rgp.mofa.go.jp

- The Ministry of Foreign Affairs -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 46:1e:7f:94:5e:1f:ed:ea was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

The Ministry of Foreign Affairs

Organization: The Ministry of Foreign Affairs
State / Province: Tokyo-to
Locality: Chiyoda-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 46:1e:7f:94:5e:1f:ed:ea
Serial Number (int): 5052616107167313386
Serial Number lenght: 63 bits, 8 octets

SubjectKeyId: 06:cf:8e:c4:9a:54:e6:ea:4c:7c:ff:48:0a:8f:cc:28:64:29:e5:96
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): ae:73:84:1a:64:c7:09:30:a3:0f:15:b4:cd:e2:c0:7d:90:44:5b:8c
Fingerprint (sha256): 8f:9f:a6:8a:f8:de:32:91:da:92:17:1c:03:38:dd:4d:0f:7a:5f:1a:40:4f:ac:38:36:26:78:1d:19:ec:45:c0


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate rgp.mofa.go.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rgp.mofa.go.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rgp.mofa.go.jp

Other certificates including the domain name mofa.go.jp

(limited to 100 certificates)
www.ezairyu.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.ezairyu.mofa.go.jp
www3.mofa.go.jp
www3.mofa.go.jp
www.pilot.evisa.mofa.go.jp
t.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
ft1.iws.mofa.go.jp
www.anzen.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www.da.mofa.go.jp
www.deliver.mofa.go.jp
mofa.go.jp
www.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.a.ezairyu.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
*.mofa.go.jp
www3.mofa.go.jp
www.t.mofa.go.jp
www3.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www.mofa.go.jp
www.mmwtojapan.mofa.go.jp
www.a.ezairyu.mofa.go.jp
www3.t.mofa.go.jp
www.mofa.go.jp
www.deliver.mofa.go.jp
www.anzen.mofa.go.jp
mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
content.evisa.mofa.go.jp
www.ezairyu.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
mofa.go.jp
www.anzen.mofa.go.jp
www.deliver.mofa.go.jp
www3.anzen.mofa.go.jp
www.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
*.mofa.go.jp
remote.ezairyu.mofa.go.jp
www3.mofa.go.jp
*.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www3.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.pilot.a.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.ezairyu.mofa.go.jp
wwwc.e-procurement.mofa.go.jp
www.mofa.go.jp
www.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.ezairyu.mofa.go.jp
mofa.go.jp
www.contact.mofa.go.jp
rmac.mofa.go.jp
www.deliver.mofa.go.jp
rgp.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.mofa.go.jp
www3.nextweb.mofa.go.jp
www.a.evisa.mofa.go.jp
www.e-procurement.mofa.go.jp
www1.anpi.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.evisa.mofa.go.jp
www.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.n.mofa.go.jp
www.da.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www3.mofa.go.jp

