Skip to content

Instantly share code, notes, and snippets.

@knknkn1162
Created September 24, 2022 10:25
Show Gist options
  • Save knknkn1162/8a545b6ad8022282eeb0ae0321edd3d0 to your computer and use it in GitHub Desktop.
Save knknkn1162/8a545b6ad8022282eeb0ae0321edd3d0 to your computer and use it in GitHub Desktop.
Certificate Length: 3570
Certificate: 30820dee30820cd6a003020102021100acffbc6b4dabe7320a432af944f30763300d0609… (id-at-commonName=*.google.com)
signedCertificate
version: v3 (2)
serialNumber: 0x00acffbc6b4dabe7320a432af944f30763
signature (sha256WithRSAEncryption)
Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
issuer: rdnSequence (0)
rdnSequence: 3 items (id-at-commonName=GTS CA 1C3,id-at-organizationName=Google Trust Services LLC,id-at-countryName=US)
RDNSequence item: 1 item (id-at-countryName=US)
RelativeDistinguishedName item (id-at-countryName=US)
Object Id: 2.5.4.6 (id-at-countryName)
CountryName: US
RDNSequence item: 1 item (id-at-organizationName=Google Trust Services LLC)
RelativeDistinguishedName item (id-at-organizationName=Google Trust Services LLC)
Object Id: 2.5.4.10 (id-at-organizationName)
DirectoryString: printableString (1)
printableString: Google Trust Services LLC
RDNSequence item: 1 item (id-at-commonName=GTS CA 1C3)
RelativeDistinguishedName item (id-at-commonName=GTS CA 1C3)
Object Id: 2.5.4.3 (id-at-commonName)
DirectoryString: printableString (1)
printableString: GTS CA 1C3
validity
notBefore: utcTime (0)
utcTime: 2022-09-05 08:17:24 (UTC)
notAfter: utcTime (0)
utcTime: 2022-11-28 08:17:23 (UTC)
subject: rdnSequence (0)
rdnSequence: 1 item (id-at-commonName=*.google.com)
RDNSequence item: 1 item (id-at-commonName=*.google.com)
RelativeDistinguishedName item (id-at-commonName=*.google.com)
Object Id: 2.5.4.3 (id-at-commonName)
DirectoryString: uTF8String (4)
uTF8String: *.google.com
subjectPublicKeyInfo
algorithm (id-ecPublicKey)
Algorithm Id: 1.2.840.10045.2.1 (id-ecPublicKey)
ECParameters: namedCurve (1)
namedCurve: 1.2.840.10045.3.1.7 (secp256r1)
Padding: 0
subjectPublicKey: 04ab21fdefc34cc9456b61b10153b20a0e41b6c6ba60c47203183a6898c8805da6b3dc1e…
extensions: 10 items
Extension (id-ce-keyUsage)
Extension Id: 2.5.29.15 (id-ce-keyUsage)
critical: True
Padding: 7
KeyUsage: 80
1... .... = digitalSignature: True
.0.. .... = contentCommitment: False
..0. .... = keyEncipherment: False
...0 .... = dataEncipherment: False
.... 0... = keyAgreement: False
.... .0.. = keyCertSign: False
.... ..0. = cRLSign: False
.... ...0 = encipherOnly: False
0... .... = decipherOnly: False
Extension (id-ce-extKeyUsage)
Extension Id: 2.5.29.37 (id-ce-extKeyUsage)
KeyPurposeIDs: 1 item
KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth)
Extension (id-ce-basicConstraints)
Extension Id: 2.5.29.19 (id-ce-basicConstraints)
critical: True
BasicConstraintsSyntax [0 length]
Extension (id-ce-subjectKeyIdentifier)
Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier)
SubjectKeyIdentifier: 820b02629b2e73637edb9ffb9fde5c7b772bf9a2
Extension (id-ce-authorityKeyIdentifier)
Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier)
AuthorityKeyIdentifier
keyIdentifier: 8a747faf85cdee95cd3d9cd0e24614f371351d27
