hzportal.hopzero.com

Issued by SSL.com RSA SSL subCA

About this certificate

This digital certificate with serial number 70:ee:f2:af:1d:d3:5c:b1:05:49:d1:ba:04:bb:8d:03 was issued on by SSL Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=hzportal.hopzero.com

SSL Corporation

Organization: SSL Corporation
State / Province: Texas
Locality: Houston
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 70:ee:f2:af:1d:d3:5c:b1:05:49:d1:ba:04:bb:8d:03
Serial Number (int): 150114224397524976797247208025950489859
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 29:90:0b:37:78:59:47:2a:4f:3a:40:94:60:2e:96:f3:30:f9:59:82
AuthorityKeyId: 26:14:7e:e0:dc:d7:a6:f7:e2:d4:04:27:df:61:f1:c2:ec:e7:32:ca

Fingerprint (sha1): a3:9a:df:66:ad:d5:a5:6f:df:68:77:ca:0f:28:3c:68:44:e9:0c:ef
Fingerprint (sha256): 63:b0:46:f1:97:a3:92:65:a8:b8:e7:2e:67:49:22:b1:30:4f:05:23:0e:99:59:55:59:28:9f:7d:96:c2:cd:ef

Issuing Certificate URL: http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer

Revocation information

OCSP Server: http://ocsps.ssl.com
CRL Distribution Point: http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl

Check the revocation status for certificate hzportal.hopzero.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hzportal.hopzero.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hzportal.hopzero.com
www.hzportal.hopzero.com

Other certificates including the domain name hopzero.com

(limited to 100 certificates)
hopzero.com
blog.hopzero.com
support.hopzero.com
help.pieralpha.io
*.hopzero.com
sdrhelpdesk.inurface.media
2019sjmeetup.culytics.com
support.bmt.ky
blog.hopzero.com
www.zohomeetups.com
blog.hopzero.com
www.hopzero.com
blog.hopzero.com
www.hopzero.com
hopzero.com
info.hopzero.com
www.zohomeetups.com
support.eyecontrol.co.il
www.zohomeetups.com
info.hopzero.com
www.hopzero.com
hopzero.com
info.hopzero.com
info.hopzero.com
hopzero.com
support.bmt.ky
info.hopzero.com
ssl373521.cloudflaressl.com
support.bmt.ky
info.hopzero.com
info.hopzero.com
hopzero.com
blog.hopzero.com
hopzero.com
info.hopzero.com
dsc-support.digitalstacks.net
www.zohomeetups.com
hopzero.com
*.hopzero.com
support.bmt.ky
*.hopzero.com
blog.hopzero.com
staging.restapi.hopzero.com
www.zohomeetups.com
hzportal.hopzero.com
ssl373521.cloudflaressl.com
info.hopzero.com
hopzero.com
hopzero.com
sni.cloudflaressl.com
www.zohomeetups.com
info.hopzero.com
events.hopzero.com
www.zohomeetups.com
support.bmt.ky
hopzero.com
*.hopzero.com
2019sjmeetup.culytics.com
hopzero.com
info.hopzero.com
2019sjmeetup.culytics.com
staging.restapi.hopzero.com
www.hopzero.com
blog.hopzero.com
info.hopzero.com
support.bmt.ky
hopzero.com
help.dsncon.de
www.hopzero.com
hopzero.com
info.hopzero.com
ssl373521.cloudflaressl.com
hopzero.com
info.hopzero.com
sni.cloudflaressl.com
info.hopzero.com
staging.restapi.hopzero.com
apmops.myanmarmaths.com
ssl373521.cloudflaressl.com
hopzero.com
staging.restapi.hopzero.com
info.hopzero.com
hopzero.com
evenement.reseauquebecoisdesaeroports.ca
events.qdao.live
hopzero.com
support.bmt.ky
ssl373520.cloudflaressl.com
*.hopzero.com
info.hopzero.com
hopzero.com
ssl373521.cloudflaressl.com
hopzero.com
info.hopzero.com
*.hopzero.com
ssl373520.cloudflaressl.com
www.zohomeetups.com
hopzero.com
info.hopzero.com
blog.hopzero.com

