*.rms-online.de
Issued by RapidSSL TLS RSA CA G1
About this certificate
This digital certificate with serial number 0a:47:92:3e:71:34:fb:e4:60:18:90:22:f3:7e:7a:86 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.rms-online.de
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0a:47:92:3e:71:34:fb:e4:60:18:90:22:f3:7e:7a:86Serial Number (int): 13663899213789200298135808417172716166
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 55:8d:54:e8:cb:8a:b8:54:2a:97:25:6c:ed:9f:f5:91:30:a5:5b:bc
AuthorityKeyId: 0c:db:6c:82:49:0f:4a:67:0a:b8:14:ee:7a:c4:48:52:88:eb:56:38
Fingerprint (sha1): 9f:46:88:90:e4:81:f2:10:7a:97:e1:21:6b:5f:8e:01:f8:20:2c:73
Fingerprint (sha256): d0:3a:60:14:93:e2:f1:0b:7d:8c:0d:0a:30:8a:86:e3:92:7b:e6:a1:b4:43:ce:65:0c:38:16:9d:1e:bc:a1:10
Issuing Certificate URL: http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.rapidssl.comCRL Distribution Point: http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
Check the revocation status for certificate *.rms-online.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rms-online.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rms-online.de
rms-online.de
rms-online.de
Other certificates including the domain name rms-online.de
(limited to 100 certificates)
x3.rms-online.de
*.rms-online.de
*.rms-online.de
x7.rms-online.de
*.rms-online.de
x3.rms-online.de
naccontrol.rms-online.de
x3.rms-online.de
*.rms-online.de
x2.rms-online.de
daten.rms-online.de
x2.rms-online.de
*.rms-online.de
*.rms-online.de
x1.rms-online.de
x3.rms-online.de
*.rms-online.de
x2.rms-online.de
x3.rms-online.de
x2.rms-online.de
*.rms-online.de
*.rms-online.de
x7.rms-online.de
*.rms-online.de
x3.rms-online.de
naccontrol.rms-online.de
x3.rms-online.de
*.rms-online.de
x2.rms-online.de
daten.rms-online.de
x2.rms-online.de
*.rms-online.de
*.rms-online.de
x1.rms-online.de
x3.rms-online.de
*.rms-online.de
x2.rms-online.de
x3.rms-online.de
x2.rms-online.de
Certificate
The complete raw certificate details for *.rms-online.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHODCCBiCgAwIBAgIQCkeSPnE0++RgGJAi8356hjANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZSYXBpZFNTTCBUTFMgUlNBIENBIEcx MB4XDTE4MDgxNTAwMDAwMFoXDTIwMDkxMzEyMDAwMFowGjEYMBYGA1UEAwwPKi5y bXMtb25saW5lLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzfbW 4eZYISlHmrWWxgJiPTwtdAi8Jd1vKAQWlqDcuWe0Xoxj66oaacxM0ZvumQn4kIr+ TcZ33LvZoD9G3LBwUFWx2wjtnIF84k6pf7ztFlM8zSLpx9uB/CalHFkG/nNpwMIA +qD/qdiuJSxgBWjGYcrW+wHtR3SsGuoOiZOZO6yC5y2CO/q6W2E4pWPZkO2mePtV IoyRrb9eYNYKyOeF1Q/WUZZBOny1g0owoEIbV7K3W4dNOqeEsWwakNJVCYbqAhY3 m+LE+hypOPzBwutE385xoxfjKD3cRArXVnhI/wbdmGPTgKVQG8VoEhu0pBsCMnwi HGST4S+A1vFuorcx2XfS6eH8aS1FoS+7dUFOLi6jvRnbrlXeVqNzqv1k/tvPUt6v n48uYXXNtkCrr0IEQIB3wI3zYeOcXBBPEJt9HrcINKPDs5GBlFj85mVu852+8rnG 57/4UJcr8dk8vfkVPulWRQt/ES6hv8ro1u/R1MJItAx70traulLuo+UkCfGkBHwr uFWO5Gz6unr42RdX6H8KodPUK30eItwD6nGsoO+gZVzNmYyG2NnJKSRchVi/avoV MrSBNl21iVWybsXu5GgWkM3Xz4cio7FvVb45UD/AT2aFcHxXlijqgLFdVzkhOHWk Rphf2u0RUHM0cCR1+W5jAQRhLW1WxG+JOGhMGwcCAwEAAaOCAzIwggMuMB8GA1Ud IwQYMBaAFAzbbIJJD0pnCrgU7nrESFKI61Y4MB0GA1UdDgQWBBRVjVToy4q4VCqX JWztn/WRMKVbvDApBgNVHREEIjAggg8qLnJtcy1vbmxpbmUuZGWCDXJtcy1vbmxp bmUuZGUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY2RwLnJhcGlkc3NsLmNvbS9S YXBpZFNTTFRMU1JTQUNBRzEuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAECMCow KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EM AQIBMHYGCCsGAQUFBwEBBGowaDAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5y YXBpZHNzbC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9jYWNlcnRzLnJhcGlkc3Ns LmNvbS9SYXBpZFNTTFRMU1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEE AdZ5AgQCBIIBbgSCAWoBaAB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7I DdwQAAABZTxIknUAAAQDAEcwRQIgc8yeHrPjrDt9cr/c90K2CXSjyGsaE/hs0VcQ uqrrFzcCIQCPQo0a4iUls7vUST3Zz+alQM0LBJ/HRl5EBRFe3uK5tAB2AId1v+dZ fPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZTxIk04AAAQDAEcwRQIhAPo8 HHc0DvtsFU4ziiePPacm1qrLBXna2r2YyoQprqVfAiA1svHkkhtpbUi4HB4qvQoB QPVFk6asuP6R2z+2RXQ4wQB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO HtGFAAABZTxIk2EAAAQDAEcwRQIhAKuXPYxatI/BHT8pU0yPQqoBFZjJU27Ydz1O K0m4maiqAiAErF9nTJaouWtc95K6SQhPzxvUH7T0i6XGK/FQGgPd5DANBgkqhkiG 