Extension (id-pe-authorityInfoAccess)
Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess)
AuthorityInfoAccessSyntax: 2 items
AccessDescription
accessMethod: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp)
accessLocation: 6
uniformResourceIdentifier: http://ocsp.pki.goog/gts1c3
AccessDescription
accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers)
accessLocation: 6
uniformResourceIdentifier: http://pki.goog/repo/certs/gts1c3.der
Extension (id-ce-subjectAltName)
Extension Id: 2.5.29.17 (id-ce-subjectAltName)
GeneralNames: 131 items
GeneralName: dNSName (2)
dNSName: *.google.com
GeneralName: dNSName (2)
dNSName: *.appengine.google.com
GeneralName: dNSName (2)
dNSName: *.bdn.dev
GeneralName: dNSName (2)
dNSName: *.origin-test.bdn.dev
GeneralName: dNSName (2)
dNSName: *.cloud.google.com
GeneralName: dNSName (2)
dNSName: *.crowdsource.google.com
GeneralName: dNSName (2)
dNSName: *.datacompute.google.com
GeneralName: dNSName (2)
dNSName: *.google.ca
GeneralName: dNSName (2)
dNSName: *.google.cl
GeneralName: dNSName (2)
dNSName: *.google.co.in
GeneralName: dNSName (2)
dNSName: *.google.co.jp
GeneralName: dNSName (2)
dNSName: *.google.co.uk
GeneralName: dNSName (2)
dNSName: *.google.com.ar
GeneralName: dNSName (2)
dNSName: *.google.com.au
GeneralName: dNSName (2)
dNSName: *.google.com.br
GeneralName: dNSName (2)
dNSName: *.google.com.co
GeneralName: dNSName (2)
dNSName: *.google.com.mx
GeneralName: dNSName (2)
dNSName: *.google.com.tr
GeneralName: dNSName (2)
dNSName: *.google.com.vn
GeneralName: dNSName (2)
dNSName: *.google.de
GeneralName: dNSName (2)
dNSName: *.google.es
GeneralName: dNSName (2)
dNSName: *.google.fr
GeneralName: dNSName (2)
dNSName: *.google.hu
GeneralName: dNSName (2)
dNSName: *.google.it
GeneralName: dNSName (2)
dNSName: *.google.nl
GeneralName: dNSName (2)
dNSName: *.google.pl
GeneralName: dNSName (2)
dNSName: *.google.pt
GeneralName: dNSName (2)
dNSName: *.googleadapis.com
GeneralName: dNSName (2)
dNSName: *.googleapis.cn
GeneralName: dNSName (2)
dNSName: *.googlevideo.com
GeneralName: dNSName (2)
dNSName: *.gstatic.cn
GeneralName: dNSName (2)
dNSName: *.gstatic-cn.com
GeneralName: dNSName (2)
dNSName: googlecnapps.cn
GeneralName: dNSName (2)
dNSName: *.googlecnapps.cn
GeneralName: dNSName (2)
dNSName: googleapps-cn.com
GeneralName: dNSName (2)
dNSName: *.googleapps-cn.com
GeneralName: dNSName (2)
dNSName: gkecnapps.cn
GeneralName: dNSName (2)
dNSName: *.gkecnapps.cn
GeneralName: dNSName (2)
dNSName: googledownloads.cn
GeneralName: dNSName (2)
dNSName: *.googledownloads.cn
GeneralName: dNSName (2)
dNSName: recaptcha.net.cn
GeneralName: dNSName (2)
dNSName: *.recaptcha.net.cn
GeneralName: dNSName (2)
dNSName: recaptcha-cn.net
GeneralName: dNSName (2)
dNSName: *.recaptcha-cn.net
GeneralName: dNSName (2)
dNSName: widevine.cn
GeneralName: dNSName (2)
dNSName: *.widevine.cn
GeneralName: dNSName (2)
dNSName: ampproject.org.cn
GeneralName: dNSName (2)
dNSName: *.ampproject.org.cn
GeneralName: dNSName (2)
dNSName: ampproject.net.cn
GeneralName: dNSName (2)
dNSName: *.ampproject.net.cn
GeneralName: dNSName (2)
dNSName: google-analytics-cn.com
GeneralName: dNSName (2)
