diff --git a/sigstore/_internal/sct.py b/sigstore/_internal/sct.py
index e4563924..8267f8ff 100644
--- a/sigstore/_internal/sct.py
+++ b/sigstore/_internal/sct.py
@@ -109,7 +109,7 @@ def _pack_digitally_signed(
     # Assemble a format string with the certificate length baked in and then pack the digitally
     # signed data
     # fmt: off
-    pattern = f"!BBQH{len(signed_entry)}sH"
+    pattern = f"!BBQH{len(signed_entry)}sH{len(sct.extension_bytes)}s"
     timestamp = sct.timestamp.replace(tzinfo=timezone.utc)
     data = struct.pack(
         pattern,
@@ -119,6 +119,7 @@ def _pack_digitally_signed(
         sct.entry_type.value,               # entry_type (x509_entry(0) | precert_entry(1))
         signed_entry,                       # select(entry_type) -> signed_entry (see above)
         len(sct.extension_bytes),           # extensions (opaque CtExtensions<0..2^16-1>)
+        sct.extension_bytes,
     )
     # fmt: on