version 46.0 type 1 certversion X509v3 encodedvalidity 2y usecertificatevalidityoffset false certificatevalidityoffset -10m useexpirationrestrictionforweekdays false expirationrestrictionforweekdaysbefore true expirationrestrictionweekdays true true false false false true true allowvalidityoverride false allowextensionoverride false allowdnoverride false allowdnoverridebyeei false allowbackdatedrevokation false usecertificatestorage true storecertificatedata true storesubjectaltname true usebasicconstrants true basicconstraintscritical true usesubjectkeyidentifier true subjectkeyidentifiercritical false useauthoritykeyidentifier true authoritykeyidentifiercritical false usesubjectalternativename true subjectalternativenamecritical false useissueralternativename true issueralternativenamecritical false usecrldistributionpoint false usedefaultcrldistributionpoint false crldistributionpointcritical false crldistributionpointuri usefreshestcrl false usecadefinedfreshestcrl false freshestcrluri crlissuer usecertificatepolicies false certificatepoliciescritical false certificatepolicies availablekeyalgorithms DSA ECDSA RSA availableeccurves ANY_EC_CURVE availablebitlengths 0 192 224 239 256 384 512 521 1024 1536 2048 3072 4096 6144 8192 minimumavailablebitlength 0 maximumavailablebitlength 8192 signaturealgorithm usekeyusage true keyusage true true true false false false false false false allowkeyusageoverride false keyusagecritical true useextendedkeyusage true extendedkeyusage 1.3.6.1.5.5.7.3.2 1.3.6.1.5.5.7.3.4 1.3.6.1.5.5.7.3.1 extendedkeyusagecritical false usedocumenttypelist false documenttypelistcritical false documenttypelist availablecas -1 usedpublishers useocspnocheck false useldapdnorder true usecustomdnorder false usemicrosofttemplate false microsofttemplate usecardnumber false usecnpostfix false cnpostfix usesubjectdnsubset false subjectdnsubset usesubjectaltnamesubset false subjectaltnamesubset usepathlengthconstraint false pathlengthconstraint 0 useqcstatement false usepkixqcsyntaxv2 false useqcstatementcritical false useqcstatementraname useqcsematicsid useqcetsiqccompliance false useqcetsisignaturedevice false useqcetsivaluelimit false qcetsivaluelimit 0 qcetsivaluelimitexp 0 qcetsivaluelimitcurrency useqcetsiretentionperiod false qcetsiretentionperiod 0 useqccustomstring false qccustomstringoid qccustomstringtext qcetsipds qcetsitype usecertificatetransparencyincerts false usecertificatetransparencyinocsp false usecertificatetransparencyinpublisher false usesubjectdirattributes false usenameconstraints false useauthorityinformationaccess false caissuers usedefaultcaissuer false usedefaultocspservicelocator false ocspservicelocatoruri cvcaccessrights 3 usedcertificateextensions approvals org.cesecore.certificates.ca.ApprovalRequestType REVOCATION -1 org.cesecore.certificates.ca.ApprovalRequestType KEYRECOVER -1 org.cesecore.certificates.ca.ApprovalRequestType ADDEDITENDENTITY -1 useprivkeyusageperiodnotbefore false useprivkeyusageperiod false useprivkeyusageperiodnotafter false privkeyusageperiodstartoffset 0 privkeyusageperiodlength 63072000 usesingleactivecertificateconstraint false overridableextensionoids nonoverridableextensionoids allowcertsnoverride false usecustomdnorderldap false