dNSName: *.google-analytics-cn.com
GeneralName: dNSName (2)
dNSName: googleadservices-cn.com
GeneralName: dNSName (2)
dNSName: *.googleadservices-cn.com
GeneralName: dNSName (2)
dNSName: googlevads-cn.com
GeneralName: dNSName (2)
dNSName: *.googlevads-cn.com
GeneralName: dNSName (2)
dNSName: googleapis-cn.com
GeneralName: dNSName (2)
dNSName: *.googleapis-cn.com
GeneralName: dNSName (2)
dNSName: googleoptimize-cn.com
GeneralName: dNSName (2)
dNSName: *.googleoptimize-cn.com
GeneralName: dNSName (2)
dNSName: doubleclick-cn.net
GeneralName: dNSName (2)
dNSName: *.doubleclick-cn.net
GeneralName: dNSName (2)
dNSName: *.fls.doubleclick-cn.net
GeneralName: dNSName (2)
dNSName: *.g.doubleclick-cn.net
GeneralName: dNSName (2)
dNSName: doubleclick.cn
GeneralName: dNSName (2)
dNSName: *.doubleclick.cn
GeneralName: dNSName (2)
dNSName: *.fls.doubleclick.cn
GeneralName: dNSName (2)
dNSName: *.g.doubleclick.cn
GeneralName: dNSName (2)
dNSName: dartsearch-cn.net
GeneralName: dNSName (2)
dNSName: *.dartsearch-cn.net
GeneralName: dNSName (2)
dNSName: googletraveladservices-cn.com
GeneralName: dNSName (2)
dNSName: *.googletraveladservices-cn.com
GeneralName: dNSName (2)
dNSName: googletagservices-cn.com
GeneralName: dNSName (2)
dNSName: *.googletagservices-cn.com
GeneralName: dNSName (2)
dNSName: googletagmanager-cn.com
GeneralName: dNSName (2)
dNSName: *.googletagmanager-cn.com
GeneralName: dNSName (2)
dNSName: googlesyndication-cn.com
GeneralName: dNSName (2)
dNSName: *.googlesyndication-cn.com
GeneralName: dNSName (2)
dNSName: *.safeframe.googlesyndication-cn.com
GeneralName: dNSName (2)
dNSName: app-measurement-cn.com
GeneralName: dNSName (2)
dNSName: *.app-measurement-cn.com
GeneralName: dNSName (2)
dNSName: gvt1-cn.com
GeneralName: dNSName (2)
dNSName: *.gvt1-cn.com
GeneralName: dNSName (2)
dNSName: gvt2-cn.com
GeneralName: dNSName (2)
dNSName: *.gvt2-cn.com
GeneralName: dNSName (2)
dNSName: 2mdn-cn.net
GeneralName: dNSName (2)
dNSName: *.2mdn-cn.net
GeneralName: dNSName (2)
dNSName: googleflights-cn.net
GeneralName: dNSName (2)
dNSName: *.googleflights-cn.net
GeneralName: dNSName (2)
dNSName: admob-cn.com
GeneralName: dNSName (2)
dNSName: *.admob-cn.com
GeneralName: dNSName (2)
dNSName: *.gstatic.com
GeneralName: dNSName (2)
dNSName: *.metric.gstatic.com
GeneralName: dNSName (2)
dNSName: *.gvt1.com
GeneralName: dNSName (2)
dNSName: *.gcpcdn.gvt1.com
GeneralName: dNSName (2)
dNSName: *.gvt2.com
GeneralName: dNSName (2)
dNSName: *.gcp.gvt2.com
GeneralName: dNSName (2)
dNSName: *.url.google.com
GeneralName: dNSName (2)
dNSName: *.youtube-nocookie.com
GeneralName: dNSName (2)
dNSName: *.ytimg.com
GeneralName: dNSName (2)
dNSName: android.com
GeneralName: dNSName (2)
dNSName: *.android.com
GeneralName: dNSName (2)
dNSName: *.flash.android.com
GeneralName: dNSName (2)
dNSName: g.cn
GeneralName: dNSName (2)
dNSName: *.g.cn
GeneralName: dNSName (2)
dNSName: g.co
GeneralName: dNSName (2)
dNSName: *.g.co
GeneralName: dNSName (2)
dNSName: goo.gl
GeneralName: dNSName (2)
dNSName: www.goo.gl
GeneralName: dNSName (2)
dNSName: google-analytics.com
GeneralName: dNSName (2)
dNSName: *.google-analytics.com
GeneralName: dNSName (2)
dNSName: google.com
