OV SSL/TLS Certificate for ibank.bri.co.id Issued to PT. Bank Rakyat Indonesia (Persero) Tbk

Certificate is witin its validity period

Issued by DigiCert Inc (DigiCert Global G2 TLS RSA SHA256 2020 CA1)

About the ibank.bri.co.id OV SSL/TLS Certificate

This certificate with serial number 05:80:3f:4d:c3:ca:86:c3:98:da:02:50:c6:ab:d2:5f for ibank.bri.co.id was issued on by DigiCert Inc.

This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We found a BIMI record with a (Verified) Mark Certificate (VMC/MC) for bri.co.id, check the certificate details of the bri.co.id BIMI certificate. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for ibank.bri.co.id provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:80:3f:4d:c3:ca:86:c3:98:da:02:50:c6:ab:d2:5f
Serial Number (int): 7312037929784997290524002996343001695
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: d5:55:b5:9b:19:59:e0:82:2a:8f:85:18:d4:2d:b3:37:60:8c:cb:15
Authority Key Identifier: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (SHA-1): a8:af:55:d1:78:b2:0c:c8:ed:3b:10:26:fc:8d:d2:b4:2c:b8:c7:a4
Fingerprint (SHA-256): c2:94:4c:b6:ec:cd:2d:23:4e:36:ef:13:5b:c8:5f:93:22:7e:15:56:99:17:93:eb:10:82:26:05:ec:f4:0e:5e

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation Information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate ibank.bri.co.id
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ibank.bri.co.id

