ngc-prd.us-east-1.k8s.lllext.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 08:62:f5:d1:bc:1b:9c:c3:88:da:39:3d:f0:6e:b2:4b was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ngc-prd.us-east-1.k8s.lllext.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:62:f5:d1:bc:1b:9c:c3:88:da:39:3d:f0:6e:b2:4bSerial Number (int): 11147654865671163371017016468019524171
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 0a:b2:22:91:24:e6:48:47:ac:ae:47:f9:f8:7a:91:82:a3:b4:68:92
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 31:c3:2f:f7:de:fe:38:51:27:5f:9e:fa:28:39:9f:69:2f:2a:e9:1f
Fingerprint (sha256): 9b:85:ed:d3:e1:bc:70:b4:2b:90:fd:cb:cd:d0:ed:9d:31:01:b3:4e:05:72:4d:93:ac:d2:fc:35:dc:32:25:da
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate ngc-prd.us-east-1.k8s.lllext.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ngc-prd.us-east-1.k8s.lllext.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ngc-prd.us-east-1.k8s.lllext.com
ngc-prd.k8s.lllext.com
ngc-prd.k8s.lllext.com
Other certificates including the domain name lllext.com
(limited to 100 certificates)
*.np.rcsvcs.lllext.com
prod.apis.lllext.com
prod.apis.lllext.com
lma-prd.us-west-2.k8s.lllext.com
preview.apis.lllext.com
ek8s-sbx.us-east-1.k8s.lllext.com
prd-rmcosting.prd-product-systems.aws.lllext.com
ngc-prd.us-west-2.k8s.lllext.com
ngc-npd.us-east-1.k8s.lllext.com
lma-npd-main.us-west-2.k8s.lllext.com
qa-plm-svc.aws.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
prod-mtls.apis.lllext.com
ek8s-npd-rancher.us-west-2.k8s.lllext.com
sandbox-dev.apis.lllext.com
api.npd-nettools.lllext.com
dev-mtls.apis.lllext.com
stage.apis.lllext.com
ek8s-sbx.us-west-2.k8s.lllext.com
stage-mtls.apis.lllext.com
ek8s-prd.us-east-1.k8s.lllext.com
preview.apis.lllext.com
sandbox-mtls.apis.lllext.com
ngc-prd.us-east-1.k8s.lllext.com
prod-plm-svc.aws.lllext.com
api.nettools.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
cmmrfidinnovation.aws.lllext.com
prod.apis.lllext.com
api.plim-dev.aws.lllext.com
prd-psci.prd-product-systems.aws.lllext.com
ngc-npd.us-west-2.k8s.lllext.com
dev-psci.npd-product-systems.aws.lllext.com
sandbox.apis.lllext.com
preview-mtls.apis.lllext.com
prod.apis.lllext.com
stage.apis.lllext.com
ek8s-prd.us-west-2.k8s.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
dev.apis.lllext.com
api.plim-qas.aws.lllext.com
mock.apis.lllext.com
mock.apis.lllext.com
test.apis.lllext.com
prod.apis.lllext.com
prod.apis.lllext.com
lma-prd.us-west-2.k8s.lllext.com
preview.apis.lllext.com
ek8s-sbx.us-east-1.k8s.lllext.com
prd-rmcosting.prd-product-systems.aws.lllext.com
ngc-prd.us-west-2.k8s.lllext.com
ngc-npd.us-east-1.k8s.lllext.com
lma-npd-main.us-west-2.k8s.lllext.com
qa-plm-svc.aws.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
stg-plm-svc.aws.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
prod-mtls.apis.lllext.com
ek8s-npd-rancher.us-west-2.k8s.lllext.com
sandbox-dev.apis.lllext.com
api.npd-nettools.lllext.com
dev-mtls.apis.lllext.com
stage.apis.lllext.com
ek8s-sbx.us-west-2.k8s.lllext.com
stage-mtls.apis.lllext.com
ek8s-prd.us-east-1.k8s.lllext.com
preview.apis.lllext.com
sandbox-mtls.apis.lllext.com
ngc-prd.us-east-1.k8s.lllext.com
prod-plm-svc.aws.lllext.com
api.nettools.lllext.com
ek8s-npd.us-west-2.k8s.lllext.com
cmmrfidinnovation.aws.lllext.com
prod.apis.lllext.com
api.plim-dev.aws.lllext.com
prd-psci.prd-product-systems.aws.lllext.com
ngc-npd.us-west-2.k8s.lllext.com
dev-psci.npd-product-systems.aws.lllext.com
sandbox.apis.lllext.com
preview-mtls.apis.lllext.com
prod.apis.lllext.com
stage.apis.lllext.com
ek8s-prd.us-west-2.k8s.lllext.com
ek8s-npd.us-east-1.k8s.lllext.com
dev.apis.lllext.com
api.plim-qas.aws.lllext.com
mock.apis.lllext.com
mock.apis.lllext.com
test.apis.lllext.com
Certificate
