cdn.nerdfactory.ai
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0e:d8:00:ae:5b:f6:b0:96:31:6f:97:a4:e3:58:d2:5e was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cdn.nerdfactory.ai
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0e:d8:00:ae:5b:f6:b0:96:31:6f:97:a4:e3:58:d2:5eSerial Number (int): 19730741876593988022853056037324903006
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 55:b0:e8:22:ab:40:17:c8:f1:63:95:9b:58:68:d1:a3:bb:18:53:e2
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 7a:b7:45:57:3e:77:82:69:a6:4f:78:6c:a5:74:37:32:d7:ef:66:6a
Fingerprint (sha256): 62:53:7a:ba:60:3f:5c:0a:3a:20:2f:6a:4d:b3:ad:fb:b7:94:56:50:d6:12:8f:b4:a6:3b:52:16:2f:9d:8a:2a
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate cdn.nerdfactory.ai
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cdn.nerdfactory.ai
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cdn.nerdfactory.ai
Other certificates including the domain name nerdfactory.ai
(limited to 100 certificates)
blog.nerdfactory.ai
blog.nerdfactory.ai
www.cowboytattoo.com.br
www.frikkherding.no
voryq-dev.nerdfactory.ai
kommati.lernit.app
blog.nerdfactory.ai
collab.nerdfactory.ai
aivory-manager-demo.nerdfactory.ai
collab.nerdfactory.ai
blog.nerdfactory.ai
voda-backoffice.nerdfactory.ai
www.urbantransit.app
collab.nerdfactory.ai
pacecapitalmgt.com
mail.nerdfactory.ai
mail.nerdfactory.ai
mamam-media.nerdfactory.ai
product.azago.in
mamam.nerdfactory.ai
www.blindstream.com
www.lascalamalaga.com
blog.nerdfactory.ai
voda-test.nerdfactory.ai
anuta-dev.nerdfactory.ai
mail.nerdfactory.ai
product.azago.in
patent-backend.nerdfactory.ai
blog.nerdfactory.ai
www.thepalettelife.com
cdn.nerdfactory.ai
wooribaby-universal-links.nerdfactory.ai
mail.nerdfactory.ai
www.josiahrininger.com
voryq-media.nerdfactory.ai
www.cowboytattoo.com.br
mail.nerdfactory.ai
link.prost.com
analytics.nerdfactory.ai
befirst-qa.ovdns.co.za
aivory.nerdfactory.ai
about.gapcrossstaging.com
hillswestny.com
blog.nerdfactory.ai
www.blindstream.com
voda-data-prod.nerdfactory.ai
pacecapitalmgt.com
nerdchat.nerdfactory.ai
collab.nerdfactory.ai
events.recomea.com
console.charatoru.jp
mamam.nerdfactory.ai
www.urbantransit.app
blog.nerdfactory.ai
mamam-stage.nerdfactory.ai
strategy-backend.nerdfactory.ai
mamam-stage.zetapol.org
blog.nerdfactory.ai
mail.nerdfactory.ai
vincitoulu.fi
aivory.nerdfactory.ai
wooribaby-universal-links.nerdfactory.ai
blog.nerdfactory.ai
anuta-dev.nerdfactory.ai
mail.nerdfactory.ai
mail.nerdfactory.ai
gcodeanalyser.com
aivory.nerdfactory.ai
patent-manager-demo.nerdfactory.ai
strategy-backend.nerdfactory.ai
vav-testpage.nerdfactory.ai
nerdchat-media.nerdfactory.ai
blog.nerdfactory.ai
www.cowboytattoo.com.br
www.frikkherding.no
voryq-dev.nerdfactory.ai
kommati.lernit.app
blog.nerdfactory.ai
collab.nerdfactory.ai
aivory-manager-demo.nerdfactory.ai
collab.nerdfactory.ai
blog.nerdfactory.ai
voda-backoffice.nerdfactory.ai
www.urbantransit.app
collab.nerdfactory.ai
pacecapitalmgt.com
mail.nerdfactory.ai
