*.breakit.aws.iggroup.net
Issued by Amazon
About this certificate
This digital certificate with serial number 0e:9c:74:4a:51:5c:cf:be:9d:ff:38:46:64:43:71:6f was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.breakit.aws.iggroup.net
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:9c:74:4a:51:5c:cf:be:9d:ff:38:46:64:43:71:6fSerial Number (int): 19421548898498792997095920804835848559
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 13:64:01:a9:17:13:a8:cf:50:4b:bf:2b:96:f6:ad:82:e0:d7:69:1e
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): ba:b2:49:f3:c9:f6:d5:78:2f:31:26:4b:20:6c:b4:7b:0c:b3:77:66
Fingerprint (sha256): 41:f7:50:92:e9:c1:55:9a:20:1b:e7:70:d4:cf:d9:54:8b:d2:19:32:99:a2:1d:09:d9:42:cc:5e:fc:46:25:ae
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate *.breakit.aws.iggroup.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.breakit.aws.iggroup.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.breakit.aws.iggroup.net
Other certificates including the domain name iggroup.net
(limited to 100 certificates)
edge.dtu.iggroup.net
autodiscover.ig.com
autodiscover.ig.com
sts.iggroup.net
autodiscover.ig.com
artifacts.aws.iggroup.net
*.istio.aws.iggroup.net
autodiscover.ig.com
edge.dtu.iggroup.net
edge.dtu.iggroup.net
sts.iggroup.net
sts.iggroup.net
*.aws.iggroup.net
autodiscover.ig.com
sts.iggroup.net
*.igdgsuat.aws.iggroup.net
sts.iggroup.net
*.artifacts.aws.iggroup.net
rds.iggroup.net
*.breakit.aws.iggroup.net
*.igdgsuat.aws.iggroup.net
*.dtu.play.aws.iggroup.net
*.igcatest.aws.iggroup.net
autodiscover.ig.com
jamf.iggroup.net
remotesupport.iggroup.net
edge.dtu.iggroup.net
remotesupport.iggroup.net
autodiscover.ig.com
nadexdtu.aws.iggroup.net
sts.iggroup.net
sts.iggroup.net
*.igwtpprd.aws.iggroup.net
*.igdgsuat.aws.iggroup.net
rds.iggroup.net
*.istio.aws.iggroup.net
artifacts.aws.iggroup.net
autodiscover.ig.com
*.istio.igcobdtu.aws.iggroup.net
sts.iggroup.net
*.aws.iggroup.net
*.igcobdtu.aws.iggroup.net
*.igcaaprd.aws.iggroup.net
*.aws.iggroup.net
sts.iggroup.net
remotesupport.iggroup.net
autodiscover.ig.com
sts.iggroup.net
autodiscover.ig.com
external.igmwptest.aws.iggroup.net
*.igdgsdtu.aws.iggroup.net
autodiscover.ig.com
autodiscover.ig.com
autodiscover.ig.com
sts.iggroup.net
sts.iggroup.net
edge.dtu.iggroup.net
*.igdgsdtu.aws.iggroup.net
sts.iggroup.net
*.istio.breakit.aws.iggroup.net
iggroup.net
autodiscover.ig.com
gateway.iggroup.net
*.dtu.play.aws.iggroup.net
igmwptest.aws.iggroup.net
sts.iggroup.net
sts.iggroup.net
edge.dtu.iggroup.net
sts.iggroup.net
remotesupport.iggroup.net
edge.dtu.iggroup.net
autodiscover.ig.com
wm.iggroup.com
jamf.iggroup.net
wm.iggroup.com
edge.dtu.iggroup.net
sts.iggroup.net
sts.iggroup.net
sts.iggroup.net
iggroup.net
incapsula.com
sts.iggroup.net
autodiscover.ig.com
sts.iggroup.net
autodiscover.ig.com
autodiscover.ig.com
sts.iggroup.net
autodiscover.ig.com
artifacts.aws.iggroup.net
*.istio.aws.iggroup.net
autodiscover.ig.com
edge.dtu.iggroup.net
edge.dtu.iggroup.net
sts.iggroup.net
sts.iggroup.net
*.aws.iggroup.net
autodiscover.ig.com
sts.iggroup.net
*.igdgsuat.aws.iggroup.net
sts.iggroup.net
*.artifacts.aws.iggroup.net
rds.iggroup.net
*.breakit.aws.iggroup.net
*.igdgsuat.aws.iggroup.net
*.dtu.play.aws.iggroup.net
*.igcatest.aws.iggroup.net
autodiscover.ig.com
jamf.iggroup.net
remotesupport.iggroup.net
edge.dtu.iggroup.net
remotesupport.iggroup.net
autodiscover.ig.com
nadexdtu.aws.iggroup.net
sts.iggroup.net
sts.iggroup.net
*.igwtpprd.aws.iggroup.net
*.igdgsuat.aws.iggroup.net
rds.iggroup.net
*.istio.aws.iggroup.net
artifacts.aws.iggroup.net
autodiscover.ig.com
*.istio.igcobdtu.aws.iggroup.net
sts.iggroup.net
*.aws.iggroup.net
*.igcobdtu.aws.iggroup.net
*.igcaaprd.aws.iggroup.net
*.aws.iggroup.net
sts.iggroup.net
remotesupport.iggroup.net
autodiscover.ig.com
sts.iggroup.net
autodiscover.ig.com
external.igmwptest.aws.iggroup.net
*.igdgsdtu.aws.iggroup.net
autodiscover.ig.com
autodiscover.ig.com
autodiscover.ig.com
sts.iggroup.net
sts.iggroup.net
edge.dtu.iggroup.net
*.igdgsdtu.aws.iggroup.net
sts.iggroup.net
