ot-assets-eu.orangetalent.net
Issued by Amazon
About this certificate
This digital certificate with serial number 0a:d2:0a:59:c0:f5:35:5c:ad:bb:96:54:a5:e6:7c:19 was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ot-assets-eu.orangetalent.net
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0a:d2:0a:59:c0:f5:35:5c:ad:bb:96:54:a5:e6:7c:19Serial Number (int): 14382872233261533523806409224811346969
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ee:90:f8:96:81:e7:a7:bb:7f:b4:f7:1a:09:ff:e3:fe:20:94:64:57
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): c6:4c:6c:52:96:27:d2:c8:1b:92:9c:85:73:41:d9:b0:4e:df:c8:16
Fingerprint (sha256): 65:97:2e:28:3b:cd:c9:d0:68:50:e9:70:8d:ac:22:ce:a7:5d:0b:19:a0:5b:dd:f7:b9:1e:82:ef:a6:e9:27:75
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate ot-assets-eu.orangetalent.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ot-assets-eu.orangetalent.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ot-assets-eu.orangetalent.net
Other certificates including the domain name orangetalent.net
(limited to 100 certificates)
gitlab.orangetalent.net
hq.orangetalent.net
code.orangetalent.net
hrm.orangetalent.net
hq.orangetalent.net
code.orangetalent.net
satis.orangetalent.net
kiyomi.orangetalent.net
report.orangetalent.net
kiyomi.orangetalent.net
satis.orangetalent.net
hq.orangetalent.net
satis.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
address.orangetalent.net
cms.orangetalent.net
hq.orangetalent.net
satis.orangetalent.net
pay.orangetalent.net
cms.orangetalent.net
code.orangetalent.net
satis.orangetalent.net
ot-assets-eu.orangetalent.net
gitlab.orangetalent.net
address.orangetalent.net
status.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
api.orangetalent.net
hq.orangetalent.net
report.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
cms.orangetalent.net
gitlab.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
ot-assets-eu.orangetalent.net
gitlab.orangetalent.net
satis.orangetalent.net
hq.orangetalent.net
code.orangetalent.net
developers.orangetalent.net
report.orangetalent.net
code.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
cms.orangetalent.net
status.orangetalent.net
cms.orangetalent.net
api.orangetalent.net
developers.orangetalent.net
kiyomi.orangetalent.net
cms.orangetalent.net
gitlab.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
address.orangetalent.net
hq.orangetalent.net
cms.orangetalent.net
hq.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
gitlab.orangetalent.net
hq.orangetalent.net
kiyomi.orangetalent.net
satis.orangetalent.net
report.orangetalent.net
gitlab.orangetalent.net
code.orangetalent.net
hq.orangetalent.net
cms.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
kiyomi.orangetalent.net
cms.orangetalent.net
code.orangetalent.net
hq.orangetalent.net
hq.orangetalent.net
code.orangetalent.net
hrm.orangetalent.net
hq.orangetalent.net
code.orangetalent.net
satis.orangetalent.net
kiyomi.orangetalent.net
report.orangetalent.net
kiyomi.orangetalent.net
satis.orangetalent.net
hq.orangetalent.net
satis.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
address.orangetalent.net
cms.orangetalent.net
hq.orangetalent.net
satis.orangetalent.net
pay.orangetalent.net
cms.orangetalent.net
code.orangetalent.net
satis.orangetalent.net
ot-assets-eu.orangetalent.net
gitlab.orangetalent.net
address.orangetalent.net
status.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
api.orangetalent.net
hq.orangetalent.net
report.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
cms.orangetalent.net
gitlab.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
ot-assets-eu.orangetalent.net
gitlab.orangetalent.net
satis.orangetalent.net
hq.orangetalent.net
code.orangetalent.net
developers.orangetalent.net
report.orangetalent.net
code.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
cms.orangetalent.net
status.orangetalent.net
cms.orangetalent.net
api.orangetalent.net
developers.orangetalent.net
kiyomi.orangetalent.net
cms.orangetalent.net
gitlab.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
address.orangetalent.net
hq.orangetalent.net
cms.orangetalent.net
hq.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
gitlab.orangetalent.net
hq.orangetalent.net
kiyomi.orangetalent.net
satis.orangetalent.net
report.orangetalent.net
gitlab.orangetalent.net
code.orangetalent.net
hq.orangetalent.net
cms.orangetalent.net
kiyomi.orangetalent.net
hq.orangetalent.net
hq.orangetalent.net
gitlab.orangetalent.net
