www.windownation.com

- Cloudflare, Inc. -

Issued by Cloudflare Inc ECC CA-3

About this certificate

This digital certificate with serial number 02:c2:61:d6:bb:c8:09:fb:78:c9:0d:ae:8e:9d:7e:36 was issued on by Cloudflare, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Cloudflare, Inc.

Organization: Cloudflare, Inc.
State / Province: California
Locality: San Francisco
Country: US

Cloudflare, Inc.

Organization: Cloudflare, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:c2:61:d6:bb:c8:09:fb:78:c9:0d:ae:8e:9d:7e:36
Serial Number (int): 3667745988799449710990963122827525686
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 4b:6a:ba:35:56:11:b4:12:54:bd:f3:17:28:fd:56:c3:1f:79:73:53
AuthorityKeyId: a5:ce:37:ea:eb:b0:75:0e:94:67:88:b4:45:fa:d9:24:10:87:96:1f

Fingerprint (sha1): c7:39:76:48:81:32:48:38:f1:00:6d:a7:12:f6:52:74:b7:43:d6:10
Fingerprint (sha256): 31:35:47:0e:8c:b4:d8:6a:21:06:b4:60:9f:f6:73:1f:0d:1c:eb:76:7c:2d:a7:97:ea:b7:85:3a:03:8c:cc:cb

Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncECCCA-3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/CloudflareIncECCCA-3.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncECCCA-3.crl

Check the revocation status for certificate www.windownation.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.windownation.com

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA256

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.windownation.com

Other certificates including the domain name windownation.com

(limited to 100 certificates)
helpdesk.travelleaders.com
helpdesk.travelleaders.com
helpdesk.andersonmt.org
info.windownation.com
lp.windownation.com
helpdesk.travelleaders.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
info.windownation.com
info.windownation.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
windownation.com
helpdesk.andersonmt.org
help.windownation.com
info.windownation.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.travelleaders.com
info.windownation.com
info.windownation.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
windownation.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
servicedesk.howardbrown.org
helpdesk.pvasatx.com
helpdesk.travelleaders.com
helpdesk.travelleaders.com
windownation.com
helpdesk.travelleaders.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
www.windownation.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.travelleaders.com
*.windownation.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
remote.windownation.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
info.windownation.com
helpdesk.travelleaders.com
survey.windownation.com
www.windownation.com
helpdesk.andersonmt.org
help.windownation.com
helpdesk.andersonmt.org
windownation.com
helpdesk.travelleaders.com
www.windownation.com
helpdesk.andersonmt.org
lp.windownation.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
survey.windownation.com
info.windownation.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
windownation.com
servicedesk.howardbrown.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org
www.windownation.com
help.windownation.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
helpdesk.travelleaders.com
info.windownation.com
helpdesk.andersonmt.org
helpdesk.travelleaders.com
ftp.windownation.com
helpdesk.andersonmt.org
helpdesk.andersonmt.org
helpdesk.andersonmt.org

Certificate

The complete raw certificate details for www.windownation.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFFDCCBLugAwIBAgIQAsJh1rvICft4yQ2ujp1+NjAKBggqhkjOPQQDAjBKMQsw
CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX
Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjMwNjE2MDAwMDAwWhcNMjQwNjE0
MjM1OTU5WjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEd
MBsGA1UEAxMUd3d3LndpbmRvd25hdGlvbi5jb20wWTATBgcqhkjOPQIBBggqhkjO
PQMBBwNCAAR+ZB6we937KZk3LL2UTaFIEo5GU/af1qzqNqvZ5Ujg4GDtZ2HEzyhe
pS0OfSfWMrO+V/TUUK/OIgECmNop8wbSo4IDVzCCA1MwHwYDVR0jBBgwFoAUpc43
6uuwdQ6UZ4i0RfrZJBCHlh8wHQYDVR0OBBYEFEtqujVWEbQSVL3zFyj9VsMfeXNT
MB8GA1UdEQQYMBaCFHd3dy53aW5kb3duYXRpb24uY29tMA4GA1UdDwEB/wQEAwIH
gDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwewYDVR0fBHQwcjA3oDWg
M4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0z
LmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJ
bmNFQ0NDQS0zLmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIB
FhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwdgYIKwYBBQUHAQEEajBoMCQG
CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYBBQUHMAKG
NGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0Et
My5jcnQwDAYDVR0TAQH/BAIwADCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHUA
dv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGIw2rLxQAABAMARjBE
AiBNUPZYhanDCrQVQa9Xvl6+411cjUB5QsTLB0GdUPsubAIgZ3cd+LW1fDBLUwI/
5kXlg+XkbHSuUfRwvbM3p0TGDz0AdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ
u7+rOdiEcwAAAYjDasuoAAAEAwBGMEQCICgFdOF5aTg5xirE2hfcAZOpfqEK53B8
ImKYW1JCnq1+AiAi3yk8WSRiw6LP466hWzYR64iD+r7bpte5FyQ2qtt84wB2ANq2
v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiMNqy3QAAAQDAEcwRQIg
Mf801GNjFvotaHhdC9VKA2VbCcvoO2ZCb7K3CS1/pKECIQDNc8XBwQpTsFALAryL
5aa+KghPUFZAjnWwZP3ECGXcpzAKBggqhkjOPQQDAgNHADBEAiBMRluziEztyBHt
UKjxRfYsosJhgRd+poHhPEYDYwJZhQIgVPTlRwMeTnGez+6NhRpGBV3VFedY5G/H
4jtOl6m4paU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfmQesHvd+ymZNyy9lE2hSBKORlP2
n9as6jar2eVI4OBg7WdhxM8oXqUtDn0n1jKzvlf01FCvziIBApjaKfMG0g==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3667745988799449710990963122827525686
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc ECC CA-3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.windownation.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				00047e641eb07bddfb2999372cbd944da148128e4653f69fd6acea36abd9e548e0e060ed6761c4cf285ea52d0e7d27d632b3be57f4d450afce22010298da29f306d2
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5ce37eaebb0750e946788b445fad9241087961f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4b6aba355611b41254bdf31728fd56c31f797353
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.windownation.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncECCCA-3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							016600750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000188c36acbc5000004030046304402204d50f65885a9c30ab41541af57be5ebee35d5c8d407942c4cb07419d50fb2e6c022067771df8b5b57c304b53023fe645e583e5e46c74ae51f470bdb337a744c60f3d00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000188c36acba800000403004630440220280574e179693839c62ac4da17dc0193a97ea10ae7707c2262985b52429ead7e022022df293c592462c3a2cfe3aea15b3611eb8883fabedba6d7b9172436aadb7ce3007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188c36acb740000040300473045022031ff34d4636316fa2d68785d0bd54a03655b09cbe83b66426fb2b7092d7fa4a1022100cd73c5c1c10a53b0500b02bc8be5a6be2a084f5056408e75b064fdc40865dca7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . [c:0|t:3|false] BIT STRING (560 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 34500088685964862134401932627212479446168762145210183846950475803382723533189
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38426972379198335020139895573526150761372216078310316369841181117661455099301