auditoria.snacional.sefaz.salvador.ba.gov.br

Issued by AlphaSSL CA - SHA256 - G2

About this certificate

This digital certificate with serial number 35:d1:82:ad:46:bb:7d:63:56:e5:61:32 was issued on by GlobalSign nv-sa.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

Certificate Subject

CN=auditoria.snacional.sefaz.salvador.ba.gov.br

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate will expire on

Certificate Details

Serial Number (hex): 35:d1:82:ad:46:bb:7d:63:56:e5:61:32
Serial Number (int): 16655988120857049214470152498
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: 6b:05:66:db:59:7c:07:75:44:9d:0e:84:a9:e2:32:f3:3a:9f:22:e8
AuthorityKeyId: f5:cd:d5:3c:08:50:f9:6a:4f:3a:b7:97:da:56:83:e6:69:d2:68:f7

Fingerprint (sha1): 59:16:d9:24:56:ae:e6:49:e5:06:70:a4:64:2e:dc:16:9a:85:3c:4a
Fingerprint (sha256): 9d:54:47:74:fa:b6:29:e3:62:8b:ff:ab:15:1c:37:3d:81:5d:ea:5a:c4:9a:92:af:8b:84:64:09:c1:1b:17:c9

Issuing Certificate URL: http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsalphasha2g2
CRL Distribution Point: http://crl2.alphassl.com/gs/gsalphasha2g2.crl

Check the revocation status for certificate auditoria.snacional.sefaz.salvador.ba.gov.br

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for auditoria.snacional.sefaz.salvador.ba.gov.br

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

auditoria.snacional.sefaz.salvador.ba.gov.br

Other certificates including the domain name salvador.ba.gov.br

(limited to 100 certificates)
recadastramento.salvador.ba.gov.br
recadastramento.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
secure.sefaz.salvador.ba.gov.br
ppi.salvador.ba.gov.br
nfse.salvador.ba.gov.br
www.engrafo.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
*.sefaz.salvador.ba.gov.br
sci.sefaz.salvador.ba.gov.br
*.salvador.ba.gov.br
portalvida.saude.salvador.ba.gov.br
www.dom.salvador.ba.gov.br
gitlab.pgms.salvador.ba.gov.br
sci.sefaz.salvador.ba.gov.br
webmail.salvador.ba.gov.br
assinador.pgms.salvador.ba.gov.br
recadastramento.salvador.ba.gov.br
*.salvador.ba.gov.br
secure.sefaz.salvador.ba.gov.br
secure.sefaz.salvador.ba.gov.br
nfse.salvador.ba.gov.br
marketingturistico.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
christi.salvador.ba.gov.br
salvador.ba.gov.br
secure.sefaz.salvador.ba.gov.br
www.controleacesso.saude.salvador.ba.gov.br
pad.salvador.ba.gov.br
recadastramento.salvador.ba.gov.br
nfsehml.sefaz.salvador.ba.gov.br
www.aplicativos.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
www.engrafo.salvador.ba.gov.br
webmail.salvador.ba.gov.br
gitlab.pgms.salvador.ba.gov.br
plano500.navegarte.org
www.controleacesso.saude.salvador.ba.gov.br
ppi.salvador.ba.gov.br
nfsehml.sefaz.salvador.ba.gov.br
*.sefaz.salvador.ba.gov.br
senhaweb.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
siap.pgms.salvador.ba.gov.br
www.sefaz.salvador.ba.gov.br
webmail.salvador.ba.gov.br
sgf.sefaz.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
*.sefaz.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
redmine.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
www.pgms.salvador.ba.gov.br
sgf.sefaz.salvador.ba.gov.br
pad.salvador.ba.gov.br
api.pgms.salvador.ba.gov.br
recadastramento.salvador.ba.gov.br
christi.salvador.ba.gov.br
snacional.sefaz.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
www.vida.saude.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
siap.pgms.salvador.ba.gov.br
secure.sefaz.salvador.ba.gov.br
webmail.salvador.ba.gov.br
auditoria.snacional.sefaz.salvador.ba.gov.br
nfse.sefaz.salvador.ba.gov.br
ppi.salvador.ba.gov.br
assinador.pgms.salvador.ba.gov.br
gitlab.pgms.salvador.ba.gov.br
nfsehml.sefaz.salvador.ba.gov.br
www.engrafo.salvador.ba.gov.br
senhaweb.salvador.ba.gov.br
secure.sefaz.salvador.ba.gov.br
www.controleacesso.saude.salvador.ba.gov.br
webmail.salvador.ba.gov.br
christi.salvador.ba.gov.br
*.sefaz.salvador.ba.gov.br
bot.educacao.salvador.ba.gov.br
www.engrafo.salvador.ba.gov.br
recadastramento.salvador.ba.gov.br
webmail.salvador.ba.gov.br
nfse.salvador.ba.gov.br
chamados.pgms.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
plano500.salvador.ba.gov.br
bot.educacao.salvador.ba.gov.br
www.dom.salvador.ba.gov.br
senhaweb.salvador.ba.gov.br
webmail.sefaz.salvador.ba.gov.br
ppi.salvador.ba.gov.br
www.redmine.salvador.ba.gov.br
webmail.salvador.ba.gov.br
chamados.pgms.salvador.ba.gov.br
www.dom.salvador.ba.gov.br
www.dom.salvador.ba.gov.br
*.salvador.ba.gov.br
www.plano500.salvador.ba.gov.br
www.dom.salvador.ba.gov.br

