*.sandbox.gengo.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 08:a2:38:ff:44:5b:d9:d1:e9:8e:25:2a:69:29:d7:76 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.sandbox.gengo.com
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:a2:38:ff:44:5b:d9:d1:e9:8e:25:2a:69:29:d7:76Serial Number (int): 11476132096637236233164344055460124534
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 8b:5f:00:5d:98:81:fa:84:9b:e5:6d:fd:4e:74:2c:6f:74:49:57:27
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): a9:e5:2f:c6:fc:58:59:20:fd:4e:77:b1:f8:a1:fb:d3:41:46:ad:e6
Fingerprint (sha256): 6b:87:92:18:d6:b9:3c:e3:06:d8:3c:2e:eb:8e:b3:d1:ae:13:72:5e:46:a3:b1:c0:ba:fa:8c:f3:d8:0b:36:e9
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate *.sandbox.gengo.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.sandbox.gengo.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sandbox.gengo.com
sandbox.gengo.com
sandbox.gengo.com
Other certificates including the domain name gengo.com
(limited to 100 certificates)
ab-status.alloy.co
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
blog.gengo.com
go.gengo.com
blog.gengo.com
support.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
blog.gengo.com
go.gengo.com
ab-status.alloy.co
developers.gengo.com
ab-status.alloy.co
ab-status.alloy.co
translate.gengo.com
*.gengo.com
status.bipbop.com.br
blog.gengo.com
*.gengo.com
style.gengo.com
ci.gengo.com
ab-status.alloy.co
api.sandbox.gengo.com
ab-status.alloy.co
ab-status.alloy.co
go.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
blog.gengo.com
developers.gengo.com
*.staging.gengo.com
status.bipbop.com.br
dashboard.translationexchange.com
ab-status.alloy.co
support.gengo.com
blog.gengo.com
go.gengo.com
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
support.gengo.com
ab-status.alloy.co
go.gengo.com
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
developers.gengo.com
qa.blog.gengo.com
ab-status.alloy.co
status.bipbop.com.br
style.gengo.com
support.gengo.com
developers.gengo.com
api.sandbox.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
style.gengo.com
developers.gengo.com
ab-status.alloy.co
ab-status.alloy.co
*.gengo.com
ab-status.alloy.co
blog.gengo.com
status.bipbop.com.br
support.gengo.com
ab-status.alloy.co
style.gengo.com
blog.gengo.com
go.gengo.com
*.gengo.com
ab-status.alloy.co
status.bipbop.com.br
support.gengo.com
*.sandbox.gengo.com
developers.gengo.com
*.staging.gengo.com
support.gengo.com
style.gengo.com
ab-status.alloy.co
support.gengo.com
status.bipbop.com.br
blog.gengo.com
*.gengo.com
ab-status.alloy.co
*.qa.gengo.com
ab-status.alloy.co
developers.gengo.com
style.gengo.com
blog.gengo.com
ab-status.alloy.co
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
blog.gengo.com
go.gengo.com
blog.gengo.com
support.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
blog.gengo.com
go.gengo.com
ab-status.alloy.co
developers.gengo.com
ab-status.alloy.co
ab-status.alloy.co
translate.gengo.com
*.gengo.com
status.bipbop.com.br
blog.gengo.com
*.gengo.com
style.gengo.com
ci.gengo.com
ab-status.alloy.co
api.sandbox.gengo.com
ab-status.alloy.co
ab-status.alloy.co
go.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
blog.gengo.com
developers.gengo.com
*.staging.gengo.com
status.bipbop.com.br
dashboard.translationexchange.com
ab-status.alloy.co
support.gengo.com
blog.gengo.com
go.gengo.com
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
support.gengo.com
ab-status.alloy.co
go.gengo.com
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
developers.gengo.com
qa.blog.gengo.com
ab-status.alloy.co
status.bipbop.com.br
style.gengo.com
support.gengo.com
developers.gengo.com
api.sandbox.gengo.com
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
ab-status.alloy.co
style.gengo.com
ab-status.alloy.co
ab-status.alloy.co
style.gengo.com
developers.gengo.com
ab-status.alloy.co
ab-status.alloy.co
*.gengo.com
ab-status.alloy.co
blog.gengo.com
status.bipbop.com.br
support.gengo.com
ab-status.alloy.co
style.gengo.com
blog.gengo.com
go.gengo.com
*.gengo.com
ab-status.alloy.co
status.bipbop.com.br
support.gengo.com
*.sandbox.gengo.com
developers.gengo.com
*.staging.gengo.com
support.gengo.com
style.gengo.com
ab-status.alloy.co
support.gengo.com
status.bipbop.com.br
blog.gengo.com
*.gengo.com
ab-status.alloy.co
*.qa.gengo.com
ab-status.alloy.co
developers.gengo.com
style.gengo.com
blog.gengo.com
ab-status.alloy.co
Certificate
