*.cru.org
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 07:b2:71:f7:6e:4a:61:70:28:b4:2b:6a:10:7a:c9:cb was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.cru.org
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:b2:71:f7:6e:4a:61:70:28:b4:2b:6a:10:7a:c9:cbSerial Number (int): 10231136327088235819771001134892370379
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 65:ea:14:29:3b:a7:ff:f2:16:dd:75:39:77:3a:4f:bb:f0:53:ee:50
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 58:bf:b2:45:95:5c:fe:a6:fc:43:8a:03:f4:e4:61:cc:0c:91:bb:50
Fingerprint (sha256): 5c:b3:fc:c5:8e:c7:be:c4:56:dc:ba:a5:09:76:3a:f1:a5:46:ab:a3:bd:21:cc:19:f7:4b:d0:2b:41:8a:f8:61
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.cru.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.cru.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.cru.org
cru.org
cru.org
Other certificates including the domain name cru.org
(limited to 100 certificates)
*.cru.org
smetrics.cru.org
ml.cru.org
*.cru.org
sites-stage.cru.org
sites.cru.org
sites-stage.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
status.cru.org
*.lh.cru.org
sites-stage.cru.org
techhelp.cru.org
*.cru.org
*.cru.org
e.cru.org
sites-stage.cru.org
e.cru.org
sites.cru.org
techhelp.cru.org
ml.cru.org
ml.cru.org
*.cru.org
*.campuscontacts.cru.org
*.cru.org
ns1.lh.cru.org
smapp.cru.org
sites.cru.org
*.cru.org
*.cru.org
vip-wordpress.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
*.cru.org
*.cru.org
*.cru.org
smapp.cru.org
*.cru.org
sites.cru.org
hybridcall-e.cru.org
give-static-stage.cru.org
*.cru.org
*.cru.org
ns1.lh.cru.org
campuskgp.cru.org
*.lh.cru.org
sites-stage.cru.org
smetrics.cru.org
*.cru.org
jfprintshop.cru.org
*.cru.org
globalstaffweb.org
campuskgp.cru.org
sites.cru.org
*.cru.org
*.cru.org
www.give.cru.org
e.cru.org
*.cru.org
sites.cru.org
atlanta.cru.org
sites-stage.cru.org
*.cru.org
*.cru.org
*.cru.org
sites.cru.org
smetrics.cru.org
sites.cru.org
sites.cru.org
hybridcall-e.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
san-33-s12.tlsprovisioning.exacttarget.com
*.aws.cru.org
*.cru.org
author.cru.org
vip-wordpress.cru.org
*.cru.org
mhub.cc
seattle.cru.org
ml.cru.org
smetrics.cru.org
give-static-stage.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
*.cru.org
*.cru.org
vip-wordpress.cru.org
help.cru.org
sites.cru.org
*.cru.org
help.cru.org
vip-wordpress.cru.org
ibs.cru.org
*.cru.org
vip-wordpress.cru.org
*.cru.org
*.cru.org
*.cru.org
*.cru.org
ml.cru.org
*.lh.cru.org
sites-stage.cru.org
smapp.cru.org
smetrics.cru.org
ml.cru.org
*.cru.org
sites-stage.cru.org
sites.cru.org
sites-stage.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
status.cru.org
*.lh.cru.org
sites-stage.cru.org
techhelp.cru.org
*.cru.org
*.cru.org
e.cru.org
sites-stage.cru.org
e.cru.org
sites.cru.org
techhelp.cru.org
ml.cru.org
ml.cru.org
*.cru.org
*.campuscontacts.cru.org
*.cru.org
ns1.lh.cru.org
smapp.cru.org