9w0BAQsFAAOCAQEAH6vgy1xKWna44LeF01LQX+rEwHiP7T0nYl6J3wMxUKK4tVg6 4FbOr6PpNFw1Y+x4AWLS0Ta7t9mcw82cjVGjdc4uYS8L2tSv5c4j9WdAZx32bNk3 7CxdB/3PiLH/eFdrTw+h1mC9mrTnZPhgNKOB+sXVz2j5dGrphqWHfZM4WO5/o+SH 3zmmBP3jd7lD3TXxWB4whY+Y7y2e3hOT11saEb6To2h3MoN/sTsmC3Bfp4bmziCb EmaVjPWcODsmT4w9+5NYgevqVzQl9qJIG2hnccRJjy9mXlqfjYgsNfS0PCGMPO8s kD+/NMMCXtEy/KbNCVpd+oN2Vfye5sYRRHZHZQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzfbW4eZYISlHmrWWxgJi PTwtdAi8Jd1vKAQWlqDcuWe0Xoxj66oaacxM0ZvumQn4kIr+TcZ33LvZoD9G3LBw UFWx2wjtnIF84k6pf7ztFlM8zSLpx9uB/CalHFkG/nNpwMIA+qD/qdiuJSxgBWjG YcrW+wHtR3SsGuoOiZOZO6yC5y2CO/q6W2E4pWPZkO2mePtVIoyRrb9eYNYKyOeF 1Q/WUZZBOny1g0owoEIbV7K3W4dNOqeEsWwakNJVCYbqAhY3m+LE+hypOPzBwutE 385xoxfjKD3cRArXVnhI/wbdmGPTgKVQG8VoEhu0pBsCMnwiHGST4S+A1vFuorcx 2XfS6eH8aS1FoS+7dUFOLi6jvRnbrlXeVqNzqv1k/tvPUt6vn48uYXXNtkCrr0IE QIB3wI3zYeOcXBBPEJt9HrcINKPDs5GBlFj85mVu852+8rnG57/4UJcr8dk8vfkV PulWRQt/ES6hv8ro1u/R1MJItAx70traulLuo+UkCfGkBHwruFWO5Gz6unr42RdX 6H8KodPUK30eItwD6nGsoO+gZVzNmYyG2NnJKSRchVi/avoVMrSBNl21iVWybsXu 5GgWkM3Xz4cio7FvVb45UD/AT2aFcHxXlijqgLFdVzkhOHWkRphf2u0RUHM0cCR1 +W5jAQRhLW1WxG+JOGhMGwcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13663899213789200298135808417172716166 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-13 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rms-online.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 840260693438478593782163061228698686877195505005718261730801241706928050276589762043839116172440441451743634836381119202955581007262476633277663228557048728505725669717190016744962409879303130067335803853634185364320460942181247426540109047439031149794036845811369661070815455091491387014428508268006314838250550851547979914343842019571226533280899766812978477225759584508678316770503298461877641780681436165465701185070510063099174180903246946090144964344263454827545057177729017868976453181756276014742483913558882942624905181029210659331413809617858252138685474181677028529390095484397792747243151164791718874039006421491585338687691154051905282560823165845348268952833485656538435457017780671498049349851631198693956945938777713363940179292491484327965092319290510042381991948165683479785645006275689001188690960707516634000491683230093351042537751636762104445574957653913122160646136853474594736966397723319631604639284050277149278207945651909302154250981180283380929033378137558233621492068799566484655752095449830341049955210868853281427923410749966466945944383863472324784470346394719068401959115915222646213084984669486922275915553587566642314548231064362697476020472317099443849104410339969860239254339056464474714124589831 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cdb6c82490f4a670ab814ee7ac4485288eb5638 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 558d54e8cb8ab8542a97256ced9ff59130a55bbc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rms-online.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rms-online.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.rapidssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001653c4892750000040300473045022073cc9e1eb3e3ac3b7d72bfdcf742b60974a3c86b1a13f86cd15710baaaeb17370221008f428d1ae22525b3bbd4493dd9cfe6a540cd0b049fc7465e4405115edee2b9b40076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001653c48934e0000040300473045022100fa3c1c77340efb6c154e338a278f3da726d6aacb0579dadabd98ca8429aea55f022035b2f1e4921b696d48b81c1e2abd0a0140f54593a6acb8fe91db3fb6457438c1007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001653c4893610000040300473045022100ab973d8c5ab48fc11d3f29534c8f42aa011598c9536ed8773d4e2b49b899a8aa022004ac5f674c96a8b96b5cf792ba49084fcf1bd41fb4f48ba5c62bf1501a03dde4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001fabe0cb5c4a5a76b8e0b785d352d05feac4c0788fed3d27625e89df033150a2b8b5583ae056ceafa3e9345c3563ec780162d2d136bbb7d99cc3cd9c8d51a375ce2e612f0bdad4afe5ce23f56740671df66cd937ec2c5d07fdcf88b1ff78576b4f0fa1d660bd9ab4e764f86034a381fac5d5cf68f9746ae986a5877d933858ee7fa3e487df39a604fde377b943dd35f1581e30858f98ef2d9ede1393d75b1a11be93a3687732837fb13b260b705fa786e6ce209b1266958cf59c383b264f8c3dfb935881ebea573425f6a2481b686771c4498f2f665e5a9f8d882c35f4b43c218c3cef2c903fbf34c3025ed132fca6cd095a5dfa837655fc9ee6c61144764765