*.hkl-baumaschinen.de

Issued by thawte DV SSL SHA256 CA

About this certificate

This digital certificate with serial number 78:58:a7:50:00:80:b3:e1:09:6f:e1:01:09:9d:f3:94 was issued on by thawte, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=*.hkl-baumaschinen.de

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 78:58:a7:50:00:80:b3:e1:09:6f:e1:01:09:9d:f3:94
Serial Number (int): 159967675118553372509583869833927062420
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 7d:29:31:2f:c1:1e:6e:ae:31:05:6a:b3:eb:1c:cd:a9:dd:ae:80:9a

Fingerprint (sha1): 5a:1e:99:bc:b0:30:0e:6b:25:8f:ad:30:48:5e:c1:19:fe:66:69:f6
Fingerprint (sha256): 50:72:03:53:da:de:1f:f8:2a:6d:f8:83:ef:92:37:54:25:a0:1d:6c:f9:19:80:50:79:ab:ec:0b:69:8e:57:b6

Issuing Certificate URL: http://tm.symcb.com/tm.crt

Revocation information

OCSP Server: http://tm.symcd.com
CRL Distribution Point: http://tm.symcb.com/tm.crl

Check the revocation status for certificate *.hkl-baumaschinen.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.hkl-baumaschinen.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.hkl-baumaschinen.de
hkl-baumaschinen.de

Other certificates including the domain name hkl-baumaschinen.de

(limited to 100 certificates)
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
enterpriseenrollment.hkl-baumaschinen.de
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
tennis.yumpu100.com
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
tennis.yumpu100.com
kiosk.laloupe.com
tennis.yumpu100.com
*.hkl-baumaschinen.de
kiosk.laloupe.com
intranet.hkl-baumaschinen.de
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
mitarbeiter.hkl-baumaschinen.de
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
kiosk.laloupe.com
mitarbeiter.hkl-baumaschinen.de
test-mingle.hkl-baumaschinen.de
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
tennis.yumpu100.com
tennis.yumpu100.com
kiosk.laloupe.com
*.hkl-baumaschinen.de
intranet.hkl-baumaschinen.de
tennis.yumpu100.com
monitoring.hkl-baumaschinen.de
tennis.yumpu100.com
kiosk.laloupe.com
tennis.yumpu100.com
intranet.hkl-baumaschinen.de
go.hkl-baumaschinen.de
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
gasthh.hkl-baumaschinen.de
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
www.hkl-baumaschinen.de
workflow.hkl-baumaschinen.de
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
kiosk.laloupe.com
mail.hkl-baumaschinen.de
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
de-hh-vfic01.ger.hkl-baumaschinen.de
*.hkl-baumaschinen.de
tennis.yumpu100.com
kiosk.laloupe.com
tennis.yumpu100.com
gateway.hkl-baumaschinen.de
tennis.yumpu100.com
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com
kiosk.laloupe.com
tennis.yumpu100.com
kiosk.laloupe.com
*.hkl-baumaschinen.de
test-webapps.hkl-baumaschinen.de
tennis.yumpu100.com
kiosk.laloupe.com
kiosk.laloupe.com
kiosk.laloupe.com
tennis.yumpu100.com

