lululemon.ca
- Lululemon Athletica Canada inc. -
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 0b:45:0d:85:98:57:39:0d:4c:56:42:a1:90:dd:2e:1e was issued on by DigiCert Inc.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Lululemon Athletica Canada inc.
Organization:
Lululemon Athletica Canada inc.
State / Province:
British Columbia
Locality: Vancouver
Country: CA
Locality: Vancouver
Country: CA
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:45:0d:85:98:57:39:0d:4c:56:42:a1:90:dd:2e:1eSerial Number (int): 14980050692690607036531670134346821150
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 82:5c:73:79:b8:4e:0f:0e:57:02:38:f5:8a:6d:94:f4:1c:69:43:06
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): c5:b6:5b:f3:dc:ab:20:d5:6b:c5:0c:1b:9e:81:df:48:12:3b:48:53
Fingerprint (sha256): 90:2f:73:26:46:35:d9:00:f6:07:c9:64:3b:2c:61:ef:79:32:4b:98:4e:67:d6:3f:b5:6e:cf:7f:d7:4c:d7:bf
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate lululemon.ca
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lululemon.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lululemon.ca
fr.preview.lululemon.com
fr.test.lululemon.com
lululemon.org
mysweatypursuits.com
www.lululemon.org
www.lululemon.ca
fr.preview.lululemon.com
fr.test.lululemon.com
lululemon.org
mysweatypursuits.com
www.lululemon.org
www.lululemon.ca
Other certificates including the domain name lululemon.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for lululemon.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG+TCCBeGgAwIBAgIQC0UNhZhXOQ1MVkKhkN0uHjANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTIzMDExNzAwMDAwMFoXDTI0MDIxNzIzNTk1OVowfTELMAkGA1UEBhMCQ0Ex GTAXBgNVBAgTEEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZlcjEo MCYGA1UEChMfTHVsdWxlbW9uIEF0aGxldGljYSBDYW5hZGEgaW5jLjEVMBMGA1UE AxMMbHVsdWxlbW9uLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA oxGWUKfNIWTB9W6muw6uP5dxhYxKEM5p9Epcec6pfjb4KSsBfVP0hjtxGrQGU26o 5v4shwtx6rHIzm3Uw/LHXn+Xbw2TE1gEpAWAop8DhWmyuz1uWaBOoyY5LQOgeP6v Yn9txj7pKfo92/4uJT8M6e1Eyrbyw4Q1GpFo9f63IFEjKzFZtMHLSFkp5v0HWrgZ KKwYJk9wrVcGwCfR3+pHHovlIsciPgSXPDHJRs0PgMpm0eo4oqThnfseELT80lNA jIO6PBDoEHqj5XUX0yxBUEqaPcd+6L7EThHHeFK7+4QUue5RHlqlVzlqQEEFzio7 2+Http8g3q3rG7rbSN7ldwIDAQABo4IDkDCCA4wwHwYDVR0jBBgwFoAUlE/UXYvk pOKmgP792PkA76O+AlcwHQYDVR0OBBYEFIJcc3m4Tg8OVwI49YptlPQcaUMGMIGU BgNVHREEgYwwgYmCDGx1bHVsZW1vbi5jYYIYZnIucHJldmlldy5sdWx1bGVtb24u Y29tghVmci50ZXN0Lmx1bHVsZW1vbi5jb22CDWx1bHVsZW1vbi5vcmeCFG15c3dl YXR5cHVyc3VpdHMuY29tghF3d3cubHVsdWxlbW9uLm9yZ4IQd3d3Lmx1bHVsZW1v bi5jYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dl b1RydXN0VExTUlNBQ0FHMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggr BgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHYGCCsGAQUFBwEB BGowaDAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPgYI KwYBBQUHMAKGMmh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFRM U1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoB aAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhcINgAEAAAQD AEcwRQIhANTBSDAe18QKJYsZTIEpB4erP4PqxX+SwIk+n9/lEd4XAiATKKtzBMmu J2gMMWl+kXf6vnSrXa6s5U3AC11ur9AREAB1AHPZnokbTJZ4oCB9R53mssYc0FFe cRkqjGuAEHrBd3K1AAABhcINgJkAAAQDAEYwRAIgfa7ukJQT0pHHbx97kkHUl/8u uwbqGQ33/bKNnGeb8xgCICfnXkcHtluTiBwj6Ef/Jch3TKClLHKg8wF9r6PYg+E4 AHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGFwg2AMQAABAMA SDBGAiEAh2mC226VFGsmyaP5yd2I+qKt5dqIPkQR2AhQl2Re64YCIQCOwGOXGHSQ FJzgeTXeiOxprWOQn8zHKj6aqouWrdfqETANBgkqhkiG9w0BAQsFAAOCAQEAJ5oZ fdc1R/FG4u/3FKX00bFlMCRFIuPbeQBjKFnTJIucjxtRL2j+OdXgWn6NnSwOYjU7 