app-api-staging.genesisblock.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0c:a7:73:4d:95:5a:f8:0d:e2:b9:c3:35:dd:54:82:5d was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=app-api-staging.genesisblock.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:a7:73:4d:95:5a:f8:0d:e2:b9:c3:35:dd:54:82:5dSerial Number (int): 16820188148690481419441486502456230493
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f1:50:8e:65:c0:63:46:e6:bf:c7:c9:3b:c6:d0:ea:60:30:82:39:d2
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 3a:4f:fa:d5:6b:27:d1:c1:3d:1f:d6:90:4e:7f:78:cc:9c:b4:fa:2a
Fingerprint (sha256): bd:1c:4d:b1:4a:9a:01:5a:7e:aa:7d:d0:d7:54:73:38:2f:bd:f0:6b:11:a2:c6:72:df:cc:16:c2:22:64:04:2f
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate app-api-staging.genesisblock.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for app-api-staging.genesisblock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
app-api-staging.genesisblock.com
Other certificates including the domain name genesisblock.com
(limited to 100 certificates)
baptistmedia.co.zw
relian.vn
genesisblock.com
yuki.juristecsystems.com.br
pro.tryginger.app
imobiliariatoniolo.com.br
siteform.net
dlrt.link
playground.plugfox.dev
mochai.io
hawdammusic.digitaliens.live
st4g1ng.genesisblock.com
www.losparketos.cz
pro.tryginger.app
relian.vn
imobiliariatoniolo.com.br
genesisblock.com
chatydelivery.com
genesisblock.com
freemotostyle.com
rechnungen-versenden.com
genesisblock.com
mensafutura.com
gastronomit.com.ar
shtanko.dev
luiznishimori.com.br
st4g1ng.genesisblock.com
santaisabella.com.ar
kimetsu-tdca.selforder.live
genesisblock.com
sni.cloudflaressl.com
doubleshotblog.com
www.watchbury.co
analysisidx.com
app.simplytrade.io
warflame.org
www.jkonarzewski.com
staging.genesisblock.com
analysisidx.com
dburridge.com
app-api-testing.genesisblock.com
www.computerguardian.co.za
toughlovearena.com
www.flexthought.com
*.genesisblock.com
admin.swansburg.ca
www.some1.xyz
climathon.triply.ai
hire-away.com
www.stleam.com
genesisblock.com
www.westportwebconsulting.com
www.genesisblock.com
hawdammusic.digitaliens.live
genesisblock.com
gastronomit.com.ar
mensafutura.com
www.crm.knightnet.hu
central.nottsmun.org
www.abcumpanici.com
preview.genesisblock.com
m.seja.best
www.b8rjob.com
soulchill.cc
jiedola.tk
app-api-staging.genesisblock.com
thiagosantos.dev.br
www.some1.xyz
app-api-staging.genesisblock.com
www.nayandhabarde.com
app-api-testing.genesisblock.com
nexus-pay.co
lastdaytoparty.com
laplayahostel.com
v3-staging.apostleconnect.com
procul.org
staging-app.sproutlogix.com
genesisblock.com
drewoday.com
api.marketradar.aitechnologies.nl
genesisblock.com
www.computerguardian.co.za
offers.boundstate.co
rechnungen-versenden.com
www.stleam.com
genesisblock.com
www.invistus.com.br
admin.gruposabsas.com
www.flexthought.com
www.stellarfitness.fit
sni.cloudflaressl.com
genesisblock.com
taylorspackman.com
relian.vn
genesisblock.com
yuki.juristecsystems.com.br
pro.tryginger.app
imobiliariatoniolo.com.br
siteform.net
dlrt.link
playground.plugfox.dev
mochai.io