sites.cru.org
*.cru.org
*.cru.org
vip-wordpress.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
*.cru.org
*.cru.org
*.cru.org
smapp.cru.org
*.cru.org
sites.cru.org
hybridcall-e.cru.org
give-static-stage.cru.org
*.cru.org
*.cru.org
ns1.lh.cru.org
campuskgp.cru.org
*.lh.cru.org
sites-stage.cru.org
smetrics.cru.org
*.cru.org
jfprintshop.cru.org
*.cru.org
globalstaffweb.org
campuskgp.cru.org
sites.cru.org
*.cru.org
*.cru.org
www.give.cru.org
e.cru.org
*.cru.org
sites.cru.org
atlanta.cru.org
sites-stage.cru.org
*.cru.org
*.cru.org
*.cru.org
sites.cru.org
smetrics.cru.org
sites.cru.org
sites.cru.org
hybridcall-e.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
san-33-s12.tlsprovisioning.exacttarget.com
*.aws.cru.org
*.cru.org
author.cru.org
vip-wordpress.cru.org
*.cru.org
mhub.cc
seattle.cru.org
ml.cru.org
smetrics.cru.org
give-static-stage.cru.org
san-33-s12.tlsprovisioning.exacttarget.com
*.cru.org
*.cru.org
vip-wordpress.cru.org
help.cru.org
sites.cru.org
*.cru.org
help.cru.org
vip-wordpress.cru.org
ibs.cru.org
*.cru.org
vip-wordpress.cru.org
*.cru.org
*.cru.org
*.cru.org
*.cru.org
ml.cru.org
*.lh.cru.org
sites-stage.cru.org
smapp.cru.org
Certificate
The complete raw certificate details for *.cru.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFxzCCBK+gAwIBAgIQB7Jx925KYXAotCtqEHrJyzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTAxNTAwMDAwMFoXDTI0MTExMjIzNTk1OVowFDES MBAGA1UEAwwJKi5jcnUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVSOipB2bKz+uAEYfDGSkkS8irS4cRCjSewjlKvihrRC1NGmRWNyUVWXyKDs Srr8Q7TW1SKK7oQVhMynA00JT5y/OrIApcGaNRA09QJIh5tugDQSXR1ccK2JZyPT yV/8SQKHBWbxSKwz3KUXoRJb3BQIegNXx2mKM2hZDj5KUR69IgYt/3MrR4T1mIXX DgDWThObx4WYqIkI7t4Dhiea1ft4DuwgZlTKg77dLBuEPaw9p8gYls/VoLyOI/7v 8xfboFD8ohMk4+TbNFlrhTKgw4GIIppuFSxuWmUm9JQSZNYIUxdj01gNKqvkopZK 76bxRTWWNW9JooqHV3DmItr1tQIDAQABo4IC6zCCAucwHwYDVR0jBBgwFoAUVdkY X9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFGXqFCk7p//yFt11OXc6T7vwU+5Q MB0GA1UdEQQWMBSCCSouY3J1Lm9yZ4IHY3J1Lm9yZzATBgNVHSAEDDAKMAgGBmeB DAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1hem9udHJ1 c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0 dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0 cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwGA1UdEwEB /wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO7N0GTV2xrOxVy3nbTN E6Iyh0Z8vOzew1FIWUZxH7WbAAABizGILysAAAQDAEcwRQIhAOFCI2LmJYTFBdcl 3xxo5//pyZ+hlUpzKq1Hzg5y4lROAiA3GK5OiiqhUPg3mAXtiXiOH7bMbk+EqUYj U10i7Kg/BQB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABizGI LwgAAAQDAEYwRAIgfDvXL3btsn9Ji1ZHywyF6OV//g1Yor+9k5P6A2d2WfQCIAVL R7/8pWncqY61SXO7bsxY+ifXaPxNU7A+7JPe5i8iAHcA2ra/az+1tiKfm8K7XGvo cJFxbLtRhIU0vaQ9MEjX+6sAAAGLMYgu+gAABAMASDBGAiEA/7758PqJ9BDNYyxV XgYtf9sf+namnLzidZN7hzigQwECIQDs4I70sSSw7m9bMPKlU8XUbv1z+BVwLX3N VWrk/9LbfjANBgkqhkiG9w0BAQsFAAOCAQEAClg96XZ4L7dpkQb+8ujdiigywg08 KKcaq84SKCjKXeO4Uvhu6AP5Oorjme4Dppq0i2uOuKgiArVfWyzCknUGsjeSUVKs