cma-pega.windtre.it

- Wind Tre S.p.A. -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 2c:3b:f4:85:67:ee:5c:e2:3e:84:c5:f3:a6:47:bf:47 was issued on by Entrust, Inc..

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Wind Tre S.p.A.

Organization: Wind Tre S.p.A.
State / Province: Milano
Locality: Rho
Country: IT

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 2c:3b:f4:85:67:ee:5c:e2:3e:84:c5:f3:a6:47:bf:47
Serial Number (int): 58797336806643877630443504671903956807
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: a7:7f:42:0b:2c:cb:73:40:14:9d:7e:76:6e:25:a2:c1:b2:70:a2:f3
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): c7:b3:28:9b:a0:05:7b:9c:fc:1d:9d:7b:e8:17:78:f2:1b:d5:63:d7
Fingerprint (sha256): 35:cb:08:c2:72:05:c9:f2:8a:85:26:22:5d:74:0a:86:0e:a2:be:18:8e:99:06:c9:40:24:0f:82:7c:4f:66:61

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate cma-pega.windtre.it

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cma-pega.windtre.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cma-pega.windtre.it
www.cma-pega.windtre.it
cma-pega.gcp.windtre.it

Other certificates including the domain name windtre.it

(limited to 100 certificates)
vcloud-rm.windcloud.wind.it
nog.windtre.it
app.windtre.it
appuntamentotecnico.windtre.it
withu.windtre.it
selfcare-ob-bs.apps.windtre.it
static.windtre.it
igp.aws.windtre.it
ologateway-test.windtre.it
cdn-magazine.windtre.it
vcloud-vmrc-rm.windcloud.wind.it
fibra-il-tuo-codice-pre.windtre.it
shopping.windtre.it
b2b.shop.windtre.it
vcloud-mi.windcloud.wind.it
apigw.windtre.it
registrazioneinternet.windtre.it
www.propostediristoro.windtre.it
skype-ext.windtre.it
cw3hubsec.windtre.it
shop.dea.windtre.it
withu.windtre.it
developer.windtre.it
newscms.windtre.it
areaclienti.windtre.it
vcloud-rm.windcloud.wind.it
windtre.it
gateway.shop.wind.it
visual.bs.windtre.it
apigw.windtre.it
fibra-richiedi-codice-professional-pre.windtre.it
attiva.windtre.it
apps.windtre.it
solplus.windtre.it
areaclienti.bs.windtre.it
cvse.windtre.it
www.propostedirimborso.windtre.it
selfcaring.windtre.it
www.windtre.it
fibra-dnsprofessional.windtre.it
clockin.windtre.it
erp-ocp.windtre.it
ilc.dms.windtre.it
www.windtre.it
myaccount.windtre.it
partners.windtre.it
sharepoint.windtre.it
fibra-il-tuo-codice-professional-pre.windtre.it
conversation.windtre.it
api.windtre.it
apigateway-selfcare.apps.windtre.it
travelweb.windtre.it
vse.windtre.it
dea.windtre.it
api.shop.windtre.it
devmagazine.windtre.it
ml-in-2.apps.windtre.it
myaccount.windtre.it
cma-pega-sit.windtre.it
shop.windtre.it
visual.windtre.it
vcse1new.windtre.it
clockin.windtre.it
pre-dea.windtre.it
gateway.shop.wind.it
apigw-ob-dev.apps.windtre.it
mail-rewarding.windtre.it
magazine.windtre.it
controllerlab.epc.windtre.it
agenda.windtre.it
SEC-SDV-SFE-DMZ.WINDTRE.IT
consumer.windtre.it
pd.windtre.it
w3hub.windtre.it
attiva.dea.windtre.it
cma-pega.windtre.it
minio.windtre.it
vcloud-vmrc-mi.windcloud.wind.it
easysales.windtre.it
uat-identity.windtre.it
techystore.windtre.it
mnp.windtre.it
gateway.shop.windtre.it
internet.windtre.it
newscms.windtre.it
gateway.shop.windtre.it
FW-TestPlant-IDR.windtre.it
skype-ext.windtre.it
skype-ext.windtre.it
apigw-ob-bs.apps.windtre.it
smartdesk-api.windtre.it
buy.shop.windtre.it
hcm-test.windtre.it
ilq.dms.windtre.it
next.windtre.it
shiftplanner.windtre.it
selfcaring.windtre.it
devops-bot.windtre.it
fibra-dnsdinamico.windtre.it
selfcare-customer-care.gcp.windtre.it