GeneralName: dNSName (2)
dNSName: googlecommerce.com
GeneralName: dNSName (2)
dNSName: *.googlecommerce.com
GeneralName: dNSName (2)
dNSName: ggpht.cn
GeneralName: dNSName (2)
dNSName: *.ggpht.cn
GeneralName: dNSName (2)
dNSName: urchin.com
GeneralName: dNSName (2)
dNSName: *.urchin.com
GeneralName: dNSName (2)
dNSName: youtu.be
GeneralName: dNSName (2)
dNSName: youtube.com
GeneralName: dNSName (2)
dNSName: *.youtube.com
GeneralName: dNSName (2)
dNSName: youtubeeducation.com
GeneralName: dNSName (2)
dNSName: *.youtubeeducation.com
GeneralName: dNSName (2)
dNSName: youtubekids.com
GeneralName: dNSName (2)
dNSName: *.youtubekids.com
GeneralName: dNSName (2)
dNSName: yt.be
GeneralName: dNSName (2)
dNSName: *.yt.be
GeneralName: dNSName (2)
dNSName: android.clients.google.com
GeneralName: dNSName (2)
dNSName: developer.android.google.cn
GeneralName: dNSName (2)
dNSName: developers.android.google.cn
GeneralName: dNSName (2)
dNSName: source.android.google.cn
Extension (id-ce-certificatePolicies)
Extension Id: 2.5.29.32 (id-ce-certificatePolicies)
CertificatePoliciesSyntax: 2 items
PolicyInformation
policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1)
PolicyInformation
policyIdentifier: 1.3.6.1.4.1.11129.2.5.3 (iso.3.6.1.4.1.11129.2.5.3)
Extension (id-ce-cRLDistributionPoints)
Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints)
CRLDistPointsSyntax: 1 item
DistributionPoint
distributionPoint: fullName (0)
fullName: 1 item
GeneralName: uniformResourceIdentifier (6)
uniformResourceIdentifier: http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl
Extension (SignedCertificateTimestampList)
Extension Id: 1.3.6.1.4.1.11129.2.4.2 (SignedCertificateTimestampList)
Serialized SCT List Length: 240
Signed Certificate Timestamp (Google 'Xenon2022' log)
Serialized SCT Length: 118
SCT Version: 0
Log ID: 46a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d47
Timestamp: Sep 5, 2022 09:17:53.015000000 UTC
Extensions length: 0
Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Length: 71
Signature: 304502210088637d28d31bf9e5a80002588f48960e315f6ddc7436a3462de642da46b6bd…
Signed Certificate Timestamp (Let's Encrypt 'Oak2022' log)
Serialized SCT Length: 118
SCT Version: 0
Log ID: dfa55eab68824f1f6cadeeb85f4e3e5aeacda212a46a5e8e3b12c020445c2a73
Timestamp: Sep 5, 2022 09:17:52.968000000 UTC
Extensions length: 0
Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Length: 71
Signature: 304502210089a5f33a7520205ea6c3ece67c99966b01fe1ec3988e2025f0cae5b8c282cd…
algorithmIdentifier (sha256WithRSAEncryption)
Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
Padding: 0
encrypted: ce5c981f4e9a54fd74a870701cda095955f461624b465087a5506226c9d4c9b3725c01de…
Extensions Length: 0
Certificate Length: 1434
Certificate: 308205963082037ea003020102020d0203bc53596b34c718f5015066300d06092a864886… (id-at-commonName=GTS CA 1C3,id-at-organizationName=Google Trust Services LLC,id-at-countryName=US)
signedCertificate
version: v3 (2)
serialNumber: 0x0203bc53596b34c718f5015066
signature (sha256WithRSAEncryption)
Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
issuer: rdnSequence (0)
