connect.usbank.coconutsoftware.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 06:4d:71:3b:ac:84:72:b6:64:b5:bb:c2:78:9a:cc:60 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=connect.usbank.coconutsoftware.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 06:4d:71:3b:ac:84:72:b6:64:b5:bb:c2:78:9a:cc:60
Serial Number (int): 8377471472955019556977378882435599456
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b5:60:48:65:75:d6:09:28:8d:80:ce:1b:d0:78:38:2b:76:0e:14:a5
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 41:34:d0:70:3b:e9:e2:69:58:c6:36:b3:56:51:13:95:98:6e:77:8b
Fingerprint (sha256): 2f:3b:46:26:ee:a5:7d:3b:e7:7f:46:d1:6b:54:f2:c3:14:a4:7e:25:e7:59:5c:55:d5:d6:d8:56:ab:c0:57:b9

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate connect.usbank.coconutsoftware.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for connect.usbank.coconutsoftware.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

connect.usbank.coconutsoftware.com
chat.usbank.coconutsoftware.com

Other certificates including the domain name coconutsoftware.com

(limited to 100 certificates)
canada.status.coconutsoftware.com
www.coconutsoftware.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
mktg-staging.coconutsoftware.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
mktg-staging.coconutsoftware.com
appstatus.motorolasolutions.com
developers.coconutsoftware.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
appstatus.motorolasolutions.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
mktg-staging.coconutsoftware.com
salesloft.coconutsoftware.com
appstatus.motorolasolutions.com
prod.21.slot.cdn.salesforce-communities.com
prod.21.slot.cdn.salesforce-communities.com
prod.21.slot.cdn.salesforce-communities.com
cicd.gitkrakenstatus.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
cicd.gitkrakenstatus.com
appstatus.motorolasolutions.com
www.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
developers.coconutcalendar.com
prod.21.slot.cdn.salesforce-communities.com
appstatus.motorolasolutions.com
appstatus.motorolasolutions.com
appstatus.motorolasolutions.com
k8s.coconutsoftware.com
www.coconutsoftware.com
appstatus.motorolasolutions.com
prod.21.slot.cdn.salesforce-communities.com
appstatus.motorolasolutions.com
appstatus.motorolasolutions.com
appstatus.motorolasolutions.com
info.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
www.coconutsoftware.com
developers.coconutsoftware.com
www.coconutsoftware.com
prod.21.slot.cdn.salesforce-communities.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
cicd.gitkrakenstatus.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
mktgv2-staging.coconutsoftware.com
developers.coconutcalendar.com
appstatus.motorolasolutions.com
connect.usbank.coconutsoftware.com
canada.status.coconutsoftware.com
public.files.ca.load-iac.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
prod.21.slot.cdn.salesforce-communities.com
canada.status.coconutsoftware.com
developers.coconutsoftware.com
prod.21.slot.cdn.salesforce-communities.com
appstatus.motorolasolutions.com
www.coconutsoftware.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
prod.21.slot.cdn.salesforce-communities.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
prod.21.slot.cdn.salesforce-communities.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
www.coconutsoftware.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
prod.21.slot.cdn.salesforce-communities.com
appstatus.motorolasolutions.com
www.coconutsoftware.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
canada.status.coconutsoftware.com
prod.21.slot.cdn.salesforce-communities.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com

