bca.excellian.net
- Allina Health -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 0f:87:9d:8d:1a:35:0b:9c:74:73:00:84:34:cb:ea:b2 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Allina Health
Organization:
Allina Health
State / Province:
Minnesota
Locality: Minneapolis
Country: US
Locality: Minneapolis
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:87:9d:8d:1a:35:0b:9c:74:73:00:84:34:cb:ea:b2Serial Number (int): 20642575530265365802845868613232749234
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: aa:5e:e0:4d:1e:da:68:cf:3f:65:bd:a9:e2:25:56:4d:73:13:23:20
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): e2:61:70:6d:68:4e:a6:cd:52:43:ef:71:b0:63:35:a9:53:bc:80:6c
Fingerprint (sha256): 3f:b3:3c:ec:70:57:25:40:e0:f6:14:31:72:02:5d:2d:53:7c:39:ea:a4:7b:ca:53:4e:c0:8d:a5:30:dd:38:1d
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl
Check the revocation status for certificate bca.excellian.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bca.excellian.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bca.excellian.net
Other certificates including the domain name excellian.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for bca.excellian.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGLjCCBRagAwIBAgIQD4edjRo1C5x0cwCENMvqsjANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkwNzI1MDAwMDAwWhcN MjEwNzI0MTIwMDAwWjBrMQswCQYDVQQGEwJVUzESMBAGA1UECBMJTWlubmVzb3Rh MRQwEgYDVQQHEwtNaW5uZWFwb2xpczEWMBQGA1UEChMNQWxsaW5hIEhlYWx0aDEa MBgGA1UEAxMRYmNhLmV4Y2VsbGlhbi5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQDZvfgrVH+zFABrOUl3nx2N10hUsFBGz5QIGWzyGwfmHlL2N2vS GqFP3mHvlMyc5PUl3C2s5ucu/0SofFam6Bg3VslLkx4haSTjQwGP0o7w/hjDTFab M5JTx+3wVmq2amSjy/7vxa6Flyv6ZP2hfACNSH4APpKlQN+LOZrn8c6w85GZc5ox 11bmwMaGS7/8TL+QBolGqlO9Nem9RSk7++vTacLiuf+qw2cefkOST+iQ7vFySu43 ZUNaRyyAqU3+R+pua/BtdOz14/iAli/YvASeysWhz3MEJloXHje0N3RGMQr3+HAv 1dyr/Exz3ZYDx6SRsgO6XHayl2ks8EGFm4XlQVzMQ1hYqJa5J+7aXCUOGVn3voDv M381SmaIzeFi48kwZJ3vCoDRQ/2GNQTXJ9sk5zPYMqk3lKoIipDaYLNem9HXPhmg vvGiwPdgiJn3mCIrCBD2dhEO6j9LPe5GbzSEl8D7r6/DhK6Jl8/Y5eOC4VmcLbFC JqJIukq8ED488b4Y2yA5O9GQE25xylzfrmEjKloeZF9A6PB2GkQYjnlajiQC3Tda KschKWi/LfEMZ9sjY9hB6k61IL4ldHRhOf/aekDduiNGAB48xzkMbST85n7wKskv cyZI/4y5oO4AFNVxqsnWs1FbVwj6A8nK2M0e0pdILkbP1lNJk+qsb9n5wwIDAQAB o4IB6jCCAeYwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0O BBYEFKpe4E0e2mjPP2W9qeIlVk1zEyMgMBwGA1UdEQQVMBOCEWJjYS5leGNlbGxp YW4ubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29t L3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv bS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYI KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIC MHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl cnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v RGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAwEwYKKwYB BAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAIIua5XiHubNl34G6W95 mescfX9JYC+lujIpNrnsn7sVEf3PLbHR93Wsz1PEH5liBLHcSbbxe8ri7hctDo/3 22az0Zh16k5I62RZiX7XoQRFgS93OhRPlIkJIKd5nvLBA/U3Ntiw0BeQ5l996noZ HtRKtPJPbirAuoba3dVOhUTcTBfWkhxVKKXNWcHfI9EnBZeKxzT3J5UoIC4FSutu v6JPVbyZArTLmD++z+S42+oU3mHjiTKu5vcb+wAbUQWbupi0dWUnW6rfLp/bw3XM