wces.tomballisd.net

- Cloudflare, Inc. -

Issued by Cloudflare Inc ECC CA-3

About this certificate

This digital certificate with serial number 05:3f:62:05:c6:2b:31:7a:20:f7:50:00:13:e7:20:ef was issued on by Cloudflare, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Cloudflare, Inc.

Organization: Cloudflare, Inc.
State / Province: California
Locality: San Francisco
Country: US

Cloudflare, Inc.

Organization: Cloudflare, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:3f:62:05:c6:2b:31:7a:20:f7:50:00:13:e7:20:ef
Serial Number (int): 6975242814624493343845336925413515503
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 91:ae:29:b3:24:a7:26:27:9d:92:b9:be:ca:ff:3b:a8:ad:40:72:10
AuthorityKeyId: a5:ce:37:ea:eb:b0:75:0e:94:67:88:b4:45:fa:d9:24:10:87:96:1f

Fingerprint (sha1): d5:cd:58:4a:0c:65:8e:61:02:ca:8a:f1:e7:74:7f:b6:4c:90:39:64
Fingerprint (sha256): 79:af:92:3d:df:71:6a:a1:34:43:4a:c5:1b:e5:52:f7:f2:eb:86:88:86:ad:fc:7e:35:fe:ec:cc:cc:f2:b8:85

Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncECCCA-3.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/CloudflareIncECCCA-3.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncECCCA-3.crl

Check the revocation status for certificate wces.tomballisd.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for wces.tomballisd.net

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA256

Key Usage

Digital Signature
Key Agreement

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

wces.tomballisd.net

Other certificates including the domain name tomballisd.net

(limited to 100 certificates)
www.chms.mx
grades.tomballisd.net
admin.adulted.kcusd.com
admin.adulted.kcusd.com
admin.ambassadorhigh.org
ces.tomballisd.net
adams.k12k.com
admin.hbuhsd.edu
tsa.tomballisd.net
adams.k12k.com
admin.ambassadorhigh.org
www.hopewell.k12.va.us
cfes.tomballisd.net
adams.k12k.com
admin.ambassadorhigh.org
adams.k12k.com
admin.ambassadorhigh.org
admin.ambassadorhigh.org
res.tomballisd.net
admin.cca-denver.org
tjhs.tomballisd.net
adams.sbunified.org
www.gocats.org
admin.cca-denver.org
wces.tomballisd.net
admin.cca-denver.org
admin.adulted.kcusd.com
hs.cumberlandacademy.com
athletics.ambassadorhigh.org
admin.adulted.kcusd.com
nis.tomballisd.net
adams.sbunified.org
admin.ambassadorhigh.org
adams.k12k.com
admin.arthuracademy.org
rvs.monroe.k12.tn.us
ois.tomballisd.net
cfes.tomballisd.net
admin.wayside.bcsd.com
gocats.org
adams.sbunified.org
admin.shyaa.arthuracademy.org
*.tomballisd.net
*.tomballisd.net
ois.tomballisd.net
admin.adulted.kcusd.com
admin.cca-denver.org
tes.tomballisd.net
admin.adulted.kcusd.com
adams.k12k.com
tis.tomballisd.net
tces.tomballisd.net
admin.ambassadorhigh.org
adams.k12k.com
dpes.tomballisd.net
admin.cca-denver.org
altavista.sbunified.org
wwjhs.tomballisd.net
admin.stanthonyeagles.org
veca.gocats.org
tec.tomballisd.net
mail.tomballisd.net
wwjhs.tomballisd.net
admin.veca.gocats.org
admin.cca-denver.org
dpes.tomballisd.net
admin.jllomax.gocats.org
adams.k12k.com
wces.tomballisd.net
collegeachieve.org
apply.tomballisd.net
tmhs.tomballisd.net
*.tomballisd.net
ces.tomballisd.net
adams.k12k.com
admin.hlc.gocats.org
tomballisd.net
admin.cca-denver.org
adams.sbunified.org
admin.jewishacademyorlando.org
cpes.tomballisd.net
tmhs.tomballisd.net
admin.cca-denver.org
admin.cca-denver.org
admin.adulted.kcusd.com
tca.tomballisd.net
taec.tomballisd.net
prsd.us
tsa.tomballisd.net
owa.tomballisd.net
edlio.com
tdas.tomballisd.net
lasgs.net
adams.k12k.com
hnes.hipponation.org
wes.tomballisd.net
admin.adulted.kcusd.com
grades.tomballisd.net
admin.ambassadorhigh.org
les.tomballisd.net

