*.chintai.net
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 04:79:b1:fd:0e:1b:f1:45:79:7a:66:bd:f9:67:75:82 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.chintai.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:79:b1:fd:0e:1b:f1:45:79:7a:66:bd:f9:67:75:82Serial Number (int): 5948789938613910595739428539240772994
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: b2:18:0b:9c:2e:bd:01:d7:1d:2f:1b:28:2e:ec:e0:c1:be:c0:af:55
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): c8:b3:57:b3:72:93:b7:8d:b9:dc:d9:d3:55:14:00:c9:f8:63:24:7f
Fingerprint (sha256): 73:02:3c:f4:e7:0c:5b:60:aa:52:85:21:39:33:ac:3b:ba:8c:bd:10:ee:9b:f4:d8:3d:14:3a:63:f9:72:ec:30
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.chintai.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.chintai.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.chintai.net
peya.chintai.co.jp
peya.chintai.co.jp
Other certificates including the domain name chintai.net
(limited to 100 certificates)
mng.chintai.net
ajuda.mkfull.com.br
mng.chintai.net
ajuda.mkfull.com.br
faq.able.co.jp
sso.chintai.net
faq8now.8securities.co.jp
logap.chintai.net
*.chintai.net
www.chintai.net
ajuda.mkfull.com.br
img.chintai.net
crm.chintai.net
sp.chintai.net
mng.chintai.net
net-kanri.chintai.net
faq.test-able.jp
system.chintai.net
www.chintai.net
ad.chintai.net
mng.chintai.net
csmfaq.refuel4.com
*.chintai.net
sp.chintai.net
kaigai.chintai.net
*.chintai.net
faqchloe.8securities.co.jp
system.chintai.net
image.chintai.net
mng.chintai.net
*.chintai.net
*.chintai.net
faq.drivehub.co
img.chintai.net
faqchloe.8securities.co.jp
sso.chintai.net
sso.chintai.net
sd.itsmcorp.com
www0.chintai.net
sso.chintai.net
image.chintai.net
mng.chintai.net
img.chintai.net
journal.chintai.net
gtgvze.chintai.net
offer.able.co.jp
kaigai.chintai.net
offer.able.co.jp
support.omegaedi.com
image.chintai.net
kaigai.chintai.net
mobile.chintai.net
www0.chintai.net
mobile.chintai.net
www0.chintai.net
*.chintai.net
img.chintai.net
image.chintai.net
mobile.chintai.net
ad.chintai.net
ajuda.mkfull.com.br
image.chintai.net
image.chintai.net
kaigai.chintai.net
offer.able.co.jp
logap.chintai.net
crm.chintai.net
ad.chintai.net
sp.chintai.net
help.steadyhq.com
img.chintai.net
wiki.intellyo.com
help.tidy.com
mng.chintai.net
net-kanri.chintai.net
mobile.chintai.net
*.chintai.net
www0.chintai.net
mypage.chintai.net
crm.chintai.net
faq.utick.net
sp.chintai.net
csmfaq.refuel4.com
kaigai.chintai.net
faq.earpeace.com
*.chintai.net
faq.avvocato360.it
img.chintai.net
img.chintai.net
crm.chintai.net
img.chintai.net
mobile.chintai.net
crm.chintai.net
*.chintai.net
help.littlepok.com
journal.chintai.net
gakusei.chintai.net
gakusei.chintai.net
cs.chintai.net
cs.chintai.net
ajuda.mkfull.com.br
mng.chintai.net
ajuda.mkfull.com.br
faq.able.co.jp
sso.chintai.net
faq8now.8securities.co.jp
logap.chintai.net
*.chintai.net
www.chintai.net
ajuda.mkfull.com.br
img.chintai.net
crm.chintai.net
sp.chintai.net
mng.chintai.net
net-kanri.chintai.net
faq.test-able.jp
