*.rzone.de

Issued by RapidSSL RSA CA 2018

About this certificate

This digital certificate with serial number 04:d7:57:95:5b:42:ad:4f:16:a1:1c:22:e8:c9:6b:a0 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.rzone.de

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d7:57:95:5b:42:ad:4f:16:a1:1c:22:e8:c9:6b:a0
Serial Number (int): 6435032210600127178624370328321223584
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b7:fd:ea:75:f4:b1:bd:d0:ed:ad:5a:1b:27:a7:cf:b9:68:5f:60:5f
AuthorityKeyId: 53:ca:17:59:fc:6b:c0:03:21:2f:1a:ae:e4:aa:a8:1c:82:56:da:75

Fingerprint (sha1): b4:db:89:e2:6c:68:c8:e3:2e:66:02:e6:85:bb:69:91:df:d7:5b:eb
Fingerprint (sha256): 73:85:96:8f:38:86:be:d1:6f:5d:3d:1e:4f:ed:e3:be:b6:5c:f1:43:55:64:a9:08:b0:70:ac:fe:4e:19:dc:f0

Issuing Certificate URL: http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt

Revocation information

OCSP Server: http://status.rapidssl.com
CRL Distribution Point: http://cdp.rapidssl.com/RapidSSLRSACA2018.crl

Check the revocation status for certificate *.rzone.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.rzone.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.rzone.de
rzone.de

Other certificates including the domain name rzone.de

(limited to 100 certificates)
smtpin.test.rzone.de
*.stg.rzone.de
smtpin.rzone.de
wopi-thole.stg.rzone.de
wopi-dev.stg.rzone.de
*.s4.stg.rzone.de
smtpin.rzone.de
*.rzone.de
robot.prov.rzone.de
wopi.stg.rzone.de
test1.rzone.de
*.auth.test.rzone.de
test1.rzone.de
smtp.rzone.de
wopi-dev.stg.rzone.de
wopi.stg.rzone.de
robot.prov.rzone.de
*.rzone.de
wopi-dev.stg.rzone.de
imap.test.strato.de
*.stg.rzone.de
test3.rzone.de
wopi-dev.stg.rzone.de
smtpin.test.rzone.de
wopi-dev.stg.rzone.de
wopi-dev.stg.rzone.de
test1.rzone.de
test1.rzone.de
smtpin.rzone.de
*.smtp.rzone.de
relay.rzone.de
wild.stg.rzone.de
wopi-thole.stg.rzone.de
*.ox.rzone.de
*.ox.rzone.de
imap.test.strato.de
*.stg.rzone.de
*.s4.stg.rzone.de
wopi.stg.rzone.de
test1.rzone.de
wopi-thole.stg.rzone.de
smtpin.rzone.de
imap.test.strato.de
smtpin.rzone.de
wopi.stg.rzone.de
smtp.rzone.de
relay.rzone.de
smtp.rzone.de
*.s4.stg.rzone.de
wopi.stg.rzone.de
imap.test.strato.de
*.smtp.rzone.de
*.ox.rzone.de
smtp.test.rzone.de
*.stg.rzone.de
*.ox.rzone.de
*.rzone.de
smtp.rzone.de
*.s4.stg.rzone.de
*.smtp.rzone.de
wopi.stg.rzone.de
wopi-dev.stg.rzone.de
*.stg.rzone.de
wopi-dev.stg.rzone.de
*.rzone.de
test1.rzone.de
wopi.stg.rzone.de
robot.prov.rzone.de
imap.test.strato.de
wopi.stg.rzone.de
wopi-dev.stg.rzone.de
robot.prov.rzone.de
smtp.rzone.de
test1.rzone.de
*.s4.stg.rzone.de
wopi.stg.rzone.de
*.ox.rzone.de
test2.rzone.de
smtpin.rzone.de
wopi-dev.stg.rzone.de
smtpin.rzone.de
*.auth.test.rzone.de
smtp.rzone.de
wild.rzone.de
*.test.rzone.de
ox-test.rzone.de
wopi.stg.rzone.de
*.rzone.de
*.test.rzone.de
wopi-dev.stg.rzone.de
*.auth.rzone.de
test2.rzone.de
*.rzone.de
*.rzone.de
*.ox.rzone.de
test1.rzone.de
ox-test.rzone.de
*.smtp.rzone.de
openstack-demo.rzone.de
wopi.stg.rzone.de

