centerstone.firsttactical.com
Issued by GlobalSign Domain Validation CA - SHA256 - G3
About this certificate
This digital certificate with serial number 17:bc:a3:dd:de:b6:fa:98:f3:2b:95:cf was issued on by GlobalSign nv-sa.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=centerstone.firsttactical.com,OU=Domain Control Validated
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 17:bc:a3:dd:de:b6:fa:98:f3:2b:95:cfSerial Number (int): 7346207118493924764498499023
Serial Number lenght: 93 bits, 12 octets
SubjectKeyId: 14:a2:97:a1:8b:e0:0e:f7:12:b1:b0:04:48:bb:e6:12:c8:d6:c6:ba
AuthorityKeyId: 3d:80:82:79:c5:48:82:a3:c3:12:ee:df:99:0f:57:35:48:9e:d0:cb
Fingerprint (sha1): 06:35:78:de:f8:6a:1f:df:05:25:82:e1:f5:43:ec:9e:42:ca:88:fc
Fingerprint (sha256): 45:e2:ec:dd:b4:85:4e:fd:7d:b2:ec:51:9a:cf:a7:54:c0:33:02:b5:44:f1:bb:77:3e:01:55:8e:5a:1d:a2:f5
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g3CRL Distribution Point: http://crl.globalsign.com/gsdomainvalsha2g3.crl
Check the revocation status for certificate centerstone.firsttactical.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for centerstone.firsttactical.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
centerstone.firsttactical.com
Other certificates including the domain name firsttactical.com
(limited to 100 certificates)
firsttactical.com
l.ssl.shopify.com
www.firsttactical.com
seattlefire.firsttactical.com
www.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
q.ssl.shopify.com
eastforkpd.firsttactical.com
www.firsttactical.com
www.firsttactical.com
l.ssl.shopify.com
www.firsttactical.com
secure7.scene7.com
secure7.scene7.com
centerstone.firsttactical.com
eastforkpd.firsttactical.com
seattlefire.firsttactical.com
fremontpd.firsttactical.com
q.ssl.shopify.com
seattlefire.firsttactical.com
seattlefire.firsttactical.com
q.ssl.shopify.com
dealers.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
acso.firsttactical.com
acso.firsttactical.com
www.firsttactical.com
secure7s.scene7.com
l.ssl.shopify.com
gssc.firsttactical.com
gssc.firsttactical.com
centerstone.firsttactical.com
firsttactical.com
www.firsttactical.com
eastforkpd.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
gssc.firsttactical.com
nvdoc.firsttactical.com
l.ssl.shopify.com
seattlefire.firsttactical.com
gssc.firsttactical.com
acso.firsttactical.com
fpoa.firsttactical.com
centerstone.firsttactical.com
www.firsttactical.com
firsttactical.com
dealers.firsttactical.com
secure7.scene7.com
firsttactical.com
seattlefire.firsttactical.com
centerstone.firsttactical.com
firsttactical.com
firsttactical.com
www.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
secure7.scene7.com
secure7s.scene7.com
sales.firsttactical.com
seattlefire.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
centerstone.firsttactical.com
eastforkpd.firsttactical.com
l.ssl.shopify.com
secure7.scene7.com
q.ssl.shopify.com
secure7s.scene7.com
firsttactical.com
l.ssl.shopify.com
firsttactical.com
acso.firsttactical.com
firsttactical.com
firsttactical.com
acso.firsttactical.com
fpoa.firsttactical.com
fremontpd.firsttactical.com
eastforkpd.firsttactical.com
fpoa.firsttactical.com
l.ssl.shopify.com
seattlefire.firsttactical.com
firsttactical.com
q.ssl.shopify.com
seattlefire.firsttactical.com
