*.gaslini.org

- I.R.C.C.S. Giannina Gaslini -

Issued by DigiCert G5 TLS RSA4096 SHA384 2021 CA1

About this certificate

This digital certificate with serial number 0e:cd:1d:09:a1:03:94:d8:42:4c:51:30:c9:a1:b3:f9 was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

I.R.C.C.S. Giannina Gaslini

Organization: I.R.C.C.S. Giannina Gaslini
State / Province: Liguria
Locality: Genova
Country: IT

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0e:cd:1d:09:a1:03:94:d8:42:4c:51:30:c9:a1:b3:f9
Serial Number (int): 19674201749751846669532250559282787321
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 05:1e:93:41:35:67:31:37:45:ed:24:16:96:93:3c:e9:5d:15:79:7a
AuthorityKeyId: ae:ba:94:33:ba:ef:37:4d:0b:d7:18:ef:4a:e4:a1:0d:bc:07:b6:73

Fingerprint (sha1): 1a:59:dd:b1:e5:08:1c:24:06:4e:0e:75:95:1b:88:32:0b:e4:67:f6
Fingerprint (sha256): 4e:56:46:83:6a:8c:f0:77:27:d5:4f:e8:03:cf:0b:f9:78:9b:9c:b8:b4:af:68:d8:b6:43:b7:26:a1:4f:7e:a6

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertG5TLSRSA4096SHA3842021CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertG5TLSRSA4096SHA3842021CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertG5TLSRSA4096SHA3842021CA1-1.crl

Check the revocation status for certificate *.gaslini.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.gaslini.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.gaslini.org
gaslini.org

Other certificates including the domain name gaslini.org

(limited to 100 certificates)