Certificate

The complete raw certificate details for hzportal.hopzero.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxTCCA62gAwIBAgIQcO7yrx3TXLEFSdG6BLuNAzANBgkqhkiG9w0BAQsFADBp
MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg
U1NMIHN1YkNBMB4XDTI0MDUyMjIwMjkwNloXDTI1MDUyMjIwMjkwNlowHzEdMBsG
A1UEAwwUaHpwb3J0YWwuaG9wemVyby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBh2A5lsGI//hKw3ZHL/ZhebiMjviKBPe+mc1FkuFq5HZ7/HcZ
83ZGK4eTNM6XdaZiC9V96VKm+y9n0yLrIhUyWi3g+2iSVzdRUTeUpxJD0Y6jrh7g
CTi768HJONg1bbGDX7nni1xg4TiNBKJUyab4SgNA3/hF2+lTekUm6gY9rvW5CqEr
wLLDTo4iLxqwI6G1zAKLS56qt2DiZh+Ie6+WgrAnrJEF271pLkj8/ahj3PE1Fx8l
b6rxlHh6Shoe+TyHIvfJRoiu1QBpsv5sfKcLtL8LmgDYESjEyVYDHrwDxNH/7FwZ
ruvy/Jaewt/4zEUxyuoNTyXmE6+xoVEC+rc7AgMBAAGjggGxMIIBrTAMBgNVHRMB
Af8EAjAAMB8GA1UdIwQYMBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHIGCCsGAQUF
BwEBBGYwZDBABggrBgEFBQcwAoY0aHR0cDovL2NlcnQuc3NsLmNvbS9TU0xjb20t
U3ViQ0EtU1NMLVJTQS00MDk2LVIxLmNlcjAgBggrBgEFBQcwAYYUaHR0cDovL29j
c3BzLnNzbC5jb20wOQYDVR0RBDIwMIIUaHpwb3J0YWwuaG9wemVyby5jb22CGHd3
dy5oenBvcnRhbC5ob3B6ZXJvLmNvbTAjBgNVHSAEHDAaMAgGBmeBDAECATAOBgwr
BgEEAYKpMAEDAQEwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEUGA1Ud
HwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tLVN1YkNBLVNT
TC1SU0EtNDA5Ni1SMS5jcmwwHQYDVR0OBBYEFCmQCzd4WUcqTzpAlGAulvMw+VmC
MA4GA1UdDwEB/wQEAwIFoDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0B
AQsFAAOCAgEAbMMRTRF0WnYL4PL/Vz8hMsmKCFM523NTQ5S/uN+i97lnrE3Y6vwo
H9wAcXMXv9J1q20XUVPydJkiY1PvvCwHS7xJAlBNya90EoB+BuVa6Fevr74ihiNZ
I7qp8FecUoO3/y/0Gz6/UnxoL2X81yWPCSPgAtJDV1C8trDkoR9mC1zhZzrBpuIl
MbmJXMsUK5me/2teaPAE9ZlSEGKaGfJbpck8w69b+jqwDNJUPEU8SKxcPZ35a9hq
0Ap07LvirHYEZV+XjPlkUZlgdYukkmso51QnnXcZaGUggxejKUEvaiXnN5sAbqDO
ffEHX5lXiOyab9PWEs+mrUBMWOURi1UKj8EY5n0lG88Z1QWdTQyVzpRkaF9ueox7
aamwTGp4PTh4DOzX8Kno4nYWMsrr4oAFnOxOaGwcCIwg3/l58fAJ352w5cI2uqsp
7E2KGE6uDVC0NGISOFFkUk6JJjMu7t+/Zmt3NI0lcHD9BpkiHMuH/PTcvlh5W+cu
uN7rEU1tnH5RSi4rwcXDRuGBcZioVQnLkA+KmW0BSC6Q+97atkDeR5AXgYdw9wqZ
AwwIJaRo/nukS362XPokXY3v7D2snRISqepz8CbD+lO1//PJ8fmu+PTAJqagzEbp
utlyh86gFQkZaf3q55oJSY26cqM0Pb93238uNLrUjTYQVrmK9Lep28k=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYdgOZbBiP/4SsN2Ry/2
YXm4jI74igT3vpnNRZLhauR2e/x3GfN2RiuHkzTOl3WmYgvVfelSpvsvZ9Mi6yIV
Mlot4Ptoklc3UVE3lKcSQ9GOo64e4Ak4u+vByTjYNW2xg1+554tcYOE4jQSiVMmm
+EoDQN/4RdvpU3pFJuoGPa71uQqhK8Cyw06OIi8asCOhtcwCi0ueqrdg4mYfiHuv
loKwJ6yRBdu9aS5I/P2oY9zxNRcfJW+q8ZR4ekoaHvk8hyL3yUaIrtUAabL+bHyn
C7S/C5oA2BEoxMlWAx68A8TR/+xcGa7r8vyWnsLf+MxFMcrqDU8l5hOvsaFRAvq3
OwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 150114224397524976797247208025950489859
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Texas'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Houston'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL.com RSA SSL subCA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-22 20:29:06 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-22 20:29:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'hzportal.hopzero.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24430749192297032933790524153068906430482494963937452622404560978977159333608239128499703914054706041402337135091874414670646052970165210001398508282419164504182977032276372756504486441739231880493825204089221804427318139036007281695915548211377209698641481005982940748827429150750680853716731552640259960297528745918159433455233940933294100020904077737130947252244771690940872069792019891160447518591784400656776452338584222287837823560644627901115523212515096214553381383323358866487161117798032631611752546327397382736047895972727158045871205545687050737411285481477534803165419739613523484511823184778009509541691
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26147ee0dcd7a6f7e2d40427df61f1c2ece732ca
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hzportal.hopzero.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hzportal.hopzero.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							29900b377859472a4f3a4094602e96f330f95982
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		006cc3114d11745a760be0f2ff573f2132c98a085339db73534394bfb8dfa2f7b967ac4dd8eafc281fdc00717317bfd275ab6d175153f27499226353efbc2c074bbc4902504dc9af7412807e06e55ae857afafbe2286235923baa9f0579c5283b7ff2ff41b3ebf527c682f65fcd7258f0923e002d2435750bcb6b0e4a11f660b5ce1673ac1a6e22531b9895ccb142b999eff6b5e68f004f5995210629a19f25ba5c93cc3af5bfa3ab00cd2543c453c48ac5c3d9df96bd86ad00a74ecbbe2ac7604655f978cf964519960758ba4926b28e754279d77196865208317a329412f6a25e7379b006ea0ce7df1075f995788ec9a6fd3d612cfa6ad404c58e5118b550a8fc118e67d251bcf19d5059d4d0c95ce9464685f6e7a8c7b69a9b04c6a783d38780cecd7f0a9e8e2761632caebe280059cec4e686c1c088c20dff979f1f009df9db0e5c236baab29ec4d8a184eae0d50b4346212385164524e8926332eeedfbf666b77348d257070fd0699221ccb87fcf4dcbe58795be72eb8deeb114d6d9c7e514a2e2bc1c5c346e1817198a85509cb900f8a996d01482e90fbdedab640de479017818770f70a99030c0825a468fe7ba44b7eb65cfa245d8defec3dac9d1212a9ea73f026c3fa53b5fff3c9f1f9aef8f4c026a6a0cc46e9bad97287cea015091969fdeae79a09498dba72a3343dbf77db7f2e34bad48d361056b98af4b7a9dbc9