*.flockmail.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0d:19:2a:84:cc:95:10:68:d5:66:47:a0:2d:cc:cb:18 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.flockmail.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:19:2a:84:cc:95:10:68:d5:66:47:a0:2d:cc:cb:18Serial Number (int): 17410633749303231733892262402225654552
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 72:40:c4:6e:6c:a9:c2:f4:76:10:b0:97:9a:b6:fe:43:b8:82:8e:bd
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 6f:df:9b:74:7a:5c:a4:11:96:a9:0d:63:53:1d:4e:6f:d5:ff:ab:03
Fingerprint (sha256): 4d:4f:18:b4:c8:ab:24:7a:48:7b:ec:24:a1:bb:ed:07:f2:7c:aa:22:db:ef:e1:05:a5:34:d0:40:59:3f:6c:42
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.flockmail.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.flockmail.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.flockmail.com
*.titan.email
*.titan.email
Other certificates including the domain name flockmail.com
(limited to 100 certificates)
status.achilles.com
status.attomus.com
status.achilles.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
download-tracked.flockmail.com
status.attomus.com
status.achilles.com
status.attomus.com
dardenstatus.paradox.ai
status.attomus.com
status.attomus.com
endpoint-security.status.broadcom.com
*.flockmail.com
status.achilles.com
endpoint-security.status.broadcom.com
status.attomus.com
status.achilles.com
status.achilles.com
atlanticindustrie-status.polaris.synopsys.com
status.attomus.com
agency.online.anz.com
agency.online.anz.com
flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.achilles.com
dardenstatus.paradox.ai
status.achilles.com
endpoint-security.status.broadcom.com
agency.online.anz.com
status.attomus.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
status.achilles.com
flockmail.com
*.flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.achilles.com
dardenstatus.paradox.ai
status.achilles.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
*.flockmail.com
dardenstatus.paradox.ai
endpoint-security.status.broadcom.com
status.achilles.com
agency.online.anz.com
endpoint-security.status.broadcom.com
status.achilles.com
status.achilles.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
status.achilles.com
flockmail.com
endpoint-security.status.broadcom.com
*.flockmail.com
*.flockmail.com
status.achilles.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.achilles.com
atlanticindustrie-status.polaris.synopsys.com
status.achilles.com
endpoint-security.status.broadcom.com
support.flock.com
dardenstatus.paradox.ai
status.attomus.com
status.achilles.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
status.attomus.com
*.flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.attomus.com
flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
*.flockmail.com
status.achilles.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
status.attomus.com
status.achilles.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
download-tracked.flockmail.com
status.attomus.com
status.achilles.com
status.attomus.com
dardenstatus.paradox.ai
status.attomus.com
status.attomus.com
endpoint-security.status.broadcom.com
*.flockmail.com
status.achilles.com
endpoint-security.status.broadcom.com
status.attomus.com
status.achilles.com
status.achilles.com
atlanticindustrie-status.polaris.synopsys.com
status.attomus.com
agency.online.anz.com
agency.online.anz.com
flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.achilles.com
dardenstatus.paradox.ai
status.achilles.com
endpoint-security.status.broadcom.com
agency.online.anz.com
status.attomus.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
status.achilles.com
flockmail.com
*.flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.achilles.com
dardenstatus.paradox.ai
status.achilles.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
*.flockmail.com
dardenstatus.paradox.ai
endpoint-security.status.broadcom.com
status.achilles.com
agency.online.anz.com
endpoint-security.status.broadcom.com
status.achilles.com
status.achilles.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
status.achilles.com
flockmail.com
endpoint-security.status.broadcom.com
*.flockmail.com
