*.cinematerapia.it

Issued by Actalis Domain Validation Server CA G1

About this certificate

This digital certificate with serial number 1b:02:8f:44:f7:91:fc:95 was issued on by Actalis S.p.A./03358520967.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

*.cinematerapia.it

Organization unit: Domain Control Validated by Actalis S.p.A.

Actalis S.p.A./03358520967

Organization: Actalis S.p.A./03358520967
State / Province: Bergamo
Locality: Ponte San Pietro
Country: IT

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 1b:02:8f:44:f7:91:fc:95
Serial Number (int): 1946275515351563413
Serial Number lenght: 61 bits, 8 octets

SubjectKeyId: 90:af:70:99:46:b4:10:f4:5e:57:b9:77:50:ab:50:46:67:a1:68:63
AuthorityKeyId: 1b:42:7f:5c:45:7e:ff:7e:1e:1e:41:9c:f3:ad:ae:35:c6:65:eb:c5

Fingerprint (sha1): 9a:73:d2:37:a3:e4:14:1f:40:e0:7b:f4:fc:91:4d:68:4c:f5:1d:d7
Fingerprint (sha256): 00:18:d9:78:51:ce:55:4d:77:c7:9b:6b:08:be:46:ed:a6:d8:14:0e:8c:22:a0:fa:df:63:98:48:3f:24:3a:50

Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-autdvg1

Revocation information

OCSP Server: http://ocsp06.actalis.it/VA/AUTHDV-G1
CRL Distribution Point: ldap://ldap06.actalis.it/cn%3dActalis%20Domain%20Validation%20Server%20CA%20G1,o%3dActalis%20S.p.A./03358520967,c%3dIT?certificateRevocationList;binary
CRL Distribution Point: http://crl06.actalis.it/Repository/AUTHDV-G1/getLastCRL

Check the revocation status for certificate *.cinematerapia.it

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.cinematerapia.it


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cinematerapia.it
*.cinematerapia.it