Certificate

The complete raw certificate details for wces.tomballisd.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFEzCCBLqgAwIBAgIQBT9iBcYrMXog91AAE+cg7zAKBggqhkjOPQQDAjBKMQsw
CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX
Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjMxMTA4MDAwMDAwWhcNMjQxMTA3
MjM1OTU5WjBzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEc
MBoGA1UEAxMTd2Nlcy50b21iYWxsaXNkLm5ldDBZMBMGByqGSM49AgEGCCqGSM49
AwEHA0IABAL9nV0F6rYDFBjjODQ3dHhTsFpygP09RBwfjb3Bf05hV6/fQBoSL9fX
B71+qMAElZYXSTOLbLc5t3a6zRE+i2ajggNXMIIDUzAfBgNVHSMEGDAWgBSlzjfq
67B1DpRniLRF+tkkEIeWHzAdBgNVHQ4EFgQUka4psySnJiedkrm+yv87qK1AchAw
HgYDVR0RBBcwFYITd2Nlcy50b21iYWxsaXNkLm5ldDA+BgNVHSAENzA1MDMGBmeB
DAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw
DgYDVR0PAQH/BAQDAgOIMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7
BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRm
bGFyZUluY0VDQ0NBLTMuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5j
b20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMHYGCCsGAQUFBwEBBGowaDAkBggr
BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRo
dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMu
Y3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO7N
0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi6ycB0QAAAQDAEcwRQIh
ANWmw/8S6dszvYyyM51yj+1006ERMv2UFxhjC+MBilm5AiBkluYBXcPNvnY/u2Zb
2/ir0vNKLQCkK7ymOg4NUMMicwB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7
v6s52IRzAAABi6ycB24AAAQDAEcwRQIgU0mM2E378KzZAtt0/h4+DA+05k/kUH9V
PccQ7sF0fJgCIQDF9Gv5TuA7rC/I+13BkgVMVmmi+NaSB119070mZunRgAB1AD8X
S0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABi6ycB7wAAAQDAEYwRAIg
clN0eVFkaMdkil+h4SpxC8EKIYyv5+qvX6hZTVA+4pkCIHth3JHY3bqbhIL0wh6C
2D9xpXEIkRROjWqIernNAHUlMAoGCCqGSM49BAMCA0cAMEQCICo6pHpGTDk+GQys
T1Eev6XCEuge/cd8ZO6cpqx/QfkkAiBqqc5+IjHf7zdTk+nIUPUsCC87vp5UEUG0
kD3zVQgT7w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAv2dXQXqtgMUGOM4NDd0eFOwWnKA
/T1EHB+NvcF/TmFXr99AGhIv19cHvX6owASVlhdJM4tstzm3drrNET6LZg==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6975242814624493343845336925413515503
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc ECC CA-3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'wces.tomballisd.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				000402fd9d5d05eab6031418e3383437747853b05a7280fd3d441c1f8dbdc17f4e6157afdf401a122fd7d707bd7ea8c00495961749338b6cb739b776bacd113e8b66
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5ce37eaebb0750e946788b445fad9241087961f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							91ae29b324a726279d92b9becaff3ba8ad407210
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wces.tomballisd.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							0388
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncECCCA-3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncECCCA-3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bac9c07440000040300473045022100d5a6c3ff12e9db33bd8cb2339d728fed74d3a11132fd941718630be3018a59b902206496e6015dc3cdbe763fbb665bdbf8abd2f34a2d00a42bbca63a0e0d50c3227300760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bac9c076e0000040300473045022053498cd84dfbf0acd902db74fe1e3e0c0fb4e64fe4507f553dc710eec1747c98022100c5f46bf94ee03bac2fc8fb5dc192054c5669a2f8d692075d7dd3bd2666e9d1800075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bac9c07bc0000040300463044022072537479516468c7648a5fa1e12a710bc10a218cafe7eaaf5fa8594d503ee29902207b61dc91d8ddba9b8482f4c21e82d83f71a5710891144e8d6a887ab9cd007525
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . [c:0|t:3|false] BIT STRING (560 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19100751953171918636285788629207166039737563980580856809622868496556631390500
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 48245184264075638232718678817014004934138588025122973429605970321343387276271