mail.nerdfactory.ai
mamam-media.nerdfactory.ai
product.azago.in
mamam.nerdfactory.ai
www.blindstream.com
www.lascalamalaga.com
blog.nerdfactory.ai
voda-test.nerdfactory.ai
anuta-dev.nerdfactory.ai
mail.nerdfactory.ai
product.azago.in
patent-backend.nerdfactory.ai
blog.nerdfactory.ai
www.thepalettelife.com
cdn.nerdfactory.ai
wooribaby-universal-links.nerdfactory.ai
mail.nerdfactory.ai
www.josiahrininger.com
voryq-media.nerdfactory.ai
www.cowboytattoo.com.br
mail.nerdfactory.ai
link.prost.com
analytics.nerdfactory.ai
befirst-qa.ovdns.co.za
aivory.nerdfactory.ai
about.gapcrossstaging.com
hillswestny.com
blog.nerdfactory.ai
www.blindstream.com
voda-data-prod.nerdfactory.ai
pacecapitalmgt.com
nerdchat.nerdfactory.ai
collab.nerdfactory.ai
events.recomea.com
console.charatoru.jp
mamam.nerdfactory.ai
www.urbantransit.app
blog.nerdfactory.ai
mamam-stage.nerdfactory.ai
strategy-backend.nerdfactory.ai
mamam-stage.zetapol.org
blog.nerdfactory.ai
mail.nerdfactory.ai
vincitoulu.fi
aivory.nerdfactory.ai
wooribaby-universal-links.nerdfactory.ai
blog.nerdfactory.ai
anuta-dev.nerdfactory.ai
mail.nerdfactory.ai
mail.nerdfactory.ai
gcodeanalyser.com
aivory.nerdfactory.ai
patent-manager-demo.nerdfactory.ai
strategy-backend.nerdfactory.ai
vav-testpage.nerdfactory.ai
nerdchat-media.nerdfactory.ai
Certificate
The complete raw certificate details for cdn.nerdfactory.ai in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF0DCCBLigAwIBAgIQDtgArlv2sJYxb5ek41jSXjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTAyODAwMDAwMFoXDTI0MTEyNTIzNTk1OVowHTEb MBkGA1UEAxMSY2RuLm5lcmRmYWN0b3J5LmFpMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAoPDplTu7MsV4TqcaxmGpwLIU0i4rsOgHzYfrWXuCaIUsYGxB F1dwBMr9sQjBUBOS6RspjoFM4ytnljW9IGmuyLCw+fGIsbyRX1AaGGQhiaZP/wey w/wa6067K5gpkVio8YIGBn3fonsb0it9U0/SZCBJWxbIPHzl7yhehUZPl3PMjwCq KjjR+pGxqoaVcL2OT/9osx/0of1UcjJPvcbeYXUaWSneOTZw17oSC6QCC3b9OURQ Bfz4T1cj0edt0vMs8C84w1U6mAL7CSjmOY481KbGJ6ljaUlVkM6QKTkwEB7FPOxG oPu4/sJRXoJMo7n/yQIDZlhpDjSg0sAXdvFIqwIDAQABo4IC6zCCAucwHwYDVR0j BBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFFWw6CKrQBfI8WOV m1ho0aO7GFPiMB0GA1UdEQQWMBSCEmNkbi5uZXJkZmFjdG9yeS5haTATBgNVHSAE DDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMu YW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYB BQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF BQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2Vy MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AHb/iD8K tvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABi3Tc2+gAAAQDAEYwRAIgST1c Iu4mM1gDDZArrGU061EqiG0BseWxuz0VWqOmZeQCIBUae0ZxnzqAAskFJDjiqUTz Hpc4KBbKi6pyqdUQyQplAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznY hHMAAAGLdNzbpAAABAMASDBGAiEAupxfUDKnxunwY4hKfy1FrpgUkwpz4s8eikMy Q2vzfUgCIQDASNlPpTpYEO1IGp3ajxC6DXpOP/Lmwct5afiuOPOJ6AB2ANq2v2s/ tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABi3Tc2/kAAAQDAEcwRQIhAPcv bDIXX/4XuxAAHpQrs51RsozsS4bFOlD/nirFESRmAiBtt40HLC3gxNNmLlQ7OZGo 9V/9pMSGEfpW/qxuKrBJRzANBgkqhkiG9w0BAQsFAAOCAQEAUpzftOJMVjvybLaT +nNUpf/rRj8q3NNyk1rvCYcgGgfl2qDYKBPx0n8RUMG5q3mRBUWPd1cj98aY4DbB BspFsk2PXQ3v1dBKcgn3ZNx5wGr1jQjl34r4DAFhEX0P7EidqO+smuQUf7Vdvgpa MWtJ8iPiY0iclu/PyGIQgWrwP8nw8ZhzLIpeVr/znhaY+Gq4h+84DfI2TFvK+J0y HBqzlW30az3Ub8fc+64N0Kt3lr2JguG0JD5P3mO3lcruYC3ZD50++9bgCDiYulDp rG/9+G6FSsXCAM5swurSS1jiww2RknOm6G4nHlGBaFx50n8l3DQ9iiiIrygpe+e9 qndVbw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPDplTu7MsV4TqcaxmGp wLIU0i4rsOgHzYfrWXuCaIUsYGxBF1dwBMr9sQjBUBOS6RspjoFM4ytnljW9IGmu yLCw+fGIsbyRX1AaGGQhiaZP/weyw/wa6067K5gpkVio8YIGBn3fonsb0it9U0/S ZCBJWxbIPHzl7yhehUZPl3PMjwCqKjjR+pGxqoaVcL2OT/9osx/0of1UcjJPvcbe YXUaWSneOTZw17oSC6QCC3b9OURQBfz4T1cj0edt0vMs8C84w1U6mAL7CSjmOY48 1KbGJ6ljaUlVkM6QKTkwEB7FPOxGoPu4/sJRXoJMo7n/yQIDZlhpDjSg0sAXdvFI qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19730741876593988022853056037324903006 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cdn.nerdfactory.ai' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20316927143139129015592257669303441959631670403232994542317661707595409936844981079015529858434579692041105595141869009675783481672045485967135509602280683138747204006404199469347233059547075236923618537545196599306885236792929678622008917304047353695235315876571942023927766129503173781708654416556740524337953631146701280395794247913733235934319006674434353245687736877827001540458783945369216338241011160578425491589753761457485162964683417938944691476422334736327301198732865354340115131842916835490589111140188103450587142668380078693824897098985429627771811271400637747188350913106037580119000701587813435525291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 55b0e822ab4017c8f163959b5868d1a3bb1853e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.nerdfactory.ai' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 016800750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b74dcdbe800000403004630440220493d5c22ee263358030d902bac6534eb512a886d01b1e5b1bb3d155aa3a665e40220151a7b46719f3a8002c9052438e2a944f31e97382816ca8baa72a9d510c90a6500770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b74dcdba40000040300483046022100ba9c5f5032a7c6e9f063884a7f2d45ae9814930a73e2cf1e8a4332436bf37d48022100c048d94fa53a5810ed481a9dda8f10ba0d7a4e3ff2e6c1cb7969f8ae38f389e8007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b74dcdbf90000040300473045022100f72f6c32175ffe17bb10001e942bb39d51b28cec4b86c53a50ff9e2ac511246602206db78d072c2de0c4d3662e543b3991a8f55ffda4c48611fa56feac6e2ab04947 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00529cdfb4e24c563bf26cb693fa7354a5ffeb463f2adcd372935aef0987201a07e5daa0d82813f1d27f1150c1b9ab799105458f775723f7c698e036c106ca45b24d8f5d0defd5d04a7209f764dc79c06af58d08e5df8af80c0161117d0fec489da8efac9ae4147fb55dbe0a5a316b49f223e263489c96efcfc86210816af03fc9f0f198732c8a5e56bff39e1698f86ab887ef380df2364c5bcaf89d321c1ab3956df46b3dd46fc7dcfbae0dd0ab7796bd8982e1b4243e4fde63b795caee602dd90f9d3efbd6e0083898ba50e9ac6ffdf86e854ac5c200ce6cc2ead24b58e2c30d919273a6e86e271e5181685c79d27f25dc343d8a2888af28297be7bdaa77556f