api.buddybank.com

- UniCredit S.p.A. -

Issued by Actalis Organization Validated Server CA G3

About this certificate

This digital certificate with serial number 07:27:b7:b0:ea:39:23:77:d9:8f:c2:ad:89:73:77:c4 was issued on by Actalis S.p.A..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

UniCredit S.p.A.

Organization: UniCredit S.p.A.
State / Province: Milano
Locality: Milano
Country: IT

Actalis S.p.A.

Organization: Actalis S.p.A.
State / Province: Bergamo
Locality: Ponte San Pietro
Country: IT

This certificate will expire on

Certificate Details

Serial Number (hex): 07:27:b7:b0:ea:39:23:77:d9:8f:c2:ad:89:73:77:c4
Serial Number (int): 9510821245579908717629525621589899204
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: d6:7c:f5:84:6e:e7:d5:4a:cc:fe:cf:df:d6:5a:0b:bb:45:e3:32:88
AuthorityKeyId: 9f:8a:b1:b5:f1:b1:de:82:f4:27:7c:be:88:cd:de:a9:43:81:a3:4b

Fingerprint (sha1): 00:b6:3e:e4:c0:86:98:70:16:72:4d:25:bc:d8:a8:51:28:ff:13:be
Fingerprint (sha256): 9f:12:81:20:d8:d1:02:1a:47:98:a7:62:b2:90:79:ae:40:56:5c:3c:29:73:f4:8e:5c:23:b8:71:bf:b0:5f:ff

Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-authovg3

Revocation information

OCSP Server: http://ocsp09.actalis.it/VA/AUTHOV-G3
CRL Distribution Point: http://crl09.actalis.it/Repository/AUTHOV-G3/getLastCRL

Check the revocation status for certificate api.buddybank.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api.buddybank.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.buddybank.com

Other certificates including the domain name buddybank.com

(limited to 100 certificates)

