www.cchosp.com
- University of Pennsylvania Health System -
Issued by Symantec Class 3 Secure Server CA - G4
About this certificate
This digital certificate with serial number 30:bf:b5:1e:8a:07:cc:d9:1a:f8:fa:0c:90:ca:29:af was issued on by Symantec Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
University of Pennsylvania Health System
Organization:
University of Pennsylvania Health System
Organization unit: IT
Organization unit: IT
State / Province:
Pennsylvania
Locality: Philadelphia
Country: US
Locality: Philadelphia
Country: US
Symantec Corporation
Organization:
Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Symantec Trust Network
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 30:bf:b5:1e:8a:07:cc:d9:1a:f8:fa:0c:90:ca:29:afSerial Number (int): 64798346033357611560441395413063969199
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 5f:60:cf:61:90:55:df:84:43:14:8a:60:2a:b2:f5:7a:f4:43:18:ef
Fingerprint (sha1): b4:db:fa:55:a2:d6:d5:78:83:8c:5c:dd:25:24:ad:c1:bb:e2:cb:b1
Fingerprint (sha256): d2:8f:80:f4:4b:a2:04:00:18:23:a5:d9:72:6b:7f:d3:3e:06:56:16:dc:9a:57:61:3b:5b:cd:da:a8:55:e4:b4
Issuing Certificate URL: http://ss.symcb.com/ss.crt
Revocation information
OCSP Server: http://ss.symcd.comCRL Distribution Point: http://ss.symcb.com/ss.crl
Check the revocation status for certificate www.cchosp.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cchosp.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cchosp.com
cchosp.com
cchosp.com
Other certificates including the domain name cchosp.com
(limited to 100 certificates)
imperva.com
OncologyPortal.cchosp.com
imperva.com
portal.cchosp.com
imperva.com
www.cchosp.com
webmail.cchosp.com
vpn.cchosp.com
imperva.com
www.cchosp.com
cchosp.com
www.cchosp.com
imperva.com
webmail.cchosp.com
www.cchosp.com
imperva.com
mail.cchosp.com
kfhelp.cchosp.com
imperva.com
imperva.com
imperva.com
www.cchosp.com
cchosp.com
cchosp.com
imperva.com
portal.cchosp.com
www.cchosp.com
imperva.com
apps.cchosp.com
imperva.com
imperva.com
imperva.com
imperva.com
portal.cchosp.com
imperva.com
OncologyPortal.cchosp.com
imperva.com
portal.cchosp.com
imperva.com
www.cchosp.com
webmail.cchosp.com
vpn.cchosp.com
imperva.com
www.cchosp.com
cchosp.com
www.cchosp.com
imperva.com
webmail.cchosp.com
www.cchosp.com
imperva.com
mail.cchosp.com
kfhelp.cchosp.com
imperva.com
imperva.com
imperva.com
www.cchosp.com
cchosp.com
cchosp.com
imperva.com
portal.cchosp.com
www.cchosp.com
imperva.com
apps.cchosp.com
imperva.com
imperva.com
imperva.com
imperva.com
portal.cchosp.com
imperva.com
Certificate
The complete raw certificate details for www.cchosp.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgIQML+1HooHzNka+PoMkMoprzANBgkqhkiG9w0BAQsFADB+ MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE3MDIwNjAwMDAwMFoX DTE5MDIwNjIzNTk1OVowgZQxCzAJBgNVBAYTAlVTMRUwEwYDVQQIDAxQZW5uc3ls dmFuaWExFTATBgNVBAcMDFBoaWxhZGVscGhpYTExMC8GA1UECgwoVW5pdmVyc2l0 eSBvZiBQZW5uc3lsdmFuaWEgSGVhbHRoIFN5c3RlbTELMAkGA1UECwwCSVQxFzAV BgNVBAMMDnd3dy5jY2hvc3AuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEArGuGbtI5O1HeS7fTQwV0sNG9WEXoRaCYEywdFdREtK1ZtHpKtG3Tcenv HCXcH5WIwC2qQ7NHHDEsOpdl4TbXU+5hs08R7QtNZnKWHXCeIo/5dPvLc7eb6clB tNg1w2rF1d+vDtorUjPoqdFHe5/PORC19B/PluOaTWvvGupAb+JthaTDFBloTAYb +ml5uiVjFb+dupsNsnzq+hzdUKFH1BNF+QJCROPV/dV411E9JnloJu5/h4cjgucz ihDmWZP69Ej3nCjmyTZohWnUtGp9S4eFbYFMpSxzL3iI/Snuv94zivDHjRUG49dP oKUab34qZFIy5PZIEPv7OqejROhO9QIDAQABo4IBhDCCAYAwJQYDVR0RBB4wHIIO