www.jfael.or.jp
Issued by GlobalSign Domain Validation CA - SHA256 - G2
About this certificate
This digital certificate with serial number 0b:0a:61:68:e3:5a:84:8f:db:ce:a2:19 was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.jfael.or.jp,OU=Domain Control Validated,C=JP
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:0a:61:68:e3:5a:84:8f:db:ce:a2:19Serial Number (int): 3416884370623716417015292441
Serial Number lenght: 92 bits, 12 octets
SubjectKeyId: a9:92:ce:75:08:04:f5:7b:92:3d:92:28:8e:86:37:a9:6a:d6:1f:52
AuthorityKeyId: ea:4e:7c:d4:80:2d:e5:15:81:86:26:8c:82:6d:c0:98:a4:cf:97:0f
Fingerprint (sha1): 96:84:93:96:59:b0:4a:e9:9f:11:bc:c1:a3:a1:07:43:68:a6:8e:41
Fingerprint (sha256): a6:dc:5d:28:62:6e:86:21:3c:14:36:cb:53:62:79:df:04:29:66:11:10:fb:bf:4a:ea:11:96:94:bb:00:c1:df
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g2CRL Distribution Point: http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl
Check the revocation status for certificate www.jfael.or.jp
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.jfael.or.jp
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.jfael.or.jp
jfael.or.jp
jfael.or.jp
Other certificates including the domain name jfael.or.jp
(limited to 100 certificates)
e-ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
*.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
rc-e-ja.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
rc-e-ja.jfael.or.jp
ja.jfael.or.jp
rc-e-ja.jfael.or.jp
ja.jfael.or.jp
*.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
e-ja.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
e-ja.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
e-ja.jfael.or.jp
*.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
*.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
rc-e-ja.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
rc-e-ja.jfael.or.jp
ja.jfael.or.jp
rc-e-ja.jfael.or.jp
ja.jfael.or.jp
*.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
e-ja.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
ja.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
e-ja.jfael.or.jp
e-ja.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
www.jfael.or.jp
e-ja.jfael.or.jp
*.jfael.or.jp
ja.jfael.or.jp
www.jfael.or.jp
Certificate
The complete raw certificate details for www.jfael.or.jp in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHfzCCBmegAwIBAgIMCwphaONahI/bzqIZMA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN MTcwMjA5MDYzNzE1WhcNMTgwNDA3MDYyOTI1WjBKMQswCQYDVQQGEwJKUDEhMB8G A1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRgwFgYDVQQDDA93d3cuamZh ZWwub3IuanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlzOUhRDyB dxwcIdPNZmjGgJNl/RaYPtbDtWLX6GywnKaowEFqdtnTrygTP3jNWAj/wNOtgq2t g3zNk0m2H0/TVUQ+2HTEJ0ObN9y1V02L7tA2cEXjHWVrHP1sI/5BDaz4bqKmFZoF y1bFoNku/oyuSj7QAUCaePWOVLFQpVrw/S8mw+1A9dUMeA+21xrprpGi/+eTi/Rf Oi7U6G7LTXLZo19Xu7XJYv6pG+t8GylfycRH3w8avRaiON/WRjWsqrSaz0rTrm+4 RWpn5xXI6RBQ5RVzSYI1u3RFpaTqmIo2cyFFuCCjOgLXARdjG+NjIcg24fbSLFu0 xvB93Rfh2HbrAgMBAAGjggRNMIIESTAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUF BwEBBIGHMIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24u Y29tL2NhY2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYt aHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMFYG A1UdIARPME0wQQYJKwYBBAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3 Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRMEAjAA MEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3Mv Z3Nkb21haW52YWxzaGEyZzIuY3JsMCcGA1UdEQQgMB6CD3d3dy5qZmFlbC5vci5q cIILamZhZWwub3IuanAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G A1UdDgQWBBSpks51CAT1e5I9kiiOhjepatYfUjAfBgNVHSMEGDAWgBTqTnzUgC3l FYGGJoyCbcCYpM+XDzCCAm4GCisGAQQB1nkCBAIEggJeBIICWgJYAHUAu9nfvB+K cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFaIZclFwAABAMARjBEAiB4sE3h ACyvSmSCOGv22JuSoaWmd1xtR2HUiGsnx0pn+gIgBH32mtPw9YbjprYCDS2+ijoV Jg1vcZV5iTsGDGygX8AAdgDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+ zAAAAVohlyVSAAAEAwBHMEUCIGeGRJSo7ofe8aICvN+eUsPE1wiEaxMu8u1vKJTZ xSjgAiEAyBM2vW1U5luPC6sAbqASJcBFUWPnZn3GywsV6O4ehlkAdgBWFAaaL9fC 7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVohlyTnAAAEAwBHMEUCIQC7/BUo 