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

ibank.bri.co.id

X.509 Certificate

The complete raw X.509 certificate details for ibank.bri.co.id in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIQBYA/TcPKhsOY2gJQxqvSXzANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw
OTA4MDAwMDAwWhcNMjUwOTA5MjM1OTU5WjCBmTELMAkGA1UEBhMCSUQxJjAkBgNV
BAgTHURhZXJhaCBLaHVzdXMgSWJ1a290YSBKYWthcnRhMRYwFAYDVQQHEw1KYWth
cnRhIFB1c2F0MTAwLgYDVQQKEydQVC4gQmFuayBSYWt5YXQgSW5kb25lc2lhIChQ
ZXJzZXJvKSBUYmsxGDAWBgNVBAMTD2liYW5rLmJyaS5jby5pZDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANCNBdIrSAEqAgALa3DdUaA/PaUWI2XOFeL/
3lmgOfRrVGz/7mB0Etd4tSSuFIxfGNshreHPSDiFjzA87KIClsDDT6cy0JF+2SpX
dR6R04xCQAuo1l5TNJxssWzYKiJTfbW4MuET1aOnPdU9sAU6cNHmgr643cTNkNts
JPhunP3JEBPgDwD5BcKBpTUtvmznvv98phrYhgrzcHn/Nl6vmurQ2K0IuTjEwtu8
eD+mEmV6H3jMRBd171q9tQxjnSEtTCU2xxZRdVu8W+JLzf5vK8MfJZRyfJ+lP0hy
Dz2QXLYSVWXe/s+pyf9RUHTU4+Sb5SgCeUTsf5bj/uzDwkXbzKcCAwEAAaOCA4ow
ggOGMB8GA1UdIwQYMBaAFHSFgMBmx9833s+9KTeqAx2+7c0XMB0GA1UdDgQWBBTV
VbWbGVnggiqPhRjULbM3YIzLFTAaBgNVHREEEzARgg9pYmFuay5icmkuY28uaWQw
PgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5k
aWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMu
ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0Ex
LTEuY3JsMEigRqBEhkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRH
bG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwgYcGCCsGAQUFBwEBBHsw
eTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUF
BzAChkVodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxH
MlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisG
AQQB1nkCBAIEggFtBIIBaQFnAHYA3dzKNJXX4RYF55Uy+sef+D0cUN/bADoUEnYK
LKy7yCoAAAGR0eqViQAABAMARzBFAiEA9jnz5EhH0yXQPgDrcKqz7ASlV5B5m4P0
F2XamjTbUzwCIC6Zyz5t8heK89x5knvzaZG29/uyoqvrghU76vT0c9bRAHUAfVke
EuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGR0eqVhwAABAMARjBEAiBr
hpXPordb9GfUy+3L9s8M8eQ10x3I5JIeRSlmye861wIgU4E0OXRrOq3aAmy33vK3
d3+UZ0bZpbQU/9mKRCjnnL4AdgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39
HjeOUAAAAZHR6pWeAAAEAwBHMEUCIFhiVN7OImcdsay7uxS1byqtkmcPw7ZjCq/e
sK3jUwt0AiEA3jV9EGfLGxZQzdG5TU/06o8fDqb+SapNdvhgi8OCrjUwDQYJKoZI
hvcNAQELBQADggEBAGYiF5OJlff+ln7gAOX3aDxc6d2p4LG0gvGaLb0JN1Xoc2S2
VxM+kEFnB7OvUjNWhpGJnUz2s2emDu860/gBOfQH5HlCCly4gK/A7/evazbyUndn
BHNuqgni9HY08LTybdeMFewMPWy/9QSKrspRPLnX1IL+6FzHR7PnJGM4eY/1ocQ3
BK6P4yKwXAy7EvuhsS2VuwW16aP5H7UVwGWCRqMYmeWfK49Qxv2L8oAaOXlOHGZm
hrARSXoUoQpAfX9MizuAzTczctCHZYGLKKH4o9BBAKg3vIeuz84xw2cJjMgVlexA
A9v1hcTaEkfGbJ1zFCcu0W8VkSTKaEkzPytjKys=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I0F0itIASoCAAtrcN1R
oD89pRYjZc4V4v/eWaA59GtUbP/uYHQS13i1JK4UjF8Y2yGt4c9IOIWPMDzsogKW
wMNPpzLQkX7ZKld1HpHTjEJAC6jWXlM0nGyxbNgqIlN9tbgy4RPVo6c91T2wBTpw
0eaCvrjdxM2Q22wk+G6c/ckQE+APAPkFwoGlNS2+bOe+/3ymGtiGCvNwef82Xq+a
6tDYrQi5OMTC27x4P6YSZXofeMxEF3XvWr21DGOdIS1MJTbHFlF1W7xb4kvN/m8r
wx8llHJ8n6U/SHIPPZBcthJVZd7+z6nJ/1FQdNTj5JvlKAJ5ROx/luP+7MPCRdvM
pwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7312037929784997290524002996343001695
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ID'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Daerah Khusus Ibukota Jakarta'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Jakarta Pusat'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PT. Bank Rakyat Indonesia (Persero) Tbk'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ibank.bri.co.id'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26327108336959503318361512678742727821579799449982453858664431637404892647784308075915678966312829499234795447323496415147914387104619621674377013159535046830138222853476047434338510938841248430576275926938164876944340405602086850071911805959839950074569694171560205597211027411138922217578651008551081139613528488150209091681002658560478973381510138302502163153673788191029998077025136178344817618342019067848235949356159535233748642107219007502847560036046826017774267251275503124259184790663047227538164867731749200625579097516920500169771529471948108288955255041507050687717972735735756964745027065478973751020711
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d555b59b1959e0822a8f8518d42db337608ccb15
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ibank.bri.co.id'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000191d1ea95890000040300473045022100f639f3e44847d325d03e00eb70aab3ec04a55790799b83f41765da9a34db533c02202e99cb3e6df2178af3dc79927bf36991b6f7fbb2a2abeb82153beaf4f473d6d10075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000191d1ea9587000004030046304402206b8695cfa2b75bf467d4cbedcbf6cf0cf1e435d31dc8e4921e452966c9ef3ad7022053813439746b3aadda026cb7def2b7777f946746d9a5b414ffd98a4428e79cbe007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e5000000191d1ea959e00000403004730450220586254dece22671db1acbbbb14b56f2aad92670fc3b6630aafdeb0ade3530b74022100de357d1067cb1b1650cdd1b94d4ff4ea8f1f0ea6fe49aa4d76f8608bc382ae35
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00662217938995f7fe967ee000e5f7683c5ce9dda9e0b1b482f19a2dbd093755e87364b657133e90416707b3af5233568691899d4cf6b367a60eef3ad3f80139f407e479420a5cb880afc0eff7af6b36f252776704736eaa09e2f47634f0b4f26dd78c15ec0c3d6cbff5048aaeca513cb9d7d482fee85cc747b3e7246338798ff5a1c43704ae8fe322b05c0cbb12fba1b12d95bb05b5e9a3f91fb515c0658246a31899e59f2b8f50c6fd8bf2801a39794e1c666686b011497a14a10a407d7f4c8b3b80cd373372d08765818b28a1f8a3d04100a837bc87aecfce31c367098cc81595ec4003dbf585c4da1247c66c9d7314272ed16f159124ca6849333f2b632b2b