robthomas.settheset.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0a:68:1a:1e:a9:32:38:e5:fe:e0:16:81:f8:76:e6:66 was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=robthomas.settheset.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0a:68:1a:1e:a9:32:38:e5:fe:e0:16:81:f8:76:e6:66Serial Number (int): 13832808602995032819747578336628893286
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 9f:ca:33:2b:5a:d0:63:3a:67:cd:61:35:d2:8f:09:d9:ba:53:6d:4b
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): bd:76:01:5c:6b:49:21:6c:8b:5b:76:8e:73:1f:c3:7f:ad:e3:eb:cf
Fingerprint (sha256): 26:66:2f:82:db:70:b9:0b:1e:d9:d2:28:a4:da:89:51:03:1e:d7:14:66:99:e4:9f:7c:fd:36:4e:e0:b5:8f:36
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate robthomas.settheset.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for robthomas.settheset.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
robthomas.settheset.com
Other certificates including the domain name settheset.com
(limited to 100 certificates)
news.settheset.com
dashboard.settheset.com
secure0052.hubspot.com
www.settheset.com
api.settheset.com
secure0052.hubspot.com
secure0066.hubspot.com
web.settheset.com
settheset.com
app-staging.settheset.com
app-staging.settheset.com
settheset.com
secure0052.hubspot.com
live.settheset.com
app-staging.settheset.com
settheset.com
secure0066.hubspot.com
robthomas.settheset.com
secure0066.hubspot.com
app.settheset.com
www.settheset.com
www.settheset.com
www.settheset.com
dashboard.settheset.com
fans.settheset.com
*.stage.settheset.com
settheset.com
vip.settheset.com
secure0052.hubspot.com
secure0066.hubspot.com
secure0066.hubspot.com
corp.settheset.com
settheset.com
secure0066.hubspot.com
fans.settheset.com
api.settheset.com
secure0066.hubspot.com
secure0052.hubspot.com
www.corp.settheset.com
corp.settheset.com
api.settheset.com
secure0066.hubspot.com
www.corp.settheset.com
api-staging.settheset.com
api.settheset.com
www.settheset.com
vip.settheset.com
dashboard.settheset.com
robthomas.settheset.com
secure0052.hubspot.com
anotherevening.settheset.com
secure0066.hubspot.com
app-staging.settheset.com
vip.settheset.com
secure0066.hubspot.com
fans.settheset.com
*.settheset.com
fans.settheset.com
web.settheset.com
secure0052.hubspot.com
live.settheset.com
news.settheset.com
secure0066.hubspot.com
settheset.com
patreon.settheset.com
settheset.com
patreon.settheset.com
fans.settheset.com
web.settheset.com
www.settheset.com
api.settheset.com
secure0066.hubspot.com
api.settheset.com
anotherevening.settheset.com
*.settheset.com
fans.settheset.com
secure0066.hubspot.com
secure0066.hubspot.com
api-prod.settheset.com
secure0066.hubspot.com
musicmatch.settheset.com
dashboard.settheset.com
settheset.com
colin.settheset.com
www.corp.settheset.com
dashboard.settheset.com
soul2soul.settheset.com
secure0066.hubspot.com
live.settheset.com
secure0066.hubspot.com
vip.settheset.com
live.settheset.com
secure0066.hubspot.com
api.settheset.com
muse.settheset.com
api.settheset.com
app-staging.settheset.com
*.settheset.com
secure0066.hubspot.com
secure0066.hubspot.com
dashboard.settheset.com
secure0052.hubspot.com
www.settheset.com
api.settheset.com