rdnSequence: 3 items (id-at-commonName=GTS Root R1,id-at-organizationName=Google Trust Services LLC,id-at-countryName=US)
RDNSequence item: 1 item (id-at-countryName=US)
RelativeDistinguishedName item (id-at-countryName=US)
Object Id: 2.5.4.6 (id-at-countryName)
CountryName: US
RDNSequence item: 1 item (id-at-organizationName=Google Trust Services LLC)
RelativeDistinguishedName item (id-at-organizationName=Google Trust Services LLC)
Object Id: 2.5.4.10 (id-at-organizationName)
DirectoryString: printableString (1)
printableString: Google Trust Services LLC
RDNSequence item: 1 item (id-at-commonName=GTS Root R1)
RelativeDistinguishedName item (id-at-commonName=GTS Root R1)
Object Id: 2.5.4.3 (id-at-commonName)
DirectoryString: printableString (1)
printableString: GTS Root R1
validity
notBefore: utcTime (0)
utcTime: 2020-08-13 00:00:42 (UTC)
notAfter: utcTime (0)
utcTime: 2027-09-30 00:00:42 (UTC)
subject: rdnSequence (0)
rdnSequence: 3 items (id-at-commonName=GTS CA 1C3,id-at-organizationName=Google Trust Services LLC,id-at-countryName=US)
RDNSequence item: 1 item (id-at-countryName=US)
RelativeDistinguishedName item (id-at-countryName=US)
Object Id: 2.5.4.6 (id-at-countryName)
CountryName: US
RDNSequence item: 1 item (id-at-organizationName=Google Trust Services LLC)
RelativeDistinguishedName item (id-at-organizationName=Google Trust Services LLC)
Object Id: 2.5.4.10 (id-at-organizationName)
DirectoryString: printableString (1)
printableString: Google Trust Services LLC
RDNSequence item: 1 item (id-at-commonName=GTS CA 1C3)
RelativeDistinguishedName item (id-at-commonName=GTS CA 1C3)
Object Id: 2.5.4.3 (id-at-commonName)
DirectoryString: printableString (1)
printableString: GTS CA 1C3
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey: 3082010a0282010100f588dfe7628c1e37f83742907f6c87d0fb658225fde8cb6ba4ff6d…
modulus: 0x00f588dfe7628c1e37f83742907f6c87d0fb658225fde8cb6ba4ff6de95a23e299f61ce9…
publicExponent: 65537
extensions: 8 items
Extension (id-ce-keyUsage)
Extension Id: 2.5.29.15 (id-ce-keyUsage)
critical: True
Padding: 1
KeyUsage: 86
1... .... = digitalSignature: True
.0.. .... = contentCommitment: False
..0. .... = keyEncipherment: False
...0 .... = dataEncipherment: False
.... 0... = keyAgreement: False
.... .1.. = keyCertSign: True
.... ..1. = cRLSign: True
.... ...0 = encipherOnly: False
0... .... = decipherOnly: False
Extension (id-ce-extKeyUsage)
Extension Id: 2.5.29.37 (id-ce-extKeyUsage)
KeyPurposeIDs: 2 items
KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth)
KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth)
Extension (id-ce-basicConstraints)
Extension Id: 2.5.29.19 (id-ce-basicConstraints)
critical: True
BasicConstraintsSyntax
cA: True
pathLenConstraint: 0
Extension (id-ce-subjectKeyIdentifier)
Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier)
SubjectKeyIdentifier: 8a747faf85cdee95cd3d9cd0e24614f371351d27
Extension (id-ce-authorityKeyIdentifier)
Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier)
AuthorityKeyIdentifier
keyIdentifier: e4af2b26711a2b4827852f52662ceff08913713e
Extension (id-pe-authorityInfoAccess)
Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess)
AuthorityInfoAccessSyntax: 2 items
AccessDescription