kiyomi.orangetalent.net
cms.orangetalent.net
code.orangetalent.net
hq.orangetalent.net
Certificate
The complete raw certificate details for ot-assets-eu.orangetalent.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIQCtIKWcD1NVytu5ZUpeZ8GTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA2MjAwMDAwMDBaFw0yMDA3MjAx MjAwMDBaMCgxJjAkBgNVBAMTHW90LWFzc2V0cy1ldS5vcmFuZ2V0YWxlbnQubmV0 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUJvfibHZflnxASjEasY x4T0A0LV3d4JrtE5wWw5QOfW/GVNa7n6GFM+KN9lhA9FUmII076URxMAbBZeRgM0 fVk7Gi4eB4ZQiikWC80VTbBlWRT1UviN0gvYhI1Z22xA36B/DWt9SbfseybzJD6n Qth/h//cJXuAzAxBs5oVjVc1dXqF/60YRtWa9XpBhvRBJayh7quCif3nu0jCQOYd Ih1IIQPqXnv4UGBs8CJ66MIxd+L3imv993s4Gd6OZqZlHDSFnUu53+ZZGGc3DZi8 25O3yjafg/zH4Fx1qNblZs8jyf7CyGe0geB4LG6PZQkrrhgYfQYK4lGRojgUa8Jo SwIDAQABo4ICijCCAoYwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAw HQYDVR0OBBYEFO6Q+JaB56e7f7T3Ggn/4/4glGRXMCgGA1UdEQQhMB+CHW90LWFz c2V0cy1ldS5vcmFuZ2V0YWxlbnQubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov L2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcw CwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUH MAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcw AoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwG A1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgC72d+8H4pxtZOU I5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWtzvh33AAAEAwBHMEUCIG8nYHtal1vZ HRlBf7c24cgmC/DJe7n78ailv6u6EaWrAiEA9uEm//0exjMwbneKQJ1T5jA5gNEV 98UhT581xpFJc7sAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAA AWtzvh5CAAAEAwBIMEYCIQC4NEVzVv6jcFj9IYw681QUM1mT/KcALIwJNgP9jWAF XwIhAJwGlMi0qC4bhrrT8gBAXZ5y2w6OL5sHvEZsCXPqQGqkMA0GCSqGSIb3DQEB CwUAA4IBAQCv2umgX6Jf3vajf7MOw+QK8hy8WZQUy5yU8pHHWgd2p5KEdDlwGQ5i 4BvOfETRw3fq6MSc9bqdTEHBs7nF2mhe1v2eT8jQUuSypsWkwRTwJ3TtWYG1gHvm 5wKHZu3aMy+c+11jEsJmPzEpOsEGQVoqWSiIfZW8YN4Ty6JuMk2kwFowskChdpC6 PDpP82Jga45kHP7A9qs/LA5CocEFCI+dUxnOQsP98onEnGhYhfy1ToiyCrNtwv/o ac4mwn0Om26RkTf5jFzX6Um7wxk+WLVHUDxM/CLxzwPl50dFZTDt1KcpvULBIGFt yvpPeqjywsTK/bigVH7t4OSkF9ScREaN -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUJvfibHZflnxASjEasY x4T0A0LV3d4JrtE5wWw5QOfW/GVNa7n6GFM+KN9lhA9FUmII076URxMAbBZeRgM0 fVk7Gi4eB4ZQiikWC80VTbBlWRT1UviN0gvYhI1Z22xA36B/DWt9SbfseybzJD6n Qth/h//cJXuAzAxBs5oVjVc1dXqF/60YRtWa9XpBhvRBJayh7quCif3nu0jCQOYd Ih1IIQPqXnv4UGBs8CJ66MIxd+L3imv993s4Gd6OZqZlHDSFnUu53+ZZGGc3DZi8 25O3yjafg/zH4Fx1qNblZs8jyf7CyGe0geB4LG6PZQkrrhgYfQYK4lGRojgUa8Jo SwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 14382872233261533523806409224811346969 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-20 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ot-assets-eu.orangetalent.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24396753433708272449510756426444019794997061983481303054522873361996038117809416212240935704523545708006745360348489804692233203677652618330492059495542934385586199444230829662246923339677419706721568284671859810900956518681927297483727746031620470128659002065658792940626570090444744225017639915397965602557001089220486326717886099892492354826772495223061907161718043036608430505695079985327185344317874408601507720017267226662433292116455037739057648520112856129005384653937317668923823996924828613291129575276051305629252293435901725419864577348259515100639156842187670534318503240279740524710557326408554580699211 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ee90f89681e7a7bb7fb4f71a09ffe3fe20946457 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ot-assets-eu.orangetalent.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b73be1df7000004030047304502206f27607b5a975bd91d19417fb736e1c8260bf0c97bb9fbf1a8a5bfabba11a5ab022100f6e126fffd1ec633306e778a409d53e6303980d115f7c5214f9f35c6914973bb0077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016b73be1e420000040300483046022100b834457356fea37058fd218c3af35414335993fca7002c8c093603fd8d60055f0221009c0694c8b4a82e1b86bad3f200405d9e72db0e8e2f9b07bc466c0973ea406aa4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00afdae9a05fa25fdef6a37fb30ec3e40af21cbc599414cb9c94f291c75a0776a79284743970190e62e01bce7c44d1c377eae8c49cf5ba9d4c41c1b3b9c5da685ed6fd9e4fc8d052e4b2a6c5a4c114f02774ed5981b5807be6e7028766edda332f9cfb5d6312c2663f31293ac106415a2a5928887d95bc60de13cba26e324da4c05a30b240a17690ba3c3a4ff362606b8e641cfec0f6ab3f2c0e42a1c105088f9d5319ce42c3fdf289c49c685885fcb54e88b20ab36dc2ffe869ce26c27d0e9b6e919137f98c5cd7e949bbc3193e58b547503c4cfc22f1cf03e5e747456530edd4a729bd42c120616dcafa4f7aa8f2c2c4cafdb8a0547eede0e4a417d49c44468d