cms.amazonmusic.com

Issued by Amazon

About this certificate

This digital certificate with serial number 02:cc:27:41:52:37:e1:c5:7a:6c:65:f5:00:55:32:d3 was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=cms.amazonmusic.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:cc:27:41:52:37:e1:c5:7a:6c:65:f5:00:55:32:d3
Serial Number (int): 3718480739961370325074179198933086931
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 46:db:fc:f6:02:e1:42:cb:3d:e1:3d:cb:e2:7c:61:66:d5:3e:6c:08
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 08:b2:f9:c9:af:43:18:8d:51:34:21:4e:1e:0d:14:2d:e9:5f:c1:aa
Fingerprint (sha256): df:7b:75:a5:93:1c:69:16:77:bc:66:d8:c2:7e:11:98:dc:09:58:a3:ab:bc:05:f2:a9:83:21:c5:d7:c0:ad:6e

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate cms.amazonmusic.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cms.amazonmusic.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cms.amazonmusic.com
prod.music.amazon-topics.psdops.com
*.prod.music.amazon-topics.psdops.com
*.origin.prod.music.amazon-topics.psdops.com

Other certificates including the domain name amazonmusic.com

(limited to 100 certificates)
sonos-na.amazon.com
san-13-s11.tlsprovisioning.exacttarget.com
sonos-eu.amazon.com
sonos-eu.amazon.com
artists.amazonmusic.com
sonos-eu.amazon.com
www.amazonmusic.com
www.amazonmusic.com
artists.amazonmusic.com
*.download.cdn.delivery.amazonmusic.com
sonos-na.amazon.com
cms.amazonmusic.com
sonos-na.amazon.com
san-13-s11.tlsprovisioning.exacttarget.com
www.amazonmusic.com
sonos-na.amazon.com
sonos-eu.amazon.com
cms.amazonmusic.com
sonos-na.amazon.com
posters.amazon.com
jobfinder.amazon.com
sonos-na.amazon.com
sonos-eu.amazon.com
sonos-na.amazon.com
influencer.amazonmusic.com
music2.production.k1.amazon.brightspot.cloud
sonos-eu.amazon.com
www.amazonmusic.com
artists.amazonmusic.com
sonos-eu.amazon.com
*.streaming.cdn.delivery.amazonmusic.com
sonos-na.amazon.com
www.amazonmusic.com
sonos-na.amazon.com
assets.amazonmusic.com
sonos-eu.amazon.com
posters.amazon.com
mi.amazonmusic.com
sonos-eu.amazon.com
sonos-na.amazon.com
www.artists.amazonmusic.com
assets.amazonmusic.com
www.amazonmusic.com
sonos-na.amazon.com
aol.amazon.com
jobfinder.amazon.com
www.amazonmusic.com
san-13-s11.tlsprovisioning.exacttarget.com
mi.amazonmusic.com
amazonmusic.com
san-13-s11.tlsprovisioning.exacttarget.com
sonos-eu.amazon.com
posters.amazon.com
san-13-s11.tlsprovisioning.exacttarget.com
sonos-na.amazon.com
www.amazonmusic.com
www.amazonmusic.com
sonos-eu.amazon.com
amazonmusic.com
artists.amazonmusic.com
sonos-na.amazon.com
posters.amazon.com
sonos-eu.amazon.com
sonos-eu.amazon.com
cms.amazonmusic.com
sonos-eu.amazon.com
san-13-s11.tlsprovisioning.exacttarget.com
sonos-na.amazon.com
assets.amazonmusic.com
sonos-na.amazon.com
sonos-na.amazon.com
assets.amazonmusic.com
www.amazonmusic.com
influencer.amazonmusic.com

