Extracting x509v3 extensions from certificates