mailmng.ryoujimail.mofa.go.jp

- The Ministry of Foreign Affairs -

Issued by SECOM Passport for Web SR 3.0 CA

About this certificate

This digital certificate with serial number 12:5b:c9:d6:3a:55:81:99 was issued on by SECOM Trust Systems CO.,LTD..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

The Ministry of Foreign Affairs

Organization: The Ministry of Foreign Affairs
State / Province: Tokyo
Locality: Chiyoda-ku
Country: JP

SECOM Trust Systems CO.,LTD.

Organization: SECOM Trust Systems CO.,LTD.
Country: JP

This certificate has expire since

Certificate Details

Serial Number (hex): 12:5b:c9:d6:3a:55:81:99
Serial Number (int): 1322872837502239129
Serial Number lenght: 61 bits, 8 octets

SubjectKeyId: e6:72:fc:e2:19:47:78:f3:15:fb:fa:42:42:f5:e2:63:fe:d8:7d:ff
AuthorityKeyId: cb:ef:3d:ef:83:74:a1:a8:42:f0:3b:40:36:fa:6d:82:94:a9:27:36

Fingerprint (sha1): fb:1d:55:c6:b5:97:7a:3c:af:55:9a:21:6e:75:e0:60:74:86:18:2c
Fingerprint (sha256): ae:75:5c:bb:f4:61:76:fe:e1:18:a0:b4:bd:d2:2b:42:15:5b:45:ad:59:cd:f6:ac:da:f2:dd:62:a0:50:90:f7


Revocation information

OCSP Server: http://sr30.ocsp.secomtrust.net
CRL Distribution Point: http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl

Check the revocation status for certificate mailmng.ryoujimail.mofa.go.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mailmng.ryoujimail.mofa.go.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mailmng.ryoujimail.mofa.go.jp

Other certificates including the domain name mofa.go.jp

(limited to 100 certificates)
www.ezairyu.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.ezairyu.mofa.go.jp
www3.mofa.go.jp
www3.mofa.go.jp
www.pilot.evisa.mofa.go.jp
t.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
www3.anzen.mofa.go.jp
ft1.iws.mofa.go.jp
www.anzen.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.a.anzen.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www.da.mofa.go.jp
www.deliver.mofa.go.jp
mofa.go.jp
www.ezairyu.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.a.ezairyu.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
*.mofa.go.jp
www3.mofa.go.jp
www.t.mofa.go.jp
www3.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www.mofa.go.jp
www.mmwtojapan.mofa.go.jp
www.a.ezairyu.mofa.go.jp
www3.t.mofa.go.jp
www.mofa.go.jp
www.deliver.mofa.go.jp
www.anzen.mofa.go.jp
mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
content.evisa.mofa.go.jp
www.ezairyu.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
mofa.go.jp
www.anzen.mofa.go.jp
www.deliver.mofa.go.jp
www3.anzen.mofa.go.jp
www.mofa.go.jp
remote.a.ezairyu.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
*.mofa.go.jp
remote.ezairyu.mofa.go.jp
www3.mofa.go.jp
*.mofa.go.jp
www.pilot.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
remote.ezairyu.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www3.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.pilot.a.evisa.mofa.go.jp
www3.anzen.mofa.go.jp
www3.mofa.go.jp
www.contact.nextweb.mofa.go.jp
www.ezairyu.mofa.go.jp
wwwc.e-procurement.mofa.go.jp
www.mofa.go.jp
www.ezairyu.mofa.go.jp
www1.anpi.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.ezairyu.mofa.go.jp
mofa.go.jp
www.contact.mofa.go.jp
rmac.mofa.go.jp
www.deliver.mofa.go.jp
rgp.mofa.go.jp
www.enq.ezairyu.mofa.go.jp
www.mofa.go.jp
www3.nextweb.mofa.go.jp
www.a.evisa.mofa.go.jp
www.e-procurement.mofa.go.jp
www1.anpi.mofa.go.jp
remote.ezairyu.mofa.go.jp
www.anzen.mofa.go.jp
mailmng.ryoujimail.mofa.go.jp
www.evisa.mofa.go.jp
www.evisa.mofa.go.jp
www3.a.anzen.mofa.go.jp
www3.n.mofa.go.jp
www.da.mofa.go.jp
mailapi.ryoujimail.mofa.go.jp
www3.mofa.go.jp