secure0052.hubspot.com
secure0066.hubspot.com
web.settheset.com
settheset.com
app-staging.settheset.com
app-staging.settheset.com
settheset.com
secure0052.hubspot.com
live.settheset.com
app-staging.settheset.com
settheset.com
secure0066.hubspot.com
robthomas.settheset.com
secure0066.hubspot.com
app.settheset.com
www.settheset.com
www.settheset.com
www.settheset.com
dashboard.settheset.com
fans.settheset.com
*.stage.settheset.com
settheset.com
vip.settheset.com
secure0052.hubspot.com
secure0066.hubspot.com
secure0066.hubspot.com
corp.settheset.com
settheset.com
secure0066.hubspot.com
fans.settheset.com
api.settheset.com
secure0066.hubspot.com
secure0052.hubspot.com
www.corp.settheset.com
corp.settheset.com
api.settheset.com
secure0066.hubspot.com
www.corp.settheset.com
api-staging.settheset.com
api.settheset.com
www.settheset.com
vip.settheset.com
dashboard.settheset.com
robthomas.settheset.com
secure0052.hubspot.com
anotherevening.settheset.com
secure0066.hubspot.com
app-staging.settheset.com
vip.settheset.com
secure0066.hubspot.com
fans.settheset.com
*.settheset.com
fans.settheset.com
web.settheset.com
secure0052.hubspot.com
live.settheset.com
news.settheset.com
secure0066.hubspot.com
settheset.com
patreon.settheset.com
settheset.com
patreon.settheset.com
fans.settheset.com
web.settheset.com
www.settheset.com
api.settheset.com
secure0066.hubspot.com
api.settheset.com
anotherevening.settheset.com
*.settheset.com
fans.settheset.com
secure0066.hubspot.com
secure0066.hubspot.com
api-prod.settheset.com
secure0066.hubspot.com
musicmatch.settheset.com
dashboard.settheset.com
settheset.com
colin.settheset.com
www.corp.settheset.com
dashboard.settheset.com
soul2soul.settheset.com
secure0066.hubspot.com
live.settheset.com
secure0066.hubspot.com
vip.settheset.com
live.settheset.com
secure0066.hubspot.com
api.settheset.com
muse.settheset.com
api.settheset.com
app-staging.settheset.com
*.settheset.com
secure0066.hubspot.com
secure0066.hubspot.com
Certificate
The complete raw certificate details for robthomas.settheset.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgIQCmgaHqkyOOX+4BaB+HbmZjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODEyMTIwMDAwMDBaFw0yMDAxMTIx MjAwMDBaMCIxIDAeBgNVBAMTF3JvYnRob21hcy5zZXR0aGVzZXQuY29tMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC7DNtv9MJxTP7m2/+ELP448EJJ2 Uj9ZKAns2fbXc7xNVxqQAmpCFJkUqHu7hIxLad+xpOoOqVcK2btEe5/hocZS69Vn LPqzIjMgWw0KBRUNa6FEusadd7jAbgAnqZc5qsBSkQ28OQrfjwEZjxS3mC36bpsF m2Is/tmJJLj/Uv5kNyvkN9RSY5bpV2sA7hyA1RyMs540L3r5+NwPZrtlp9CtHlNf cCeAswTTBNQNdqEBgQounu9GZi5g/Qt+2NrrTrhOwzlWlI9yXHPQh4w3eNjF1oR/ HyOs4PzhREcw/J+Kweyl4JX1Ntncd0++O702hxj5XfJVK7uRohC0S8rmEQIDAQAB o4IChTCCAoEwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0O BBYEFJ/KMyta0GM6Z81hNdKPCdm6U21LMCIGA1UdEQQbMBmCF3JvYnRob21hcy5z ZXR0aGVzZXQuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5h bWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAEC MAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9v Y3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2Ny dC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAw ggEGBgorBgEEAdZ5AgQCBIH3BIH0APIAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6 