*.flock.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0f:72:a0:70:1f:56:00:de:cb:be:6b:63:7b:23:85:9d was issued on by Amazon.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.flock.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0f:72:a0:70:1f:56:00:de:cb:be:6b:63:7b:23:85:9dSerial Number (int): 20533595847435501342890254036164117917
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 5b:ca:63:3f:94:ee:3d:0f:8f:4e:19:ac:78:10:06:ac:18:c2:50:90
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 22:ed:65:43:61:71:4f:e6:96:e7:e2:4f:31:86:90:30:82:87:2b:5a
Fingerprint (sha256): 51:b6:00:69:44:7f:a8:6a:0a:3b:03:9e:dd:a5:8c:04:bf:c5:96:60:ec:72:03:18:ff:b5:fb:42:6e:5b:4f:e9
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.flock.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.flock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.flock.com
*.flock.co
*.apps.flock.com
*.apps.flock.co
*.flock.co
*.apps.flock.com
*.apps.flock.co
Other certificates including the domain name flock.com
(limited to 100 certificates)
corporatestatus.tyro.com
support.flock.com
support.flock.com
pages.flock.com
webinar.flock.com
corporatestatus.tyro.com
pages.flock.com
enomstatus.com
corporatestatus.tyro.com
ent.flock.com
kb.flock.com
*.internal.flock.com
*.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.com
support.flock.com
*.flock.com
faq.internal.flock.com
webinar.flock.com
blog.flock.com
corporatestatus.tyro.com
*.flock.co
blog.flock.com
corporatestatus.tyro.com
*.ops.flock.com
faq.internal.flock.com
corporatestatus.tyro.com
enomstatus.com
enomstatus.com
corporatestatus.tyro.com
*.flock.co
*.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
webinar.flock.com
api.flock.com
enomstatus.com
ent.flock.com
www.flock.com
bugzilla.flock.com
kb.flock.com
*.flock.com
support.flock.com
monumentstatus.mambu.com
ent.flock.com
blog.flock.com
enomstatus.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
blog.flock.com
www.flock.com
enomstatus.com
staging.mail.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
enomstatus.com
*.i.flock.com
enomstatus.com
support.flock.com
*.flock.co
extensions.flock.com
corporatestatus.tyro.com
*.flock.com
enomstatus.com
vpn.flock.com
my.flock.com
enomstatus.com
corporatestatus.tyro.com
corporatestatus.tyro.com
enomstatus.com
blog.flock.com
update.flock.com
support.flock.com
enomstatus.com
ent.flock.com
corporatestatus.tyro.com
www.flock.com
ent.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.co
*.flock.com
blog.flock.com
*.flock.com
support.flock.com
corporatestatus.tyro.com
support.flock.com
*.flock.com
webinar.flock.com
www.flock.com
pages.flock.com
support.flock.com
*.flock.com
support.flock.com
support.flock.com
pages.flock.com
webinar.flock.com
corporatestatus.tyro.com
pages.flock.com
enomstatus.com
corporatestatus.tyro.com
ent.flock.com
kb.flock.com
*.internal.flock.com
*.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.com
support.flock.com
*.flock.com
faq.internal.flock.com
webinar.flock.com
blog.flock.com
corporatestatus.tyro.com
*.flock.co
blog.flock.com
corporatestatus.tyro.com
*.ops.flock.com
faq.internal.flock.com
corporatestatus.tyro.com
enomstatus.com
enomstatus.com
corporatestatus.tyro.com
*.flock.co
*.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
webinar.flock.com
api.flock.com
enomstatus.com
ent.flock.com
www.flock.com
bugzilla.flock.com
kb.flock.com
*.flock.com
support.flock.com
monumentstatus.mambu.com
ent.flock.com
blog.flock.com
enomstatus.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
blog.flock.com
www.flock.com
enomstatus.com
staging.mail.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
enomstatus.com
*.i.flock.com
enomstatus.com
support.flock.com
*.flock.co
extensions.flock.com
corporatestatus.tyro.com
*.flock.com
enomstatus.com
vpn.flock.com
my.flock.com
enomstatus.com
corporatestatus.tyro.com
corporatestatus.tyro.com
enomstatus.com
blog.flock.com
update.flock.com
support.flock.com
enomstatus.com
ent.flock.com
corporatestatus.tyro.com
www.flock.com
ent.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.co
*.flock.com
blog.flock.com
*.flock.com
support.flock.com
corporatestatus.tyro.com
support.flock.com
*.flock.com
webinar.flock.com
www.flock.com
pages.flock.com
support.flock.com
*.flock.com
Certificate
