monidentifiant.sncf
Issued by Amazon
About this certificate
This digital certificate with serial number 0f:69:b5:e7:ea:77:3f:cd:95:23:8e:21:de:9a:5c:99 was issued on by Amazon.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=monidentifiant.sncf
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:69:b5:e7:ea:77:3f:cd:95:23:8e:21:de:9a:5c:99Serial Number (int): 20487300597327352514107958843359779993
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: dd:d9:ed:13:ce:0d:d4:a2:ea:de:9f:66:32:b5:c8:17:86:2c:53:72
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): e9:fc:f0:f8:08:f5:9e:ac:cd:6c:3b:d1:fb:95:1e:5b:17:92:31:69
Fingerprint (sha256): b9:2b:ff:df:55:d7:0b:5a:9e:b9:ff:b8:b7:24:22:d7:ed:cc:37:25:66:de:68:49:14:32:cb:e8:27:53:a8:1f
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate monidentifiant.sncf
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for monidentifiant.sncf
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
monidentifiant.sncf
cms.tgv-lyria.com
tgvinoui.sncf
www.monbillet.sncf
www.gds.wdi-vsct.com
*.tgvinoui.sncf
*.monidentifiant.sncf
monbillet.sncf
www.tgv-lyria.com
gds.wdi-vsct.com
cms.tgv-lyria.com
tgvinoui.sncf
www.monbillet.sncf
www.gds.wdi-vsct.com
*.tgvinoui.sncf
*.monidentifiant.sncf
monbillet.sncf
www.tgv-lyria.com
gds.wdi-vsct.com
Other certificates including the domain name monidentifiant.sncf
(limited to 100 certificates)
monidentifiant.sncf
*.monidentifiant.sncf
*.monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
*.monidentifiant.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
monidentifiant.sncf
*.monidentifiant.sncf
*.monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
*.monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
*.monidentifiant.sncf
*.monidentifiant.sncf
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
*.monidentifiant.sncf
monidentifiant.sncf
test.dev.aws.vsct.fr
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
monidentifiant.sncf
*.monidentifiant.sncf
*.monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
*.monidentifiant.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
monidentifiant.sncf
*.monidentifiant.sncf
*.monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
*.monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
*.monidentifiant.sncf
*.monidentifiant.sncf
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
maxactif-tgvinoui.sncf
maxactif-tgvinoui.sncf
recette1.ticketing-sncf.vsct.fr
*.monidentifiant.sncf
monidentifiant.sncf
*.monidentifiant.sncf
monidentifiant.sncf
test.dev.aws.vsct.fr
monidentifiant.sncf
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
recette1.ticketing-sncf.vsct.fr
monidentifiant.sncf
Certificate
The complete raw certificate details for monidentifiant.sncf in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIQD2m15+p3P82VI44h3ppcmTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA5MjgwMDAwMDBaFw0yMjEwMjcy MzU5NTlaMB4xHDAaBgNVBAMTE21vbmlkZW50aWZpYW50LnNuY2YwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCseWUryiVQzjP1c9wd6/0TBAKsqEKG2+yr S/HMxDlHC+BgJPXzBEDTmGh2Rzn66x5v7Nbt3tR8Hjij9yZS2by+S7QOzMSQTq4d F2jS33fCTYPgG5A6k1cdSTnSZHVsplqt3dPKC1QLjRGnU7eWfY0nIzPiP10aa/nu iG+gsMyDwrr7E1qDiJtxTGsMgXm8d8K6PHt2uQD9DPmFiewOmBrmyDCQJ0AtqIHC RNhLuvt3njtNWBJZIY4mZcKT2+C/rA42CY7pl6yR7HrnkWdXU4J2PpFtNLggeu2g m6koH1tTpT/Vj6dhBB4FAic8uVVY4e4c+AKv78dgDfiUvJg1T2bNAgMBAAGjggIt MIICKTAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU 3dntE84N1KLq3p9mMrXIF4YsU3IwgckGA1UdEQSBwTCBvoITbW9uaWRlbnRpZmlh