system.chintai.net
www.chintai.net
ad.chintai.net
mng.chintai.net
csmfaq.refuel4.com
*.chintai.net
sp.chintai.net
kaigai.chintai.net
*.chintai.net
faqchloe.8securities.co.jp
system.chintai.net
image.chintai.net
mng.chintai.net
*.chintai.net
*.chintai.net
faq.drivehub.co
img.chintai.net
faqchloe.8securities.co.jp
sso.chintai.net
sso.chintai.net
sd.itsmcorp.com
www0.chintai.net
sso.chintai.net
image.chintai.net
mng.chintai.net
img.chintai.net
journal.chintai.net
gtgvze.chintai.net
offer.able.co.jp
kaigai.chintai.net
offer.able.co.jp
support.omegaedi.com
image.chintai.net
kaigai.chintai.net
mobile.chintai.net
www0.chintai.net
mobile.chintai.net
www0.chintai.net
*.chintai.net
img.chintai.net
image.chintai.net
mobile.chintai.net
ad.chintai.net
ajuda.mkfull.com.br
image.chintai.net
image.chintai.net
kaigai.chintai.net
offer.able.co.jp
logap.chintai.net
crm.chintai.net
ad.chintai.net
sp.chintai.net
help.steadyhq.com
img.chintai.net
wiki.intellyo.com
help.tidy.com
mng.chintai.net
net-kanri.chintai.net
mobile.chintai.net
*.chintai.net
www0.chintai.net
mypage.chintai.net
crm.chintai.net
faq.utick.net
sp.chintai.net
csmfaq.refuel4.com
kaigai.chintai.net
faq.earpeace.com
*.chintai.net
faq.avvocato360.it
img.chintai.net
img.chintai.net
crm.chintai.net
img.chintai.net
mobile.chintai.net
crm.chintai.net
*.chintai.net
help.littlepok.com
journal.chintai.net
gakusei.chintai.net
gakusei.chintai.net
cs.chintai.net
cs.chintai.net
Certificate
The complete raw certificate details for *.chintai.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2zCCBMOgAwIBAgIQBHmx/Q4b8UV5ema9+Wd1gjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIxMDAwMDAwMFoXDTI1MDEwNzIzNTk1OVowGDEW MBQGA1UEAwwNKi5jaGludGFpLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAJXMj/w9Ao/wm/j7zsdl1jV5m7Pi3i07P2N8jZGYzy72pny7IwAm/e6q ZNdQ+lgDCka8THhVhaPewHRXT2isFeQYc59ZhXHEcJhzzzBHMfLPt5YpVxBs83S1 lLoYhRs5MiMF2opIKNG7+dH2LwM48x7DsbKOqdmLBz+KN+oHo4Xqvq2g37mqeuIC DcZrnr+VpMe/aeYhkHhyVvxtyTBPi67FsYVBRKqzYvxAXqoCfda6qen6VfI49JN3 c6kVFvpmXiWMt/Q/WXNQaNvGN8+QWrjm+U4LM4ZOxDqkGAfx9oXisKeneqspxZBr bZS7dT8Xvn6YYv5a0pBJ6vWPIFOzbDcCAwEAAaOCAvswggL3MB8GA1UdIwQYMBaA FMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSyGAucLr0B1x0vGygu7ODB vsCvVTAsBgNVHREEJTAjgg0qLmNoaW50YWkubmV0ghJwZXlhLmNoaW50YWkuY28u anAwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v Y3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29t L3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFr AWkAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAYxRJ5HWAAAE AwBHMEUCIG2ynnUjBgFQf69X2sxI+NEFbShHtA4JHD4E23QEfqQgAiEAxCE9lD21 aTOhQWmRJXMBd/N6Db/oYKmB9bQNYQyC7YMAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3 fx+FauvBvyiF7PhkbgAAAYxRJ5IcAAAEAwBHMEUCIQD3qrXybaEWspb5soD7xH4K jS3M1P7AHna4OGmCpvD+5gIgYvj1YkXc+z9WMm9ICPvQ+/bcpAljXXCyPgniopNf xvoAdwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAYxRJ5IKAAAE AwBIMEYCIQDrK5GEWR082V+B/I1fHBMZL0yPEddQx4tsetT99UE26AIhAJvD00M5 B+Vqxl4DQECy4ydOSg8+zCVYvqghnfBrJvkaMA0GCSqGSIb3DQEBCwUAA4IBAQBi