museum.kusel.de
Issued by EuropeanSSL Server CA 2
About this certificate
This digital certificate with serial number ac:50:b6:23:a7:31:39:a9:b1:72:29:89:ea:51:bb:0c was issued on by EUNETIC GmbH.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=museum.kusel.de,OU=Domain Control Validated+OU=Provided by EUNETIC GmbH+OU=EuropeanSSL Single
EUNETIC GmbH
Organization:
EUNETIC GmbH
State / Province:
Baden-Württemberg
Locality: Durmersheim
Country: DE
Locality: Durmersheim
Country: DE
This certificate has expire since
Certificate Details
Serial Number (hex): ac:50:b6:23:a7:31:39:a9:b1:72:29:89:ea:51:bb:0cSerial Number (int): 229046293246965375263507571545996376844
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 6f:6f:62:3d:be:44:18:8c:31:f8:38:50:de:33:2c:6a:e2:44:09:1b
AuthorityKeyId: ee:e7:c5:9d:6f:48:1d:17:cb:d7:4e:3b:6a:02:0c:af:cf:e0:b6:bf
Fingerprint (sha1): 24:d2:c4:8b:6a:55:62:21:e5:9f:22:db:90:01:1a:20:30:c9:16:67
Fingerprint (sha256): db:e5:1a:f1:04:5b:60:ac:32:19:3d:01:bb:40:1c:f0:da:24:57:51:45:60:e2:e5:d8:66:e1:95:30:80:67:fa
Issuing Certificate URL: http://crt.usertrust.com/EuropeanSSLServerCA2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/EuropeanSSLServerCA2.crl
Check the revocation status for certificate museum.kusel.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for museum.kusel.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
museum.kusel.de
www.museum.kusel.de
www.museum.kusel.de
Other certificates including the domain name kusel.de
(limited to 100 certificates)
kusel.de
stadtwerke.kusel.de
kusel.de
stadtwerke.kusel.de
stadtwerke.kusel.de
kusel.de
kusel.de
stadt.kusel.de
kusel.de
kusel.de
kusel.de
kusel.de
museum.kusel.de
stadtwerke.kusel.de
stadtwerke.kusel.de
kusel.de
stadt.kusel.de
stadt.kusel.de
stadt.kusel.de
kusel.de
museum.kusel.de
kusel.de
stadtwerke.kusel.de
kusel.de
museum.kusel.de
kusel.de
stadtwerke.kusel.de
kusel.de
stadtwerke.kusel.de
kusel.de
stadtwerke.kusel.de
stadtwerke.kusel.de
kusel.de
kusel.de
stadt.kusel.de
kusel.de
kusel.de
kusel.de
kusel.de
museum.kusel.de
stadtwerke.kusel.de
stadtwerke.kusel.de
kusel.de
stadt.kusel.de
stadt.kusel.de
stadt.kusel.de
kusel.de
museum.kusel.de
kusel.de
stadtwerke.kusel.de
kusel.de
museum.kusel.de
kusel.de
stadtwerke.kusel.de
kusel.de
Certificate
The complete raw certificate details for museum.kusel.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgIRAKxQtiOnMTmpsXIpiepRuwwwDQYJKoZIhvcNAQELBQAw eTELMAkGA1UEBhMCREUxGzAZBgNVBAgMEkJhZGVuLVfDvHJ0dGVtYmVyZzEUMBIG A1UEBxMLRHVybWVyc2hlaW0xFTATBgNVBAoTDEVVTkVUSUMgR21iSDEgMB4GA1UE AxMXRXVyb3BlYW5TU0wgU2VydmVyIENBIDIwHhcNMTgwNTA0MDAwMDAwWhcNMTkw NTA0MjM1OTU5WjB9MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQx ITAfBgNVBAsTGFByb3ZpZGVkIGJ5IEVVTkVUSUMgR21iSDEbMBkGA1UECxMSRXVy b3BlYW5TU0wgU2luZ2xlMRgwFgYDVQQDEw9tdXNldW0ua3VzZWwuZGUwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw7P2y0/cnAgjZFvNx0MD2gMLq1ygF InHuo21MO8rGJhicN/3un5fwzxR6qjCSZu6lMbfjoHWp9ZBJq8nuIqLEgB/Ig3fF NfkIsOsYsN15ORHxNd3NS/7HBMcXaf6v6ZAwOArzUfRJyOJEnldmOvOqNrc1e8iO qQxyjviJWHk5Uj+3PCHBaUb7TImrtga//nDS+MgoWsWuJKNCpWSxj2YiCw1aUvK6 lPuNIq+gkZBU5uR40n32jcIV4dDjB3d86wfJ9sjvg3e6JuwGQ/bt8FoM6JW9/CzC HQGsXOfVwmMPkNwFZlCR0Ieg5mHrPJ8cxA5i4ckpRd5uFos51usEJzQDAgMBAAGj ggHNMIIByTAfBgNVHSMEGDAWgBTu58Wdb0gdF8vXTjtqAgyvz+C2vzAdBgNVHQ4E FgQUb29iPb5EGIwx+DhQ3jMsauJECRswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB /wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEoGA1UdIARDMEEw NQYKKwYBBAGB8moBATAnMCUGCCsGAQUFBwIBFhlodHRwczovL2Nwcy51c2VydHJ1 c3QuY29tMAgGBmeBDAECATBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsLnVz ZXJ0cnVzdC5jb20vRXVyb3BlYW5TU0xTZXJ2ZXJDQTIuY3JsMHQGCCsGAQUFBwEB BGgwZjA9BggrBgEFBQcwAoYxaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0V1cm9w ZWFuU1NMU2VydmVyQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNl cnRydXN0LmNvbTAvBgNVHREEKDAmgg9tdXNldW0ua3VzZWwuZGWCE3d3dy5tdXNl dW0ua3VzZWwuZGUwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQAD ggEBACYW7IctJHVIX4KMZ2WNA4jTPFtEnZGQ9qP5VmT1TMSjjhOL8vkaFjE4wSc6 mT8hvCasASo7aI2PnU2Ng1CLwqFm0lujZ3idC6KJi48w6iz3SvdSR0lDl/vEe5Rj aGy9c/RXfyAMfra44Vx/ujOk0fvKzDBSBaCaP3vzWCxWjji5ZoPq+B9Q5JH9HUf1 HJc2Z22Ho2/CcvxMnVCxcob4e0ayAN2NoMv4GtUbht+gohfTmhkyTXBid+tIw/A0 8MVf7Ec67nUOU3ltoCL2ya85JkPd3bbPP+H9XmNTGQEz+zcNX8+p8ywfYiPGq6kd Gi8jsHMUczxQp18hftXlcjYRm20= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOz9stP3JwII2RbzcdDA 9oDC6tcoBSJx7qNtTDvKxiYYnDf97p+X8M8UeqowkmbupTG346B1qfWQSavJ7iKi xIAfyIN3xTX5CLDrGLDdeTkR8TXdzUv+xwTHF2n+r+mQMDgK81H0ScjiRJ5XZjrz qja3NXvIjqkMco74iVh5OVI/tzwhwWlG+0yJq7YGv/5w0vjIKFrFriSjQqVksY9m IgsNWlLyupT7jSKvoJGQVObkeNJ99o3CFeHQ4wd3fOsHyfbI74N3uibsBkP27fBa DOiVvfwswh0BrFzn1cJjD5DcBWZQkdCHoOZh6zyfHMQOYuHJKUXebhaLOdbrBCc0 AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 229046293246965375263507571545996376844 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Württemberg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Durmersheim' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EUNETIC GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EuropeanSSL Server CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Provided by EUNETIC GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EuropeanSSL Single' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'museum.kusel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22334806296636094080403900934113732846416579767024558488640729971919732772841418303178184587476197494103570626448893400065738481589265847186827444742879259804376136496842498560588949456331266512211724445544439959775429286688582170750693364031908080703685791993552317934900620127075470683770075033416078626179691358348649170257678836080461735905226029110629493467494440428407927526794729676640986863335352633023761739474742506582680801686115369535410473265684039222448823193139071508141635099867583356782286405888707608515519542288136411648174729164568590986893613681103834584437194940503985145014643717938550451680259 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName eee7c59d6f481d17cbd74e3b6a020cafcfe0b6bf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6f6f623dbe44188c31f83850de332c6ae244091b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.31082.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/EuropeanSSLServerCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/EuropeanSSLServerCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'museum.kusel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.museum.kusel.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002616ec872d2475485f828c67658d0388d33c5b449d9190f6a3f95664f54cc4a38e138bf2f91a163138c1273a993f21bc26ac012a3b688d8f9d4d8d83508bc2a166d25ba367789d0ba2898b8f30ea2cf74af75247494397fbc47b9463686cbd73f4577f200c7eb6b8e15c7fba33a4d1fbcacc305205a09a3f7bf3582c568e38b96683eaf81f50e491fd1d47f51c9736676d87a36fc272fc4c9d50b17286f87b46b200dd8da0cbf81ad51b86dfa0a217d39a19324d706277eb48c3f034f0c55fec473aee750e53796da022f6c9af392643ddddb6cf3fe1fd5e6353190133fb370d5fcfa9f32c1f6223c6aba91d1a2f23b07314733c50a75f217ed5e57236119b6d