*.flockmail.com
status.achilles.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.achilles.com
atlanticindustrie-status.polaris.synopsys.com
status.achilles.com
endpoint-security.status.broadcom.com
support.flock.com
dardenstatus.paradox.ai
status.attomus.com
status.achilles.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
status.attomus.com
*.flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
status.achilles.com
status.attomus.com
flockmail.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
endpoint-security.status.broadcom.com
support.flock.com
*.flockmail.com
status.achilles.com
endpoint-security.status.broadcom.com
dardenstatus.paradox.ai
Certificate
The complete raw certificate details for *.flockmail.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEbDCCA1SgAwIBAgIQDRkqhMyVEGjVZkegLczLGDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIxNzAwMDAwMFoXDTI1MDExNDIzNTk1OVowGjEY MBYGA1UEAwwPKi5mbG9ja21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA437Lysc1JEE6G6e7DDshQbfCi2P1LJdAi4EoLu/H3tCREQn6rvjD CqxrgwE9Bq2tGaOJLI2wJNzQ/Of0MzyQsKp5lBTAgDXPwmbUmChjZOouB4Mlh8s5 rGRwa7U0k0XchkIkdG6e+sVyRU/eTlNzz2zYg/FQ0XbIKKqNXFgGvuIZuQBkT1ZA UUqBwJMyyhYApsCuCQBVsRe7S5pRJChp1jboj9Vc0BePntf5xKzRIiFEN34tckKm uQwIWp9P6jx1LyWjhvZ5ynXyj0J2atS8hmdlDEEo5NGRW7WDZ0AiLJ5vlb9ZqZQS WOqyUmksDkL9Mmh90whozRPnkEK91uMVhwIDAQABo4IBijCCAYYwHwYDVR0jBBgw FoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFHJAxG5sqcL0dhCwl5q2 /kO4go69MCkGA1UdEQQiMCCCDyouZmxvY2ttYWlsLmNvbYINKi50aXRhbi5lbWFp bDATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j cmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRp MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNv bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20v cjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ KoZIhvcNAQELBQADggEBAAj1ncbl/U6k1qFVtfQp29CrFrJAdk5PZw72h+fMtU1O RM8GghuBxLoAyuyVFdGxwcQlVrnqyAzCZ9wDpnOGiR3gK0YyVt0LZqerUhHCWfjB TK03FS9xDLoivnEGvuSzSjnmhWCv9EQbkC5W2hmVxzZgSdCyVSGBf4/g0ea0ChF8 gWits/MlnuWEzOlNrHIh6b5tOMxHlXjchgriDD5MPFVf8m3+/RaqolqDABaVa1GF e76nrwhGaOJMeNxhj+mMVPw9nd6B8nRZ0cZ7D56vyWv9jjuUq31SUm+7v+GxC87h i+bEIlP3fg+YW5nDYVAWGlPs6YaC55AEAa/3YeHfQj8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA437Lysc1JEE6G6e7DDsh QbfCi2P1LJdAi4EoLu/H3tCREQn6rvjDCqxrgwE9Bq2tGaOJLI2wJNzQ/Of0MzyQ sKp5lBTAgDXPwmbUmChjZOouB4Mlh8s5rGRwa7U0k0XchkIkdG6e+sVyRU/eTlNz z2zYg/FQ0XbIKKqNXFgGvuIZuQBkT1ZAUUqBwJMyyhYApsCuCQBVsRe7S5pRJChp 1jboj9Vc0BePntf5xKzRIiFEN34tckKmuQwIWp9P6jx1LyWjhvZ5ynXyj0J2atS8 hmdlDEEo5NGRW7WDZ0AiLJ5vlb9ZqZQSWOqyUmksDkL9Mmh90whozRPnkEK91uMV hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17410633749303231733892262402225654552 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.flockmail.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28718620696266989339449884176318923374447465972152115245682193138997334297464342100173440221466215535860372400964598669580716751638346008661809787252646475267333265278018923999922469969991266001736255448382627039028744326031747996082973374930936826672688318586504818948020737188557180827490292717676872748985314372883905262815632155220147612485600774586001392200899204216956712269781041744017756474630055012750965097357534776969911904294731762268067442038814138669430603043488790440795686144771506266883443407343836595512368068302948214288754432679044903629439665564826701518734668868029267112587229334899860049171847 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7240c46e6ca9c2f47610b0979ab6fe43b8828ebd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flockmail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.titan.email' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0008f59dc6e5fd4ea4d6a155b5f429dbd0ab16b240764e4f670ef687e7ccb54d4e44cf06821b81c4ba00caec9515d1b1c1c42556b9eac80cc267dc03a67386891de02b463256dd0b66a7ab5211c259f8c14cad37152f710cba22be7106bee4b34a39e68560aff4441b902e56da1995c7366049d0b25521817f8fe0d1e6b40a117c8168adb3f3259ee584cce94dac7221e9be6d38cc479578dc860ae20c3e4c3c555ff26dfefd16aaa25a830016956b51857bbea7af084668e24c78dc618fe98c54fc3d9dde81f27459d1c67b0f9eafc96bfd8e3b94ab7d52526fbbbfe1b10bcee18be6c42253f77e0f985b99c36150161a53ece98682e7900401aff761e1df423f