ngc-prd.us-west-2.k8s.lllext.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 06:37:ce:ab:5e:78:99:53:f4:c5:33:df:2c:17:1a:57 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ngc-prd.us-west-2.k8s.lllext.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 06:37:ce:ab:5e:78:99:53:f4:c5:33:df:2c:17:1a:57Serial Number (int): 8265136055560439032650470973551090263
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 08:86:8c:86:60:2d:c2:a7:bc:eb:2c:17:f9:91:f2:bb:67:20:2e:4f
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 08:b0:c4:e3:dc:72:1b:06:fd:f2:48:23:11:32:c1:d9:72:67:4b:4b
Fingerprint (sha256): 24:b1:81:94:fe:65:dc:93:09:8c:41:ce:52:81:4b:35:45:0f:2f:ff:5e:f3:86:b8:7c:82:aa:01:f1:14:95:d6
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate ngc-prd.us-west-2.k8s.lllext.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ngc-prd.us-west-2.k8s.lllext.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ngc-prd.us-west-2.k8s.lllext.com
ngc-prd.k8s.lllext.com
ngc-prd.k8s.lllext.com
Other certificates including the domain name lllext.com
(limited to 100 certificates)
*.np.rcsvcs.lllext.com
prod.apis.lllext.com
prod.apis.lllext.com
lma-prd.us-west-2.k8s.lllext.com
preview.apis.lllext.com
ek8s-sbx.us-east-1.k8s.lllext.com
prd-rmcosting.prd-product-systems.aws.lllext.com
ngc-prd.us-west-2.k8s.lllext.com
ngc-npd.us-east-1.k8s.lllext.com
lma-npd-main.us-west-2.k8s.lllext.com
qa-plm-svc.aws.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
prod-mtls.apis.lllext.com
ek8s-npd-rancher.us-west-2.k8s.lllext.com
sandbox-dev.apis.lllext.com
api.npd-nettools.lllext.com
dev-mtls.apis.lllext.com
stage.apis.lllext.com
ek8s-sbx.us-west-2.k8s.lllext.com
stage-mtls.apis.lllext.com
ek8s-prd.us-east-1.k8s.lllext.com
preview.apis.lllext.com
sandbox-mtls.apis.lllext.com
ngc-prd.us-east-1.k8s.lllext.com
prod-plm-svc.aws.lllext.com
api.nettools.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
cmmrfidinnovation.aws.lllext.com
prod.apis.lllext.com
api.plim-dev.aws.lllext.com
prd-psci.prd-product-systems.aws.lllext.com
ngc-npd.us-west-2.k8s.lllext.com
dev-psci.npd-product-systems.aws.lllext.com
sandbox.apis.lllext.com
preview-mtls.apis.lllext.com
prod.apis.lllext.com
stage.apis.lllext.com
ek8s-prd.us-west-2.k8s.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
dev.apis.lllext.com
api.plim-qas.aws.lllext.com
mock.apis.lllext.com
mock.apis.lllext.com
test.apis.lllext.com
prod.apis.lllext.com
prod.apis.lllext.com
lma-prd.us-west-2.k8s.lllext.com
preview.apis.lllext.com
ek8s-sbx.us-east-1.k8s.lllext.com
prd-rmcosting.prd-product-systems.aws.lllext.com
ngc-prd.us-west-2.k8s.lllext.com
ngc-npd.us-east-1.k8s.lllext.com
lma-npd-main.us-west-2.k8s.lllext.com
qa-plm-svc.aws.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
prod-mtls.apis.lllext.com
ek8s-npd-rancher.us-west-2.k8s.lllext.com
sandbox-dev.apis.lllext.com
api.npd-nettools.lllext.com
dev-mtls.apis.lllext.com
stage.apis.lllext.com
ek8s-sbx.us-west-2.k8s.lllext.com
stage-mtls.apis.lllext.com
ek8s-prd.us-east-1.k8s.lllext.com
preview.apis.lllext.com
sandbox-mtls.apis.lllext.com
ngc-prd.us-east-1.k8s.lllext.com
prod-plm-svc.aws.lllext.com
api.nettools.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
cmmrfidinnovation.aws.lllext.com
prod.apis.lllext.com
api.plim-dev.aws.lllext.com
prd-psci.prd-product-systems.aws.lllext.com
ngc-npd.us-west-2.k8s.lllext.com
dev-psci.npd-product-systems.aws.lllext.com
sandbox.apis.lllext.com
preview-mtls.apis.lllext.com
prod.apis.lllext.com
stage.apis.lllext.com
ek8s-prd.us-west-2.k8s.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
dev.apis.lllext.com
api.plim-qas.aws.lllext.com
mock.apis.lllext.com
mock.apis.lllext.com
test.apis.lllext.com
Certificate