www.firsttactical.com
www.firsttactical.com
seattlefire.firsttactical.com
firsttactical.com
fremontpd.firsttactical.com
firsttactical.com
www.firsttactical.com
firsttactical.com
www.firsttactical.com
secure7.scene7.com
secure7.scene7.com
www.firsttactical.com
fpoa.firsttactical.com
l.ssl.shopify.com
www.firsttactical.com
seattlefire.firsttactical.com
www.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
q.ssl.shopify.com
eastforkpd.firsttactical.com
www.firsttactical.com
www.firsttactical.com
l.ssl.shopify.com
www.firsttactical.com
secure7.scene7.com
secure7.scene7.com
centerstone.firsttactical.com
eastforkpd.firsttactical.com
seattlefire.firsttactical.com
fremontpd.firsttactical.com
q.ssl.shopify.com
seattlefire.firsttactical.com
seattlefire.firsttactical.com
q.ssl.shopify.com
dealers.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
acso.firsttactical.com
acso.firsttactical.com
www.firsttactical.com
secure7s.scene7.com
l.ssl.shopify.com
gssc.firsttactical.com
gssc.firsttactical.com
centerstone.firsttactical.com
firsttactical.com
www.firsttactical.com
eastforkpd.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
gssc.firsttactical.com
nvdoc.firsttactical.com
l.ssl.shopify.com
seattlefire.firsttactical.com
gssc.firsttactical.com
acso.firsttactical.com
fpoa.firsttactical.com
centerstone.firsttactical.com
www.firsttactical.com
firsttactical.com
dealers.firsttactical.com
secure7.scene7.com
firsttactical.com
seattlefire.firsttactical.com
centerstone.firsttactical.com
firsttactical.com
firsttactical.com
www.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
secure7.scene7.com
secure7s.scene7.com
sales.firsttactical.com
seattlefire.firsttactical.com
firsttactical.com
seattlefire.firsttactical.com
centerstone.firsttactical.com
eastforkpd.firsttactical.com
l.ssl.shopify.com
secure7.scene7.com
q.ssl.shopify.com
secure7s.scene7.com
firsttactical.com
l.ssl.shopify.com
firsttactical.com
acso.firsttactical.com
firsttactical.com
firsttactical.com
acso.firsttactical.com
fpoa.firsttactical.com
fremontpd.firsttactical.com
eastforkpd.firsttactical.com
fpoa.firsttactical.com
l.ssl.shopify.com
seattlefire.firsttactical.com
firsttactical.com
q.ssl.shopify.com
seattlefire.firsttactical.com
www.firsttactical.com
www.firsttactical.com
seattlefire.firsttactical.com
firsttactical.com
fremontpd.firsttactical.com
firsttactical.com
www.firsttactical.com
firsttactical.com
www.firsttactical.com
secure7.scene7.com
secure7.scene7.com
www.firsttactical.com
fpoa.firsttactical.com
Certificate
The complete raw certificate details for centerstone.firsttactical.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgIMF7yj3d62+pjzK5XPMA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN MTkwMTEyMDM0NjIyWhcNMjAwMTEzMDM0NjIyWjBLMSEwHwYDVQQLExhEb21haW4g Q29udHJvbCBWYWxpZGF0ZWQxJjAkBgNVBAMTHWNlbnRlcnN0b25lLmZpcnN0dGFj dGljYWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5PiWN4/ pErNqZiMZ/qwTm5fZlGVNt7use2n6X3XwAZ9QG57yw2ome+d9uY9vmnBc4sJHx5F mcf9FHm8464+E/eIa8c/uP5gCz1UXGdPxeY8J8ijo7hnnERlvIx+lnX5Kvp81hH7 da7clurKfTFqnoFoHH5hT2k1iYfhMX6iT6UOQ9KXJeSn4uF+MNWaFzY7dJ2KrSgk MyittS5SpofvwLeV5OuWoNU1r85s+M+XQMzmKubnp2RZNHBiftmH6aP/0+7KNuOP yC7Ydv7l0VkgoXAbukRIeE0o/YR4NeHRby4pd6ChML45X01ZUBe8sVBs5uxsLvrF