tcu.ac.jp
minakanusi.ns.tcu.ac.jp
ws.sc.tcu.ac.jp
meibo2.itc.tcu.ac.jp
call.off.tcu.ac.jp
sav-web.off.tcu.ac.jp
websrv.tcu.ac.jp
call.off.tcu.ac.jp
informatics.tcu.ac.jp
www.ke.tcu.ac.jp
www.it.tcu.ac.jp
vgl.cs.tcu.ac.jp
www.arl.tcu.ac.jp
vgl.cs.tcu.ac.jp
koyu-online.tcu.ac.jp
www.tcu.ac.jp
www.itc.tcu.ac.jp
www.risys.gl.tcu.ac.jp
www.ipc.tcu.ac.jp
www.it.tcu.ac.jp
www.arl.tcu.ac.jp
www.tcu.ac.jp
koyu-online.tcu.ac.jp
vgl.cs.tcu.ac.jp
cgi.yc.tcu.ac.jp
mail.tcu.ac.jp
force.tcu.ac.jp
webentry.tcu.ac.jp
print.itc.tcu.ac.jp
www05s.ufinity.jp
www.arl.tcu.ac.jp
swan.yc.tcu.ac.jp
ldap.ns.tcu.ac.jp
www.cs.tcu.ac.jp
lecture.vm.cs.tcu.ac.jp
ufinity03.jp.fujitsu.com
vgl.cs.tcu.ac.jp
apuer.tcu.ac.jp
www.tcu.ac.jp

Certificate

The complete raw certificate details for www.sc.tcu.ac.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIIDdYTKmh91g8wDQYJKoZIhvcNAQELBQAwWzELMAkGA1UE
BhMCSlAxKjAoBgNVBAoTIU5hdGlvbmFsIEluc3RpdHV0ZSBvZiBJbmZvcm1hdGlj
czEgMB4GA1UEAxMXTklJIE9wZW4gRG9tYWluIENBIC0gRzUwHhcNMTgwODEwMTA1
MjIxWhcNMjAwOTEwMTA1MjIxWjB5MQswCQYDVQQGEwJKUDEOMAwGA1UEBxMFdG9r
eW8xHjAcBgNVBAoTFVRPS1lPIENJVFkgVU5JVkVSU0lUWTEfMB0GA1UECxMWSW5m
b3JtYXRpb24gVGVjaG5vbG9neTEZMBcGA1UEAxMQd3d3LnNjLnRjdS5hYy5qcDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPY82zBrxI0UQ/bxgYkA5hmq
250ZW0kXlyKRPWdbNBK7aBW8yWu7WaJpyLPjnhAPmfMFFvvszsRqETfkwd90yK7/
Vb4ZkREd6hoFkMeXDoBckVNT48GeVo3kNxVjE2QtTW+L9XPce6aYsoZCcZmgoMEd
MyIm+BG0B1CKxu8G+qJZhtD7qBJVo7IqIHxPV+kx/zYQuE53XY0ZvEtnP7yXCDrB
mSZfh4RIPz7oaDEOcxgtuyY1xURUBM8v7hfeAdKbHwdD2Ug9HMIrW+LfxGBQq+/j
8nlF759TMoGGFINbeNAdapC/H/dLoDy80QmbyNoHhoIPsUVdhMkLwuUmx2T+ASsC
AwEAAaOCAZEwggGNMB8GA1UdIwQYMBaAFGc6OsFrtxymQUY5MITIaQBZEVjBMDwG
CCsGAQUFBwEBBDAwLjAsBggrBgEFBQcwAYYgaHR0cDovL25paWc1Lm9jc3Auc2Vj
b210cnVzdC5uZXQwGwYDVR0RBBQwEoIQd3d3LnNjLnRjdS5hYy5qcDBgBgNVHSAE
WTBXMEsGDCsGAQQBgfwIAwIBATA7MDkGCCsGAQUFBwIBFi1odHRwczovL3JlcG8x
LnNlY29tdHJ1c3QubmV0L3NwcGNhL25paS9vZGNhMy8wCAYGZ4EMAQICMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHR8EQzBBMD+gPaA7hjlodHRw
Oi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BwY2EvbmlpL29kY2EzL2Z1bGxjcmxn
NS5jcmwwHQYDVR0OBBYEFKho+QDhntHssrLlFivcT9tK8aPlMA4GA1UdDwEB/wQE
AwIFoDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5W/
7OY/lLoMDY0JTmy3BWk6rVR6klRsWWkWlvzZHmi/4pD54itnx6n9RkElFz0QK/CV
CYPiZ5Gh+eSRfUxj7ogzK2ipdPD1xQjv/vHQIglKTkLp1VzGHdVHCsihNv8ozXUb
foZ+2DdYo1nEJ67339rSiHKVho2gnHWyCXaqde6CxJxhKuqZ4NcDCHyfHUNDVOrs
I1OJ1f686KUIFGv5CEMW345lrJIpxrRlvW6GayBiNyLcFlOUB4K1lhpMSOanlNv5
mr4TQq2GwRtTdaobvFjgU2W96JOXuBKltZqza8lRqhGSWi6UwDTmRU9gXOTJ1m7s
uqJVHhWnWM4j6itTbg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9jzbMGvEjRRD9vGBiQDm