Certificate

The complete raw certificate details for cms.amazonmusic.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIQAswnQVI34cV6bGX1AFUy0zANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTEyMTcwMDAwMDBaFw0yMTAxMTcx
MjAwMDBaMB4xHDAaBgNVBAMTE2Ntcy5hbWF6b25tdXNpYy5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx7fZf5Y6tX4b/EXcm9sTNfSVYHyoUF/6u
A3Sat376MubXK3Y65Mc+VByiDdrVRHErbOM0Z2n0jTeNBuZJ6RRNx2/f9X0qBu4p
jIvqnjyHActP/RXDQJdmpSVP+BRNy6m4mdfIzx1AFSH4LQoLj8r2Fq6+FJ/hrNmK
hSnH4qVnjBRyVheB9h9Qp0IH16Qbm8N96RkffbCxx0WhWtT/jcp61a00Jlv5CirG
yPkfkSFrNzXbxEyd18bRfzFO79yW/XIPzXxm9PlLHubLyX+YeAtWILDuqGyQ+GWI
6KxG3y29yQhXKW6XxMAKPuPOaXJQKp8qoPZoBBvCJcDJB21YUzJ5AgMBAAGjggIJ
MIICBTAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU
Rtv89gLhQss94T3L4nxhZtU+bAgwgZoGA1UdEQSBkjCBj4ITY21zLmFtYXpvbm11
c2ljLmNvbYIjcHJvZC5tdXNpYy5hbWF6b24tdG9waWNzLnBzZG9wcy5jb22CJSou
cHJvZC5tdXNpYy5hbWF6b24tdG9waWNzLnBzZG9wcy5jb22CLCoub3JpZ2luLnBy
b2QubXVzaWMuYW1hem9uLXRvcGljcy5wc2RvcHMuY29tMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6g
LIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAG
A1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcw
LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2
BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2Nh
MWIuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZI
hvcNAQELBQADggEBAIDQJKgwOSLPpjvO5lXx8IYqLtuyygjgHZ60aCXEhknb4kry
lxvaHzWHEqhFQ4oALvk73gWdMuCdLqjU8vYvyI8eDT9Y6ok1CkRpjj/OXYHG4nR/
0gmo5W3ilXQEVFZYEGhCKF1ol0kaiB+gwyUILI5vJaHjslnxSGp83FyzL78mtEIH
eiH+nLIKofszaxmHW4OQe0/LO4MA5YIR72EWHEg32xfMNpRvJBfoKfDH8FHodB/5
IbRCZfKPK+l0JOtNoaw5YgBavOUfxYXLOFVXNEAoXQbpqpA36eNCGkwoD5c+EHuC
Ol/aoxdR3S9ckzCWYEncYQ9gtOAWQemTxbS4Cb8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse32X+WOrV+G/xF3JvbE
zX0lWB8qFBf+rgN0mrd++jLm1yt2OuTHPlQcog3a1URxK2zjNGdp9I03jQbmSekU
Tcdv3/V9KgbuKYyL6p48hwHLT/0Vw0CXZqUlT/gUTcupuJnXyM8dQBUh+C0KC4/K
9hauvhSf4azZioUpx+KlZ4wUclYXgfYfUKdCB9ekG5vDfekZH32wscdFoVrU/43K
etWtNCZb+Qoqxsj5H5Ehazc128RMndfG0X8xTu/clv1yD818ZvT5Sx7my8l/mHgL
ViCw7qhskPhliOisRt8tvckIVylul8TACj7jzmlyUCqfKqD2aAQbwiXAyQdtWFMy
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3718480739961370325074179198933086931
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-17 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cms.amazonmusic.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22461523612268006352464802978453267103791846707096575714490321730742286416181068905390156142902607715134167043456753981238869056519578227806277743446835628425487135635912922313642579992363448831115116347549246227523967565013921043743386945550190295702216077287575576814076306843796332945366832747708904726889760553500778527799439494001679826628584574934374826856653183806951329230537893280470091176816420893386627381485493585559698139750592601051297697533362966729690152206980452837302289210290357182234700996061906091213561795947890283830388206335127091623489836702988278213648474557392326586789147364746314229428857
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							46dbfcf602e142cb3de13dcbe27c6166d53e6c08
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (146 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.amazonmusic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.music.amazon-topics.psdops.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prod.music.amazon-topics.psdops.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.origin.prod.music.amazon-topics.psdops.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0080d024a8303922cfa63bcee655f1f0862a2edbb2ca08e01d9eb46825c48649dbe24af2971bda1f358712a845438a002ef93bde059d32e09d2ea8d4f2f62fc88f1e0d3f58ea89350a44698e3fce5d81c6e2747fd209a8e56de2957404545658106842285d6897491a881fa0c325082c8e6f25a1e3b259f1486a7cdc5cb32fbf26b442077a21fe9cb20aa1fb336b19875b83907b4fcb3b8300e58211ef61161c4837db17cc36946f2417e829f0c7f051e8741ff921b44265f28f2be97424eb4da1ac3962005abce51fc585cb3855573440285d06e9aa9037e9e3421a4c280f973e107b823a5fdaa31751dd2f5c9330966049dc610f60b4e01641e993c5b4b809bf