JMdtN0dTVJNUdtlVYTCB0aumebLoLozr9mrkXIXDefUB0Ohx4cjwYobYnDogOuJk 7fb+oXLqQSHCtJC2ObXcRdB9Xbmzo+eRjGmUd/zMQP+A8fLcRJYsvvYcrwxlDRkp lkgYwyVlTWMQza3Jjz9sjRCJLpsCnGSNp+RXF+bk5ardmBU72eF2pe+eGd8s8KLM J83TPYqBdo2nvfHtOg3kan5QOxsEIvSy6RB9qvoAjfeeK7E7vvTWMspmtYJ0D7gu eABvjf7QJcvzxDeDIg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxGWUKfNIWTB9W6muw6u P5dxhYxKEM5p9Epcec6pfjb4KSsBfVP0hjtxGrQGU26o5v4shwtx6rHIzm3Uw/LH Xn+Xbw2TE1gEpAWAop8DhWmyuz1uWaBOoyY5LQOgeP6vYn9txj7pKfo92/4uJT8M 6e1Eyrbyw4Q1GpFo9f63IFEjKzFZtMHLSFkp5v0HWrgZKKwYJk9wrVcGwCfR3+pH HovlIsciPgSXPDHJRs0PgMpm0eo4oqThnfseELT80lNAjIO6PBDoEHqj5XUX0yxB UEqaPcd+6L7EThHHeFK7+4QUue5RHlqlVzlqQEEFzio72+Http8g3q3rG7rbSN7l dwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 14980050692690607036531670134346821150 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'British Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Vancouver' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lululemon Athletica Canada inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lululemon.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20585516265339956423626334440657563165449329157104693020663101480525193627539052674558789684628546543761923437836241985116051958105598740498981157377122914577820643806110782884814181070933251962105548127646355526985542464347587567342121509712408366208360920356820836185334101801092894920141578376698386229306070064112341344436014261860005138832397805182778746293388862655450318192559290762517532453705285102100306974047334767008405683519096551388063606225768777711378609940065005881405849819545407198777324371117954191953620929622268461439668948129730681595762430471851771333071371121983101370602219955177076796876151 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 825c7379b84e0f0e570238f58a6d94f41c694306 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lululemon.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr.preview.lululemon.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr.test.lululemon.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lululemon.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mysweatypursuits.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lululemon.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lululemon.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000185c20d80010000040300473045022100d4c148301ed7c40a258b194c81290787ab3f83eac57f92c0893e9fdfe511de1702201328ab7304c9ae27680c31697e9177fabe74ab5daeace54dc00b5d6eafd0111000750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000185c20d8099000004030046304402207daeee909413d291c76f1f7b9241d497ff2ebb06ea190df7fdb28d9c679bf318022027e75e4707b65b93881c23e847ff25c8774ca0a52c72a0f3017dafa3d883e13800770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000185c20d80310000040300483046022100876982db6e95146b26c9a3f9c9dd88faa2ade5da883e4411d8085097645eeb860221008ec06397187490149ce07935de88ec69ad63909fccc72a3e9aaa8b96add7ea11 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00279a197dd73547f146e2eff714a5f4d1b16530244522e3db7900632859d3248b9c8f1b512f68fe39d5e05a7e8d9d2c0e62353b24c76d37475354935476d955613081d1aba679b2e82e8cebf66ae45c85c379f501d0e871e1c8f06286d89c3a203ae264edf6fea172ea4121c2b490b639b5dc45d07d5db9b3a3e7918c699477fccc40ff80f1f2dc44962cbef61caf0c650d1929964818c325654d6310cdadc98f3f6c8d10892e9b029c648da7e45717e6e4e5aadd98153bd9e176a5ef9e19df2cf0a2cc27cdd33d8a81768da7bdf1ed3a0de46a7e503b1b0422f4b2e9107daafa008df79e2bb13bbef4d632ca66b582740fb82e78006f8dfed025cbf3c4378322