feelflorence.it

- Comune di Firenze -

Issued by Actalis Organization Validated Server CA G3

About this certificate

This digital certificate with serial number 1f:0c:a3:2c:df:ce:57:a0:a1:3d:d8:c1:52:73:18:7c was issued on by Actalis S.p.A..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Comune di Firenze

Organization: Comune di Firenze
State / Province: Firenze
Locality: Firenze
Country: IT

Actalis S.p.A.

Organization: Actalis S.p.A.
State / Province: Bergamo
Locality: Ponte San Pietro
Country: IT

This certificate will expire on

Certificate Details

Serial Number (hex): 1f:0c:a3:2c:df:ce:57:a0:a1:3d:d8:c1:52:73:18:7c
Serial Number (int): 41271685019703965559452648669321566332
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: fb:41:24:2b:9b:cf:37:4b:93:41:8d:53:b3:d0:fd:18:a6:f7:ba:da
AuthorityKeyId: 9f:8a:b1:b5:f1:b1:de:82:f4:27:7c:be:88:cd:de:a9:43:81:a3:4b

Fingerprint (sha1): 18:37:27:26:99:e1:1a:df:8a:40:fb:3b:5d:42:77:da:ad:f0:1e:fd
Fingerprint (sha256): 37:de:cb:ba:6b:27:0e:b8:91:cd:d3:a7:61:58:92:51:01:87:fd:a1:9c:2b:52:d4:db:8e:18:75:c4:dd:e2:b4

Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-authovg3

Revocation information

OCSP Server: http://ocsp09.actalis.it/VA/AUTHOV-G3
CRL Distribution Point: http://crl09.actalis.it/Repository/AUTHOV-G3/getLastCRL

Check the revocation status for certificate feelflorence.it

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for feelflorence.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

feelflorence.it
www.feelflorence.it

Other certificates including the domain name feelflorence.it

(limited to 100 certificates)