7isD+Yt7PpAM3ncKxUS+B9JbFYbV7Toa1m6EfQIgHRyj/HfaXDiWqAh/38GZeIDz 0oOqq9jEX/WYtKL6G5QAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3c EAAAAVohlyRIAAAEAwBHMEUCIATApZ5fqLPWVvJFHVUXWFh69DaDA3eLyrUaodPR EcBjAiEA6K8XIxA+GsLlrv0ggPuuhAnUPf96LrIV6whsUJMdbPoAdwDuS723dc5g uuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVohlyc4AAAEAwBIMEYCIQDJtg7F YX6N3t9dDpaGVUfUE+gN1r/BuGzJwokeh7+MuwIhALat3omcP0GereWJMagOsXKK sWcKpQEKSJJMGwB3T/w7MA0GCSqGSIb3DQEBCwUAA4IBAQCLAng37j4ZeEig+OAk c25vrRCj28DX7o+iIYq2Q3GrmZYIIK0B7DHzOmsK5GePz003UrcBObo2oAw4+tYO uS0/7nsOPblN8Pd5HntBwsrI68bOqQY8GsDxHj7mATJp0EfrfRqquJBpThH0ieY8 TfSKJ5WcjE+qV5OFx77NhQ6ugt0DP3QUVlt615sQNoWfZuDPCJEmS/+ZWl6dRC1D s/iaAVNnMTRpPSSyhNdLauhmy+gMyIyQEopbDqpT3MSbG/L9Rm0y+KZlsuxd2LwY whBEfrZQ5MnBXX9nak7VmUua3nHE9bbjFpwMYcQqXQyYJbuQPgzCz8kY62KwLQY7 jAZx -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5czlIUQ8gXccHCHTzWZo xoCTZf0WmD7Ww7Vi1+hssJymqMBBanbZ068oEz94zVgI/8DTrYKtrYN8zZNJth9P 01VEPth0xCdDmzfctVdNi+7QNnBF4x1laxz9bCP+QQ2s+G6iphWaBctWxaDZLv6M rko+0AFAmnj1jlSxUKVa8P0vJsPtQPXVDHgPttca6a6Rov/nk4v0Xzou1Ohuy01y 2aNfV7u1yWL+qRvrfBspX8nER98PGr0Wojjf1kY1rKq0ms9K065vuEVqZ+cVyOkQ UOUVc0mCNbt0RaWk6piKNnMhRbggozoC1wEXYxvjYyHINuH20ixbtMbwfd0X4dh2 6wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3416884370623716417015292441 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-09 06:37:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-07 06:29:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.jfael.or.jp' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29009609346607475317769576196857651391645370857213149383354899860708933704131200333396691871386329417093620659855156960857670982993738362461920866628416583465001398862728788824997232249436369150480448571574637284894731606636760645579105054609144313418243875517774574340008736750040533644392838422495168028826049328221445789063182329154382879886404476175829076933321741150328649197133680995769664494274068414793367896097686523532045731760293527442655037935954841745511157811122894038000929593293738830896958921404388199080732615009291025178208491291878834263177520175027284136934235621091000338797663088799676999694059 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jfael.or.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jfael.or.jp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a992ce750804f57b923d92288e8637a96ad61f52 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ea4e7cd4802de5158186268c826dc098a4cf970f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes) 0258007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015a219725170000040300463044022078b04de1002caf4a6482386bf6d89b92a1a5a6775c6d4761d4886b27c74a67fa0220047df69ad3f0f586e3a6b6020d2dbe8a3a15260d6f719579893b060c6ca05fc0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015a219725520000040300473045022067864494a8ee87def1a202bcdf9e52c3c4d708846b132ef2ed6f2894d9c528e0022100c81336bd6d54e65b8f0bab006ea01225c0455163e7667dc6cb0b15e8ee1e86590076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015a219724e70000040300473045022100bbfc1528ee2b03f98b7b3e900cde770ac544be07d25b1586d5ed3a1ad66e847d02201d1ca3fc77da5c3896a8087fdfc1997880f3d283aaabd8c45ff598b4a2fa1b94007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015a219724480000040300473045022004c0a59e5fa8b3d656f2451d551758587af4368303778bcab51aa1d3d111c063022100e8af1723103e1ac2e5aefd2080fbae8409d43dff7a2eb215eb086c50931d6cfa007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015a219727380000040300483046022100c9b60ec5617e8ddedf5d0e96865547d413e80dd6bfc1b86cc9c2891e87bf8cbb022100b6adde899c3f419eade58931a80eb1728ab1670aa5010a48924c1b00774ffc3b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008b027837ee3e197848a0f8e024736e6fad10a3dbc0d7ee8fa2218ab64371ab99960820ad01ec31f33a6b0ae4678fcf4d3752b70139ba36a00c38fad60eb92d3fee7b0e3db94df0f7791e7b41c2cac8ebc6cea9063c1ac0f11e3ee6013269d047eb7d1aaab890694e11f489e63c4df48a27959c8c4faa579385c7becd850eae82dd033f7414565b7ad79b1036859f66e0cf0891264bff995a5e9d442d43b3f89a0153673134693d24b284d74b6ae866cbe80cc88c90128a5b0eaa53dcc49b1bf2fd466d32f8a665b2ec5dd8bc18c210447eb650e4c9c15d7f676a4ed5994b9ade71c4f5b6e3169c0c61c42a5d0c9825bb903e0cc2cfc918eb62b02d063b8c0671