vpn.fbgpg.com
- Moen Incorporated -
Issued by Thawte TLS RSA CA G1
About this certificate
This digital certificate with serial number 05:76:fe:c5:11:f9:6b:8d:6b:28:c4:35:56:31:4f:1e was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Moen Incorporated
Organization:
Moen Incorporated
State / Province:
Ohio
Locality: North Olmsted
Country: US
Locality: North Olmsted
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 05:76:fe:c5:11:f9:6b:8d:6b:28:c4:35:56:31:4f:1eSerial Number (int): 7263998353781807457020949970627415838
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 21:13:dc:ff:1b:5c:f6:7f:41:c1:b3:37:73:d1:63:a1:a6:9a:c9:bd
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7
Fingerprint (sha1): 65:ec:f6:22:fd:2a:11:b0:cf:c8:23:1b:7c:55:c3:ce:57:e4:7c:30
Fingerprint (sha256): 8e:65:d0:fd:aa:cb:51:6b:3d:f3:4d:30:6d:7f:36:fc:6a:fd:50:f2:41:5c:15:96:8d:bd:43:99:8a:cb:8b:a7
Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl
Check the revocation status for certificate vpn.fbgpg.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpn.fbgpg.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
vpn.fbgpg.com
vpn.moen.com
vpn.moen.com
Other certificates including the domain name fbgpg.com
(limited to 100 certificates)
hqexcas.moen.com
qlik.fbgpg.com
www.moen.com
vpn.fbgpg.com
password.fbgpg.com
www.moen.com
password.fbgpg.com
www.moen.com
vpn.fbgpg.com
hqexcas.moen.com
qlik.fbgpg.com
vpn.fbgpg.com
password.fbgpg.com
www.moen.com
vpn.fbgpg.com
vpn.fbgpg.com
www.moen.com
vpn.fbgpg.com
password.fbgpg.com
mdm4.fbgpg.com
mdm3.fbgpg.com
qlik.fbgpg.com
www.moen.com
vpn.fbgpg.com
password.fbgpg.com
www.moen.com
password.fbgpg.com
www.moen.com
vpn.fbgpg.com
hqexcas.moen.com
qlik.fbgpg.com
vpn.fbgpg.com
password.fbgpg.com
www.moen.com
vpn.fbgpg.com
vpn.fbgpg.com
www.moen.com
vpn.fbgpg.com
password.fbgpg.com
mdm4.fbgpg.com
mdm3.fbgpg.com
Certificate
The complete raw certificate details for vpn.fbgpg.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbTCCBVWgAwIBAgIQBXb+xRH5a41rKMQ1VjFPHjANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe Fw0yMzA5MjAwMDAwMDBaFw0yNDA5MjAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMQ0w CwYDVQQIEwRPaGlvMRYwFAYDVQQHEw1Ob3J0aCBPbG1zdGVkMRowGAYDVQQKExFN b2VuIEluY29ycG9yYXRlZDEWMBQGA1UEAxMNdnBuLmZiZ3BnLmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAPHBh6+zuFvR5g3zAQ+Ozcyy6BTymx s2y4LZJqjoRrk1HC3hk7uCBBWKrY65MgK+8vuVzbholdGM/1GX8cPPidH5WbZheM wt/tcyyesQ7RKxcY7YJjWaCSj/ZybRn1aPTOgHq2k/5wCvA1yUu6WXVVbPmWycOh hKjiPpovFGl19BhzryGuxSmah0pm+r4SQzHNw1R3LWZvCLoO3Tx7YGKOaJs4B8+2 S8wQRFrPkf7qQsDtUz0Kpav7f3yWFC8tw+jEN8H3Mely+7D9R7Sjx0vbOCk41nTV UTtMF0JafXW9XpiGRgO4keMcmLyvbMEEOpzOjfHO6yJUfsQKAtIOu10CAwEAAaOC AxswggMXMB8GA1UdIwQYMBaAFKWM/jLM6w8s1BnGCLgAJIhdw8W3MB0GA1UdDgQW BBQhE9z/G1z2f0HBszdz0WOhpprJvTAmBgNVHREEHzAdgg12cG4uZmJncGcuY29t ggx2cG4ubW9lbi5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcC ARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYq aHR0cDovL2NkcC50aGF3dGUuY29tL1RoYXd0ZVRMU1JTQUNBRzEuY3JsMHAGCCsG AQUFBwEBBGQwYjAkBggrBgEFBQcwAYYYaHR0cDovL3N0YXR1cy50aGF3dGUuY29t MDoGCCsGAQUFBzAChi5odHRwOi8vY2FjZXJ0cy50aGF3dGUuY29tL1RoYXd0ZVRM U1JTQUNBRzEuY3J0MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSC AWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABirAHumUA AAQDAEcwRQIgVzxSyQW/ZRPGkifI8kY2ISlTWX9KnGC8Pe8FboumoqACIQDOm6D1 Zo/S9o2MrgRfbrGYDg/YDk1joC+Z6mDalQBGrQB3AEiw42vapkc0D+VqAvqdMOsc