unjJaV7mOsbqAxyj98ap8sdlwMeanMhAdu0ozAXTlvGEvGhUAVb794r7KsWatfiy zt8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2b34K1R/sxQAazlJd58d jddIVLBQRs+UCBls8hsH5h5S9jdr0hqhT95h75TMnOT1JdwtrObnLv9EqHxWpugY N1bJS5MeIWkk40MBj9KO8P4Yw0xWmzOSU8ft8FZqtmpko8v+78WuhZcr+mT9oXwA jUh+AD6SpUDfizma5/HOsPORmXOaMddW5sDGhku//Ey/kAaJRqpTvTXpvUUpO/vr 02nC4rn/qsNnHn5Dkk/okO7xckruN2VDWkcsgKlN/kfqbmvwbXTs9eP4gJYv2LwE nsrFoc9zBCZaFx43tDd0RjEK9/hwL9Xcq/xMc92WA8ekkbIDulx2spdpLPBBhZuF 5UFczENYWKiWuSfu2lwlDhlZ976A7zN/NUpmiM3hYuPJMGSd7wqA0UP9hjUE1yfb JOcz2DKpN5SqCIqQ2mCzXpvR1z4ZoL7xosD3YIiZ95giKwgQ9nYRDuo/Sz3uRm80 hJfA+6+vw4SuiZfP2OXjguFZnC2xQiaiSLpKvBA+PPG+GNsgOTvRkBNuccpc365h IypaHmRfQOjwdhpEGI55Wo4kAt03WirHISlovy3xDGfbI2PYQepOtSC+JXR0YTn/ 2npA3bojRgAePMc5DG0k/OZ+8CrJL3MmSP+MuaDuABTVcarJ1rNRW1cI+gPJytjN HtKXSC5Gz9ZTSZPqrG/Z+cMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20642575530265365802845868613232749234 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minneapolis' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Allina Health' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bca.excellian.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 888310136125064171474760615633913402167425677752968735755067116323681172659148394383020731723209374498676924933891156284063578218665161946313723219593568425530799108930328744354834084427240448175186397899868301091507083938823817964632565890613745624961278463684274308425919658217606056618460565118878331318814284732123635909946059290593559179667293903869873591790044901115200109273185674143224993063638738248628946853281637327268815910208577419570878140358121204000171075577938390321173570873220463843507366370277219459821796775519069720720717279817194350033217391038112931987732015914278556877047011744970805193752543498920899602427509307028717631376413217317382283970824497277002216170010718651963488603242626340450365252485591597501257574463414015635068138088869249094682999208353989855386602400969160313956994540000131595007099459415583474662907151165080958755810295641100667043639354521584461367586421489197933319028785056807451727576369915124576969628788583146291275025031040242686798359227506942655817009114436218365759521236356749691036973941582062203069701246905088963630999198393833151915827781817565756174128962116644301123134957696684552057483698331660042289834284844988386889877264384852199911226669390882641751723080131 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) aa5ee04d1eda68cf3f65bda9e225564d73132320 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bca.excellian.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00822e6b95e21ee6cd977e06e96f7999eb1c7d7f49602fa5ba322936b9ec9fbb1511fdcf2db1d1f775accf53c41f996204b1dc49b6f17bcae2ee172d0e8ff7db66b3d19875ea4e48eb6459897ed7a10445812f773a144f94890920a7799ef2c103f53736d8b0d01790e65f7dea7a191ed44ab4f24f6e2ac0ba86daddd54e8544dc4c17d6921c5528a5cd59c1df23d12705978ac734f7279528202e054aeb6ebfa24f55bc9902b4cb983fbecfe4b8dbea14de61e38932aee6f71bfb001b51059bba98b47565275baadf2e9fdbc375ccba78c9695ee63ac6ea031ca3f7c6a9f2c765c0c79a9cc84076ed28cc05d396f184bc68540156fbf78afb2ac59ab5f8b2cedf