Certificate

The complete raw certificate details for *.hkl-baumaschinen.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIQeFinUACAs+EJb+EBCZ3zlDANBgkqhkiG9w0BAQsFADBl
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXdGhhd3RlIERWIFNTTCBTSEEy
NTYgQ0EwHhcNMTcwOTE1MDAwMDAwWhcNMjAwOTE0MjM1OTU5WjAgMR4wHAYDVQQD
DBUqLmhrbC1iYXVtYXNjaGluZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC7w/CrggIbRhn31xpc8TQFF95XSEddK4sBD3VsoTfL8kVv3CvJCt+E
s4q0E9TsiP9kt8/1Tya1SCuTGg11eOHiFKZHpA29gus3djf4Dbfk52Nt3G/WWuo0
CVMAyTDco/PaJhufP76J2E3qGCzW6BpQLDBICBE/oxFnzDApvXNFkfJ/8zWL2MJT
5vI6Qaa3uUQCJaRxhXMrLGmlPHYjqm3hxqAuTfFUwIX2B+EFW7vkyirMuKrt119F
ukwlCNPPJFTcmJwc+1qPZjAuljmCGfnGFlJfxcbf/mlUbOlllyD9SDv/EE5MFLMT
LBILOCuBywLs8TGMZZtMaetTgN0Rbh0xAgMBAAGjggGhMIIBnTA1BgNVHREELjAs
ghUqLmhrbC1iYXVtYXNjaGluZW4uZGWCE2hrbC1iYXVtYXNjaGluZW4uZGUwCQYD
VR0TBAIwADArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vdG0uc3ltY2IuY29tL3Rt
LmNybDBuBgNVHSAEZzBlMGMGBmeBDAECATBZMCYGCCsGAQUFBwIBFhpodHRwczov
L3d3dy50aGF3dGUuY29tL2NwczAvBggrBgEFBQcCAjAjDCFodHRwczovL3d3dy50
aGF3dGUuY29tL3JlcG9zaXRvcnkwHwYDVR0jBBgwFoAUfSkxL8Eebq4xBWqz6xzN
qd2ugJowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly90bS5zeW1j
ZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly90bS5zeW1jYi5jb20vdG0uY3J0MBMG
CisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAe9Ahsy/rvwT+I
XbTtXRk9bgibCLzUdS98ibL6zOJbYzSjCG9xOjuKYwuAXld6H2714dyUQbpXmR4A
U4CT73Jbgzw3AQ6ggHOR2spcz2v/MvutdfoLdRx3ufA3daLgRUtDY6QwIdssKeOm
N0IyXI+AZ3jr2aqwGy09VCWcdSbCJJGiaV6HZRBwz0EDKKkad9E3DDLxNOkTqCwd
xL2XCCUzJ8NES9uIQlx5r6InaTFtnXKfDSYtnJ5au6+IuDxUcY/7vAa5nEU91rq2
ruzpBgrA3k03q7P4hm5qUXFlTxbDoAlJ+X2KvhMscm6pnzkmP/85sdPfJARIq1tg
LHulJCwB
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8Pwq4ICG0YZ99caXPE0
BRfeV0hHXSuLAQ91bKE3y/JFb9wryQrfhLOKtBPU7Ij/ZLfP9U8mtUgrkxoNdXjh
4hSmR6QNvYLrN3Y3+A235Odjbdxv1lrqNAlTAMkw3KPz2iYbnz++idhN6hgs1uga
UCwwSAgRP6MRZ8wwKb1zRZHyf/M1i9jCU+byOkGmt7lEAiWkcYVzKyxppTx2I6pt
4cagLk3xVMCF9gfhBVu75MoqzLiq7ddfRbpMJQjTzyRU3JicHPtaj2YwLpY5ghn5
xhZSX8XG3/5pVGzpZZcg/Ug7/xBOTBSzEywSCzgrgcsC7PExjGWbTGnrU4DdEW4d
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 159967675118553372509583869833927062420
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte DV SSL SHA256 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.hkl-baumaschinen.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23703184701485722952666110288547735949958422520062998675293019464876262161192311402881372085256038562161155272227004834727392947656895026703715797452995333405648068524801264155421764625726923546081333709579252958348147216803406571138204217301080717856018346766318467304391860935938437191296024077954335398005843667766351303848507938975690221676630060158294883882076274997713303648520886640001041473259606690465432067972678259054236014821518284744314381648365365342368232367723048686848450627888817140149038238338977027252075935504893380646925511250750192871062594620190340001717638473370819924843106915232310010715441
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hkl-baumaschinen.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hkl-baumaschinen.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcb.com/tm.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7d29312fc11e6eae31056ab3eb1ccda9ddae809a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcb.com/tm.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001ef4086ccbfaefc13f885db4ed5d193d6e089b08bcd4752f7c89b2facce25b6334a3086f713a3b8a630b805e577a1f6ef5e1dc9441ba57991e00538093ef725b833c37010ea0807391daca5ccf6bff32fbad75fa0b751c77b9f03775a2e0454b4363a43021db2c29e3a63742325c8f806778ebd9aab01b2d3d54259c7526c22491a2695e87651070cf410328a91a77d1370c32f134e913a82c1dc4bd9708253327c3444bdb88425c79afa22769316d9d729f0d262d9c9e5abbaf88b83c54718ffbbc06b99c453dd6bab6aeece9060ac0de4d37abb3f8866e6a5171654f16c3a00949f97d8abe132c726ea99f39263fff39b1d3df240448ab5b602c7ba5242c01