UgHLVt0sgdm7v6s52IRzAAABirAHuq8AAAQDAEgwRgIhAKlwBeZvabGG/3J2Dl7S wvgcZolht0A+jTD9FosdMBS0AiEAj7y710MExY8S9T/TP1WQlQiRgfTWyj9s5CN5 hMwx5wkAdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYqwB7qQ AAAEAwBHMEUCIBLREmgRgSoZ013TZ94rEa+KdraLE/E50Js2J/hcMevoAiEAsqky S+t4UDEv0d5KGsrCv4L8lSrQ6xiX0KU8HqlZNP0wDQYJKoZIhvcNAQELBQADggEB ALAlhWS49Fk/1JBz61UYLGaMdx2TvSapo62RGMiTh3zKfIreCQK+nx0kECY57M6K WZ0amavxEyhw9tv1e0YT9dt6Ob0aFhtMnYPs9tE2ltWZw04udo5hMRA2E2HWItNA ZKQhURRG4Q1UC5Y4KmerkEZS4i6XnTv2r47kBb0DaTj7Dlqcozl8LEMjoeDydRiY ugD5MXJpM9kc0kHaM4BmUzw5+STUVtjKgGQ2VsF66nVH5xgmFnCQP5+ZTTljIejr ZNFJjqFGLIiwtFVb+ChS7W/0lw90TJPKREA0cc5tZV+FZuF2Ihh40FWZw6n96EW2 xKGMYWxb3XG3DZZU44RVTn4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA8cGHr7O4W9HmDfMBD4 7NzLLoFPKbGzbLgtkmqOhGuTUcLeGTu4IEFYqtjrkyAr7y+5XNuGiV0Yz/UZfxw8 +J0flZtmF4zC3+1zLJ6xDtErFxjtgmNZoJKP9nJtGfVo9M6AeraT/nAK8DXJS7pZ dVVs+ZbJw6GEqOI+mi8UaXX0GHOvIa7FKZqHSmb6vhJDMc3DVHctZm8Iug7dPHtg Yo5omzgHz7ZLzBBEWs+R/upCwO1TPQqlq/t/fJYULy3D6MQ3wfcx6XL7sP1HtKPH S9s4KTjWdNVRO0wXQlp9db1emIZGA7iR4xyYvK9swQQ6nM6N8c7rIlR+xAoC0g67 XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7263998353781807457020949970627415838 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'North Olmsted' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Moen Incorporated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vpn.fbgpg.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20205579689273693282357127347940427045843716325850746499287806748047029837478841289443039319720722786709699570197255730495873697501358356213674841842950031590195632239190322846958563510792152808011703240530720276930487721989327788116936893182795634565001981318219614644797677090912436386813848096885293089221615184629486457538710068498035084090924607448593658410128913293314068239506103532001809909138886467658703047519325600105010216362372831783342105486531399610207397423488037950396761417674672598918273776220724690719333321710150113402767938581867788208091300566354354602378342288416195576252954103218195579976541 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2113dcff1b5cf67f41c1b33773d163a1a69ac9bd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.fbgpg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.moen.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ab007ba6500000403004730450220573c52c905bf6513c69227c8f24636212953597f4a9c60bc3def056e8ba6a2a0022100ce9ba0f5668fd2f68d8cae045f6eb1980e0fd80e4d63a02f99ea60da950046ad00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ab007baaf0000040300483046022100a97005e66f69b186ff72760e5ed2c2f81c668961b7403e8d30fd168b1d3014b40221008fbcbbd74304c58f12f53fd33f559095089181f4d6ca3f6ce4237984cc31e709007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ab007ba900000040300473045022012d1126811812a19d35dd367de2b11af8a76b68b13f139d09b3627f85c31ebe8022100b2a9324beb7850312fd1de4a1acac2bf82fc952ad0eb1897d0a53c1ea95934fd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b0258564b8f4593fd49073eb55182c668c771d93bd26a9a3ad9118c893877cca7c8ade0902be9f1d24102639ecce8a599d1a99abf1132870f6dbf57b4613f5db7a39bd1a161b4c9d83ecf6d13696d599c34e2e768e613110361361d622d34064a421511446e10d540b96382a67ab904652e22e979d3bf6af8ee405bd036938fb0e5a9ca3397c2c4323a1e0f2751898ba00f931726933d91cd241da338066533c39f924d456d8ca80643656c17aea7547e718261670903f9f994d396321e8eb64d1498ea1462c88b0b4555bf82852ed6ff4970f744c93ca44403471ce6d655f8566e176221878d05599c3a9fde845b6c4a18c616c5bdd71b70d9654e384554e7e