A9xveZUt3FPQzdm42RZM6v5E3A+zRvqvNB4w3ZK/5GSv8XbY2m+zURVcTZ/n7LPg ko8QRkHqDk3QjzqKhzEU5vO3U7r17Bcy4u8YkngpJV5u8OdrVBy35XbBWXQGO4Nk nF91dFUi+eMPEflKfkauEbJAakxjer2nHsHLiXoRK5m5DjSPG7Dp5Vmyg4ZM+ERG I/hws0LRqP+EzmIwfi4Ge2oGlwW3Lrw1ebg6Tli4dh+xRmuum6CW3J03Eg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVSOipB2bKz+uAEYfDGS kkS8irS4cRCjSewjlKvihrRC1NGmRWNyUVWXyKDsSrr8Q7TW1SKK7oQVhMynA00J T5y/OrIApcGaNRA09QJIh5tugDQSXR1ccK2JZyPTyV/8SQKHBWbxSKwz3KUXoRJb 3BQIegNXx2mKM2hZDj5KUR69IgYt/3MrR4T1mIXXDgDWThObx4WYqIkI7t4Dhiea 1ft4DuwgZlTKg77dLBuEPaw9p8gYls/VoLyOI/7v8xfboFD8ohMk4+TbNFlrhTKg w4GIIppuFSxuWmUm9JQSZNYIUxdj01gNKqvkopZK76bxRTWWNW9JooqHV3DmItr1 tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10231136327088235819771001134892370379 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.cru.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25415595811207289544425962168876363805725023867427962354429802984419495701125315672291258036221235175919522928862089604614744568871476370674654243610012638874821057830353412578252251679891719088460108667880713551984448710853315217610893868223177404546580229547890984271771204450156258784666221075527342861789315310178383433450649778219675244086496114299372942157552409517805662884354507299836712732753285797742668550247952697860216861055169473544735897810545170296369215337415403922104965681400168863113048476878394647182219162003750801750296762564072675546770873232698154711120603832269871453908696225422530762700213 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 65ea14293ba7fff216dd7539773a4fbbf053ee50 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cru.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cru.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b31882f2b0000040300473045022100e1422362e62584c505d725df1c68e7ffe9c99fa1954a732aad47ce0e72e2544e02203718ae4e8a2aa150f8379805ed89788e1fb6cc6e4f84a94623535d22eca83f0500750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b31882f08000004030046304402207c3bd72f76edb27f498b5647cb0c85e8e57ffe0d58a2bfbd9393fa03677659f40220054b47bffca569dca98eb54973bb6ecc58fa27d768fc4d53b03eec93dee62f22007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b31882efa0000040300483046022100ffbef9f0fa89f410cd632c555e062d7fdb1ffa76a69cbce275937b8738a04301022100ece08ef4b124b0ee6f5b30f2a553c5d46efd73f815702d7dcd556ae4ffd2db7e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000a583de976782fb7699106fef2e8dd8a2832c20d3c28a71aabce122828ca5de3b852f86ee803f93a8ae399ee03a69ab48b6b8eb8a82202b55f5b2cc2927506b237925152ac03dc6f79952ddc53d0cdd9b8d9164ceafe44dc0fb346faaf341e30dd92bfe464aff176d8da6fb351155c4d9fe7ecb3e0928f104641ea0e4dd08f3a8a873114e6f3b753baf5ec1732e2ef18927829255e6ef0e76b541cb7e576c15974063b83649c5f75745522f9e30f11f94a7e46ae11b2406a4c637abda71ec1cb897a112b99b90e348f1bb0e9e559b283864cf8444623f870b342d1a8ff84ce62307e2e067b6a069705b72ebc3579b83a4e58b8761fb1466bae9ba096dc9d3712