uw2-in.prod-getty.cloud

Issued by Amazon

About this certificate

This digital certificate with serial number 01:de:16:a2:03:7d:1d:92:4a:25:4e:ee:94:6c:fb:25 was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=uw2-in.prod-getty.cloud

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:de:16:a2:03:7d:1d:92:4a:25:4e:ee:94:6c:fb:25
Serial Number (int): 2482376947432965658120859392878115621
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 80:2d:c6:71:a1:9a:3e:08:08:3b:4d:4b:45:b6:30:4f:f4:71:ee:5d
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 7c:d4:ee:3d:74:ac:ab:f3:40:f6:6c:37:9a:95:e2:92:e4:53:73:44
Fingerprint (sha256): a4:89:df:57:c3:41:19:35:84:40:d8:24:a6:68:6a:15:0f:42:d0:0a:8b:c8:65:ac:9f:b9:3e:1e:4b:14:29:8d

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate uw2-in.prod-getty.cloud

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for uw2-in.prod-getty.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

uw2-in.prod-getty.cloud
image.net
www.image.net
uw2-www.image.net

Other certificates including the domain name prod-getty.cloud

(limited to 100 certificates)
secondary-prod-in.prod-getty.cloud
uw2-in.prod-getty.cloud
customcontent.gettyimages.com
briefs-middleware.custom-content.usw2.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
wildcard.prod-getty.cloud
prod-mm-missing.prod-getty.cloud
prod-in.prod-getty.cloud
prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
prod-in.prod-getty.cloud
prod-in.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
ue1-in.prod-getty.cloud
uw2-in.prod-getty.cloud
prod-mm.prod-getty.cloud
secondary-prod-in.prod-getty.cloud
prod-mm.prod-getty.cloud
prod-in.prod-getty.cloud
usw2-unipassthru.prod-getty.cloud
prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
wildcard.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
ue1-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
wildcard.prod-getty.cloud
ue1-mms-ws.prod-getty.cloud
wildcard.prod-getty.cloud
uw2-in.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
middleware-customcontent.gettyimages.com
uw2-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
*.asset.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
metrics.usw2.prod-getty.cloud
customcontent.gettyimages.com
uw2-in.prod-getty.cloud
prod-mm.prod-getty.cloud
ue1-mm.prod-getty.cloud
*.prod-getty.cloud
middleware-customcontent.gettyimages.com
prod-mm.prod-getty.cloud
uw2-mm.prod-getty.cloud
ue1-mms-api.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
usw2-unipassthru.prod-getty.cloud
ue1-mms-api.prod-getty.cloud
*.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
customcontent.prod-getty.cloud
prod-in.prod-getty.cloud
prod-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
ue1-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
customcontent.gettyimages.com
uw2-mms-ws.prod-getty.cloud
prod-mm.prod-getty.cloud
*.entapp-integr.prod-getty.cloud
prod-mm.prod-getty.cloud
customcontent.gettyimages.com
secondary-prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
customcontent.prod-getty.cloud
prod-mm.prod-getty.cloud
*.prod-getty.cloud
wildcard.prod-getty.cloud
wildcard.prod-getty.cloud
prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
uw2-in.prod-getty.cloud
ue1-in.prod-getty.cloud
briefs-middleware.custom-content.usw2.prod-getty.cloud
uw2-mm.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
prod-mm.prod-getty.cloud
middleware-customcontent.gettyimages.com
*.prod-getty.cloud
prod-in.prod-getty.cloud
wildcard.prod-getty.cloud
ue1-mm.prod-getty.cloud
uw2-mms-api.prod-getty.cloud
wildcard.prod-getty.cloud
usw2-unipassthru.prod-getty.cloud
middleware-customcontent.gettyimages.com
secondary-prod-in.prod-getty.cloud
secondary-prod-mm.prod-getty.cloud
middleware-customcontent.gettyimages.com
uw2-mm.prod-getty.cloud
ue1-in.prod-getty.cloud