Certificate

The complete raw certificate details for cma-pega.windtre.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIQLDv0hWfuXOI+hMXzpke/RzANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAxMDkxMDU4NDNaFw0yNTAxMDkxMDU4NDJaMGQxCzAJBgNVBAYTAklUMQ8wDQYD
VQQIEwZNaWxhbm8xDDAKBgNVBAcTA1JobzEYMBYGA1UEChMPV2luZCBUcmUgUy5w
LkEuMRwwGgYDVQQDExNjbWEtcGVnYS53aW5kdHJlLml0MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAx3gyopCL4TVm8SAHJyIXDIJBHA/gqY3rv1LJrhPv
jauL6bWvdWfJMl9w0nl0Jc+YwiNuMwggxHrK3+/W6Zu9QbnOzI5uXWYcYKTu6Ndw
mlqdFknKinTWYwVVL8FPkvdudT5fi5XLw/NqYNy1Hwoa/Poi/AH5Bn0p5EuPS3Vt
ksR9TAD08jYMeZrXdfWDx+egVomrCUle+N6oDfHOx3k11uQNmhKPzzcVKg5W4kMJ
1br/WRe/vJFKX8F2dD8mbfr3C5hdWmraSvKuK31jYBHfyN7VONl6PUrahr/V+dsq
HzucU57j0S3QnuYM8H5BAtWmok5oYSAniN+gRcN1J6NdnQIDAQABo4IBnDCCAZgw
DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUp39CCyzLc0AUnX52biWiwbJwovMwHwYD
VR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8waAYIKwYBBQUHAQEEXDBaMCMG
CCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYn
aHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMDMGA1UdHwQs
MCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwUAYD
VR0RBEkwR4ITY21hLXBlZ2Eud2luZHRyZS5pdIIXd3d3LmNtYS1wZWdhLndpbmR0
cmUuaXSCF2NtYS1wZWdhLmdjcC53aW5kdHJlLml0MA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEwYDVR0gBAwwCjAIBgZngQwB
AgIwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBANNA61QH
8aU3m2WJX+L4kXq8MRy2Q9hlUcT81xpo6XkT8c1CYrfgVieW+GpI9+n3EI6ZZVgM
PxHDoTDNMmNpzHMbpDvPbxDSTy3YvyEKURcxViQUpUkC/g/H7YdOW2UOOuzZRyaX
YSzAAoFGrMrIgdAjilGOY+7CLE8tJGaLnZEwhI5+X3mNCfHLXekYUz3184l+GVRo
n3Eegk5rf3XPJLoc8XB46xH9NIrnkyXlYbJ9ekZxIwo/3nHsP3rVHz3upbhhO1dw
glarVvu+FN7zFj6MJyjgXZohyyvPPEBr7vkjZylsrem++To+Ax8G52dmw0lAdmBP
wgTWoLwELzxEXuo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3gyopCL4TVm8SAHJyIX
DIJBHA/gqY3rv1LJrhPvjauL6bWvdWfJMl9w0nl0Jc+YwiNuMwggxHrK3+/W6Zu9
QbnOzI5uXWYcYKTu6NdwmlqdFknKinTWYwVVL8FPkvdudT5fi5XLw/NqYNy1Hwoa
/Poi/AH5Bn0p5EuPS3VtksR9TAD08jYMeZrXdfWDx+egVomrCUle+N6oDfHOx3k1
1uQNmhKPzzcVKg5W4kMJ1br/WRe/vJFKX8F2dD8mbfr3C5hdWmraSvKuK31jYBHf
yN7VONl6PUrahr/V+dsqHzucU57j0S3QnuYM8H5BAtWmok5oYSAniN+gRcN1J6Nd
nQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 58797336806643877630443504671903956807
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 10:58:43 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-09 10:58:42 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Milano'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Rho'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wind Tre S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cma-pega.windtre.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25180694429081459634539112506214047797887958842553807172556087131805986176712784473232097511237082672204364566743431840376933181490740089721693240269073425907378995058101174464328744337031424372536779466888551677899290833925300153730336687194962560316469566512328290297493942436799518539543287819658335411008129147920986718789040199789215992081559565194212225254861885802463122515396224559189303196252657959442920791278062953787084943395080463084744297813906865234009057114095071229136023584168364215782287161579546512967117957530717350363266865071299267126903915698878184790370575217563096545862973918899314360540573
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a77f420b2ccb7340149d7e766e25a2c1b270a2f3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cma-pega.windtre.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cma-pega.windtre.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cma-pega.gcp.windtre.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00d340eb5407f1a5379b65895fe2f8917abc311cb643d86551c4fcd71a68e97913f1cd4262b7e0562796f86a48f7e9f7108e9965580c3f11c3a130cd326369cc731ba43bcf6f10d24f2dd8bf210a511731562414a54902fe0fc7ed874e5b650e3aecd9472697612cc0028146accac881d0238a518e63eec22c4f2d24668b9d9130848e7e5f798d09f1cb5de918533df5f3897e1954689f711e824e6b7f75cf24ba1cf17078eb11fd348ae79325e561b27d7a4671230a3fde71ec3f7ad51f3deea5b8613b57708256ab56fbbe14def3163e8c2728e05d9a21cb2bcf3c406beef92367296cade9bef93a3e031f06e76766c3494076604fc204d6a0bc042f3c445eea