*.istio.breakit.aws.iggroup.net
iggroup.net
autodiscover.ig.com
gateway.iggroup.net
*.dtu.play.aws.iggroup.net
igmwptest.aws.iggroup.net
sts.iggroup.net
sts.iggroup.net
edge.dtu.iggroup.net
sts.iggroup.net
remotesupport.iggroup.net
edge.dtu.iggroup.net
autodiscover.ig.com
wm.iggroup.com
jamf.iggroup.net
wm.iggroup.com
edge.dtu.iggroup.net
sts.iggroup.net
sts.iggroup.net
sts.iggroup.net
iggroup.net
incapsula.com
sts.iggroup.net
autodiscover.ig.com
sts.iggroup.net
Certificate
The complete raw certificate details for *.breakit.aws.iggroup.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEiDCCA3CgAwIBAgIQDpx0SlFcz76d/zhGZENxbzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAzMTcwMDAwMDBaFw0yMTA0MTcx MjAwMDBaMCQxIjAgBgNVBAMMGSouYnJlYWtpdC5hd3MuaWdncm91cC5uZXQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfeLeiOwHyXM+B9PrYs+1HH4XX 9ck9lYO+lfnJnCPm4Iw6MXyKsn1Trna7HsZk3sdJ84Y06R6PGdW8KIvFQxQkQ5SR OT+YKsIhqFbx5+I1ngF+ec20/ZCoPJpeU5sfO8JoM265zIznw3n+6d1pfJ+O/cdZ gZGG00LtBFWmy6sUjC8PdCMMv+QELcFRvhfrwdkdRoIasIj86MHnMgRF2OE4Hweo Kb2RxbAPCH1WhtAz1YHsW9z2RLFpNB1PsUCcez8Y2jKy7wOdPsamtTliSEnN1tkw u+V5iUpRpwUTN76cF/LGctuQMHd6II5v4xDHF1IOUjT2kLuogdesdx/SsjhXAgMB AAGjggGSMIIBjjAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNV HQ4EFgQUE2QBqRcTqM9QS78rlvatguDXaR4wJAYDVR0RBB0wG4IZKi5icmVha2l0 LmF3cy5pZ2dyb3VwLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2Nh MWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG /WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRw Oi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6 Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8E AjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAo8wWG 7ZpmfsFbPe1rtkuNLytkXoT46yxgYd+gh2PhNqd0vLwZ+gRKgLeFcW3U8vMjDgx9 qlhc9PbOB3vaVK3/9GNM+qVPszhaDy5JWZ0Ny5VYc4Q1UQAh0QkWcv1r0o2hdTx9 Q6HzoaTw1OS0ela8jq0b/Ketm+6o4KGmllVk14EWCJID/AGdwcuRVyDgx0g6HnJH HoUUTbiuThS6vB/l8hHOXhT40PAMM9CS6JYrhFSeCy9WwcME8fFjXyjTmkISGgNF wjiywfjWrU08ue1/TyMbf4RwmYoQ3ZcydTAkgMoF5fLxpLnFdl+lhQ9tTLYDPBLm 28ed1nGOZWLhIC4j -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3i3ojsB8lzPgfT62LPt Rx+F1/XJPZWDvpX5yZwj5uCMOjF8irJ9U652ux7GZN7HSfOGNOkejxnVvCiLxUMU JEOUkTk/mCrCIahW8efiNZ4BfnnNtP2QqDyaXlObHzvCaDNuucyM58N5/undaXyf jv3HWYGRhtNC7QRVpsurFIwvD3QjDL/kBC3BUb4X68HZHUaCGrCI/OjB5zIERdjh OB8HqCm9kcWwDwh9VobQM9WB7Fvc9kSxaTQdT7FAnHs/GNoysu8DnT7GprU5YkhJ zdbZMLvleYlKUacFEze+nBfyxnLbkDB3eiCOb+MQxxdSDlI09pC7qIHXrHcf0rI4 VwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19421548898498792997095920804835848559 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-17 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.breakit.aws.iggroup.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20131418418332668097056575198973014623709059723674817037122074244903668582831303663535544609471110604393257210828804300706678068720799403023257997271722132602985684977366997880635338652967818491909439136977005779624207009098291200917674136108855279785640525682636454779348517856035649087449333286067169286134698634296738608898180511725356776064518142829531563080759545654347007183397221283676208295582658271123426891394502273842485570312790152378800061591822968984374195898350699132168304162638686936566658581220808621052113503727516962859934872903216168525411739650954850696406482351067327082950995798872736390068311 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 136401a91713a8cf504bbf2b96f6ad82e0d7691e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.breakit.aws.iggroup.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0028f30586ed9a667ec15b3ded6bb64b8d2f2b645e84f8eb2c6061dfa08763e136a774bcbc19fa044a80b785716dd4f2f3230e0c7daa585cf4f6ce077bda54adfff4634cfaa54fb3385a0f2e49599d0dcb9558738435510021d1091672fd6bd28da1753c7d43a1f3a1a4f0d4e4b47a56bc8ead1bfca7ad9beea8e0a1a6965564d78116089203fc019dc1cb915720e0c7483a1e72471e85144db8ae4e14babc1fe5f211ce5e14f8d0f00c33d092e8962b84549e0b2f56c1c304f1f1635f28d39a42121a0345c238b2c1f8d6ad4d3cb9ed7f4f231b7f8470998a10dd973275302480ca05e5f2f1a4b9c5765fa5850f6d4cb6033c12e6dbc79dd6718e6562e1202e23