Certificate

The complete raw certificate details for uw2-in.prod-getty.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIQAd4WogN9HZJKJU7ulGz7JTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA0MjAwMDAwMDBaFw0xOTA1MjAx
MjAwMDBaMCIxIDAeBgNVBAMTF3V3Mi1pbi5wcm9kLWdldHR5LmNsb3VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRsiYMzLIDJtYZmfxyif3BSQSX4e
1vUw5c+dQclWLqq3sbQwDrBCDRfZ6jvphaDXqPAJgRGT0Fu7DUTS/voAlEte9fUO
S+U7RiCc5hdRt/wKqLAf9h1XPbBD3Cnk9mZWb5QYKXfHXfWyZFncwIsvaBTBF0sw
GvdnaU1SbJ92BQfvJyS5RVo7vf8xB/dHBRaQ3wXHawVBNSwjb+zTPE8WodqAy3Ek
Oan6VUt0tAwl0Dk1UHw4A+52gwzD0HcxKhI/Klg3Mq3f2VammTRvt0PnSpTYIPJf
6dwRgw6KcJUeZItMx/vQRxNTY/wkVoAgrbtoOWc8hFmumXqlBrLgzJD/YwIDAQAB
o4IBqDCCAaQwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0O
BBYEFIAtxnGhmj4ICDtNS0W2ME/0ce5dME8GA1UdEQRIMEaCF3V3Mi1pbi5wcm9k
LWdldHR5LmNsb3VkgglpbWFnZS5uZXSCDXd3dy5pbWFnZS5uZXSCEXV3Mi13d3cu
aW1hZ2UubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6
b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgG
BmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3Nw
LnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5z
Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwDQYJ
KoZIhvcNAQELBQADggEBAKtmSk8fv4FRDalP5NzAYHo+/TVt8su/UiJfyhnhGmSm
I3RLMXWB2EjhSK0r08vep2ClySAhl0KlHga+d9LFfZyiex8EmjVjQUXPqO2bH0fx
jDB5cQtQ64R1f7wH0X8oPaBv46FPnhwLvYpooyqhpOJ8qCxwUF9uJYGyaQv+ZzJ7
gZ3Xtja3nnbnkw2gyYbqCx1wZNz9qoK6JtOp5w3BBnnmHw0mu5chClcYZak2DWNl
qd+NXVgSfUgJ3c+4UksluxwfsWB78pUXOUaiAKIzz5c6rNZd61yqbedO1XD5Zi8g
6H0eQYQD8+Dfh80os+cdI/rmsBw18YVUnQPDgIIVr6Y=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRsiYMzLIDJtYZmfxyif
3BSQSX4e1vUw5c+dQclWLqq3sbQwDrBCDRfZ6jvphaDXqPAJgRGT0Fu7DUTS/voA
lEte9fUOS+U7RiCc5hdRt/wKqLAf9h1XPbBD3Cnk9mZWb5QYKXfHXfWyZFncwIsv
aBTBF0swGvdnaU1SbJ92BQfvJyS5RVo7vf8xB/dHBRaQ3wXHawVBNSwjb+zTPE8W
odqAy3EkOan6VUt0tAwl0Dk1UHw4A+52gwzD0HcxKhI/Klg3Mq3f2VammTRvt0Pn
SpTYIPJf6dwRgw6KcJUeZItMx/vQRxNTY/wkVoAgrbtoOWc8hFmumXqlBrLgzJD/
YwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2482376947432965658120859392878115621
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-20 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'uw2-in.prod-getty.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16803074977358061027428042442238834315927072068747338189159536077028345691161033796064225985105333079847566946499454172221579250242354844016791835786073833836420460826054728043622627699633548500417051588232814718552082182705842812806499646700727502720202513218422523412085860349798873028761118508530710371835046623981360100272048349158928822557773543133910515637717159131508367549160635589492132153492081893932950332909645335392688230262374837601075264640179543861082593575751905389838535115386651446027144645214163718854574967689905299277621452311792317001728059610395844944008357075779165498996019753041365161803619
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							802dc671a19a3e08083b4d4b45b6304ff471ee5d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uw2-in.prod-getty.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'image.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.image.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uw2-www.image.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ab664a4f1fbf81510da94fe4dcc0607a3efd356df2cbbf52225fca19e11a64a623744b317581d848e148ad2bd3cbdea760a5c920219742a51e06be77d2c57d9ca27b1f049a35634145cfa8ed9b1f47f18c3079710b50eb84757fbc07d17f283da06fe3a14f9e1c0bbd8a68a32aa1a4e27ca82c70505f6e2581b2690bfe67327b819dd7b636b79e76e7930da0c986ea0b1d7064dcfdaa82ba26d3a9e70dc10679e61f0d26bb97210a571865a9360d6365a9df8d5d58127d4809ddcfb8524b25bb1c1fb1607bf295173946a200a233cf973aacd65deb5caa6de74ed570f9662f20e87d1e418403f3e0df87cd28b3e71d23fae6b01c35f185549d03c3808215afa6