accessMethod: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp)
accessLocation: 6
uniformResourceIdentifier: http://ocsp.pki.goog/gtsr1
AccessDescription
accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers)
accessLocation: 6
uniformResourceIdentifier: http://pki.goog/repo/certs/gtsr1.der
Extension (id-ce-cRLDistributionPoints)
Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints)
CRLDistPointsSyntax: 1 item
DistributionPoint
distributionPoint: fullName (0)
fullName: 1 item
GeneralName: uniformResourceIdentifier (6)
uniformResourceIdentifier: http://crl.pki.goog/gtsr1/gtsr1.crl
Extension (id-ce-certificatePolicies)
Extension Id: 2.5.29.32 (id-ce-certificatePolicies)
CertificatePoliciesSyntax: 3 items
PolicyInformation
policyIdentifier: 1.3.6.1.4.1.11129.2.5.3 (iso.3.6.1.4.1.11129.2.5.3)
policyQualifiers: 1 item
PolicyQualifierInfo
Id: 1.3.6.1.5.5.7.2.1 (id-qt-cps)
DirectoryString: https://pki.goog/repository/
PolicyInformation
policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1)
PolicyInformation
policyIdentifier: 2.23.140.1.2.2 (joint-iso-itu-t.23.140.1.2.2)
algorithmIdentifier (sha256WithRSAEncryption)
Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
Padding: 0
encrypted: 897dac205c0c3cbe9aa857951bb4aefaaba57271b43695fddf4011034cc24614bb1424ab…
Extensions Length: 0
Certificate Length: 1382
Certificate: 308205623082044aa003020102021077bd0d6cdb36f91aea210fc4f058d30d300d06092a… (id-at-commonName=GTS Root R1,id-at-organizationName=Google Trust Services LLC,id-at-countryName=US)
signedCertificate
version: v3 (2)
serialNumber: 0x77bd0d6cdb36f91aea210fc4f058d30d
signature (sha256WithRSAEncryption)
Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
issuer: rdnSequence (0)
rdnSequence: 4 items (id-at-commonName=GlobalSign Root CA,id-at-organizationalUnitName=Root CA,id-at-organizationName=GlobalSign nv-sa,id-at-countryName=BE)
RDNSequence item: 1 item (id-at-countryName=BE)
RelativeDistinguishedName item (id-at-countryName=BE)
Object Id: 2.5.4.6 (id-at-countryName)
CountryName: BE
RDNSequence item: 1 item (id-at-organizationName=GlobalSign nv-sa)
RelativeDistinguishedName item (id-at-organizationName=GlobalSign nv-sa)
Object Id: 2.5.4.10 (id-at-organizationName)
DirectoryString: printableString (1)
printableString: GlobalSign nv-sa
RDNSequence item: 1 item (id-at-organizationalUnitName=Root CA)
RelativeDistinguishedName item (id-at-organizationalUnitName=Root CA)
Object Id: 2.5.4.11 (id-at-organizationalUnitName)
DirectoryString: printableString (1)
printableString: Root CA
RDNSequence item: 1 item (id-at-commonName=GlobalSign Root CA)
RelativeDistinguishedName item (id-at-commonName=GlobalSign Root CA)
Object Id: 2.5.4.3 (id-at-commonName)
DirectoryString: printableString (1)
printableString: GlobalSign Root CA
validity
notBefore: utcTime (0)
utcTime: 2020-06-19 00:00:42 (UTC)
notAfter: utcTime (0)
utcTime: 2028-01-28 00:00:42 (UTC)
subject: rdnSequence (0)
rdnSequence: 3 items (id-at-commonName=GTS Root R1,id-at-organizationName=Google Trust Services LLC,id-at-countryName=US)
RDNSequence item: 1 item (id-at-countryName=US)
RelativeDistinguishedName item (id-at-countryName=US)