d3d3LmNjaG9zcC5jb22CCmNjaG9zcC5jb20wCQYDVR0TBAIwADAOBgNVHQ8BAf8E BAMCBaAwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcCARYXaHR0cHM6 Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9kLnN5bWNi LmNvbS9ycGEwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NzLnN5bWNiLmNvbS9z cy5jcmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaA FF9gz2GQVd+EQxSKYCqy9Xr0QxjvMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcw AYYTaHR0cDovL3NzLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NzLnN5 bWNiLmNvbS9zcy5jcnQwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQEL BQADggEBACzrl6XG1RMUrSplz5PTwHO4oj/EtYvp6CoWPzm3FZvevmykKvlURcZu XEQvT7ohkR+tDQPlmlHL8QsaNco4/w7W3GLH4ggfVYVvaU2Q9vKR4qPAmqpG8p1V N/9IqLA8Sf6oKwCwBpbx33LRNVgdmJa3WPcn7NThuOluVYRG79KjicAX/Dzj5wF8 G8H9L78jgSg7Fvriwn6hwBJU7gYrD6+OQI1lrO4ExrluCDRpSklcovzVheEQuLQ1 jWYpZNqUlv1qrNZALkxxeGEWKVDXmduS1WnRCASs9+XujRXkncv1wX75VxB4GGY6 8Ss2wKtt+z33sMVHxlB0KPhnpQOjE5Q= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGuGbtI5O1HeS7fTQwV0 sNG9WEXoRaCYEywdFdREtK1ZtHpKtG3TcenvHCXcH5WIwC2qQ7NHHDEsOpdl4TbX U+5hs08R7QtNZnKWHXCeIo/5dPvLc7eb6clBtNg1w2rF1d+vDtorUjPoqdFHe5/P ORC19B/PluOaTWvvGupAb+JthaTDFBloTAYb+ml5uiVjFb+dupsNsnzq+hzdUKFH 1BNF+QJCROPV/dV411E9JnloJu5/h4cjguczihDmWZP69Ej3nCjmyTZohWnUtGp9 S4eFbYFMpSxzL3iI/Snuv94zivDHjRUG49dPoKUab34qZFIy5PZIEPv7OqejROhO 9QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 64798346033357611560441395413063969199 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Class 3 Secure Server CA - G4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Philadelphia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'University of Pennsylvania Health System' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.cchosp.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21766011071204001953436014683634534042383070317192261681672696966033823001987433174750260585631459160785100347120787082857893702156785561331399286421784283069454517393381048472805824100000119151001190983043526649863582118646018571139197096086229185934685637563595939226163266357871298046151117435227468161465535603081173931412685003398357854433492749740646428867997172369463984148839212290555402123842183831936440759201786262894883531209224249371800920770199236053011224897942864606867338923562710644597929466692875714145373991446851406247955168876154027188454494588525734768387597402669999712702340256972558079381237 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cchosp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cchosp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ss.symcb.com/ss.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5f60cf619055df8443148a602ab2f57af44318ef . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ss.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ss.symcb.com/ss.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002ceb97a5c6d51314ad2a65cf93d3c073b8a23fc4b58be9e82a163f39b7159bdebe6ca42af95445c66e5c442f4fba21911fad0d03e59a51cbf10b1a35ca38ff0ed6dc62c7e2081f55856f694d90f6f291e2a3c09aaa46f29d5537ff48a8b03c49fea82b00b00696f1df72d135581d9896b758f727ecd4e1b8e96e558446efd2a389c017fc3ce3e7017c1bc1fd2fbf2381283b16fae2c27ea1c01254ee062b0faf8e408d65acee04c6b96e0834694a495ca2fcd585e110b8b4358d662964da9496fd6aacd6402e4c717861162950d799db92d569d10804acf7e5ee8d15e49dcbf5c17ef957107818663af12b36c0ab6dfb3df7b0c547c6507428f867a503a31394