The complete raw certificate details for ngc-prd.us-east-1.k8s.lllext.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGAzCCBOugAwIBAgIQCGL10bwbnMOI2jk98G6ySzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTExNTAwMDAwMFoXDTI0MTIxNDIzNTk1OVowKzEp MCcGA1UEAxMgbmdjLXByZC51cy1lYXN0LTEuazhzLmxsbGV4dC5jb20wggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpBrQgOfShRN+effvDOXKe8cNG/2tL CgKXOVncti6nOWdTfI6XOLwadh+xO7mNmBJSS9WPZGxbHSarR8j7wGAE75QvV32d 54z0WJlXHiHxjQB3/9B8sajLQbMRvzyaGhx0jP+C3E3SR/3jyRBh2dkISOU2Xiih M8E0gmB9cN8tXQMcRk+3RRfps4F0R0HnOUGlnXuu03GQgNV4FO/Mj1Ak1tuo47ht mcrUzMJgjpJ6X/J5ZsM2x9XWWJW/nXzph/g3BIpucWxFJhI24a0n2WCcnA01klDT UgFFfcXF9U8WSerY+cVjNw//B0p10HiEo5k+gibM+F3+ZB1VSZSjEQzbAgMBAAGj ggMQMIIDDDAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4E FgQUCrIikSTmSEesrkf5+HqRgqO0aJIwQwYDVR0RBDwwOoIgbmdjLXByZC51cy1l YXN0LTEuazhzLmxsbGV4dC5jb22CFm5nYy1wcmQuazhzLmxsbGV4dC5jb20wEwYD VR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIy bTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0G CCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYI KwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAz LmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDu zdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYvQqVZnAAAEAwBGMEQC IAiBB9okMKtjzQukk9CMYG2LcdIOrVSyeOYiEvslGmEuAiAMoxl0+5IiMcx4EcyR 71AX2DrNX9vN/BoquH5J1lFGfwB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7 v6s52IRzAAABi9CpVo8AAAQDAEgwRgIhAKwwgUnP9MUUz5gy+lG5jpqkvz+xzqvE Ffs+8DGBZClLAiEAh3qiFFuuNxmnqQh4+rPpglXuA5S+HMA3DdVyHDBPLtkAdQA/ F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYvQqVbPAAAEAwBGMEQC IBCnBSNewqO/EURqI8thE24NtEpKrqK5yKMxfP49dNXwAiBkreYwN159p/0XTDBH Y0BSwugGXZW/0Lp05vnFeWt5ZzANBgkqhkiG9w0BAQsFAAOCAQEAth5Lx2xEv3ip S0u6X0N1ITFPVFcXoWxQeXoWVuB19PvAB5TDHR95xPHmsPF0HaHFUYriwujsgFpA BnmhbFgUlWzP6MMeE8dhtg1zNFU6dFHUTNINgPFEeyXkqNU70c2JSfB1zjhshWEq CO66mL60z8JaI/ld8HmOM2JvCeTdpAVutEOl7y1BcN08MeL65NFtFOqYR188EhuJ h8IvSjw8iVu3qhgDVkBmLR8RJlnfILfef425TAPqLgIUIDXd625iwaX/pvMkfKS1 WypB7LkT6vjQv8E8G39Na6/WC85TpEqTaYYbEhxuZ6jfZTqM/AE2ppLRjWZ06oh4 E3FWnt0zWw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQa0IDn0oUTfnn37wzly nvHDRv9rSwoClzlZ3LYupzlnU3yOlzi8GnYfsTu5jZgSUkvVj2RsWx0mq0fI+8Bg BO+UL1d9neeM9FiZVx4h8Y0Ad//QfLGoy0GzEb88mhocdIz/gtxN0kf948kQYdnZ CEjlNl4ooTPBNIJgfXDfLV0DHEZPt0UX6bOBdEdB5zlBpZ17rtNxkIDVeBTvzI9Q JNbbqOO4bZnK1MzCYI6Sel/yeWbDNsfV1liVv5186Yf4NwSKbnFsRSYSNuGtJ9lg nJwNNZJQ01IBRX3FxfVPFknq2PnFYzcP/wdKddB4hKOZPoImzPhd/mQdVUmUoxEM 2wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11147654865671163371017016468019524171 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ngc-prd.us-east-1.k8s.lllext.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21337579215880521808980346936613087961297877572319852110273069368325835752197790277865076908269972271274286763706748986217676254377206287722843244975152918907061883167301605729982812798517390143305664233213863653135055699735813060389756732278028396345581137146480996804058604318464660220586454572042767699090269777908809058765992234291775619174564669179594802785490302091015429703750856123297215728838053413435653918668827814858974589545117462387591968734704218041481760934364086476249234632922532154230768246817301301623801884786007991956599811868021004930299144458599552897542328615890132514902230171030753658342619 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0ab2229124e64847acae47f9f87a9182a3b46892 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngc-prd.us-east-1.k8s.lllext.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngc-prd.k8s.lllext.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bd0a9566700000403004630440220088107da2430ab63cd0ba493d08c606d8b71d20ead54b278e62212fb251a612e02200ca31974fb922231cc7811cc91ef5017d83acd5fdbcdfc1a2ab87e49d651467f00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bd0a9568f0000040300483046022100ac308149cff4c514cf9832fa51b98e9aa4bf3fb1ceabc415fb3ef0318164294b022100877aa2145bae3719a7a90878fab3e98255ee0394be1cc0370dd5721c304f2ed90075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bd0a956cf0000040300463044022010a705235ec2a3bf11446a23cb61136e0db44a4aaea2b9c8a3317cfe3d74d5f0022064ade630375e7da7fd174c3047634052c2e8065d95bfd0ba74e6f9c5796b7967 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b61e4bc76c44bf78a94b4bba5f437521314f545717a16c50797a1656e075f4fbc00794c31d1f79c4f1e6b0f1741da1c5518ae2c2e8ec805a400679a16c5814956ccfe8c31e13c761b60d7334553a7451d44cd20d80f1447b25e4a8d53bd1cd8949f075ce386c85612a08eeba98beb4cfc25a23f95df0798e33626f09e4dda4056eb443a5ef2d4170dd3c31e2fae4d16d14ea98475f3c121b8987c22f4a3c3c895bb7aa18035640662d1f112659df20b7de7f8db94c03ea2e02142035ddeb6e62c1a5ffa6f3247ca4b55b2a41ecb913eaf8d0bfc13c1b7f4d6bafd60bce53a44a9369861b121c6e67a8df653a8cfc0136a692d18d6674ea88781371569edd335b