MEgAF2MA66VnLQIDAQABo4IB7DCCAegwDgYDVR0PAQH/BAQDAgWgMIGSBggrBgEF BQcBAQSBhTCBgjBFBggrBgEFBQcwAoY5aHR0cDovL3NlY3VyZS5nbG9iYWxzaWdu LmNvbS9jYWNlcnQvZ3Nkb21haW52YWxzaGEyZzMuY3J0MDkGCCsGAQUFBzABhi1o dHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzMwVgYD VR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAw QAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9nc2Rv bWFpbnZhbHNoYTJnMy5jcmwwKAYDVR0RBCEwH4IdY2VudGVyc3RvbmUuZmlyc3R0 YWN0aWNhbC5jb20wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud DgQWBBQUopehi+AO9xKxsARIu+YSyNbGujAfBgNVHSMEGDAWgBQ9gIJ5xUiCo8MS 7t+ZD1c1SJ7QyzATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC AQEA2KAGBaqXSkPppJybU3K4i+RuqLcsDjBltQy5NpzE2sH5LJG72rJ9ftxWI1iq +qBX7ogqkBJaG3n16nR/HeKVlQX9IOFjSbpTStkK0+SM0eTLRzVupR665/9zOC5o 3PIilMzJgW54CZTh2q1fnAdV1/2fmLiWckVQhO6JV4tA1nAelLq6ZhoQ1kJ4qltE sTtOVu2jwge7v9mKi7DX8cMcf/zJQ4uNA5rYjfld4uOntdz9NGo8zMV7ZSG5JKvT HXgHkMjoWbgpySxiv1sULCO4NxCPnfg1G4CU0Nf09RMAdAyZwCSbPv/ChHgy5W0O YIWpJgQHM0AlyJ9NTkU1jX2vXg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5PiWN4/pErNqZiMZ/qw Tm5fZlGVNt7use2n6X3XwAZ9QG57yw2ome+d9uY9vmnBc4sJHx5Fmcf9FHm8464+ E/eIa8c/uP5gCz1UXGdPxeY8J8ijo7hnnERlvIx+lnX5Kvp81hH7da7clurKfTFq noFoHH5hT2k1iYfhMX6iT6UOQ9KXJeSn4uF+MNWaFzY7dJ2KrSgkMyittS5Spofv wLeV5OuWoNU1r85s+M+XQMzmKubnp2RZNHBiftmH6aP/0+7KNuOPyC7Ydv7l0Vkg oXAbukRIeE0o/YR4NeHRby4pd6ChML45X01ZUBe8sVBs5uxsLvrFMEgAF2MA66Vn LQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7346207118493924764498499023 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-12 03:46:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-13 03:46:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'centerstone.firsttactical.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24689393869808545278575542815979467668019393714546383706848068658694984412195158432625519562939494340360738587174921143412728787609570645886375593391884833668012967189207745327122932165454298614596197328827178206557972270602970616779055045571822030340452612896941266275552038418373700236671958227827051470679513639860704556045184038669196811159146105129971101478004558682586164430614109778048103937032983336461591215172999834366662962529341847497248819472361626387867875128303248185773703612124554340360965988007996868648710419153206114444920190770368110678068159301158299029748533950126278826507150283488491842397997 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsdomainvalsha2g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'centerstone.firsttactical.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 14a297a18be00ef712b1b00448bbe612c8d6c6ba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3d808279c54882a3c312eedf990f5735489ed0cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00d8a00605aa974a43e9a49c9b5372b88be46ea8b72c0e3065b50cb9369cc4dac1f92c91bbdab27d7edc562358aafaa057ee882a90125a1b79f5ea747f1de2959505fd20e16349ba534ad90ad3e48cd1e4cb47356ea51ebae7ff73382e68dcf22294ccc9816e780994e1daad5f9c0755d7fd9f98b89672455084ee89578b40d6701e94baba661a10d64278aa5b44b13b4e56eda3c207bbbfd98a8bb0d7f1c31c7ffcc9438b8d039ad88df95de2e3a7b5dcfd346a3cccc57b6521b924abd31d780790c8e859b829c92c62bf5b142c23b837108f9df8351b8094d0d7f4f51300740c99c0249b3effc2847832e56d0e6085a9260407334025c89f4d4e45358d7daf5e