bnQuc25jZoIRY21zLnRndi1seXJpYS5jb22CDXRndmlub3VpLnNuY2aCEnd3dy5t b25iaWxsZXQuc25jZoIUd3d3Lmdkcy53ZGktdnNjdC5jb22CDyoudGd2aW5vdWku c25jZoIVKi5tb25pZGVudGlmaWFudC5zbmNmgg5tb25iaWxsZXQuc25jZoIRd3d3 LnRndi1seXJpYS5jb22CEGdkcy53ZGktdnNjdC5jb20wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA9BgNVHR8ENjA0MDKgMKAu hixodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi0xLmNybDAT BgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG IWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq aHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1Ud EwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEB AG9HcQydR7E032YUdEWpDj4BYv+xoBvcnATlVu5VIARA9JaSGCm8OerbibcvoZdR 5t/ZrKoAb0OsRlRMt9RiCq1ryjTLzGUXHEyMluOKOGzyrU7kJadDJc1DHWNcXIH0 s6QTwFs0pmOLBO/aGth+6ipMct/tbhRUzEIMDpZR0u3psItnoCYYGcg9qqAF4FKm PhwJrzSXUsJQK+om/9hNN2D5EV/7DXlArOxmXMSQQJ4MeXXBpV+N0c1VL9fsFxGq kbnB0fzT7cK7JEAQu5aHFfCNWlLQwRpef7I0Yx2pCVvkQriwsan4AZvySvYIkQbe U/28kbt9WlcoDmD0n5Ew5Rc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHllK8olUM4z9XPcHev9 EwQCrKhChtvsq0vxzMQ5RwvgYCT18wRA05hodkc5+useb+zW7d7UfB44o/cmUtm8 vku0DszEkE6uHRdo0t93wk2D4BuQOpNXHUk50mR1bKZard3TygtUC40Rp1O3ln2N JyMz4j9dGmv57ohvoLDMg8K6+xNag4ibcUxrDIF5vHfCujx7drkA/Qz5hYnsDpga 5sgwkCdALaiBwkTYS7r7d547TVgSWSGOJmXCk9vgv6wONgmO6Zeskex655FnV1OC dj6RbTS4IHrtoJupKB9bU6U/1Y+nYQQeBQInPLlVWOHuHPgCr+/HYA34lLyYNU9m zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20487300597327352514107958843359779993 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'monidentifiant.sncf' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21772850658094310954887939211050518538408591728441112106780879016131633945717465833352970811558991276903706643313331283586243327998748863928583285983998195249222766589895158682190288470591788649242665742493282880719010277908924419986335555803383968450186131339922719461707474950743410052143571018535764213729012447323508601189348610700938451670669673981138134340864739376475564576521254937614297646080145832736222157876568007064725312544988930188115729048576259662203480902850059579245447263975014731292655608335889099630636904058424274930595395515479751527966242484235147843423715299131587205190710034332027611735757 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ddd9ed13ce0dd4a2eade9f6632b5c817862c5372 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (193 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monidentifiant.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.tgv-lyria.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tgvinoui.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.monbillet.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gds.wdi-vsct.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tgvinoui.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.monidentifiant.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monbillet.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tgv-lyria.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gds.wdi-vsct.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006f47710c9d47b134df66147445a90e3e0162ffb1a01bdc9c04e556ee55200440f496921829bc39eadb89b72fa19751e6dfd9acaa006f43ac46544cb7d4620aad6bca34cbcc65171c4c8c96e38a386cf2ad4ee425a74325cd431d635c5c81f4b3a413c05b34a6638b04efda1ad87eea2a4c72dfed6e1454cc420c0e9651d2ede9b08b67a0261819c83daaa005e052a63e1c09af349752c2502bea26ffd84d3760f9115ffb0d7940acec665cc490409e0c7975c1a55f8dd1cd552fd7ec1711aa91b9c1d1fcd3edc2bb244010bb968715f08d5a52d0c11a5e7fb234631da9095be442b8b0b1a9f8019bf24af6089106de53fdbc91bb7d5a57280e60f49f9130e517