cOeySVMt74uQXgAAAWegC1nmAAAEAwBIMEYCIQCjRRYfdnfyn+5ztMbsy7KZ50Xv 5rLFlsBkaQ+7vR4s8gIhALXuHiL6edlQz6qIFAmoBPS7iinzliU2DcqSAKRXQtdM AHcAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFnoAtawgAABAMA SDBGAiEA1+vz6NUj4rBZQp7SwoZxg0qIigh3iclm5CjDUxUe8o4CIQDBd1TP1Ql8 uHsM1u/a1YS0TzvVGKMICJi6HXO3ccd1BTANBgkqhkiG9w0BAQsFAAOCAQEAvmaG 8tkz/qHQ2xvcqnf2oGwMn8xqPNWr2CQC10LURFtO+vuMziZV9PA8DIVHuUdjHFi4 QOa/YTlrZOWWcbjKHsq8TSJfcq4EqNDym72gNyYH1Zz7/knYh17puJ7lF9tfZ5RT fIkHFcLlZ1JPpUxv7ZoRaxJbStViu1dNHNe60fKp5g8i8XjJ+aouwvWToOZB9u7I HPpCVZj+M2KAMyAFO5LjHid1rLR6dgxSCYAIg9Es5slczrUSEIObCZL+ZubQ7hh3 l453i7KAvEhzw553ZQ0m78x02wSwQ8fWTbHFOZdhUGqvqdAiuCg+mvnClcnoKAfd PgJ0DGxSnbS1RoSRdg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC7DNtv9MJxTP7m2/+EL P448EJJ2Uj9ZKAns2fbXc7xNVxqQAmpCFJkUqHu7hIxLad+xpOoOqVcK2btEe5/h ocZS69VnLPqzIjMgWw0KBRUNa6FEusadd7jAbgAnqZc5qsBSkQ28OQrfjwEZjxS3 mC36bpsFm2Is/tmJJLj/Uv5kNyvkN9RSY5bpV2sA7hyA1RyMs540L3r5+NwPZrtl p9CtHlNfcCeAswTTBNQNdqEBgQounu9GZi5g/Qt+2NrrTrhOwzlWlI9yXHPQh4w3 eNjF1oR/HyOs4PzhREcw/J+Kweyl4JX1Ntncd0++O702hxj5XfJVK7uRohC0S8rm EQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13832808602995032819747578336628893286 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-12 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'robthomas.settheset.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17191468951105615754526891970116067120283174758886953296934467091956164146562742885493263711946304653007462212023040825179273025813980172624899104946719312795123870483984060507609544142374603919466773886574728130842406629717727896105229981451846910653732985539227562219875701723460491535154735917654335604418973701764533135512249120121086187119785462943223418213220817079974659729002573320958046317621335319030337797981982369493410785035003382135476451981875382927939495383523214510295109085247282459150275818930576270250067516761987331334829720210720557672159750158101783568805958702540408677866478318847922950301201 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9fca332b5ad0633a67cd6135d28f09d9ba536d4b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'robthomas.settheset.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e00000167a00b59e60000040300483046022100a345161f7677f29fee73b4c6eccbb299e745efe6b2c596c064690fbbbd1e2cf2022100b5ee1e22fa79d950cfaa881409a804f4bb8a29f39625360dca9200a45742d74c0077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000167a00b5ac20000040300483046022100d7ebf3e8d523e2b059429ed2c28671834a888a087789c966e428c353151ef28e022100c17754cfd5097cb87b0cd6efdad584b44f3bd518a3080898ba1d73b771c77505 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00be6686f2d933fea1d0db1bdcaa77f6a06c0c9fcc6a3cd5abd82402d742d4445b4efafb8cce2655f4f03c0c8547b947631c58b840e6bf61396b64e59671b8ca1ecabc4d225f72ae04a8d0f29bbda0372607d59cfbfe49d8875ee9b89ee517db5f6794537c890715c2e567524fa54c6fed9a116b125b4ad562bb574d1cd7bad1f2a9e60f22f178c9f9aa2ec2f593a0e641f6eec81cfa425598fe3362803320053b92e31e2775acb47a760c5209800883d12ce6c95cceb51210839b0992fe66e6d0ee1877978e778bb280bc4873c39e77650d26efcc74db04b043c7d64db1c5399761506aafa9d022b8283e9af9c295c9e82807dd3e02740c6c529db4b546849176