hawdammusic.digitaliens.live
st4g1ng.genesisblock.com
www.losparketos.cz
pro.tryginger.app
relian.vn
imobiliariatoniolo.com.br
genesisblock.com
chatydelivery.com
genesisblock.com
freemotostyle.com
rechnungen-versenden.com
genesisblock.com
mensafutura.com
gastronomit.com.ar
shtanko.dev
luiznishimori.com.br
st4g1ng.genesisblock.com
santaisabella.com.ar
kimetsu-tdca.selforder.live
genesisblock.com
sni.cloudflaressl.com
doubleshotblog.com
www.watchbury.co
analysisidx.com
app.simplytrade.io
warflame.org
www.jkonarzewski.com
staging.genesisblock.com
analysisidx.com
dburridge.com
app-api-testing.genesisblock.com
www.computerguardian.co.za
toughlovearena.com
www.flexthought.com
*.genesisblock.com
admin.swansburg.ca
www.some1.xyz
climathon.triply.ai
hire-away.com
www.stleam.com
genesisblock.com
www.westportwebconsulting.com
www.genesisblock.com
hawdammusic.digitaliens.live
genesisblock.com
gastronomit.com.ar
mensafutura.com
www.crm.knightnet.hu
central.nottsmun.org
www.abcumpanici.com
preview.genesisblock.com
m.seja.best
www.b8rjob.com
soulchill.cc
jiedola.tk
app-api-staging.genesisblock.com
thiagosantos.dev.br
www.some1.xyz
app-api-staging.genesisblock.com
www.nayandhabarde.com
app-api-testing.genesisblock.com
nexus-pay.co
lastdaytoparty.com
laplayahostel.com
v3-staging.apostleconnect.com
procul.org
staging-app.sproutlogix.com
genesisblock.com
drewoday.com
api.marketradar.aitechnologies.nl
genesisblock.com
www.computerguardian.co.za
offers.boundstate.co
rechnungen-versenden.com
www.stleam.com
genesisblock.com
www.invistus.com.br
admin.gruposabsas.com
www.flexthought.com
www.stellarfitness.fit
sni.cloudflaressl.com
genesisblock.com
taylorspackman.com
Certificate
The complete raw certificate details for app-api-staging.genesisblock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIQDKdzTZVa+A3iucM13VSCXTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAyMTcwMDAwMDBaFw0yMTAzMTcx MjAwMDBaMCsxKTAnBgNVBAMTIGFwcC1hcGktc3RhZ2luZy5nZW5lc2lzYmxvY2su Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NgKvlT5rsmRZZfw oBTURU1uotJldCQawh67U3gXJHnpKeu6UoYFRcEmTUc5lA1yiRRFj4q396g2qGJT P3cA9BiVft7meGY/CC6J8I2dtnmNV1Kky+YHfZNQFPua1OpY3iC8vlSMtlocrxL3 iGUlrZxMOWVO+yp66amvft8P1486yAKW1U69mGhejP/rpbH+n2RlMfKFpVb2UaRC G/aVJ4QdG59O6aSSugJVLWwN/5ffqxl9ZkpcyWAXfZFpzU6DVmUujPtW9bR4WEEc IAef51atvzDt/iwCPuuU4i9Ao3zoESvksQqPSpFl/zEk/dCMuQ7+/5fz8fXFOL9r EZ2/mwIDAQABo4ICjDCCAogwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5 PdAwHQYDVR0OBBYEFPFQjmXAY0bmv8fJO8bQ6mAwgjnSMCsGA1UdEQQkMCKCIGFw cC1hcGktc3RhZ2luZy5nZW5lc2lzYmxvY2suY29tMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYq aHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1Ud IAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYI KwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2Bggr BgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIu Y3J0MAwGA1UdEwEB/wQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwCkuQmQ tBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAXBTxlw1AAAEAwBIMEYCIQDr HDcbYgeXdN+Lf8DENYKt7P8pc2Six7WWrgUtfWNT7QIhAOqD+OQHlFs8rpgirTSf 