Certificate

The complete raw certificate details for feelflorence.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYTCCBEmgAwIBAgIQHwyjLN/OV6ChPdjBUnMYfDANBgkqhkiG9w0BAQsFADCB
iTELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl
IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTQwMgYDVQQDDCtB
Y3RhbGlzIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQgU2VydmVyIENBIEczMB4XDTI0
MDUxNDE0MDI0MFoXDTI1MDUxNDE0MDI0MFowZzELMAkGA1UEBhMCSVQxEDAOBgNV
BAgMB0ZpcmVuemUxEDAOBgNVBAcMB0ZpcmVuemUxGjAYBgNVBAoMEUNvbXVuZSBk
aSBGaXJlbnplMRgwFgYDVQQDDA9mZWVsZmxvcmVuY2UuaXQwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCm9DR68ndlE456FZMtKDwXhOJ5xdMw2veCxjC7
t+QcULbFXSiUuh81gyjOMmaPRGBDnzM1FT8GeiJnuVRRUai46F4NxbYt6XwTHVJi
A7Ky0R4/9p7ikdOWTFCWx3Ed7kERtfjuDvj4/ehPxTELJbOnbo8TpVbuwTlUP+gp
dzc7KOzapzvDpXaeJBXPUuHhKt1dTJEsS8TR5IZ+KI26SFcd1R5UE4N4ydf6pQ71
u7UgKTRH0Dxhj9Sfm6qNuRzskaVADyQirfsqW03xMHtCqon5IFDJV5Ad1MeeIb8b
OxD9IT20COsJp9TEJBd141lOWNSjaIjL6xNaOmqa0ESiJe/HAgMBAAGjggHkMIIB
4DAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFJ+KsbXxsd6C9Cd8vojN3qlDgaNL
MH4GCCsGAQUFBwEBBHIwcDA7BggrBgEFBQcwAoYvaHR0cDovL2NhY2VydC5hY3Rh
bGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0aG92ZzMwMQYIKwYBBQUHMAGGJWh0dHA6
Ly9vY3NwMDkuYWN0YWxpcy5pdC9WQS9BVVRIT1YtRzMwLwYDVR0RBCgwJoIPZmVl
bGZsb3JlbmNlLml0ghN3d3cuZmVlbGZsb3JlbmNlLml0MFEGA1UdIARKMEgwPAYG
K4EfARQBMDIwMAYIKwYBBQUHAgEWJGh0dHBzOi8vd3d3LmFjdGFsaXMuaXQvYXJl
YS1kb3dubG9hZDAIBgZngQwBAgIwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
BwMBMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6Ly9jcmwwOS5hY3RhbGlzLml0L1Jl
cG9zaXRvcnkvQVVUSE9WLUczL2dldExhc3RDUkwwHQYDVR0OBBYEFPtBJCubzzdL
k0GNU7PQ/Rim97raMA4GA1UdDwEB/wQEAwIFoDATBgorBgEEAdZ5AgQDAQH/BAIF
ADANBgkqhkiG9w0BAQsFAAOCAgEAFk8IXsmXaXpbZfGqHtUR2Hgwkwvok1D0Gttf
OBYyCzSVxJpE79pUYejmGzVx2bNT8lDqGEv7QrnovGBijUVkr2TrXSMWUeGz7htZ
eWTUOHL+V0kiUzzObkGBDks02BwYjfT1Ka/32OpxpizPKVkNDurEZ7JeIIBQcTk6
MVeFgIkjeeB+Sk7G+851oPT5Ky7e9xzp3gdl+auqtVpGTVM2OTJmiks7+ZecUzb6
DncSuGSnYL6jiCb/WQCZZRFRBoszaLnWuFUupwoG+szwqjZm3FuMyHjZOeCkZq/4
dA7+a3OwzY9vZ9UNNRBm66B7Wce6X3C+fZDW9cJdQA6e8xYoiLvw+hDvVBohY2Ck
72Bg56Ra88fdoxng3YBN8GKQflad9FOiC375DRqXEbSYPx1FLr1gGxMrwb2e+IrK
1xMbxqzoms4WOWpw8QXBYQTqbEXisvk6ddTMggWbFNJBrFxmWgZGVwASfhXz2F5W
ZMH4uxk1x4mRkRI4ZtqnuCnYbnPaEhHt+2WsXxmveir/b6ZxYM5pKfz5Sna415WH
WuHZ02muyhCqw9pAkr2neMsOlipOKlQBA7zlYXmL827pmR9GVzWGBVFldwHIsaXL
c9lvx7TMM4mwTcU3Bl42ex2QyS3tyVAPgx6KAxXO0oGcbjb4NjXaUMpwls2ksOfd
gffYeLQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvQ0evJ3ZROOehWTLSg8
F4TiecXTMNr3gsYwu7fkHFC2xV0olLofNYMozjJmj0RgQ58zNRU/BnoiZ7lUUVGo
uOheDcW2Lel8Ex1SYgOystEeP/ae4pHTlkxQlsdxHe5BEbX47g74+P3oT8UxCyWz
p26PE6VW7sE5VD/oKXc3Oyjs2qc7w6V2niQVz1Lh4SrdXUyRLEvE0eSGfiiNukhX
HdUeVBODeMnX+qUO9bu1ICk0R9A8YY/Un5uqjbkc7JGlQA8kIq37KltN8TB7QqqJ
+SBQyVeQHdTHniG/GzsQ/SE9tAjrCafUxCQXdeNZTljUo2iIy+sTWjpqmtBEoiXv
xwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 41271685019703965559452648669321566332
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Organization Validated Server CA G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 14:02:40 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-14 14:02:40 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Firenze'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Firenze'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Comune di Firenze'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'feelflorence.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21075980598559299287176517018907135771867960971740246953078528033892254190875637870331951115896165112878356728363280628372433068659916893383253648201645151532221751570958405798458044323049152876323029046958619491088262853968795026391374170007096597098380918272072019454606864841396669081325570195245672580958923925539765648659801557976683466298627557433876198400471777837891374988624029779401270668191337612417910874682427841993705487789598575548171395228447547898952025536513424881319966570938822312790984654542124012811146816751958574171069846956775402496344508059575142332377868920406980014652014863703930443263943
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9f8ab1b5f1b1de82f4277cbe88cddea94381a34b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-authovg3'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp09.actalis.it/VA/AUTHOV-G3'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feelflorence.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.feelflorence.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.20.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl09.actalis.it/Repository/AUTHOV-G3/getLastCRL'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fb41242b9bcf374b93418d53b3d0fd18a6f7bada
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00164f085ec997697a5b65f1aa1ed511d87830930be89350f41adb5f3816320b3495c49a44efda5461e8e61b3571d9b353f250ea184bfb42b9e8bc60628d4564af64eb5d231651e1b3ee1b597964d43872fe574922533cce6e41810e4b34d81c188df4f529aff7d8ea71a62ccf29590d0eeac467b25e20805071393a31578580892379e07e4a4ec6fbce75a0f4f92b2edef71ce9de0765f9abaab55a464d53363932668a4b3bf9979c5336fa0e7712b864a760bea38826ff590099651151068b3368b9d6b8552ea70a06faccf0aa3666dc5b8cc878d939e0a466aff8740efe6b73b0cd8f6f67d50d351066eba07b59c7ba5f70be7d90d6f5c25d400e9ef3162888bbf0fa10ef541a216360a4ef6060e7a45af3c7dda319e0dd804df062907e569df453a20b7ef90d1a9711b4983f1d452ebd601b132bc1bd9ef88acad7131bc6ace89ace16396a70f105c16104ea6c45e2b2f93a75d4cc82059b14d241ac5c665a06465700127e15f3d85e5664c1f8bb1935c7899191123866daa7b829d86e73da1211edfb65ac5f19af7a2aff6fa67160ce6929fcf94a76b8d795875ae1d9d369aeca10aac3da4092bda778cb0e962a4e2a540103bce561798bf36ee9991f465735860551657701c8b1a5cb73d96fc7b4cc3389b04dc537065e367b1d90c92dedc9500f831e8a0315ced2819c6e36f83635da50ca7096cda4b0e7dd81f7d878b4