product-api.bluetree-qa.co.uk

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 0c:16:55:a4:ad:aa:c3:93:3d:ea:b4:78:cb:18:b1:5a was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=product-api.bluetree-qa.co.uk

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0c:16:55:a4:ad:aa:c3:93:3d:ea:b4:78:cb:18:b1:5a
Serial Number (int): 16066703532289067080035055577142440282
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: fb:ce:59:48:45:ed:5c:c3:d4:a1:cf:98:82:e2:19:70:01:f7:8a:7a
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): fe:9c:b2:3d:15:2f:f8:65:d9:5c:54:f5:ae:0d:01:35:2c:c6:55:63
Fingerprint (sha256): d5:0c:a0:0f:d2:bd:7b:4e:9b:d7:3b:38:b0:29:0e:fa:4d:ac:9d:08:04:b4:7f:34:f7:9a:8d:b2:f4:fb:a0:75

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate product-api.bluetree-qa.co.uk

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for product-api.bluetree-qa.co.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

product-api.bluetree-qa.co.uk

Other certificates including the domain name bluetree-qa.co.uk

(limited to 100 certificates)
product-api.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
otis-uat.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
smc.bluetree-qa.co.uk
bluetree-medical.bluetree-qa.co.uk
ops-cluster-default.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
default-api-cluster.bluetree-qa.co.uk
smc.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
default.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
otis-uat.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
route1print.bluetree-qa.co.uk
ops-cluster-default.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
api.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
smc-api-gateway.bluetree-qa.co.uk
default.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
ops-cluster-default.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
bluetree-medical.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
default-api-cluster.bluetree-qa.co.uk
default-api-cluster.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
coconut.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
ops-cluster-default.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
default.bluetree-qa.co.uk
otis-uat.bluetree-qa.co.uk
otis-uat.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
sams-uat.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
default-api-cluster.bluetree-qa.co.uk
connect.bluetree-qa.co.uk
smc.bluetree-qa.co.uk
smc-api-gateway.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
otis-uat.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
default-api-cluster.bluetree-qa.co.uk
sams.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
default-api-cluster.bluetree-qa.co.uk
results-api.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
salesforce-sandbox.bluetree-qa.co.uk
default.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
otis.bluetree-qa.co.uk
ipd.bluetree-qa.co.uk
product-api.bluetree-qa.co.uk
ops-cluster-default.bluetree-qa.co.uk
bluetree-medical.bluetree-qa.co.uk

Certificate

The complete raw certificate details for product-api.bluetree-qa.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEeTCCA2GgAwIBAgIQDBZVpK2qw5M96rR4yxixWjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMTIwNzAwMDAwMFoXDTI1MDEwNTIzNTk1OVowKDEm
MCQGA1UEAxMdcHJvZHVjdC1hcGkuYmx1ZXRyZWUtcWEuY28udWswggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0b12xiXLHKGXhqie35Dgvh+G5pFWSAeEw
KSyopYl96pd5hDyW7W8JajHxPXbSBXsqsDkJ4Y4xp4J18c24nwIUPhVHiZ3n9U/W
H+TtLMWru5YnjT85ctBxUEy/lIZJ/2LjmfPH4FWav81iHBKzmMj2JeaJ4uBg1kkn
MX17oIDPVtT9AwTf5cQMud2zVwMDaLHcWCUjowZYbxw3PYhFkkgCj1v34GvkVsLO
8XskzBp31uupnfcNSbp0KmvOwWsg7oz5CDr0AC8+MQxNbXSVjR6mc2jLb2drwIlg
jJEcfn74HkJBnmU3u8ZJSCO2iJqt0uCCDI2AtEl7nOYRxL0a7jy7AgMBAAGjggGJ
MIIBhTAfBgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU
+85ZSEXtXMPUoc+YguIZcAH3inowKAYDVR0RBCEwH4IdcHJvZHVjdC1hcGkuYmx1
ZXRyZWUtcWEuY28udWswEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg
LqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmww
dQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5h
bWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1h
em9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkC
BAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQC2S4ZSApbXld4Mw5KJL/k2HR40
t4bZ2rv0y4skWkBCnkqE+j/ISh1TFPjoXfXDRcBIvjtRBP6cZVkU/RQlVrUhMRdZ
pOGCqf10do1b6Gl0r/PoUFfrfgNeoKZ7oOBYDbHX8/jNwSlSumvSbPdF688tyAT/
a5VMjkPO+cnP2IIkQWkuRmRl4eUYC2pnW1fqZBqs5ipZIdiIspAfhHLc+mmeJsj1
Ux36ox40d2wZoy1+PW/+ftGgVVvm7kRCZAkwEnDBUgnt2puE5smAH2uRTTfOxHUX
iFmqds+sbVuZ89xOa+wBx5eBKN69Pw7tMslawmvO9LZl0Qe7w1GyHCNFRxi8
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG9dsYlyxyhl4aont+Q4
L4fhuaRVkgHhMCksqKWJfeqXeYQ8lu1vCWox8T120gV7KrA5CeGOMaeCdfHNuJ8C
FD4VR4md5/VP1h/k7SzFq7uWJ40/OXLQcVBMv5SGSf9i45nzx+BVmr/NYhwSs5jI
9iXmieLgYNZJJzF9e6CAz1bU/QME3+XEDLnds1cDA2ix3FglI6MGWG8cNz2IRZJI
Ao9b9+Br5FbCzvF7JMwad9brqZ33DUm6dCprzsFrIO6M+Qg69AAvPjEMTW10lY0e
pnNoy29na8CJYIyRHH5++B5CQZ5lN7vGSUgjtoiardLgggyNgLRJe5zmEcS9Gu48
uwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16066703532289067080035055577142440282
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'product-api.bluetree-qa.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22777811510452280289718386754312811602040332006412743256176509934624854140941993120353323577929434825095403764485420948395063267512201074061725014497173748036013810633586056021179474880407562713189719035561100754245813811874493861312791240005731306015429051361674811588518139979069086318708992015566331760237920296411893203219982983874996374219980208875493603658392878588651772273318739289318994473382816725414181252782677519499002585731316303636610460222316973555807679347529008245887046624706041829053449665753953743180761911854860886306339219210049635460030100796688671186899086294869113527408726953869550898003131
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fbce594845ed5cc3d4a1cf9882e2197001f78a7a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'product-api.bluetree-qa.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b64b86520296d795de0cc392892ff9361d1e34b786d9dabbf4cb8b245a40429e4a84fa3fc84a1d5314f8e85df5c345c048be3b5104fe9c655914fd142556b521311759a4e182a9fd74768d5be86974aff3e85057eb7e035ea0a67ba0e0580db1d7f3f8cdc12952ba6bd26cf745ebcf2dc804ff6b954c8e43cef9c9cfd8822441692e466465e1e5180b6a675b57ea641aace62a5921d888b2901f8472dcfa699e26c8f5531dfaa31e34776c19a32d7e3d6ffe7ed1a0555be6ee44426409301270c15209edda9b84e6c9801f6b914d37cec475178859aa76cfac6d5b99f3dc4e6bec01c7978128debd3f0eed32c95ac26bcef4b665d107bbc351b21c23454718bc