Certificate

The complete raw certificate details for *.rzone.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIQBNdXlVtCrU8WoRwi6MlroDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe
Fw0xOTA2MDcwMDAwMDBaFw0yMDA3MDYxMjAwMDBaMBUxEzARBgNVBAMMCioucnpv
bmUuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0dgOOPrHSGfKM
Nibl0wEyrBWPIH/dlzE4eNDxZ1yJVSATEgYK8qy5Zd7SeQBJy0JmKD53Uy9f1RHl
2W55hqOAArUmBDxtHyim9O5R/c31ZyvaCMLulZYQthMgvGY3HhM64BaV3y9pfUSa
B6jLQ/ML4EUB/FN8cCifw+MTNM979RfLolOSDrDfYuTl8zWDyo22YMAsiEx/AhtO
HHTqaLev0ye+FBVsyZURpwL991OBrTKx9Bw1RXYhZ5NDlPA9EeKmBcsDjMl3KqNh
4mDQuMFfxnTQm5XfOAAKZItTed1iRt62eXYe3L1lJLdGlk69LTsFrR257Ivq+Rh/
71/Xjv+rAgMBAAGjggKuMIICqjAfBgNVHSMEGDAWgBRTyhdZ/GvAAyEvGq7kqqgc
glbadTAdBgNVHQ4EFgQUt/3qdfSxvdDtrVobJ6fPuWhfYF8wHwYDVR0RBBgwFoIK
Ki5yem9uZS5kZYIIcnpvbmUuZGUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY2Rw
LnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3
BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
Y29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYGCCsGAQUFBzABhhpo
dHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcwAoYxaHR0cDovL2Nh
Y2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4LmNydDAJBgNVHRME
AjAAMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAu9nfvB+KcbWTlCOXqpJ7RzhX
lQqrUugakJZkNo4e0YUAAAFrMrIhVAAABAMASDBGAiEAm22p63eMtdvGD6jrLIVT
5Pl49KxZbXXkbMmoLryZp/UCIQCtRpPl583H4QE6aaX7X4WNkrV7GzCyXFrsRjhv
60CGrgB3AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABazKyIhYA
AAQDAEgwRgIhAI1/Za+rN0xqh0v/l1Qshu6KKVqRACHKNBylwRhmy0ONAiEA4p+O
MbYXUMfeIfkLKoOcRpaYzNtvjzlWzs0lR9J3ehcwDQYJKoZIhvcNAQELBQADggEB
AH8sGt2QKsi1l/w+qzENXQEDqWUF+kD3D0MZmNWMJg0gqZ4Fefoq3jvpnUuDh3m5
6PoLsh+x67/fRxWN7pfVfvP5evXQLJUK0ARc3tX/lSz6GMbLm5Q8vMRuJk80vxqt
vJgU6eozDSCqlrcbP2A8D7ML7BsPJN651tsQDFDpi2RW8dguDidt030wAhVhAooh
zzJ7Mvba+h7YNm00LrxZ3ZfH4WX0JzsjLdKEhJkmsICatOiv++FGL2lGL8D04jDZ
FZGJRPveQOJocb1c+Y7VdBL+KHO6tdafEzDjT47vL1bLxuJT+hcSmqkct+ZxvosI
jEw2UWOo0vr1ZPu2A1319uQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHYDjj6x0hnyjDYm5dMB
MqwVjyB/3ZcxOHjQ8WdciVUgExIGCvKsuWXe0nkASctCZig+d1MvX9UR5dlueYaj
gAK1JgQ8bR8opvTuUf3N9Wcr2gjC7pWWELYTILxmNx4TOuAWld8vaX1Emgeoy0Pz
C+BFAfxTfHAon8PjEzTPe/UXy6JTkg6w32Lk5fM1g8qNtmDALIhMfwIbThx06mi3
r9MnvhQVbMmVEacC/fdTga0ysfQcNUV2IWeTQ5TwPRHipgXLA4zJdyqjYeJg0LjB
X8Z00JuV3zgACmSLU3ndYkbetnl2Hty9ZSS3RpZOvS07Ba0dueyL6vkYf+9f147/
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6435032210600127178624370328321223584
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-06 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rzone.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22781089711622859175328852962076428710289327401984734820503601711575414644918689645313836852154236208601873344830297537882423620752412680132998195203372374300448195060640452890051684386328421702674864390464062714697435985682341862079000247658922510883828970650322982035597302664021008730957310208025117474001562611848692170520314061362855623928548012212573438880918027279842781477531386365002610218804698441799721745975291340227453117879340099121689794972112834250338802677854229603241760666845752906768712769866745065648518486954848461157392959625556608799558895707901694713792635924828490517682344892880315728461739
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 53ca1759fc6bc003212f1aaee4aaa81c8256da75
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b7fdea75f4b1bdd0edad5a1b27a7cfb9685f605f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rzone.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rzone.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.rapidssl.com/RapidSSLRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.rapidssl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b32b2215400000403004830460221009b6da9eb778cb5dbc60fa8eb2c8553e4f978f4ac596d75e46cc9a82ebc99a7f5022100ad4693e5e7cdc7e1013a69a5fb5f858d92b57b1b30b25c5aec46386feb4086ae0077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016b32b2221600000403004830460221008d7f65afab374c6a874bff97542c86ee8a295a910021ca341ca5c11866cb438d022100e29f8e31b61750c7de21f90b2a839c469698ccdb6f8f3956cecd2547d2777a17
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007f2c1add902ac8b597fc3eab310d5d0103a96505fa40f70f431998d58c260d20a99e0579fa2ade3be99d4b838779b9e8fa0bb21fb1ebbfdf47158dee97d57ef3f97af5d02c950ad0045cded5ff952cfa18c6cb9b943cbcc46e264f34bf1aadbc9814e9ea330d20aa96b71b3f603c0fb30bec1b0f24deb9d6db100c50e98b6456f1d82e0e276dd37d30021561028a21cf327b32f6dafa1ed8366d342ebc59dd97c7e165f4273b232dd284849926b0809ab4e8affbe1462f69462fc0f4e230d915918944fbde40e26871bd5cf98ed57412fe2873bab5d69f1330e34f8eef2f56cbc6e253fa17129aa91cb7e671be8b088c4c365163a8d2faf564fbb6035df5f6e4