0mueFMU6gYCalrVNm6HEGww+AHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq /16ggw8AAAFwU8ZcowAABAMARjBEAiATAknjWWptbwUFJe2PwB/4oKeUs6nkGmvA 5rIcFpS0vwIgayVy+Om3vpHSafdgA0omD0Pw5W3CkMJm3J19rjEZwjcwDQYJKoZI hvcNAQELBQADggEBAIPAQ150CM3LobkKiZKPQk++ghRJ4qnrRemBqW6qkqCdmrH+ fa/VYSyb0XAA2/CrjbWe7Zt/lcALl7EDh5a1vNHO8+DsJTx10syU2rifg/ll6TJI rmtEoCWAmXM0Os4uyYBlNt3Os5t7cMFgTg7fP4SXFwZLANHpoByib6P/EEudmNZx pBINJDF32q1BsHXh08R5ZYiViPNxZcdVjkxRDRU6MN5e7Ggod43Yx6FmyCfMKzYF Hqj9lbk0+8QzQTURsREPK5cyRCkZ5BPGo2n/QunCuxSMXi1TG1m19ML1BuM2ZI06 kkk8Sne0J6S/q070BzF1zV+N8SWmvsxUx5p3Eq0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NgKvlT5rsmRZZfwoBTU RU1uotJldCQawh67U3gXJHnpKeu6UoYFRcEmTUc5lA1yiRRFj4q396g2qGJTP3cA 9BiVft7meGY/CC6J8I2dtnmNV1Kky+YHfZNQFPua1OpY3iC8vlSMtlocrxL3iGUl rZxMOWVO+yp66amvft8P1486yAKW1U69mGhejP/rpbH+n2RlMfKFpVb2UaRCG/aV J4QdG59O6aSSugJVLWwN/5ffqxl9ZkpcyWAXfZFpzU6DVmUujPtW9bR4WEEcIAef 51atvzDt/iwCPuuU4i9Ao3zoESvksQqPSpFl/zEk/dCMuQ7+/5fz8fXFOL9rEZ2/ mwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16820188148690481419441486502456230493 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-17 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'app-api-staging.genesisblock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26869054917187789485735100322375679634020717420651639332127746913976404794298645616779034225659672332061566890807009303054299830927310822723831796938491438916447071911751589810157748763445520374730808605504764578729403709803692870815883249806971965496370871697602400389364071102424041065444995189988539084237095272043935041756236865557621989763720310057886391782154099354555236150743259855094807609818986535016666825736254452583521512583040308399579947550154423162525835930553332652935210174890799926247350490465021376009471375684754756055097036214621250072565049748617790584561426343616251262245008869950459947630491 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f1508e65c06346e6bfc7c93bc6d0ea60308239d2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app-api-staging.genesisblock.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000017053c65c350000040300483046022100eb1c371b62079774df8b7fc0c43582adecff297364a2c7b596ae052d7d6353ed022100ea83f8e407945b3cae9822ad349fd26b9e14c53a81809a96b54d9ba1c41b0c3e0075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000017053c65ca300000403004630440220130249e3596a6d6f050525ed8fc01ff8a0a794b3a9e41a6bc0e6b21c1694b4bf02206b2572f8e9b7be91d269f760034a260f43f0e56dc290c266dc9d7dae3119c237 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0083c0435e7408cdcba1b90a89928f424fbe821449e2a9eb45e981a96eaa92a09d9ab1fe7dafd5612c9bd17000dbf0ab8db59eed9b7f95c00b97b1038796b5bcd1cef3e0ec253c75d2cc94dab89f83f965e93248ae6b44a025809973343ace2ec9806536ddceb39b7b70c1604e0edf3f849717064b00d1e9a01ca26fa3ff104b9d98d671a4120d243177daad41b075e1d3c47965889588f37165c7558e4c510d153a30de5eec6828778dd8c7a166c827cc2b36051ea8fd95b934fbc433413511b1110f2b9732442919e413c6a369ff42e9c2bb148c5e2d531b59b5f4c2f506e336648d3a92493c4a77b427a4bfab4ef4073175cd5f8df125a6becc54c79a7712ad