halcyonmobile.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0b:a3:4d:5c:87:7e:87:22:ca:d4:d1:ea:2c:0b:1f:60 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=halcyonmobile.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:a3:4d:5c:87:7e:87:22:ca:d4:d1:ea:2c:0b:1f:60Serial Number (int): 15469421418039123136767102065641725792
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 23:75:a3:24:9f:45:83:a1:0a:02:90:51:c0:ae:5d:e2:98:f5:21:80
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 6e:72:44:1f:9d:3a:db:07:6c:87:24:e2:ab:95:06:a1:87:f5:5d:51
Fingerprint (sha256): c1:8e:c0:c5:34:54:a0:3d:33:ac:13:2c:4d:8b:83:51:76:d2:cc:a4:cf:38:c2:80:82:62:02:20:fb:ff:c7:8e
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate halcyonmobile.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for halcyonmobile.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
halcyonmobile.com
*.halcyonmobile.com
*.halcyonmobile.com
Other certificates including the domain name halcyonmobile.com
(limited to 100 certificates)
halcyonmobile.com
tiff.halcyonmobile.com
wiki.halcyonmobile.com
api.halcyonmobile.com
halcyonmobile.com
vern.halcyonmobile.com
wiki.halcyonmobile.com
staging.halcyonmobile.com
api.halcyonmobile.com
xmas.halcyonmobile.com
pigment.halcyonmobile.com
business.alpha.nirmy.app
halcyonmobile.com
docs.android.halcyonmobile.com
aptosoceanrose.com
app.dulago.com.br
stealth-solutions.co.uk
halcyonmobile.com
wiki.halcyonmobile.com
picnici.com
xmas.halcyonmobile.com
api.staging.halcyonmobile.com
cdn.halcyonmobile.com
halcyonmobile.com
fargate.halcyonmobile.com
prashantraghu.me
halcyonmobile.com
halcyonmobile.com
tiff.halcyonmobile.com
tiff.halcyonmobile.com
www.bountechsummit.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
pigment.halcyonmobile.com
fantana.io
*.build.halcyonmobile.com
xmas.halcyonmobile.com
xmas.halcyonmobile.com
docs.android.halcyonmobile.com
app.dulago.com.br
www.gr3c.online
wiki.halcyonmobile.com
wp.halcyonmobile.com
wiki.halcyonmobile.com
halcyonmobile.com
halcyonmobile.com
cdn.halcyonmobile.com
wiki.halcyonmobile.com
halcyonmobile.com
tiff.halcyonmobile.com
pigment.halcyonmobile.com
cdn.halcyonmobile.com
app.uptimer.co
wiki.halcyonmobile.com
staging.halcyonmobile.com
thriftit.app
tiff.halcyonmobile.com
wiki.halcyonmobile.com
app.minaphoto.jp
halcyonmobile.com
finesse.ltd
halcyonmobile.com
halcyonmobile.com
*.build.halcyonmobile.com
halcyonmobile.com
halcyonmobile.com
*.build.halcyonmobile.com
wiki.halcyonmobile.com
api.halcyonmobile.com
api.staging.halcyonmobile.com
wiki.halcyonmobile.com
agent.aadhaar-bank.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
pigment.halcyonmobile.com
devivero.us
api.staging.halcyonmobile.com
wiki.halcyonmobile.com
pigment.halcyonmobile.com
blog.halcyonmobile.com
halcyonmobile.com
halcyonmobile.com
tiff.halcyonmobile.com
wiki.halcyonmobile.com
api.halcyonmobile.com
halcyonmobile.com
vern.halcyonmobile.com
wiki.halcyonmobile.com
staging.halcyonmobile.com
api.halcyonmobile.com
xmas.halcyonmobile.com
pigment.halcyonmobile.com
business.alpha.nirmy.app
halcyonmobile.com
docs.android.halcyonmobile.com
aptosoceanrose.com
app.dulago.com.br
stealth-solutions.co.uk
halcyonmobile.com
wiki.halcyonmobile.com
picnici.com
xmas.halcyonmobile.com
api.staging.halcyonmobile.com
cdn.halcyonmobile.com
halcyonmobile.com
fargate.halcyonmobile.com
prashantraghu.me
halcyonmobile.com
halcyonmobile.com
tiff.halcyonmobile.com
tiff.halcyonmobile.com
www.bountechsummit.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
pigment.halcyonmobile.com
fantana.io
*.build.halcyonmobile.com
xmas.halcyonmobile.com
xmas.halcyonmobile.com
docs.android.halcyonmobile.com
app.dulago.com.br
www.gr3c.online
wiki.halcyonmobile.com
wp.halcyonmobile.com
wiki.halcyonmobile.com
halcyonmobile.com
halcyonmobile.com
cdn.halcyonmobile.com
wiki.halcyonmobile.com
halcyonmobile.com
tiff.halcyonmobile.com
pigment.halcyonmobile.com
cdn.halcyonmobile.com
app.uptimer.co
wiki.halcyonmobile.com
staging.halcyonmobile.com
thriftit.app
tiff.halcyonmobile.com
wiki.halcyonmobile.com
app.minaphoto.jp
halcyonmobile.com
finesse.ltd
halcyonmobile.com