The complete raw certificate details for ngc-prd.us-west-2.k8s.lllext.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBTCCBO2gAwIBAgIQBjfOq154mVP0xTPfLBcaVzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTExNTAwMDAwMFoXDTI0MTIxNDIzNTk1OVowKzEp MCcGA1UEAxMgbmdjLXByZC51cy13ZXN0LTIuazhzLmxsbGV4dC5jb20wggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkT8t3B0kGsZ0yGzs+lRKGNXLm53la jzHB86fA4uSr/gRJfY/NdFPUtYySLeZql8yRI071EXKCFsHFM08F8e/s7xQ4XnMW cmMr4T1sex/U5vmGwAQMFQyhBdaB3ScD6VpkNgEnYMNs7iWgKhHvQpunLOEhFW+O UGKcYzly3oSFIc90gNlK7YsoP93Cv8WRdPdfnLQ+LrqMdK7lIg7E2luVDODG6rDI yWcnESnxYeWFd75ySp0MI7UxpT4E620CZesViwcy8V0alhAdOrrU8ykhfkVrivBR RLs9V0PZwL254GVIttOSiuSJPu70NyFeYEbhNo+qwjXfsBrZhNUx7cJpAgMBAAGj ggMSMIIDDjAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4E FgQUCIaMhmAtwqe86ywX+ZHyu2cgLk8wQwYDVR0RBDwwOoIgbmdjLXByZC51cy13 ZXN0LTIuazhzLmxsbGV4dC5jb22CFm5nYy1wcmQuazhzLmxsbGV4dC5jb20wEwYD VR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIy bTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0G CCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYI KwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAz LmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwDu zdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYvQojshAAAEAwBIMEYC IQDV9JyEsRKxS9Uus4QZMS7TfV/tEXqvzCEqpG5d4mGw4gIhAKU+xTNo52cdD1G8 7OpvlYZCNyKy2qESYwNY7NQuuoMrAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB 2bu/qznYhHMAAAGL0KI67wAABAMASDBGAiEAj9d2T6+y8H3kWwV19j0/EsOXg+fU i7jtEfrONCeenV0CIQCIVKgQi5KIcKiQ7FJFZfz9ytflbFW6Vyq+fidhQiTyswB1 AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABi9CiO28AAAQDAEYw RAIgHSBvDoS45OlivxiI4kwXIP9QpQVoG2L9lsqJ/NvR1TkCIGkv82JkXAtwVG/p NkTq/G8sioA3RTcifzFUJSpvEU+oMA0GCSqGSIb3DQEBCwUAA4IBAQCXqdfgjUfC RmQzs/BNus2Ya+KDOSNNPstj3AOu/ivB4xPCO+jHbR5G9HLj5AoyBF+I6fql4E63 egGUpINhyjw0N4HMl9G/KgAsEBtg7YJG+9ErbzhFL19Anu5FsVahNy/L47n6rCKC 8tQeFSRzvxvDZBx90ct4Wg0JtTlLsc8Jwz3dvYPFoMjYhsVSj+sKtb019TNYKLzD AmPh26gQwm+cXUF2zwgFiFab2GlbXNZfHysEaiSzBo/ns2akj5RwBIQTp1Epb2y1 Nv7wep2qD4+iUVsBb4oE+WXzTEQyLnpkxrCQBTBVYYfeiQYxl5KhaSEHjhx1U5XC 8MBxYwUNnuNC -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE/LdwdJBrGdMhs7PpUS hjVy5ud5Wo8xwfOnwOLkq/4ESX2PzXRT1LWMki3mapfMkSNO9RFyghbBxTNPBfHv 7O8UOF5zFnJjK+E9bHsf1Ob5hsAEDBUMoQXWgd0nA+laZDYBJ2DDbO4loCoR70Kb pyzhIRVvjlBinGM5ct6EhSHPdIDZSu2LKD/dwr/FkXT3X5y0Pi66jHSu5SIOxNpb lQzgxuqwyMlnJxEp8WHlhXe+ckqdDCO1MaU+BOttAmXrFYsHMvFdGpYQHTq61PMp IX5Fa4rwUUS7PVdD2cC9ueBlSLbTkorkiT7u9DchXmBG4TaPqsI137Aa2YTVMe3C aQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8265136055560439032650470973551090263 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ngc-prd.us-west-2.k8s.lllext.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20742430289437610883974856156785109310242885881010676617403986855984200111696005698104018870167218559054529349007213199672305279679238459363829921554722494122444676103491330833639501018714477591493708890218417717465726728084440297049554849261618415702338330699624325770061352788232182447670395306148315824377845212667140659552342802770858077430927138313281467702604778436006505858278754568691691740347074728960586281363414064243956777559988855617479813587378163549756778784570857020094322265238424343710509349484382195948942299514121389002239718017979313569098943199114322579265886432247136569385314820028537605309033 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 08868c86602dc2a7bceb2c17f991f2bb67202e4f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngc-prd.us-west-2.k8s.lllext.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngc-prd.k8s.lllext.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bd0a23b210000040300483046022100d5f49c84b112b14bd52eb38419312ed37d5fed117aafcc212aa46e5de261b0e2022100a53ec53368e7671d0f51bcecea6f9586423722b2daa112630358ecd42eba832b00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bd0a23aef00000403004830460221008fd7764fafb2f07de45b0575f63d3f12c39783e7d48bb8ed11face34279e9d5d0221008854a8108b928870a890ec524565fcfdcad7e56c55ba572abe7e27614224f2b30075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bd0a23b6f000004030046304402201d206f0e84b8e4e962bf1888e24c1720ff50a505681b62fd96ca89fcdbd1d5390220692ff362645c0b70546fe93644eafc6f2c8a80374537227f3154252a6f114fa8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0097a9d7e08d47c2466433b3f04dbacd986be28339234d3ecb63dc03aefe2bc1e313c23be8c76d1e46f472e3e40a32045f88e9faa5e04eb77a0194a48361ca3c343781cc97d1bf2a002c101b60ed8246fbd12b6f38452f5f409eee45b156a1372fcbe3b9faac2282f2d41e152473bf1bc3641c7dd1cb785a0d09b5394bb1cf09c33dddbd83c5a0c8d886c5528feb0ab5bd35f5335828bcc30263e1dba810c26f9c5d4176cf080588569bd8695b5cd65f1f2b046a24b3068fe7b366a48f9470048413a751296f6cb536fef07a9daa0f8fa2515b016f8a04f965f34c44322e7a64c6b0900530556187de8906319792a16921078e1c755395c2f0c07163050d9ee342