Certificate

The complete raw certificate details for *.gaslini.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGdTCCBF2gAwIBAgIQDs0dCaEDlNhCTFEwyaGz+TANBgkqhkiG9w0BAQsFADBY
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xMDAuBgNVBAMT
J0RpZ2lDZXJ0IEc1IFRMUyBSU0E0MDk2IFNIQTM4NCAyMDIxIENBMTAeFw0yNDA2
MDgwMDAwMDBaFw0yNTA3MDkyMzU5NTlaMG4xCzAJBgNVBAYTAklUMRAwDgYDVQQI
EwdMaWd1cmlhMQ8wDQYDVQQHEwZHZW5vdmExJDAiBgNVBAoTG0kuUi5DLkMuUy4g
R2lhbm5pbmEgR2FzbGluaTEWMBQGA1UEAwwNKi5nYXNsaW5pLm9yZzCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLIGQ9o5q16IzQnFoA/U1oK506mCHIy
zh1FsniJe71ZYyz/Gu4hmjKo/LMsrX7NDrlKrFg2Nc+0hjuccuTJBQwiIwTr/wW9
XA5M03736xqCu1TokDkVkQ80MpWgnNF3OFJAW6Q44/yQ3ZasF4tCw1F8Zj+ODaft
q8R6vFaTIQQOzuwlO6q4y9r+rRpWi3L9L1gGN6NuEdxl4QvTgux/5RAo9AI07f+3
pLqqRyV/LJUFV5GMdvfziRFNr5BvWZfWUXACCRvSqHTz8EkB848CQldYLgYy8aNg
QrY+kG0RvKqeuwfOk8I2vWj1z6tBGV/WmLmbHy0yUNTkYzzao1SrbAcCAwEAAaOC
AiMwggIfMB8GA1UdIwQYMBaAFK66lDO67zdNC9cY70rkoQ28B7ZzMB0GA1UdDgQW
BBQFHpNBNWcxN0XtJBaWkzzpXRV5ejAlBgNVHREEHjAcgg0qLmdhc2xpbmkub3Jn
ggtnYXNsaW5pLm9yZzA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIB
FhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBmwYDVR0fBIGTMIGQMEagRKBC
hkBodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHNVRMU1JTQTQwOTZT
SEEzODQyMDIxQ0ExLTEuY3JsMEagRKBChkBodHRwOi8vY3JsNC5kaWdpY2VydC5j
b20vRGlnaUNlcnRHNVRMU1JTQTQwOTZTSEEzODQyMDIxQ0ExLTEuY3JsMIGFBggr
BgEFBQcBAQR5MHcwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
bTBPBggrBgEFBQcwAoZDaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lD
ZXJ0RzVUTFNSU0E0MDk2U0hBMzg0MjAyMUNBMS0xLmNydDAMBgNVHRMBAf8EAjAA
MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAp9sSmd/Ax
J3VYLngdxXHbogc/fsMLv5LiV2XYXw9vbP8BWjRhql9hf3vQu4PwpAB6I+M8t/7H
SLf35Aqq7D6K52vBx44XYwyxQOUWcnrC5LTyAzZlcRWVx2i+rnNe9RRB/kpKfKbD
ZniRGdcrj0IsVFFQppSgHnnMNShQOsyBuhO8FveR53Zl79gF4sKX3NAQCHACe/XA
v0/MBaxlYvMSQOzfULgcT53bxqVHACkH2GvN3JTa3cNrismmFY3ltfbLr89QZDyH
9y14oSfEOouEd+sDmWHM/zcfNtzfTjOAopPNUgRcRn6uxPHFbRyMz+TD/se4AQUR
uT08L8h3yGBbMAAAr1piuJ1LibKj8h/eN0QKplCHtsgLAhAllCQwVTPjVqsf+Mv0
35lejzGvs46cObYsBW4j0BqYgXT1ksgVEJvHz2dbSkes4LBXhPkiFyIDCPOlFdSN
S4TcXUNROCVpyDqIVJEmYiEr7krWpZ0Gz+Z/Iu1+mtVbUgi+i7Aw7qNlY+2RiJzD
VLJlWfXbuxRDw0NleGi8FmSJ/2xoI9Uw7huElKs1ZHwAlxP/R0vTzyAV/zb0U8Zn
rOcjDLvkX60CdO3oiHOI16Dras5OlDgFpF0amcZZaJj93KiChaproPKJxXt9Tzgp
lK+wy1PSM/r0WUdo1xnoy5pu6HZURD1gGQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosgZD2jmrXojNCcWgD9T
WgrnTqYIcjLOHUWyeIl7vVljLP8a7iGaMqj8syytfs0OuUqsWDY1z7SGO5xy5MkF
DCIjBOv/Bb1cDkzTfvfrGoK7VOiQORWRDzQylaCc0Xc4UkBbpDjj/JDdlqwXi0LD
UXxmP44Np+2rxHq8VpMhBA7O7CU7qrjL2v6tGlaLcv0vWAY3o24R3GXhC9OC7H/l
ECj0AjTt/7ekuqpHJX8slQVXkYx29/OJEU2vkG9Zl9ZRcAIJG9KodPPwSQHzjwJC
V1guBjLxo2BCtj6QbRG8qp67B86Twja9aPXPq0EZX9aYuZsfLTJQ1ORjPNqjVKts
BwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19674201749751846669532250559282787321
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert G5 TLS RSA4096 SHA384 2021 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Liguria'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Genova'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'I.R.C.C.S. Giannina Gaslini'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.gaslini.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20549277352297015061822494412125115197333366802574249301870208054222718959018797578288844596339047421622595991548042002589206998864773274955586394427922231778827919880408296050052188530339164018549907610435639109502374017459778278060386315071196402888840658169190476632175133088484765868986395837504746469344371633117400398873684468224107325091188438759057022359518477216987323299467097893939169729161165143611289485576102135288299657189744151306380082253311863382176908022428242002301883501994062103112653111461904297598035968734106658074130410435415439573722611258835333122351519347401124173417612419255144295394311
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName aeba9433baef374d0bd718ef4ae4a10dbc07b673
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							051e93413567313745ed241696933ce95d15797a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gaslini.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gaslini.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertG5TLSRSA4096SHA3842021CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertG5TLSRSA4096SHA3842021CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertG5TLSRSA4096SHA3842021CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0029f6c4a677f0312775582e781dc571dba2073f7ec30bbf92e25765d85f0f6f6cff015a3461aa5f617f7bd0bb83f0a4007a23e33cb7fec748b7f7e40aaaec3e8ae76bc1c78e17630cb140e516727ac2e4b4f2033665711595c768beae735ef51441fe4a4a7ca6c366789119d72b8f422c545150a694a01e79cc3528503acc81ba13bc16f791e77665efd805e2c297dcd0100870027bf5c0bf4fcc05ac6562f31240ecdf50b81c4f9ddbc6a547002907d86bcddc94daddc36b8ac9a6158de5b5f6cbafcf50643c87f72d78a127c43a8b8477eb039961ccff371f36dcdf4e3380a293cd52045c467eaec4f1c56d1c8ccfe4c3fec7b8010511b93d3c2fc877c8605b300000af5a62b89d4b89b2a3f21fde37440aa65087b6c80b0210259424305533e356ab1ff8cbf4df995e8f31afb38e9c39b62c056e23d01a988174f592c815109bc7cf675b4a47ace0b05784f92217220308f3a515d48d4b84dc5d4351382569c83a8854912662212bee4ad6a59d06cfe67f22ed7e9ad55b5208be8bb030eea36563ed91889cc354b26559f5dbbb1443c343657868bc166489ff6c6823d530ee1b8494ab35647c009713ff474bd3cf2015ff36f453c667ace7230cbbe45fad0274ede8887388d7a0eb6ace4e943805a45d1a99c6596898fddca88285aa6ba0f289c57b7d4f382994afb0cb53d233faf4594768d719e8cb9a6ee87654443d6019