origin-interactive.associatedpress.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0f:04:08:58:a9:67:fe:cd:5b:3b:52:41:07:68:27:43 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=origin-interactive.associatedpress.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:04:08:58:a9:67:fe:cd:5b:3b:52:41:07:68:27:43Serial Number (int): 19959358407991697161167073639553050435
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 66:ad:82:be:35:cd:c1:24:80:b8:4a:cd:6b:3e:cb:47:9d:c1:4b:f5
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 7b:e2:17:4e:00:08:af:b6:15:02:07:92:46:10:4b:69:22:9a:dd:0d
Fingerprint (sha256): d3:0b:80:fd:b2:dc:5d:40:98:69:d5:28:82:7f:16:6a:5e:58:97:c5:86:ee:10:2b:0f:81:84:39:9c:7c:ca:17
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate origin-interactive.associatedpress.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for origin-interactive.associatedpress.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
origin-interactive.associatedpress.com
interactives.ap.org
interactives.ap.org
Other certificates including the domain name associatedpress.com
(limited to 100 certificates)
ap.org
epix.ap.org
*.dne.associatedpress.com
salesagency.associatedpress.com
associatedpress.com
kibana.associatedpress.com
transref.associatedpress.com
*.dne.associatedpress.com
ppc.associatedpress.com
igmapi.associatedpress.com
*.associatedpress.com
ap.org
nrmailsvc-use1.associatedpress.com
binaryapi.associatedpress.com
associatedpress.com
nrmailsvc-usw2.associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
*.associatedpress.com
kpapiv.associatedpress.com
fox.associatedpress.com
transref.associatedpress.com
*.associatedpress.com
*.associatedpress.com
apnsapi-use1-2.associatedpress.com
associatedpress.com
votecastint.associatedpress.com
origin-interactive.associatedpress.com
transref.associatedpress.com
newsdesk.associatedpress.com
binaryapi.associatedpress.com
ppcapi.associatedpress.com
fox.associatedpress.com
kibana.associatedpress.com
vcapi.associatedpress.com
interactives.associatedpress.com
*.dne.associatedpress.com
nrcartsvc-use1.associatedpress.com
ppcapiext.associatedpress.com
fox.associatedpress.com
apcbo.associatedpress.com
apcbo.associatedpress.com
nrmailsvc-usw2-2.associatedpress.com
vcapi.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
apnsapi-usw2-2.associatedpress.com
igmapi.associatedpress.com
transref.associatedpress.com
ppcapi.associatedpress.com
newsdesk.associatedpress.com
ppc.associatedpress.com
fox.associatedpress.com
vcapiint.associatedpress.com
kpapiv.associatedpress.com
hiveprod1.associatedpress.com
ppcapiext.associatedpress.com
origin-interactive.associatedpress.com
origin-interactive.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.associatedpress.com
epix.ap.org
*.associatedpress.com
sharingnetwork.associatedpress.com
*.associatedpress.com
igmapi.associatedpress.com
*.dne.associatedpress.com
ap.org
*.associatedpress.com
*.dne.associatedpress.com
kpapi.associatedpress.com
*.dne.associatedpress.com
ingestwf.associatedpress.com
nrmailsvc-use1-2.associatedpress.com
transref.associatedpress.com
associatedpress.com
epix.ap.org
*.dne.associatedpress.com
salesagency.associatedpress.com
associatedpress.com
kibana.associatedpress.com
transref.associatedpress.com
*.dne.associatedpress.com
ppc.associatedpress.com
igmapi.associatedpress.com
*.associatedpress.com
ap.org
nrmailsvc-use1.associatedpress.com
binaryapi.associatedpress.com
associatedpress.com
nrmailsvc-usw2.associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
*.associatedpress.com
kpapiv.associatedpress.com
fox.associatedpress.com
transref.associatedpress.com
*.associatedpress.com
*.associatedpress.com
apnsapi-use1-2.associatedpress.com
associatedpress.com
votecastint.associatedpress.com
origin-interactive.associatedpress.com
transref.associatedpress.com
newsdesk.associatedpress.com
binaryapi.associatedpress.com
ppcapi.associatedpress.com
fox.associatedpress.com
kibana.associatedpress.com
vcapi.associatedpress.com
interactives.associatedpress.com
*.dne.associatedpress.com
nrcartsvc-use1.associatedpress.com
ppcapiext.associatedpress.com
fox.associatedpress.com
apcbo.associatedpress.com
apcbo.associatedpress.com
nrmailsvc-usw2-2.associatedpress.com
vcapi.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
apnsapi-usw2-2.associatedpress.com
igmapi.associatedpress.com
transref.associatedpress.com
ppcapi.associatedpress.com