halcyonmobile.com
*.build.halcyonmobile.com
halcyonmobile.com
halcyonmobile.com
*.build.halcyonmobile.com
wiki.halcyonmobile.com
api.halcyonmobile.com
api.staging.halcyonmobile.com
wiki.halcyonmobile.com
agent.aadhaar-bank.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
wiki.halcyonmobile.com
pigment.halcyonmobile.com
devivero.us
api.staging.halcyonmobile.com
wiki.halcyonmobile.com
pigment.halcyonmobile.com
blog.halcyonmobile.com
halcyonmobile.com
halcyonmobile.com
Certificate
The complete raw certificate details for halcyonmobile.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEjTCCA3WgAwIBAgIQC6NNXId+hyLK1NHqLAsfYDANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA4MjgwMDAwMDBaFw0xOTA5Mjgx MjAwMDBaMBwxGjAYBgNVBAMTEWhhbGN5b25tb2JpbGUuY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZFWX+rcjVA01zHHsmccTtp6A5nEFJEnli/T Eq6AyK3yTmD6/KTSJX3Dzjxq7UtagqLh7IKjdwp6e3kJBvlMynfEsXYY3WUCzaRj frxCowv+Ffy2Jhk2GIRc2YMPbkcSzTTgyYUrKy5JBtS/aKMEBX9jImmEgBpb6D3U GI3kBTgjlC0fQCrDbPSKzQsugHIyJTV3rm0+QWCooe6fwszbLnLPbQRvrSuZXvAt 3pF6XHVLUAkJu4TnCJGw8Jaly3VMacJzXx2l86Bm9U6tRtoE4F3E4ZifYmnHrFdp ijqFiHLNTNBQHaughhunpl+vZh1crZ+njPrpLdDlxeQ1WIB5qQIDAQABo4IBnzCC AZswHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFCN1 oySfRYOhCgKQUcCuXeKY9SGAMDEGA1UdEQQqMCiCEWhhbGN5b25tb2JpbGUuY29t ghMqLmhhbGN5b25tb2JpbGUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2Ny bC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJ YIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG IWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq aHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1Ud EwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEB AKoYF0H6teh3KDU2/T01PDaDyWFkWI59DZfTQzwYgVA4R1Ij72XbxVlL2vg09z2b EKE0wwZ/GT3tjP2nZiPJ91UmiV4pOFvbpLiaQGMSJrykgrmKX4updeyju21kGY7P DwZUbYDhmEYfuGXEw4BadhmeGTMMEHp9hiwCFwik8XT9g6/3vgwxoX/oczTWGtpI CQTrThGjYaORgJ3IS/SdMeqlRSMDQEX09owDhXqGErq3UkzvvY5LAUWJTZB1O02S cPR6AaynBxQnVaRM2Nn8H+/Ez60jXhBSS1ijABm8U5q5AvZtJM6NLYSZg8wx5zjf EiaBT0f9SLsDOjq2vicljn8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZFWX+rcjVA01zHHsmcc Ttp6A5nEFJEnli/TEq6AyK3yTmD6/KTSJX3Dzjxq7UtagqLh7IKjdwp6e3kJBvlM ynfEsXYY3WUCzaRjfrxCowv+Ffy2Jhk2GIRc2YMPbkcSzTTgyYUrKy5JBtS/aKME BX9jImmEgBpb6D3UGI3kBTgjlC0fQCrDbPSKzQsugHIyJTV3rm0+QWCooe6fwszb LnLPbQRvrSuZXvAt3pF6XHVLUAkJu4TnCJGw8Jaly3VMacJzXx2l86Bm9U6tRtoE 4F3E4ZifYmnHrFdpijqFiHLNTNBQHaughhunpl+vZh1crZ+njPrpLdDlxeQ1WIB5 qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15469421418039123136767102065641725792 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-28 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'halcyonmobile.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21910895302725762774398850617189676886334259798755161212304370612450130489125564945851819456952248733952739304121302305112493347544963363161115321166183329562731811201495030526297388245227133180734802729167159776181735858807439166641166051715593591419876447559548613879873346622872987855686910527799475960788785273522602084585925496647594563736107297758248007424205331720600864591646988583598718475403237265129929474013921279060445763663348129387916168822216733386797633276664281569460892151419119794849876200171912144026411148848800211583416242177905710129098816101924946948265309775269770182417191510148648966060457 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2375a3249f4583a10a029051c0ae5de298f52180 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'halcyonmobile.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.halcyonmobile.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00aa181741fab5e877283536fd3d353c3683c96164588e7d0d97d3433c18815038475223ef65dbc5594bdaf834f73d9b10a134c3067f193ded8cfda76623c9f75526895e29385bdba4b89a40631226bca482b98a5f8ba975eca3bb6d64198ecf0f06546d80e198461fb865c4c3805a76199e19330c107a7d862c021708a4f174fd83aff7be0c31a17fe87334d61ada480904eb4e11a361a391809dc84bf49d31eaa54523034045f4f68c03857a8612bab7524cefbd8e4b0145894d90753b4d9270f47a01aca707142755a44cd8d9fc1fefc4cfad235e10524b58a30019bc539ab902f66d24ce8d2d849983cc31e738df1226814f47fd48bb033a3ab6be27258e7f