Certificate

The complete raw certificate details for api.buddybank.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGTTCCBDWgAwIBAgIQBye3sOo5I3fZj8KtiXN3xDANBgkqhkiG9w0BAQsFADCB
iTELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl
IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTQwMgYDVQQDDCtB
Y3RhbGlzIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQgU2VydmVyIENBIEczMB4XDTI0
MDUxNjA3NDU0NFoXDTI1MDUxNjA3NDU0NFowZjELMAkGA1UEBhMCSVQxDzANBgNV
BAgMBk1pbGFubzEPMA0GA1UEBwwGTWlsYW5vMRkwFwYDVQQKDBBVbmlDcmVkaXQg
Uy5wLkEuMRowGAYDVQQDDBFhcGkuYnVkZHliYW5rLmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAO6Z4U5y7DQ3Fg3FgidPyu2xW/Dl76r8IYiaxh/3
8vsP03Z9wYEpsxbWi3XfD5hBBQPhCqiz0jtbsw8kNt/fGe1sVlY8eCOjT4DU8VLU
57JwkKAnIV+si5eC1CcnWYPBplyHPrq6zl/ZrMvaSfVBudrJcGkRJz1L79gXpZI0
lz2uV7jbaMRio6jrZuMlqoH5jz4H63CGPvOm1s0MJXu56JvKqwEHab5gPhxKuuAO
pcW4EgLMj0uPcac2t7Q8Pyjt//50UdG42khuKTwZPfqp/9wOWkoL9HW/wYjne/bw
hoAxkPYuJCUvuof1apXKQNU8RmuwjH58PHpDxA7FgJ+KSp8CAwEAAaOCAdEwggHN
MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUn4qxtfGx3oL0J3y+iM3eqUOBo0sw
fgYIKwYBBQUHAQEEcjBwMDsGCCsGAQUFBzAChi9odHRwOi8vY2FjZXJ0LmFjdGFs
aXMuaXQvY2VydHMvYWN0YWxpcy1hdXRob3ZnMzAxBggrBgEFBQcwAYYlaHR0cDov
L29jc3AwOS5hY3RhbGlzLml0L1ZBL0FVVEhPVi1HMzAcBgNVHREEFTATghFhcGku
YnVkZHliYW5rLmNvbTBRBgNVHSAESjBIMDwGBiuBHwEUATAyMDAGCCsGAQUFBwIB
FiRodHRwczovL3d3dy5hY3RhbGlzLml0L2FyZWEtZG93bmxvYWQwCAYGZ4EMAQIC
MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBIBgNVHR8EQTA/MD2gO6A5
hjdodHRwOi8vY3JsMDkuYWN0YWxpcy5pdC9SZXBvc2l0b3J5L0FVVEhPVi1HMy9n
ZXRMYXN0Q1JMMB0GA1UdDgQWBBTWfPWEbufVSsz+z9/WWgu7ReMyiDAOBgNVHQ8B
Af8EBAMCBaAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggIB
AIpIP8eRJzp855MsFFbKuQ4nVwLse9b4sVcqpFXaq2SNOgS1c/a2HnJ1oK6YyX4d
eVNofj+Y25tj3oHiXuH8p0IPewb9E1Sw7fMA1bcDNaocDUIGFGV7TYgCNk7EVcFB
VnmJklFtvmZzFvpxjdSrR+C032qR5kNK/JysajdH0USqX/ibQAa5UvA2jRg3NZPk
JYFb/SKJVIVvz4aKCBnuLt8M6W/Iv6jbwxmuYScg8a20HzzF3L5bzsDeCljR8Ugr
+7M4i/z/R9VAv8qic04hb998Wvw6uaSdEViLC2w/e9emsObPu8dVILQOMfaDSGeC
vtuT/Mp7ePEukHDQyMOIfntCU8Yb4TEk26UkDHDF3b1FQ/Wq+tmu2X8o18YB3d68
TRvsztxciiU+CSbUrRX1WIcB/Qv7nhBpE3Wb416jmN6hxTqQ37eK6bHkeJM7mIci
ABlM1xKSrndW/2IoiVpkMT1t2v/pRfqYo0A+LMF4GNjDtcRXCzwFMloD37jaTE1J
tmwQK9EOIsl2oqVENSKw8fNhVvtCsWp2A+86OwA972Le0iJ54+7/dZSQYq1GlFFd
+oVegs0jgDIBdQIY08smbvobivnTcKRn40aUVQ2SGL8fFxk8wYpbjoh2jj5MydAh
4GUDPkk8xlFjcdlrgsweebZhqcW+gGMsfblvTzYPr7ID
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7pnhTnLsNDcWDcWCJ0/K
7bFb8OXvqvwhiJrGH/fy+w/Tdn3BgSmzFtaLdd8PmEEFA+EKqLPSO1uzDyQ2398Z
7WxWVjx4I6NPgNTxUtTnsnCQoCchX6yLl4LUJydZg8GmXIc+urrOX9msy9pJ9UG5
2slwaREnPUvv2BelkjSXPa5XuNtoxGKjqOtm4yWqgfmPPgfrcIY+86bWzQwle7no
m8qrAQdpvmA+HEq64A6lxbgSAsyPS49xpza3tDw/KO3//nRR0bjaSG4pPBk9+qn/
3A5aSgv0db/BiOd79vCGgDGQ9i4kJS+6h/VqlcpA1TxGa7CMfnw8ekPEDsWAn4pK
nwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9510821245579908717629525621589899204
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Organization Validated Server CA G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-16 07:45:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-16 07:45:44 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Milano'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Milano'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'UniCredit S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'api.buddybank.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30120597688979608354421928481726789192926442787783048184317665303624860147474212923237632268193730087131183997798744409884784364930658124196756865003113583568513993218263146126289571198989946332036458542490330223093578045467474036523713376093249639569631354764574356593919144051714317936712406102219471744311153875148260504408996065943294206435974452954272968329971177265595863912959580719731126982776072019670134865791824675898294620289277777187083882493909349879359848916394926771175703420382641131872458321206714358748476123079894235372159324579430089619600965951020637341573133487806449858495213841519818010413727
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9f8ab1b5f1b1de82f4277cbe88cddea94381a34b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-authovg3'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp09.actalis.it/VA/AUTHOV-G3'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.buddybank.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.20.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl09.actalis.it/Repository/AUTHOV-G3/getLastCRL'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d67cf5846ee7d54accfecfdfd65a0bbb45e33288
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		008a483fc791273a7ce7932c1456cab90e275702ec7bd6f8b1572aa455daab648d3a04b573f6b61e7275a0ae98c97e1d7953687e3f98db9b63de81e25ee1fca7420f7b06fd1354b0edf300d5b70335aa1c0d420614657b4d8802364ec455c14156798992516dbe667316fa718dd4ab47e0b4df6a91e6434afc9cac6a3747d144aa5ff89b4006b952f0368d18373593e425815bfd228954856fcf868a0819ee2edf0ce96fc8bfa8dbc319ae612720f1adb41f3cc5dcbe5bcec0de0a58d1f1482bfbb3388bfcff47d540bfcaa2734e216fdf7c5afc3ab9a49d11588b0b6c3f7bd7a6b0e6cfbbc75520b40e31f683486782bedb93fcca7b78f12e9070d0c8c3887e7b4253c61be13124dba5240c70c5ddbd4543f5aafad9aed97f28d7c601dddebc4d1beccedc5c8a253e0926d4ad15f5588701fd0bfb9e106913759be35ea398dea1c53a90dfb78ae9b1e478933b98872200194cd71292ae7756ff6228895a64313d6ddaffe945fa98a3403e2cc17818d8c3b5c4570b3c05325a03dfb8da4c4d49b66c102bd10e22c976a2a5443522b0f1f36156fb42b16a7603ef3a3b003def62ded22279e3eeff75949062ad4694515dfa855e82cd23803201750218d3cb266efa1b8af9d370a467e34694550d9218bf1f17193cc18a5b8e88768e3e4cc9d021e065033e493cc6516371d96b82cc1e79b661a9c5be80632c7db96f4f360fafb203