Certificate

The complete raw certificate details for rgp.mofa.go.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE4jCCA8qgAwIBAgIIRh5/lF4f7eowDQYJKoZIhvcNAQELBQAwXzELMAkGA1UE
BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMy4wIENBMB4XDTE4MTIw
MzA5MjU1NVoXDTIwMTIwMzE0NTk1OVoweDELMAkGA1UEBhMCSlAxETAPBgNVBAgT
CFRva3lvLXRvMRMwEQYDVQQHEwpDaGl5b2RhLWt1MSgwJgYDVQQKEx9UaGUgTWlu
aXN0cnkgb2YgRm9yZWlnbiBBZmZhaXJzMRcwFQYDVQQDEw5yZ3AubW9mYS5nby5q
cDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALddfk9ni/dDXeI87vrm
DloLrhaJ9JMnfTapInqMe2M/DwvZAEgfIdPOOTdahXlGyAboWhsCAbXf1Ru+a7CA
oU7l7nGnEhy9fTkhobY5XSQbOlgsVLc9a9rsEhdWGPrsOtENx3+KJ51z5+ijxTUX
10np7z7wQYdqgMv6Mq9LcyOTYCNzGho4nvDbOIWow7ZUAuwrfJ10aEtLvH583iwT
3OZhVSr3WkpWj0TOhiFvkFhxUN1i6ijMtOfLdieswPlXjy75piAGyKg/xguW7Ab4
y5m0ZHYYAguNO69V6fkYWeudCLX7kWGLoUfhu2XYpf1iRgkIebEi2TUEQt6k78tc
tP8CAwEAAaOCAYcwggGDMB8GA1UdIwQYMBaAFMvvPe+DdKGoQvA7QDb6bYKUqSc2
MDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3NyMzAub2NzcC5z
ZWNvbXRydXN0Lm5ldDAZBgNVHREEEjAQgg5yZ3AubW9mYS5nby5qcDBhBgNVHSAE
WjBYMEwGCiqDCIybG2SFbwEwPjA8BggrBgEFBQcCARYwaHR0cHM6Ly9yZXBvMS5z
ZWNvbXRydXN0Lm5ldC9zcGNwcC9wZncvcGZ3c3IzY2EvMAgGBmeBDAECAjATBgNV
HSUEDDAKBggrBgEFBQcDATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vcmVwbzEu
c2Vjb210cnVzdC5uZXQvc3BjcHAvcGZ3L3Bmd3NyM2NhL2Z1bGxjcmwyLmNybDAd
BgNVHQ4EFgQUBs+OxJpU5upMfP9ICo/MKGQp5ZYwDgYDVR0PAQH/BAQDAgWgMBMG
CisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCtuAUJvMW15Eqq
XzfVVONS9O39sQ6ydjSs125xtdfvEItkHvwfcuQSqRtSFDhYgNuR7PpyN6ZC6QQA
yY7+7ohuDPmIQcl3yMQRnUYolvuL9n4qhXP7yU1X8eYXJXvm8nfqcwbYd9XS6Y+i
RENJXrY07MGYxWp0vhU+4yVHjG6392GDtOCVfLr2borHkNwb4tOC4rh5bN7YkMwy
igCFShHfJg7sNr9EwBPvXJw9qMhyJ6Im0AJnnBfjH3HxeeXygoUs+1Kq2jMtfO52
4dqOwDesuqhLJuN6CXUP3AMqHyYot+qDVDelLIAEzFkLVQRAD/xJgYggoS4sJdAM
+A3oGB9t
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt11+T2eL90Nd4jzu+uYO
WguuFon0kyd9Nqkieox7Yz8PC9kASB8h0845N1qFeUbIBuhaGwIBtd/VG75rsICh
TuXucacSHL19OSGhtjldJBs6WCxUtz1r2uwSF1YY+uw60Q3Hf4onnXPn6KPFNRfX
SenvPvBBh2qAy/oyr0tzI5NgI3MaGjie8Ns4hajDtlQC7Ct8nXRoS0u8fnzeLBPc
5mFVKvdaSlaPRM6GIW+QWHFQ3WLqKMy058t2J6zA+VePLvmmIAbIqD/GC5bsBvjL
mbRkdhgCC407r1Xp+RhZ650ItfuRYYuhR+G7Zdil/WJGCQh5sSLZNQRC3qTvy1y0
/wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5052616107167313386
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-03 09:25:55 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-03 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo-to'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chiyoda-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Ministry of Foreign Affairs'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rgp.mofa.go.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23147713122186949091023854850885598815441440838459656407343747604457683063340347196226088732140984640124279806835851188106857636798684614302010335119484428394924919869002923709603148014379763678576220501992852679012016310523079035870155791141450209892573473107296450403300701810738546843955157972708966393809300920170366989817224470668504342000390199648588590320063559348217743626575675962846671056615467848698723319925561711311010332846433681725227470770504130026722364895508078644532991489199712955988104378952430269535306429881050286082407726380015655613830209598590004366459681986067464095306736710888643549246719
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rgp.mofa.go.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							06cf8ec49a54e6ea4c7cff480a8fcc286429e596
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00adb80509bcc5b5e44aaa5f37d554e352f4edfdb10eb27634acd76e71b5d7ef108b641efc1f72e412a91b5214385880db91ecfa7237a642e90400c98efeee886e0cf98841c977c8c4119d462896fb8bf67e2a8573fbc94d57f1e617257be6f277ea7306d877d5d2e98fa24443495eb634ecc198c56a74be153ee325478c6eb7f76183b4e0957cbaf66e8ac790dc1be2d382e2b8796cded890cc328a00854a11df260eec36bf44c013ef5c9c3da8c87227a226d002679c17e31f71f179e5f282852cfb52aada332d7cee76e1da8ec037acbaa84b26e37a09750fdc032a1f2628b7ea835437a52c8004cc590b5504400ffc49818820a12e2c25d00cf80de8181f6d