Certificate

The complete raw certificate details for connect.usbank.coconutsoftware.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEpDCCA4ygAwIBAgIQBk1xO6yEcrZktbvCeJrMYDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDYwODAwMDAwMFoXDTI0MDcwNjIzNTk1OVowLTEr
MCkGA1UEAxMiY29ubmVjdC51c2JhbmsuY29jb251dHNvZnR3YXJlLmNvbTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKOMJUAVOa+SgVXkhlF14Ownd6PE
u8+R2wSrV6WaB7uX6H1dXFA6XNvhiwY6eNbhesN9XexdICDh7pJ0uqBzBPqrhO3q
AlBQNfLSBhzW9TcD0IQGJaH1+G1BmC51rp0/DS1A17k6XPo8c9W6y7IvpWZ30xV0
mn1yqHQWFTE+0w8EMSRhdNZQDR5PV4RTRoOgDR2SCXDUCWPJEIaGc/PHFnGInP93
Qsh9gNV561JJOL9nPzDO/ik/epLQn4W1CzQx0iojpOBWyIK/DoFz9QlnH+rcKKhe
Xl5PBhhDS/Gb9Yx2J0Pq/Kk24adDNCtfd+nhBiMtSY0zyhLghK8nHIH5x1ECAwEA
AaOCAa8wggGrMB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1Ud
DgQWBBS1YEhlddYJKI2AzhvQeDgrdg4UpTBOBgNVHREERzBFgiJjb25uZWN0LnVz
YmFuay5jb2NvbnV0c29mdHdhcmUuY29tgh9jaGF0LnVzYmFuay5jb2NvbnV0c29m
dHdhcmUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6
b250cnVzdC5jb20vcjJtMDIuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsG
AQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9u
dHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRy
dXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/
BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuiDhRQBzvvMVRNjFochWJDiFFVQcXSK6
9qQdPF23ISnuOPFVpqUjBbiiu7LKNEL+7uipspsQqNbAf7ujdc/HuzIZjUK70HFn
4oY9FMqhhaVQb3x80Bsv85+TxykoDnnjScr1ADWYphbxKXKYZsnNmpdeKuyYcsii
muUXxU18t6bob3fCw9RmKgkPADRMKZR+vSJ8vRfc3qH92q1Z5JKddbvJkDMydAK2
HGvy5ZIkYmrXxHbztQ3RLQiJ/HaT/Mxm+SYCIHZeLd+KxkQ+WCSGppw9Lva+lihK
GNuh8yEmgRQQIGj3Pty8geE2zzPFSjXEwzdVEv0cosorL4xAsBjS2w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4wlQBU5r5KBVeSGUXXg
7Cd3o8S7z5HbBKtXpZoHu5fofV1cUDpc2+GLBjp41uF6w31d7F0gIOHuknS6oHME
+quE7eoCUFA18tIGHNb1NwPQhAYlofX4bUGYLnWunT8NLUDXuTpc+jxz1brLsi+l
ZnfTFXSafXKodBYVMT7TDwQxJGF01lANHk9XhFNGg6ANHZIJcNQJY8kQhoZz88cW
cYic/3dCyH2A1XnrUkk4v2c/MM7+KT96ktCfhbULNDHSKiOk4FbIgr8OgXP1CWcf
6twoqF5eXk8GGENL8Zv1jHYnQ+r8qTbhp0M0K1936eEGIy1JjTPKEuCEryccgfnH
UQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8377471472955019556977378882435599456
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'connect.usbank.coconutsoftware.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20645952035696325790352097741078409543667462324280159411090455129868093924908969701266221368524348782678901851181112613748811377926584738709498694496074400315971213854035134209482483969764985226646235822037267233789171980942769455648711426615529491646496739668580277038291429179151178496127584711405937480784742752821957170007740291299051251530531838388760088267873145492432352442859762687850714501382196812717473572999151546909667070035184910442861552781200513343413079837592592003456606056692984556972449929301094367406641494420552094484485121448145571947569590048439930992430676209359386080286996344176915062048593
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b560486575d609288d80ce1bd078382b760e14a5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'connect.usbank.coconutsoftware.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chat.usbank.coconutsoftware.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ba20e1450073bef31544d8c5a1c85624388515541c5d22baf6a41d3c5db72129ee38f155a6a52305b8a2bbb2ca3442feeee8a9b29b10a8d6c07fbba375cfc7bb32198d42bbd07167e2863d14caa185a5506f7c7cd01b2ff39f93c729280e79e349caf5003598a616f129729866c9cd9a975e2aec9872c8a29ae517c54d7cb7a6e86f77c2c3d4662a090f00344c29947ebd227cbd17dcdea1fddaad59e4929d75bbc99033327402b61c6bf2e59224626ad7c476f3b50dd12d0889fc7693fccc66f9260220765e2ddf8ac6443e582486a69c3d2ef6be96284a18dba1f321268114102068f73edcbc81e136cf33c54a35c4c3375512fd1ca2ca2b2f8c40b018d2db