Certificate

The complete raw certificate details for auditoria.snacional.sefaz.salvador.ba.gov.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIMNdGCrUa7fWNW5WEyMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTIxMTIwMzE5NTMzN1oXDTIzMDEw
NDE5NTMzN1owNzE1MDMGA1UEAxMsYXVkaXRvcmlhLnNuYWNpb25hbC5zZWZhei5z
YWx2YWRvci5iYS5nb3YuYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCykfY1tjBBhnUlEw7kAf0HZVP3aT2jliCL3Oy6iz+l5x5/d4ZC7Gw2NnETpzj5
O6vGKvUzzbNod46q/tnhMlwj7SVHw4WOq8jCLMNPFcHUZXpHmEkq7tyWakIQH39o
WdQ7knY+1m+xMT8Druwky42wpLSiv542Y7NCJz0L9hT+auT4WUD+wQLWIsJIWSJW
dlPNbYuz/oMI/C98Es9O/WCPdjeA8X6X0+imXodsSKk1sWy7PDGG2YBwM1VldElA
mditwOec7hBSJMIsgS6IdVOVN7vVc9ZnD7O+jEeB71M8OiFmwAMCCXbRMzUf8jSl
xM1TYJ9cWeJSQmpFX/atCf+VAgMBAAGjggHxMIIB7TAOBgNVHQ8BAf8EBAMCBaAw
gYkGCCsGAQUFBwEBBH0wezBCBggrBgEFBQcwAoY2aHR0cDovL3NlY3VyZTIuYWxw
aGFzc2wuY29tL2NhY2VydC9nc2FscGhhc2hhMmcycjEuY3J0MDUGCCsGAQUFBzAB
hilodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3NhbHBoYXNoYTJnMjBXBgNV
HSAEUDBOMEIGCisGAQQBoDIBCgowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu
Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAw
PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybDIuYWxwaGFzc2wuY29tL2dzL2dz
YWxwaGFzaGEyZzIuY3JsMDcGA1UdEQQwMC6CLGF1ZGl0b3JpYS5zbmFjaW9uYWwu
c2VmYXouc2FsdmFkb3IuYmEuZ292LmJyMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAfBgNVHSMEGDAWgBT1zdU8CFD5ak86t5faVoPmadJo9zAdBgNVHQ4E
FgQUawVm21l8B3VEnQ6EqeIy8zqfIugwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ
KoZIhvcNAQELBQADggEBAG6I125u8nnB9yOCUIVYZnrigK8OlTjHBybjSR45KOGE
c45o0k7jZDWFjl2EUv+aNH2XgD06hWL2SoeFFvBmnQSxlD/eUAxnl60gpSMTSdoL
FgeqQZ2EQeG/eUVLEjHMEFNMJtG6O6LyYN1xQeCo7vu2ZnvEEI5F9GO/Upsm8dvT
/7+1/l0/baK1Wyei3vJH9E0aWI5HkEo+G3QeLlp9ijbSP6JsaHnzFCTsMJhrZJ6c
tuAR43lRuvnqORbWy724gOC176C5N4Ptv3BbES+BD8H+Sm5bywpgR19feWmYpS1X
lnwsd1jyzXO9DR3+iLn4EO3tYIUTh8cEB01Vjh1tC8o=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspH2NbYwQYZ1JRMO5AH9
B2VT92k9o5Ygi9zsuos/pecef3eGQuxsNjZxE6c4+Turxir1M82zaHeOqv7Z4TJc
I+0lR8OFjqvIwizDTxXB1GV6R5hJKu7clmpCEB9/aFnUO5J2PtZvsTE/A67sJMuN
sKS0or+eNmOzQic9C/YU/mrk+FlA/sEC1iLCSFkiVnZTzW2Ls/6DCPwvfBLPTv1g
j3Y3gPF+l9Popl6HbEipNbFsuzwxhtmAcDNVZXRJQJnYrcDnnO4QUiTCLIEuiHVT
lTe71XPWZw+zvoxHge9TPDohZsADAgl20TM1H/I0pcTNU2CfXFniUkJqRV/2rQn/
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16655988120857049214470152498
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AlphaSSL CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-03 19:53:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-04 19:53:37 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'auditoria.snacional.sefaz.salvador.ba.gov.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22542394708970264376631616006142061453444068498833045911679760687066491919599880640976106025448256434867015791553342667640999917144347321393268982078047018413487039072200616816546627494679618513817323926133998167025179843528823035676681665341883331336569289972172172964117557865815955190107407571948317024394552449113143627170603502634763019754019492364960126505209742058445645492775086617379401164480905015239765627106842065800770629360502133005622049558718368007684321685674689085602728652247797049830827490266246885253134892752359109055509973978949852958532150994833097111617937262321722521844136873986135874469781
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (125 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsalphasha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10.10 (Domain Validation Certificates Policy - AlphaSSL)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.alphassl.com/gs/gsalphasha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auditoria.snacional.sefaz.salvador.ba.gov.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f5cdd53c0850f96a4f3ab797da5683e669d268f7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6b0566db597c0775449d0e84a9e232f33a9f22e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006e88d76e6ef279c1f72382508558667ae280af0e9538c70726e3491e3928e184738e68d24ee36435858e5d8452ff9a347d97803d3a8562f64a878516f0669d04b1943fde500c6797ad20a5231349da0b1607aa419d8441e1bf79454b1231cc10534c26d1ba3ba2f260dd7141e0a8eefbb6667bc4108e45f463bf529b26f1dbd3ffbfb5fe5d3f6da2b55b27a2def247f44d1a588e47904a3e1b741e2e5a7d8a36d23fa26c6879f31424ec30986b649e9cb6e011e37951baf9ea3916d6cbbdb880e0b5efa0b93783edbf705b112f810fc1fe4a6e5bcb0a60475f5f796998a52d57967c2c7758f2cd73bd0d1dfe88b9f810eded60851387c704074d558e1d6d0bca