The complete raw certificate details for *.sandbox.gengo.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF4zCCBMugAwIBAgIQCKI4/0Rb2dHpjiUqaSnXdjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDQwOTAwMDAwMFoXDTI0MDUwNjIzNTk1OVowHjEc MBoGA1UEAwwTKi5zYW5kYm94LmdlbmdvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAJbmygb2u3CwbQ2dD59rK05m6aQs8K49Ta2ACJjoSlQoV/vW 4C3KngGwTHJEkObJz+dmgEBcQK4anyhP+yUjO4dnWHvQr5gyXL3omkbwUcz4NgEj Q1r9+2zP+gLsr+R22vs9TIMTkLNjDCsjxoBnROGbmcyTV2QGF4jnQo4L8YvLPvdG uuB5nPkxsixZcrC5pxSo9l8ZOIpXHuNa5tHGc/+xZ85JtjBxPCTOqsrUmtRb881P yXa1pXSQU/VvdMtBp3KHVvfLVKpjpyFfeiBO9JCoxBQGOYzlKsYNzyVA0CEekuUv Oacg29JxmDp/RrLTKb0BTRFjoY7THrERK0WOmJ0CAwEAAaOCAv0wggL5MB8GA1Ud IwQYMBaAFIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBSLXwBdmIH6hJvl bf1OdCxvdElXJzAxBgNVHREEKjAoghMqLnNhbmRib3guZ2VuZ28uY29tghFzYW5k Ym94LmdlbmdvLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDEu YW1hem9udHJ1c3QuY29tL3IybTAxLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1 BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAxLmFt YXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMS5hbWF6 b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5 AgQCBIIBbASCAWgBZgB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0 AAABh2Sk6uQAAAQDAEcwRQIhAJKso5F6yMmENfRkkjKzUY9dssW1ayFkPdwXvCL0 Tk/9AiBYU6hEDVqE4orOkyXNo3/H9dOqaFEFXApzHvaLMY7yRgB1AHPZnokbTJZ4 oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABh2Sk6uwAAAQDAEYwRAIgIZrZtNoE jUhNwblp5lbBXqq7I3URX5SIJFNFUkXM9qMCIBpxmaRA/Q07u2BI1feHbznh2IZZ EFWeALx/TaZlvVYxAHUASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMA AAGHZKTqywAABAMARjBEAiA+DGDPddK5EPLH0+TTFR3goNNZzF56JHUA7Wy47Vfj owIgUnkhXI16C4pTOZlebmDkLGJreusFAvqvo53k3VBIG0gwDQYJKoZIhvcNAQEL BQADggEBAJBShDvU02qGqQfyATQ6ERbeJkweTpO/2tKFVubRrI4fjoFW7dtxeauT XGO2jYtoNL7BwgqdRl7+kZothRy/jrFT1SG9CRwkTR0gb0V9+ekQaMhILdei/Tic Igh6Y1smKzZ2QjrRTj5bBTecnleVAFYC4n8c31pnrpL1sxcZMsr5NUQ4yXjLuLnW +C8q7ozxQf+a+NE/rP8Rfn6UtdIEkdrJ/uectwnMPx62wSNe/RVVaqvthju3Asqq 1Bl5RD3CR8vuo/VVCsalHj82FX1+smHQO9BH13PIEndDE99ogc9T9g4ruB0PuRtS EKYoESvyX7ldby1CPVjk4ozXFPNBfF4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlubKBva7cLBtDZ0Pn2sr TmbppCzwrj1NrYAImOhKVChX+9bgLcqeAbBMckSQ5snP52aAQFxArhqfKE/7JSM7 h2dYe9CvmDJcveiaRvBRzPg2ASNDWv37bM/6Auyv5Hba+z1MgxOQs2MMKyPGgGdE 4ZuZzJNXZAYXiOdCjgvxi8s+90a64Hmc+TGyLFlysLmnFKj2Xxk4ilce41rm0cZz /7Fnzkm2MHE8JM6qytSa1FvzzU/JdrWldJBT9W90y0GncodW98tUqmOnIV96IE70 kKjEFAY5jOUqxg3PJUDQIR6S5S85pyDb0nGYOn9GstMpvQFNEWOhjtMesRErRY6Y nQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11476132096637236233164344055460124534 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sandbox.gengo.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19049552125645812127581215979409402199610817687862207349939258166050971259323277358183035213497148332128999331226317672829552854006505385236206262698113034268883762970031538444228296050995477775761504596679797026630270850574429760061746342384314090204283684032375328345572111158918385646076166435294314376796621287001060474568908924710593217522601710186871987378916180393224436993416996529926030684993379226170419955461371116756599645555026520703365963838091823072640937329574561196738022193942350155160490618686486108294847922614212995248601020688186993403332105605370960620196067032295852726005021404520870849714333 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8b5f005d9881fa849be56dfd4e742c6f74495727 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sandbox.gengo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sandbox.gengo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 016600760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018764a4eae4000004030047304502210092aca3917ac8c98435f4649232b3518f5db2c5b56b21643ddc17bc22f44e4ffd02205853a8440d5a84e28ace9325cda37fc7f5d3aa6851055c0a731ef68b318ef24600750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b50000018764a4eaec00000403004630440220219ad9b4da048d484dc1b969e656c15eaabb2375115f94882453455245ccf6a302201a7199a440fd0d3bbb6048d5f7876f39e1d8865910559e00bc7f4da665bd563100750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018764a4eacb000004030046304402203e0c60cf75d2b910f2c7d3e4d3151de0a0d359cc5e7a247500ed6cb8ed57e3a302205279215c8d7a0b8a5339995e6e60e42c626b7aeb0502faafa39de4dd50481b48 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009052843bd4d36a86a907f201343a1116de264c1e4e93bfdad28556e6d1ac8e1f8e8156eddb7179ab935c63b68d8b6834bec1c20a9d465efe919a2d851cbf8eb153d521bd091c244d1d206f457df9e91068c8482dd7a2fd389c22087a635b262b3676423ad14e3e5b05379c9e5795005602e27f1cdf5a67ae92f5b3171932caf9354438c978cbb8b9d6f82f2aee8cf141ff9af8d13facff117e7e94b5d20491dac9fee79cb709cc3f1eb6c1235efd15556aabed863bb702caaad41979443dc247cbeea3f5550ac6a51e3f36157d7eb261d03bd047d773c812774313df6881cf53f60e2bb81d0fb91b5210a628112bf25fb95d6f2d423d58e4e28cd714f3417c5e