Key-Type: RSA
# Key-Length: 2048
Key-Grip: {subject-keygrip}
# X509v3 Key Usage: critical
#   Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment
# Google Chrome 56.0.2924.87 on Linux Mint 18.2 reports
#   [...]:ERROR:cert_verify_proc_nss.cc(942)] CERT_PKIXVerifyCert for music.hammerle.me failed err=-810
# if flag 'encrypt' is not set.
Key-Usage: sign,encrypt
Serial: random
Name-DN: CN=example.hammerle.me,C=AT
Name-DNS: example.hammerle.me
Hash-Algo: SHA256
Issuer-DN: CN=Fabian Peter Hammerle,C=AT
Not-After: {not-after}
Subject-Key-Id: {subject-keygrip}
Signing-Key: {issuer-keygrip}
Authority-Key-Id: {issuer-keygrip}
# X509v3 Basic Constraints: critical
#   CA:FALSE
Extension: 2.5.29.19 c 3003010100
# X509v3 Extended Key Usage:
#   TLS Web Server Authentication, TLS Web Client Authentication
Extension: 2.5.29.37 n 301406082B0601050507030106082B06010505070302
# Netscape Cert Type:
#   SSL Client, SSL Server
Extension: 2.16.840.1.113730.1.1 n 030206C0
# Netscape Comment:
#   for demonstration purposes only
Extension: 2.16.840.1.113730.1.13 n 161F666F722064656D6F6E7374726174696F6E20707572706F736573206F6E6C79