a96UhrtwHHt+6oRgpP+XsjG2LfqgdBWy2dvngmX0ER/4XjSAqGECoZ3N1iVMyp+F BlM9z9d2PmggV1Ol9BGfQM7GQfdSfd/Ve9Zo6uDTKYWmPiM+dDtNYa0A9rNk5y/A Xl4GKMRSWWMc+59F5IGFYVQ4fsN4Iqem3neWckz13D4TDLqTJHYkGzX7+7YYezTh LICZPb15BauodQGs2etrboUCPSbLCxqfoGSMeOPSvJSx7pkuyz9qA22cQu/Y0Rpc 51iWf7rimYe5+zyLi82UNekxIY1T8/mtpdZS8m5ywHOmy3N3IiCPqpRl/l7sqVxL PLMhS0V24UqIBFdv4A5I -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcyP/D0Cj/Cb+PvOx2XW NXmbs+LeLTs/Y3yNkZjPLvamfLsjACb97qpk11D6WAMKRrxMeFWFo97AdFdPaKwV 5Bhzn1mFccRwmHPPMEcx8s+3lilXEGzzdLWUuhiFGzkyIwXaikgo0bv50fYvAzjz HsOxso6p2YsHP4o36gejheq+raDfuap64gINxmuev5Wkx79p5iGQeHJW/G3JME+L rsWxhUFEqrNi/EBeqgJ91rqp6fpV8jj0k3dzqRUW+mZeJYy39D9Zc1Bo28Y3z5Ba uOb5Tgszhk7EOqQYB/H2heKwp6d6qynFkGttlLt1Pxe+fphi/lrSkEnq9Y8gU7Ns NwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5948789938613910595739428539240772994 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.chintai.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18910380939996280647087165176386307695857429753202481948414326050085609978241506845300610199788597379075993439308751827716554969794022967955743883649146692460453749792995228256041326614856493859323003792905424726066373750738564326462206201417505543598674197700383273600624063980434947725913746913097221695645899381612668183650920106725871732569931800002780705609151457947886747059151189038732351651592333720723234164911272976096345175759454118993977097990432770761009557941753133778249591649667591634962815752604755192447791792231101242714764735838240422923666769517749892985155279053591901908466092435666508514028599 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b2180b9c2ebd01d71d2f1b282eece0c1bec0af55 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.chintai.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'peya.chintai.co.jp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c512791d6000004030047304502206db29e75230601507faf57dacc48f8d1056d2847b40e091c3e04db74047ea420022100c4213d943db56933a141699125730177f37a0dbfe860a981f5b40d610c82ed830076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c5127921c0000040300473045022100f7aab5f26da116b296f9b280fbc47e0a8d2dccd4fec01e76b8386982a6f0fee6022062f8f56245dcfb3f56326f4808fbd0fbf6dca409635d70b23e09e2a2935fc6fa0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c5127920a0000040300483046022100eb2b9184591d3cd95f81fc8d5f1c13192f4c8f11d750c78b6c7ad4fdf54136e80221009bc3d3433907e56ac65e034040b2e3274e4a0f3ecc2558bea8219df06b26f91a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00626bde9486bb701c7b7eea8460a4ff97b231b62dfaa07415b2d9dbe78265f4111ff85e3480a86102a19dcdd6254cca9f8506533dcfd7763e68205753a5f4119f40cec641f7527ddfd57bd668eae0d32985a63e233e743b4d61ad00f6b364e72fc05e5e0628c45259631cfb9f45e481856154387ec37822a7a6de7796724cf5dc3e130cba932476241b35fbfbb6187b34e12c80993dbd7905aba87501acd9eb6b6e85023d26cb0b1a9fa0648c78e3d2bc94b1ee992ecb3f6a036d9c42efd8d11a5ce758967fbae29987b9fb3c8b8bcd9435e931218d53f3f9ada5d652f26e72c073a6cb737722208faa9465fe5eeca95c4b3cb3214b4576e14a8804576fe00e48