Object Id: 2.5.4.6 (id-at-countryName)
CountryName: US
RDNSequence item: 1 item (id-at-organizationName=Google Trust Services LLC)
RelativeDistinguishedName item (id-at-organizationName=Google Trust Services LLC)
Object Id: 2.5.4.10 (id-at-organizationName)
DirectoryString: printableString (1)
printableString: Google Trust Services LLC
RDNSequence item: 1 item (id-at-commonName=GTS Root R1)
RelativeDistinguishedName item (id-at-commonName=GTS Root R1)
Object Id: 2.5.4.3 (id-at-commonName)
DirectoryString: printableString (1)
printableString: GTS Root R1
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey: 3082020a0282020100b611028b1ee3a1779b3bdcbf943eb795a7403ca1fd82f97d320682…
modulus: 0x00b611028b1ee3a1779b3bdcbf943eb795a7403ca1fd82f97d32068271f6f68c7ffbe8db…
publicExponent: 65537
extensions: 7 items
Extension (id-ce-keyUsage)
Extension Id: 2.5.29.15 (id-ce-keyUsage)
critical: True
Padding: 1
KeyUsage: 86
1... .... = digitalSignature: True
.0.. .... = contentCommitment: False
..0. .... = keyEncipherment: False
...0 .... = dataEncipherment: False
.... 0... = keyAgreement: False
.... .1.. = keyCertSign: True
.... ..1. = cRLSign: True
.... ...0 = encipherOnly: False
0... .... = decipherOnly: False
Extension (id-ce-basicConstraints)
Extension Id: 2.5.29.19 (id-ce-basicConstraints)
critical: True
BasicConstraintsSyntax
cA: True
Extension (id-ce-subjectKeyIdentifier)
Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier)
SubjectKeyIdentifier: e4af2b26711a2b4827852f52662ceff08913713e
Extension (id-ce-authorityKeyIdentifier)
Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier)
AuthorityKeyIdentifier
keyIdentifier: 607b661a450d97ca89502f7d04cd34a8fffcfd4b
Extension (id-pe-authorityInfoAccess)
Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess)
AuthorityInfoAccessSyntax: 2 items
AccessDescription
accessMethod: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp)
accessLocation: 6
uniformResourceIdentifier: http://ocsp.pki.goog/gsr1
AccessDescription
accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers)
accessLocation: 6
uniformResourceIdentifier: http://pki.goog/gsr1/gsr1.crt
Extension (id-ce-cRLDistributionPoints)
Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints)
CRLDistPointsSyntax: 1 item
DistributionPoint
distributionPoint: fullName (0)
fullName: 1 item
GeneralName: uniformResourceIdentifier (6)
uniformResourceIdentifier: http://crl.pki.goog/gsr1/gsr1.crl
Extension (id-ce-certificatePolicies)
Extension Id: 2.5.29.32 (id-ce-certificatePolicies)
CertificatePoliciesSyntax: 4 items
PolicyInformation
policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1)
PolicyInformation
policyIdentifier: 2.23.140.1.2.2 (joint-iso-itu-t.23.140.1.2.2)
PolicyInformation
policyIdentifier: 1.3.6.1.4.1.11129.2.5.3.2 (iso.3.6.1.4.1.11129.2.5.3.2)
PolicyInformation
policyIdentifier: 1.3.6.1.4.1.11129.2.5.3.3 (iso.3.6.1.4.1.11129.2.5.3.3)
algorithmIdentifier (sha256WithRSAEncryption)
Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
Padding: 0
encrypted: 34a41eb128a3d0b47617a6317a21e9d1523ec8db74164188b83d351dede4ff93e15c5fab…
Extensions Length: 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment