cafe.loacker.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 08:b2:25:8b:88:32:6b:0e:1e:2e:c1:e8:05:84:7c:8f was issued on by Amazon.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=cafe.loacker.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:b2:25:8b:88:32:6b:0e:1e:2e:c1:e8:05:84:7c:8fSerial Number (int): 11558814311119364075984130141363403919
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: d4:20:63:97:f3:f4:79:e8:5e:79:87:d9:f6:a6:c8:a3:31:2b:3b:4a
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 29:46:8c:19:99:b0:54:2b:53:e9:98:e5:88:e0:23:2e:08:de:8c:b7
Fingerprint (sha256): dd:4c:a8:ec:0d:85:e8:18:39:b0:5d:1d:ae:f4:a2:a4:2c:01:57:0d:6e:62:a4:75:a1:15:a1:9d:44:92:ea:be
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate cafe.loacker.com
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cafe.loacker.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cafe.loacker.com
*.estatepiuchebuona.it
estatepiuchebuona.it
*.cafe.loacker.com
loacker.it
loacker.jp
tempodibonta.it
*.tempodibonta.it
*.loacker.jp
*.loackerfamily.it
*.estatepiuchebuona.it
estatepiuchebuona.it
*.cafe.loacker.com
loacker.it
loacker.jp
tempodibonta.it
*.tempodibonta.it
*.loacker.jp
*.loackerfamily.it
Other certificates including the domain name loacker.com
(limited to 100 certificates)
*.loacker.com
*.net.loacker.com
*.loacker.com
servicedesk.cheaperwaste.co.uk
sg2.loacker.com
consumer-hub.loacker.com
*.net.loacker.com
loacker.com
portal.loacker.com
consumer-hub.loacker.com
r.loacker.com
www.loacker.com
www.loacker-family.com
sip.loacker.com
cafe.loacker.com
www.loacker.com
*.loacker.com
shop.loacker.com
estatechebonta.loacker.com
plovcq.loacker.com
*.loacker.com
www.loacker.com
datapoc.loacker.com
consumer-hub.loacker.com
loacker.com
sip.loacker.com
loacker.com
consumer-hub.loacker.com
portal.loacker.com
loacker.com
*.loacker.com
consumer-hub.loacker.com
consumer-hub.loacker.com
*.loacker.com
loacker.com
estatechebonta.loacker.com
sg2.loacker.com
loacker.com
servicemanager.loacker.com
www.loacker-family.com
consumer-hub.loacker.com
test-shop.loacker.com
*.loacker.com
*.loacker.com
consumer-hub.loacker.com
sip.loacker.com
*.net.loacker.com
sip.loacker.com
loacker.com
www.loacker-family.com
loacker.com
consumer-hub.loacker.com
cafe.loacker.com
loacker.com
loacker.com
shop.loacker.com
consumer-hub.loacker.com
*.net.loacker.com
*.net.loacker.com
plovcq.loacker.com
sip.loacker.com
loacker.com
servicedesk.cheaperwaste.co.uk
*.net.loacker.com
*.loacker.com
servicedesk.cheaperwaste.co.uk
sg2.loacker.com
consumer-hub.loacker.com
*.net.loacker.com
loacker.com
portal.loacker.com
consumer-hub.loacker.com
r.loacker.com
www.loacker.com
www.loacker-family.com
sip.loacker.com
cafe.loacker.com
www.loacker.com
*.loacker.com
shop.loacker.com
estatechebonta.loacker.com
plovcq.loacker.com
*.loacker.com
www.loacker.com
datapoc.loacker.com
consumer-hub.loacker.com
loacker.com
sip.loacker.com
loacker.com
consumer-hub.loacker.com
portal.loacker.com
loacker.com
*.loacker.com
consumer-hub.loacker.com
consumer-hub.loacker.com
*.loacker.com
loacker.com
estatechebonta.loacker.com
sg2.loacker.com
loacker.com
servicemanager.loacker.com
www.loacker-family.com
consumer-hub.loacker.com
test-shop.loacker.com
*.loacker.com
*.loacker.com
consumer-hub.loacker.com
sip.loacker.com
*.net.loacker.com
sip.loacker.com
loacker.com
www.loacker-family.com
loacker.com
consumer-hub.loacker.com
cafe.loacker.com
loacker.com
loacker.com
shop.loacker.com
consumer-hub.loacker.com
*.net.loacker.com
*.net.loacker.com
plovcq.loacker.com
sip.loacker.com
loacker.com
servicedesk.cheaperwaste.co.uk
Certificate
The complete raw certificate details for cafe.loacker.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGcDCCBVigAwIBAgIQCLIli4gyaw4eLsHoBYR8jzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDYxNTAwMDAwMFoXDTI0MDcxMzIzNTk1OVowGzEZ MBcGA1UEAxMQY2FmZS5sb2Fja2VyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKcQP8+5etbjAeRBVKno9PPEB2SIvg08NHKfodUkaagUnTd97NPC wGNvupbFyOqAHpkHItcJLilojY8a3UqLz7vMiO0KZkayEHUXPHtmhhXHZGD6cRs/ R7bKlVebhuQKvHMwnBaZ/+k7DpbooySXM9EHag3O88/+HTpZ6WcqfaCXj5mgkL/t 0fRbrsj8HyoWm+TYxXVcHk7F74rGnDQFtphoHh7Mr/yMiYlpuFxFSfukBXXh1YHz cq2ac7VZzELYnF42WALX+IDImawdfN9UT2v2R/I/u+vQpPf1TlPydB/jOr1OulYU k1kDbK9qTNhKGWvvlFYCFFkQPoMgHRxSx0UCAwEAAaOCA40wggOJMB8GA1UdIwQY MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTUIGOX8/R56F55h9n2 psijMSs7SjCBvQYDVR0RBIG1MIGyghBjYWZlLmxvYWNrZXIuY29tghYqLmVzdGF0 ZXBpdWNoZWJ1b25hLml0ghRlc3RhdGVwaXVjaGVidW9uYS5pdIISKi5jYWZlLmxv YWNrZXIuY29tggpsb2Fja2VyLml0ggpsb2Fja2VyLmpwgg90ZW1wb2RpYm9udGEu aXSCESoudGVtcG9kaWJvbnRhLml0ggwqLmxvYWNrZXIuanCCEioubG9hY2tlcmZh bWlseS5pdDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9u dHJ1c3QuY29tL3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEF BQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRy dXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVz dC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIB bwSCAWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiL21 mq8AAAQDAEcwRQIgZ8Z6asc5PDHAM+keKk7WvcOx5wE0Xv5lPV6RM+vmV0QCIQDT VtcAY2litem0SX7z47th+8zyoc25329PQqVgqhpwsAB2AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABiL21mpYAAAQDAEcwRQIgMgPHdjotoo0brV3y H3S+AT/bfm9uAY+lKzsl/xATZGACIQD32rCFxcfylZ1TQE7a3aAdNZtnxFIKoXov DrS3xuFFJQB3ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiL21 ml0AAAQDAEgwRgIhAJEISGeXUDT0oCNjOoTq/6s8oMxeKCo+wCEknuQTyNMPAiEA ywR8I6CjVusowAsaiv4nOEKYvuSqZR1ygdlFXO69Z80wDQYJKoZIhvcNAQELBQAD ggEBACeKl4t37G+SzcwFoqGGVoRR54CpvXsRzJ+whNMeKjsXvvAlGMMdBsCmlobG wy+fShpUBPMQuFk0ldkeKn2ZiDh/HIcIol+8uPJTHAeJT49u5VN2TdEDDzjTKVt8 BMDEB9NMkID9qc3Dbsr4kgYjtFJ+FphIYsQNe1KgInv5RzSQDAV8ivEfpEjJRH27 Tqc0eje2nwh3jeyaJeJgZv0MBGb+d7QA28sIpYoT6QRkIYq0uZK9SdxRxzQHlN9B n9Y9PX3Ps1vDdrSyaAd3rvGvSIPSmtEZp8ODCr8MGxfJwcfTGmloUO6/SsP9BA7+ NHQWrOnqqvnvsna8G3vkrJ2efQc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxA/z7l61uMB5EFUqej0 88QHZIi+DTw0cp+h1SRpqBSdN33s08LAY2+6lsXI6oAemQci1wkuKWiNjxrdSovP u8yI7QpmRrIQdRc8e2aGFcdkYPpxGz9HtsqVV5uG5Aq8czCcFpn/6TsOluijJJcz 0QdqDc7zz/4dOlnpZyp9oJePmaCQv+3R9FuuyPwfKhab5NjFdVweTsXvisacNAW2 mGgeHsyv/IyJiWm4XEVJ+6QFdeHVgfNyrZpztVnMQticXjZYAtf4gMiZrB1831RP a/ZH8j+769Ck9/VOU/J0H+M6vU66VhSTWQNsr2pM2EoZa++UVgIUWRA+gyAdHFLH RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11558814311119364075984130141363403919 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cafe.loacker.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21089809739743435637970114873152345184493344834009779386796624742186976423578736492562052576372476925948384690423667187206313256353509299398288777838964696589893216802045928625675184857455603048725346851816433280447037321013404861538942392376088819888992993097821317270422539571562397137127440992040602225194142448429267512727452544508227866318781063338361159308093006893476392696093203004655825582788646390963056618762288526997007556905625369489674449284850336332826896248959880761840614190120918334012326149772755012127053408334236651665057369542118924120141070401275709611209764065256960715459513434467844354131781 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d4206397f3f479e85e7987d9f6a6c8a3312b3b4a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (181 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cafe.loacker.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.estatepiuchebuona.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'estatepiuchebuona.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cafe.loacker.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'loacker.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'loacker.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tempodibonta.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tempodibonta.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.loacker.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.loackerfamily.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188bdb59aaf0000040300473045022067c67a6ac7393c31c033e91e2a4ed6bdc3b1e701345efe653d5e9133ebe65744022100d356d700636962b5e9b4497ef3e3bb61fbccf2a1cdb9df6f4f42a560aa1a70b000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000188bdb59a96000004030047304502203203c7763a2da28d1bad5df21f74be013fdb7e6f6e018fa52b3b25ff10136460022100f7dab085c5c7f2959d53404edadda01d359b67c4520aa17a2f0eb4b7c6e14525007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188bdb59a5d000004030048304602210091084867975034f4a023633a84eaffab3ca0cc5e282a3ec021249ee413c8d30f022100cb047c23a0a356eb28c00b1a8afe27384298bee4aa651d7281d9455ceebd67cd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00278a978b77ec6f92cdcc05a2a186568451e780a9bd7b11cc9fb084d31e2a3b17bef02518c31d06c0a69686c6c32f9f4a1a5404f310b8593495d91e2a7d9988387f1c8708a25fbcb8f2531c07894f8f6ee553764dd1030f38d3295b7c04c0c407d34c9080fda9cdc36ecaf8920623b4527e16984862c40d7b52a0227bf94734900c057c8af11fa448c9447dbb4ea7347a37b69f08778dec9a25e26066fd0c0466fe77b400dbcb08a58a13e90464218ab4b992bd49dc51c7340794df419fd63d3d7dcfb35bc376b4b2680777aef1af4883d29ad119a7c3830abf0c1b17c9c1c7d31a696850eebf4ac3fd040efe347416ace9eaaaf9efb276bc1b7be4ac9d9e7d07