*.sso.ultradns.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0d:3b:79:a1:7b:92:ca:70:0d:af:3c:1f:bb:d3:59:73 was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.sso.ultradns.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:3b:79:a1:7b:92:ca:70:0d:af:3c:1f:bb:d3:59:73Serial Number (int): 17588776425397783189252569431918467443
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 2e:67:55:34:6f:e5:a2:7e:bd:62:fb:21:bf:e9:8a:0c:65:3c:ab:da
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 4f:35:a9:67:73:15:29:55:69:f0:72:7e:b0:54:32:6e:dc:5a:2e:20
Fingerprint (sha256): 91:2d:19:e8:b6:83:a6:39:bc:45:2f:f4:39:d5:06:53:3d:4e:a7:0a:ad:47:12:8a:19:70:ff:42:ab:65:47:e5
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate *.sso.ultradns.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.sso.ultradns.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sso.ultradns.com
Other certificates including the domain name ultradns.com
(limited to 100 certificates)
smb.ultradns.com
*.ultradns.com
smb.ultradns.com
portal.ultradns.com
bdns-qa.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradnsfirewall.neustar
dnssec.ultradns.com
*.ultradns.com
bdns-dev.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.test.ultradns.net
bdns-qa.ultradns.com
ultra-api.ultradns.com
*.ultradns.com
smb.ultradns.com
api.ddr.ultradns.com
bdns-dev.ultradns.com
basic.ultradns.com
*.sso2.ultradns.com
*.ultradnsfirewall.neustar
*.dev.ultradns.net
bdns-qa.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.sso.ultradns.com
bdns.dev.ultradns.com
bdns-qa.ultradns.com
smb.ultradns.com
basic.ultradns.com
*.ultradns.com
*.sso2.ultradns.com
*.ultradns.com
bdns-dev.ultradns.com
bdns-dev.ultradns.com
*.ultradns.com
partner.ultradns.com
*.ultradns.com
*.sso.ultradns.com
portal.ultradns.com
*.ultradns.com
ultra-api.ultradns.com
*.sso2.ultradns.com
ultra-api.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
www.ultradns.com
portal.ultradns.com
ultra-api.ultradns.com
bdns-qa.ultradns.com
*.ultradns.com
*.sso.ultradns.com
*.ultradns.com
bdns-qa.ultradns.com
smb.ultradns.com
*.ultradns.com
smb.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.testsso.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
bdns-qa.ultradns.com
*.ultradns.com
bdns.qa.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
bdns-dev.ultradns.com
portal.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
smb.ultradns.com
portal.ultradns.com
bdns-qa.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradnsfirewall.neustar
dnssec.ultradns.com
*.ultradns.com
bdns-dev.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.test.ultradns.net
bdns-qa.ultradns.com
ultra-api.ultradns.com
*.ultradns.com
smb.ultradns.com
api.ddr.ultradns.com
bdns-dev.ultradns.com
basic.ultradns.com
*.sso2.ultradns.com
*.ultradnsfirewall.neustar
*.dev.ultradns.net
bdns-qa.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.sso.ultradns.com
bdns.dev.ultradns.com
bdns-qa.ultradns.com
smb.ultradns.com
basic.ultradns.com
*.ultradns.com
*.sso2.ultradns.com
*.ultradns.com
bdns-dev.ultradns.com
bdns-dev.ultradns.com
*.ultradns.com
partner.ultradns.com
*.ultradns.com
*.sso.ultradns.com
portal.ultradns.com
*.ultradns.com
ultra-api.ultradns.com
*.sso2.ultradns.com
ultra-api.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
www.ultradns.com
portal.ultradns.com
ultra-api.ultradns.com
bdns-qa.ultradns.com
*.ultradns.com
*.sso.ultradns.com
*.ultradns.com
bdns-qa.ultradns.com
smb.ultradns.com
*.ultradns.com
smb.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.testsso.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
bdns-qa.ultradns.com
*.ultradns.com