Certificate

The complete raw certificate details for *.cinematerapia.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIIGwKPRPeR/JUwDQYJKoZIhvcNAQELBQAwgZAxCzAJBgNV
BAYTAklUMRAwDgYDVQQIDAdCZXJnYW1vMRkwFwYDVQQHDBBQb250ZSBTYW4gUGll
dHJvMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEvMC0GA1UE
AwwmQWN0YWxpcyBEb21haW4gVmFsaWRhdGlvbiBTZXJ2ZXIgQ0EgRzEwHhcNMTgw
MTE5MDIwOTQ3WhcNMTkwMTI1MDkzNDQ3WjBSMTMwMQYDVQQLDCpEb21haW4gQ29u
dHJvbCBWYWxpZGF0ZWQgYnkgQWN0YWxpcyBTLnAuQS4xGzAZBgNVBAMMEiouY2lu
ZW1hdGVyYXBpYS5pdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJx8
7VMvvUSV+XR+RXLGX7DDRl+w8ICy9na0gILQ17HjN6F4dmJhTmBjXCSmytnMhluB
HIebejZR/BKttolsFQ7tnt2iKh5Z3MuPeLvHEMAqqAuSjS9mA8anoZ0SctIx1Tab
ZnFqCsRAuqeMnJiE4yJxkGyPD5YImlAKSpQKvLVH87sUcwWW2Kb+0w5kQT+yRFfp
PseIr5psOrP01ICgrh0+2q5U28Zh7iVZilJeXJofRGV7hJ7TzLTkj4qob1ELZjSf
0/swYccYfEQtvlfZNrxb0eDHDYLUmO7B1dXsoA98q7EvO5CkHY2Elg0x9HC8SeOt
bHTTsAIAd0aJML9vdMUCAwEAAaOCAnQwggJwMH0GCCsGAQUFBwEBBHEwbzA6Bggr
BgEFBQcwAoYuaHR0cDovL2NhY2VydC5hY3RhbGlzLml0L2NlcnRzL2FjdGFsaXMt
YXV0ZHZnMTAxBggrBgEFBQcwAYYlaHR0cDovL29jc3AwNi5hY3RhbGlzLml0L1ZB
L0FVVEhEVi1HMTAdBgNVHQ4EFgQUkK9wmUa0EPReV7l3UKtQRmehaGMwDAYDVR0T
AQH/BAIwADAfBgNVHSMEGDAWgBQbQn9cRX7/fh4eQZzzra41xmXrxTBRBgNVHSAE
SjBIMDwGBiuBHwEXATAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlz
Lml0L2FyZWEtZG93bmxvYWQwCAYGZ4EMAQIBMIHtBgNVHR8EgeUwgeIwgaCggZ2g
gZqGgZdsZGFwOi8vbGRhcDA2LmFjdGFsaXMuaXQvY24lM2RBY3RhbGlzJTIwRG9t
YWluJTIwVmFsaWRhdGlvbiUyMFNlcnZlciUyMENBJTIwRzEsbyUzZEFjdGFsaXMl
MjBTLnAuQS4vMDMzNTg1MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2b2NhdGlv
bkxpc3Q7YmluYXJ5MD2gO6A5hjdodHRwOi8vY3JsMDYuYWN0YWxpcy5pdC9SZXBv
c2l0b3J5L0FVVEhEVi1HMS9nZXRMYXN0Q1JMMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwLwYDVR0RBCgwJoIQY2luZW1hdGVy
YXBpYS5pdIISKi5jaW5lbWF0ZXJhcGlhLml0MA0GCSqGSIb3DQEBCwUAA4IBAQC1
LdJ11CWQHjXwd3hkNvOCzlWkxcESTs0IrfoKAfj8FU357hiqgUaAMA3p5te/SHgz
3ZLV6zt0AVnbctETUSu0LxeeScGwPslPuABfeA3myLITyGu0tnyjGmIgHnTtKq8S
BOyinTXFjuMG4T3XTf9Afgo0WMFOM1e5gCS1csBayxxWZv1YpyMmNWBAHnf19ggf
TpgjaH2iN4Fl0+r2BHm0scz07b8QryHoAX//3TyGiEs38hBD68q0hDSy3sjiY4hG
wPPTu//y1Q1t90pk7biY5/cIwanB5d46rATEsGEt0l55aDeen57cLPD6ZqOekEY0
0fgNZjfyow9RJvuCj3mk
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHztUy+9RJX5dH5FcsZf
sMNGX7DwgLL2drSAgtDXseM3oXh2YmFOYGNcJKbK2cyGW4Ech5t6NlH8Eq22iWwV
Du2e3aIqHlncy494u8cQwCqoC5KNL2YDxqehnRJy0jHVNptmcWoKxEC6p4ycmITj
InGQbI8PlgiaUApKlAq8tUfzuxRzBZbYpv7TDmRBP7JEV+k+x4ivmmw6s/TUgKCu
HT7arlTbxmHuJVmKUl5cmh9EZXuEntPMtOSPiqhvUQtmNJ/T+zBhxxh8RC2+V9k2
vFvR4McNgtSY7sHV1eygD3yrsS87kKQdjYSWDTH0cLxJ461sdNOwAgB3Rokwv290
xQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1946275515351563413
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A./03358520967'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Domain Validation Server CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-19 02:09:47 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-25 09:34:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Domain Control Validated by Actalis S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.cinematerapia.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19754779399349653997721734658512236230478117215405510463738159168769239584003566655381585991086058080456790052558597363647612254266890131619155846151257454864234048395145410165415789583805787927791899136455816324671100367787238088242184403187872611675945833120996949721643697341004617886399679940080712961923732576951392996987793988566902518855327363628893444803026081143825709313871793364854569193658448710819700420690721083064305935060386440191896139813877976260314623301315179742712919521410200215024880791515431697340702488155134846266594907122651487400303083117897694766579680386531691786216050502157066142971077
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-autdvg1'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp06.actalis.it/VA/AUTHDV-G1'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							90af709946b410f45e57b97750ab504667a16863
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1b427f5c457eff7e1e1e419cf3adae35c665ebc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (229 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://ldap06.actalis.it/cn%3dActalis%20Domain%20Validation%20Server%20CA%20G1,o%3dActalis%20S.p.A./03358520967,c%3dIT?certificateRevocationList;binary'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl06.actalis.it/Repository/AUTHDV-G1/getLastCRL'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cinematerapia.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cinematerapia.it'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b52dd275d425901e35f077786436f382ce55a4c5c1124ecd08adfa0a01f8fc154df9ee18aa814680300de9e6d7bf487833dd92d5eb3b740159db72d113512bb42f179e49c1b03ec94fb8005f780de6c8b213c86bb4b67ca31a62201e74ed2aaf1204eca29d35c58ee306e13dd74dff407e0a3458c14e3357b98024b572c05acb1c5666fd58a723263560401e77f5f6081f4e9823687da2378165d3eaf60479b4b1ccf4edbf10af21e8017fffdd3c86884b37f21043ebcab48434b2dec8e2638846c0f3d3bbfff2d50d6df74a64edb898e7f708c1a9c1e5de3aac04c4b0612dd25e7968379e9f9edc2cf0fa66a39e904634d1f80d6637f2a30f5126fb828f79a4