Certificate

The complete raw certificate details for mailmng.ryoujimail.mofa.go.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIIElvJ1jpVgZkwDQYJKoZIhvcNAQELBQAwXzELMAkGA1UE
BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMy4wIENBMB4XDTE5MDEx
MTA4MzUwOVoXDTIxMDExMTE0NTk1OVowgYQxCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
EwVUb2t5bzETMBEGA1UEBxMKQ2hpeW9kYS1rdTEoMCYGA1UEChMfVGhlIE1pbmlz
dHJ5IG9mIEZvcmVpZ24gQWZmYWlyczEmMCQGA1UEAxMdbWFpbG1uZy5yeW91amlt
YWlsLm1vZmEuZ28uanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN
D0VFomGuGrmjBx2D8iS2Io9yuNOC6NDZQeTHfK9G9QkEMrGQ5NcErwQXtySA8Ko7
A0B7sjYr/mrNBFc3uDzBtETVgaACLL/jUkMAOZQ+nmQGQCtF6qbZACUZ+5ZE1RoS
ofE2EDzDRVqP/IK/+kQvtouwFy9uDdU9Wi5Qc74bEYs7Rc1J+nyUXzat5KBzETH7
mj+VTR4/Ep+fhILAWR7MLC8xBbJp1oLbtQdokde1tAVUsImB9PhBXp0wgLiABdJe
Y7p9v7z3MjQD0UasG4GntERr76fDDpNJrL9s15LYcY6ghXS7yqSmW8iK7nty537a
z4TLzq+gHX3B+8GUFTkTAgMBAAGjggGWMIIBkjAfBgNVHSMEGDAWgBTL7z3vg3Sh
qELwO0A2+m2ClKknNjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6
Ly9zcjMwLm9jc3Auc2Vjb210cnVzdC5uZXQwKAYDVR0RBCEwH4IdbWFpbG1uZy5y
eW91amltYWlsLm1vZmEuZ28uanAwYQYDVR0gBFowWDBMBgoqgwiMmxtkhW8BMD4w
PAYIKwYBBQUHAgEWMGh0dHBzOi8vcmVwbzEuc2Vjb210cnVzdC5uZXQvc3BjcHAv
cGZ3L3Bmd3NyM2NhLzAIBgZngQwBAgIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwTAYD
VR0fBEUwQzBBoD+gPYY7aHR0cDovL3JlcG8xLnNlY29tdHJ1c3QubmV0L3NwY3Bw
L3Bmdy9wZndzcjNjYS9mdWxsY3JsMi5jcmwwHQYDVR0OBBYEFOZy/OIZR3jzFfv6
QkL14mP+2H3/MA4GA1UdDwEB/wQEAwIFoDATBgorBgEEAdZ5AgQDAQH/BAIFADAN
BgkqhkiG9w0BAQsFAAOCAQEADHVSuBoXuXkXKeIe3A+eFAbrg8rki6NjfX+bgkTA
pVCW7emPgx37aJRIt3mBau99nAoWZSo+dlUC6dgFmYIvH8UnB6ylMhxBg8dBFHxV
hvY84Xo4w8xbVFVD7+BaPBGdYJTO4KYdW2rrCRg4Dhr/eu0I1kayZ+J0daLPjDeW
hXocr2JHahwPxc1S5hvwinZjd+Z9xd6rZ+/OnqnBJWMWhHbwMrTBnAFgOhOaUo2n
B1umKN6MrVJu+7pYv47LX2PRoV1My3JbzJPBr2gpgYNrbTCPLi2X1VbOaeswIHeq
rXxysP/2DuNDyDVsvYLgBUC/5HMxE2w5dtCprBARxK85mw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ9FRaJhrhq5owcdg/Ik
tiKPcrjTgujQ2UHkx3yvRvUJBDKxkOTXBK8EF7ckgPCqOwNAe7I2K/5qzQRXN7g8
wbRE1YGgAiy/41JDADmUPp5kBkArReqm2QAlGfuWRNUaEqHxNhA8w0Vaj/yCv/pE
L7aLsBcvbg3VPVouUHO+GxGLO0XNSfp8lF82reSgcxEx+5o/lU0ePxKfn4SCwFke
zCwvMQWyadaC27UHaJHXtbQFVLCJgfT4QV6dMIC4gAXSXmO6fb+89zI0A9FGrBuB
p7REa++nww6TSay/bNeS2HGOoIV0u8qkplvIiu57cud+2s+Ey86voB19wfvBlBU5
EwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1322872837502239129
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Trust Systems CO.,LTD.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SECOM Passport for Web SR 3.0 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-11 08:35:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-11 14:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chiyoda-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Ministry of Foreign Affairs'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mailmng.ryoujimail.mofa.go.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25886382728492257367140334325971951183250839246296127660243401868806064092154509218400829748196965436614949790962348099551810636986233358962069443907711036158243758422538325766377176936172094071196300758185070303987262823473220593911921688819940594372260447933671608990472566647477408609687034285405355330976840991735450932674896299506637068480312794330154837564076149319618986288908189533556496218786000800053887890792973615297165927154891782484792812487296379582090829970083434607038602342251323757880908590370105529046981590412768435429180400372359706521744590774292296472899786020414573579497176159628298022107411
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cbef3def8374a1a842f03b4036fa6d8294a92736
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sr30.ocsp.secomtrust.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mailmng.ryoujimail.mofa.go.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.392.200091.100.751.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repo1.secomtrust.net/spcpp/pfw/pfwsr3ca/fullcrl2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e672fce2194778f315fbfa4242f5e263fed87dff
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000c7552b81a17b9791729e21edc0f9e1406eb83cae48ba3637d7f9b8244c0a55096ede98f831dfb689448b779816aef7d9c0a16652a3e765502e9d80599822f1fc52707aca5321c4183c741147c5586f63ce17a38c3cc5b545543efe05a3c119d6094cee0a61d5b6aeb0918380e1aff7aed08d646b267e27475a2cf8c3796857a1caf62476a1c0fc5cd52e61bf08a766377e67dc5deab67efce9ea9c12563168476f032b4c19c01603a139a528da7075ba628de8cad526efbba58bf8ecb5f63d1a15d4ccb725bcc93c1af682981836b6d308f2e2d97d556ce69eb302077aaad7c72b0fff60ee343c8356cbd82e00540bfe47331136c3976d0a9ac1011c4af399b