newsdesk.associatedpress.com
ppc.associatedpress.com
fox.associatedpress.com
vcapiint.associatedpress.com
kpapiv.associatedpress.com
hiveprod1.associatedpress.com
ppcapiext.associatedpress.com
origin-interactive.associatedpress.com
origin-interactive.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.associatedpress.com
epix.ap.org
*.associatedpress.com
sharingnetwork.associatedpress.com
*.associatedpress.com
igmapi.associatedpress.com
*.dne.associatedpress.com
ap.org
*.associatedpress.com
*.dne.associatedpress.com
kpapi.associatedpress.com
*.dne.associatedpress.com
ingestwf.associatedpress.com
nrmailsvc-use1-2.associatedpress.com
transref.associatedpress.com
associatedpress.com
Certificate
The complete raw certificate details for origin-interactive.associatedpress.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIQDwQIWKln/s1bO1JBB2gnQzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAzMjgwMDAwMDBaFw0yMTA0Mjgx MjAwMDBaMDExLzAtBgNVBAMTJm9yaWdpbi1pbnRlcmFjdGl2ZS5hc3NvY2lhdGVk cHJlc3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JLCMfrn Z+FtCWQTU9OxhCYe0F3v8FLQKi1y0TtIZnYS8adVuiN5xDo/yQ788YMesgAwJdjE JAEN3qTQ5dt5frvlOtcg7cKywTThxbCX4ic0Rt14wB6IG3ewMudikiU6ZhdR7Pah nuHOvox0qv6EwwTmZYyIOEB3vtMj4N8PTuxAMLPsdFk48vHpm2bgH6eCQdJDMcUW e3ks06znFrA563RoK3ztoj4q8oBQ3mOU6O0BEUEF0LyyO5cy0nBA0jARcbcg4rB5 BVPvmQbG+4Kpv0EsLWlhzCel+cQ0qV1yDd+ufdxF1i9qQn4Afrp1p57QqIkq3FRD qnyU3PgKy8d78QIDAQABo4IBtDCCAbAwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOU ByeWdFv5PdAwHQYDVR0OBBYEFGatgr41zcEkgLhKzWs+y0edwUv1MEYGA1UdEQQ/ MD2CJm9yaWdpbi1pbnRlcmFjdGl2ZS5hc3NvY2lhdGVkcHJlc3MuY29tghNpbnRl cmFjdGl2ZXMuYXAub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2Ex Yi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9 bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6 Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDov L2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQC MAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAK2/wz72 ddnD2B1aluiupnTE7wNdBxDzvLVefP6yOpLWjhpHyfl66U9wBiSccH1LIXr40zFF 9Wpsw01sQ0tMCZTVbT1337aP0N/EL9zaLpYvB58sKS72Hr6UP9vcdVGugusd95xR UaS2H5Uxet8XzkyWjPhvOEB3viuqciDgYR/2ZKl/VDbKktd+ZtFsKahCNXOPxIcX RG5rXKnmgGR/apkdngbUFXWo+hPYYvGPOuVnMMOgaHAbd14ks1uA9buamPeSmG7m jQSDNWgBWqK4Y5UpCAWfEP+jOvczC663Zqgoh1TCF6N0xhFWtsncFKzzlBOCNkxF 9HH/aeuqAoDt+u0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JLCMfrnZ+FtCWQTU9Ox hCYe0F3v8FLQKi1y0TtIZnYS8adVuiN5xDo/yQ788YMesgAwJdjEJAEN3qTQ5dt5 frvlOtcg7cKywTThxbCX4ic0Rt14wB6IG3ewMudikiU6ZhdR7PahnuHOvox0qv6E wwTmZYyIOEB3vtMj4N8PTuxAMLPsdFk48vHpm2bgH6eCQdJDMcUWe3ks06znFrA5 63RoK3ztoj4q8oBQ3mOU6O0BEUEF0LyyO5cy0nBA0jARcbcg4rB5BVPvmQbG+4Kp v0EsLWlhzCel+cQ0qV1yDd+ufdxF1i9qQn4Afrp1p57QqIkq3FRDqnyU3PgKy8d7 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19959358407991697161167073639553050435 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-28 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'origin-interactive.associatedpress.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27339843223310713898110987361528085451798326989097709241896692435372393189724689299059122886563145331340582400002735220715621888782582439318143282412333691057518110751943169581321166971795569220578793479780316463758453710144221696373489238648687597296089578092084477851730387049065819467231454822900213380395480538825961853585430627858593948477060619533809687270755116569596516458170158643570958492516276381100559934694698998914591316605001305778512134235515225802843368056620940155847809214543338620468610673470353103267792541726016730713074342391835857194876180887778205587484984150800458578790811719484580301339633 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 66ad82be35cdc12480b84acd6b3ecb479dc14bf5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'origin-interactive.associatedpress.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'interactives.ap.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00adbfc33ef675d9c3d81d5a96e8aea674c4ef035d0710f3bcb55e7cfeb23a92d68e1a47c9f97ae94f7006249c707d4b217af8d33145f56a6cc34d6c434b4c0994d56d3d77dfb68fd0dfc42fdcda2e962f079f2c292ef61ebe943fdbdc7551ae82eb1df79c5151a4b61f95317adf17ce4c968cf86f384077be2baa7220e0611ff664a97f5436ca92d77e66d16c29a84235738fc48717446e6b5ca9e680647f6a991d9e06d41575a8fa13d862f18f3ae56730c3a068701b775e24b35b80f5bb9a98f792986ee68d04833568015aa2b863952908059f10ffa33af7330baeb766a8288754c217a374c61156b6c9dc14acf3941382364c45f471ff69ebaa0280edfaed