GarbnRlbSReXIpE9Z1s0ErtoFbzJa7tZomnIs+OeEA+Z8wUW++zOxGoRN+TB33TI
rv9VvhmRER3qGgWQx5cOgFyRU1PjwZ5WjeQ3FWMTZC1Nb4v1c9x7ppiyhkJxmaCg
wR0zIib4EbQHUIrG7wb6olmG0PuoElWjsiogfE9X6TH/NhC4TnddjRm8S2c/vJcI
OsGZJl+HhEg/PuhoMQ5zGC27JjXFRFQEzy/uF94B0psfB0PZSD0cwitb4t/EYFCr
7+PyeUXvn1MygYYUg1t40B1qkL8f90ugPLzRCZvI2geGgg+xRV2EyQvC5SbHZP4B
KwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 997005440371774991
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'National Institute of Informatics'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NII Open Domain CA - G5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-10 10:52:21 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-10 10:52:21 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TOKYO CITY UNIVERSITY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sc.tcu.ac.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31084632336078146415513602050764641827537321554453822621765588445150912681180409337770360320691594960551797308050919389207414148801977424593685216555799809932297690890201951553177176331677838756816791215318299155809977136513703020606543464054735078488528460926081410481146966008587527734385277546849511540372777630464713223291715845280951583015646899865115881749701539905479535029449872134193491308336583142558082274599828251960548471495679207526499551927630235277972480464143865993825229411166253873561018031374170502233652014272608301516113340459972756369865605301360878110936582275484394257808156711862843473789227
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 673a3ac16bb71ca64146393084c86900591158c1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://niig5.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sc.tcu.ac.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.32264.3.2.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/sppca/nii/odca3/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/sppca/nii/odca3/fullcrlg5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a868f900e19ed1ecb2b2e5162bdc4fdb4af1a3e5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005795bfece63f94ba0c0d8d094e6cb705693aad547a92546c59691696fcd91e68bfe290f9e22b67c7a9fd464125173d102bf0950983e26791a1f9e4917d4c63ee88332b68a974f0f5c508effef1d022094a4e42e9d55cc61dd5470ac8a136ff28cd751b7e867ed83758a359c427aef7dfdad2887295868da09c75b20976aa75ee82c49c612aea99e0d703087c9f1d434354eaec235389d5febce8a508146bf9084316df8e65ac9229c6b465bd6e866b20623722dc1653940782b5961a4c48e6a794dbf99abe1342ad86c11b5375aa1bbc58e05365bde89397b812a5b59ab36bc951aa11925a2e94c034e6454f605ce4c9d66eecbaa2551e15a758ce23ea2b536e