bdns.qa.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
*.ultradns.com
bdns-dev.ultradns.com
portal.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
*.ultradns.com
*.ultradns.com
smb.ultradns.com
Certificate
The complete raw certificate details for *.sso.ultradns.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEbzCCA1egAwIBAgIQDTt5oXuSynANrzwfu9NZczANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA3MjYwMDAwMDBaFw0yMzA4MjQy MzU5NTlaMB0xGzAZBgNVBAMMEiouc3NvLnVsdHJhZG5zLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAN+WDxgZCSlgv7DzZ0xIzwPnYeW+Qm9001pY dAe8uxy0MblvRJXvd6SBSp2zRYnz/GD6SSm7gwxFfxQn8SydhubsdKq4sDMZToh/ F8HTiSdjbsZKwxue3UizCAe3IUEJXA5D4JFeFruJlsK5bhKYSEmaN263q74u1gh9 8OneYsy8NGihJfiYKlLkxPb0H7c2wrvglE3jLIAqTgwCtR00VrPrgI3ZdpcPTszQ DLj7gB54A3SIIrOn6M0e04Lnlh5+u+QI1yTOfuPgSi1GucdG/JstJzkP8KmEJsWS xwaUfxE4lZ8pldfPpMizJWn/gMhiOlUMHTTn61q0z8Mg5YBD8KECAwEAAaOCAYAw ggF8MB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBQu Z1U0b+Wifr1i+yG/6YoMZTyr2jAdBgNVHREEFjAUghIqLnNzby51bHRyYWRucy5j b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0 LmNvbS9zY2ExYi0xLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcB AQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0 LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5j b20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAw DQYJKoZIhvcNAQELBQADggEBAEaB5/bboxp4GRhfcEMwDIfRJaXD7vaPbsyFgGcl yTXCRTWw0Mwsezp3nYyt5zUKW6aiJMcWt5lt+U1uBlQNV5U3aSGm7Q0QlHNZwOXd iR4xYcD11qP0pnHYY7PqGRnDP0fANaZwCwkZikMpVuGqgz/N2m+y3J+tKBu2UDLH PEQAF2aLTl9aRxkRvCW2YpaMY2p71ED3TclqzJkvAXEf2S+1L4j2a1sAD1toEarp g9pYILYWZDQsmREHZOGuzwuO0uoO5BPXsUr15L/ENFZcyPW3/gApU+SaaXtEAXXt eOjItpr8a7BRplgIMs//ESKHHbmlBe3G/GrN8nksMn6aRDo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35YPGBkJKWC/sPNnTEjP A+dh5b5Cb3TTWlh0B7y7HLQxuW9Ele93pIFKnbNFifP8YPpJKbuDDEV/FCfxLJ2G 5ux0qriwMxlOiH8XwdOJJ2NuxkrDG57dSLMIB7chQQlcDkPgkV4Wu4mWwrluEphI SZo3brervi7WCH3w6d5izLw0aKEl+JgqUuTE9vQftzbCu+CUTeMsgCpODAK1HTRW s+uAjdl2lw9OzNAMuPuAHngDdIgis6fozR7TgueWHn675AjXJM5+4+BKLUa5x0b8 my0nOQ/wqYQmxZLHBpR/ETiVnymV18+kyLMlaf+AyGI6VQwdNOfrWrTPwyDlgEPw oQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17588776425397783189252569431918467443 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sso.ultradns.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28225138839223328318675057039970940484298070565916255092832638519284706425807589219466543747339445467440607526455905419909353820973700313705182203244542101836552760803265951752249070759982546782537399548754649993199052090208216433276951885340467538700761859145386422246687232349093911884466876910629757608875526840501886677044416092220687636373863203153814152564835201931646550092238004709621030008219076156462831471691491251638467377045580649714841098964447944140923979810221246442464414728824756477741259333217465463534625201905141938844433378164210636607808703431386714875287286549616076028185147265771957871964321 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2e6755346fe5a27ebd62fb21bfe98a0c653cabda . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sso.ultradns.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004681e7f6dba31a7819185f7043300c87d125a5c3eef68f6ecc85806725c935c24535b0d0cc2c7b3a779d8cade7350a5ba6a224c716b7996df94d6e06540d5795376921a6ed0d10947359c0e5dd891e3161c0f5d6a3f4a671d863b3ea1919c33f47c035a6700b09198a432956e1aa833fcdda6fb2dc9fad281bb65032c73c440017668b4e5f5a471911bc25b662968c636a7bd440f74dc96acc992f01711fd92fb52f88f66b5b000f5b6811aae983da5820b61664342c99110764e1aecf0b8ed2ea0ee413d7b14af5e4bfc434565cc8f5b7fe002953e49a697b440175ed78e8c8b69afc6bb051a6580832cfff1122871db9a505edc6fc6acdf2792c327e9a443a