The complete raw certificate details for *.flock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8TCCBNmgAwIBAgIQD3KgcB9WAN7LvmtjeyOFnTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIzMDAwMDAwMFoXDTI1MDEyNjIzNTk1OVowFjEU MBIGA1UEAwwLKi5mbG9jay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC5Z5urDADOpmjVw2W2bDHDMTTgvQvUVcmHvMPykzmwCwFvDjN0RdyAsR+S 5CaNEqQ3yCJQoG+yzLuV7/wxkygws6Ue3ECHkHPaZTAPR6iAkKaTX9KVBroiSj3+ FOmNd7926Z39PLqkr3AmI6vuRR+Sn+51jO54h7oHaReQXuU1XOYvvWPNKVjXFtZk nwAouNuhKol91OggAAHgU4A3Zx4nQgr+T0oUME6oZ5dUEK75lNnBBHD7hWzJZBlr mflD1xVaC2FeOmkwZpgUlL77SISh5hiPUnw6vlX8whF0kiP6bFN73yCEDgjOt2Qv N+4jNyk6PF2hkKpv/LfSPzcILJQpAgMBAAGjggMTMIIDDzAfBgNVHSMEGDAWgBTA MVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUW8pjP5TuPQ+PThmseBAGrBjC UJAwRQYDVR0RBD4wPIILKi5mbG9jay5jb22CCiouZmxvY2suY2+CECouYXBwcy5m bG9jay5jb22CDyouYXBwcy5mbG9jay5jbzATBgNVHSAEDDAKMAgGBmeBDAECATAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29t L3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9v Y3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2Ny dC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAw ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AE51oydcmhDDOFts1N8/Uusd8OCO G41pwLH6ZLFimjnfAAABjLmsLEAAAAQDAEYwRAIgTQb9sn3OqBLGa42uMxZ3KXHS nhysXPplK9ju1TRyLnQCIAudZuDIVmZuxcH6Y4g/OS6RpKj2vi9O9BMP9t+mxGH2 AHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGMuawsaQAABAMA SDBGAiEAq39uAzHkwllukuYFUxBHodwZjmVc6gcUNVsmf+dHk44CIQCKk+MhbgDn nz9X62ygaRfyl0dw83qw0c2VFgj7Mh9gdQB2AObSMWNAd4zBEEEG13G5zsHSQPaW hIb7uocyHf0eN45QAAABjLmsLJQAAAQDAEcwRQIgBP7KKPPkHXTOA7xqHQkpuOG3 AP53IJh417RbXDrnFYkCIQCyg9ADrUwO27rFJgZUnanI3w0vWZ0Vb7JeIUOZEqyz 1TANBgkqhkiG9w0BAQsFAAOCAQEAQKJK3H0BXH4iX8/GLUGDCzyeJ6uZDzx5Urd9 /GIC/FVLKQZIL/GXc3RxBbw+DIjFb+UYE8/q3fABnBKCReOdHdtkOyTuLeIgHL24 3i3rioLffV9DVDJOqKMUFQm4VqojiZ7NTMEYTZ6juL0Unualjz3QGvRhFkmdkJwl I6bb3OJzIm+ytHNyUWuOQZdwqLo9E4cwtJHTCzC0UUh8+1zfMAosUzRsHxoOkcyd 7zvP2jDsSND1Xra+hNe03CiSF++DFWS1hGMFCz89BgQmHcRfeSBsjEg0brZWq7Ai BXKg7oatvLqXwFyps69ahpPJMvNk0zd7LpFIvECvNzxID6Pz2w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWebqwwAzqZo1cNltmwx wzE04L0L1FXJh7zD8pM5sAsBbw4zdEXcgLEfkuQmjRKkN8giUKBvssy7le/8MZMo MLOlHtxAh5Bz2mUwD0eogJCmk1/SlQa6Iko9/hTpjXe/dumd/Ty6pK9wJiOr7kUf kp/udYzueIe6B2kXkF7lNVzmL71jzSlY1xbWZJ8AKLjboSqJfdToIAAB4FOAN2ce J0IK/k9KFDBOqGeXVBCu+ZTZwQRw+4VsyWQZa5n5Q9cVWgthXjppMGaYFJS++0iE oeYYj1J8Or5V/MIRdJIj+mxTe98ghA4IzrdkLzfuIzcpOjxdoZCqb/y30j83CCyU KQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20533595847435501342890254036164117917 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-26 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.flock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23405177466526303814549090579845657865555315212302685015204975407352950978562733137744778635601542177646451512372411307914148905443184953516786465426617667323745737754665884138636564102886827763252483996193321201154093692527624798787855753495154349434910602542204022303705796265173050583732777926624573203106119758664458568445947623057590180599791650661683892615008636994098332128762380022668741352163286403534962238631626039691060324424858235025541958628882290979308267967820226837860362458052934333672524628321210840502958773297963186525336643153422725153489604780368541539823749157375230357048338176617003369665577 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5bca633f94ee3d0f8f4e19ac781006ac18c25090 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flock.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.apps.flock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.apps.flock.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cb9ac2c40000004030046304402204d06fdb27dcea812c66b8dae3316772971d29e1cac5cfa652bd8eed534722e7402200b9d66e0c856666ec5c1fa63883f392e91a4a8f6be2f4ef4130ff6dfa6c461f60077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018cb9ac2c690000040300483046022100ab7f6e0331e4c2596e92e605531047a1dc198e655cea0714355b267fe747938e0221008a93e3216e00e79f3f57eb6ca06917f2974770f37ab0d1cd951608fb321f6075007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018cb9ac2c940000040300473045022004feca28f3e41d74ce03bc6a1d0929b8e1b700fe77209878d7b45b5c3ae71589022100b283d003ad4c0edbbac52606549da9c8df0d2f599d156fb25e21439912acb3d5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0040a24adc7d015c7e225fcfc62d41830b3c9e27ab990f3c7952b77dfc6202fc554b2906482ff19773747105bc3e0c88c56fe51813cfeaddf0019c128245e39d1ddb643b24ee2de2201cbdb8de2deb8a82df7d5f4354324ea8a3141509b856aa23899ecd4cc1184d9ea3b8bd149ee6a58f3dd01af46116499d909c2523a6dbdce273226fb2b47372516b8e419770a8ba3d138730b491d30b30b451487cfb5cdf300a2c53346c1f1a0e91cc9def3bcfda30ec48d0f55eb6be84d7b4dc289217ef831564b58463050b3f3d0604261dc45f79206c8c48346eb656abb0220572a0ee86adbcba97c05ca9b3af5a8693c932f364d3377b2e9148bc40af373c480fa3f3db