riverrestoration.ced.berkeley.edu

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:b7:11:b6:cf:bb:03:ea:da:84:61:99:50:9e:d9:0e:14:7f was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=riverrestoration.ced.berkeley.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b7:11:b6:cf:bb:03:ea:da:84:61:99:50:9e:d9:0e:14:7f
Serial Number (int): 323632077029044742383789367907723653289087
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: c5:09:f1:78:10:54:8a:26:73:45:78:e8:b8:4f:5d:16:d3:6a:fd:a9
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): a6:87:09:ce:26:57:5f:f5:46:4c:65:d0:de:aa:65:15:9f:d1:c3:54
Fingerprint (sha256): 00:22:75:a3:c8:75:d0:5d:58:2f:2e:f7:d7:03:a1:57:88:16:10:f7:d9:0a:17:b5:0e:f9:03:85:31:07:3a:69

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate riverrestoration.ced.berkeley.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for riverrestoration.ced.berkeley.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

riverrestoration.ced.berkeley.edu
www.riverrestoration.ced.berkeley.edu

Other certificates including the domain name berkeley.edu

(limited to 100 certificates)
5631131353350144-fe1.pantheonsite.io
iris.eecs.berkeley.edu
vc.berkeley.edu
goldenkey.berkeley.edu
157ac.berkeley.edu
dynamics.berkeley.edu
dsec-pa01.ist.berkeley.edu
eps.berkeley.edu
5767281011326976-fe3.pantheonsite.io
test-web-lws.edu.help
isab.berkeley.edu
riverrestoration.ced.berkeley.edu
tsa.berkeley.edu
urbansustainability.berkeley.edu
carpepm.almonds.com
telemonitoring.berkeley.edu
ucmc.berkeley.edu
5693048138760192-fe2.pantheonsite.io
skiteam.berkeley.edu
5685265389584384-fe2.pantheonsite.io
robobears.berkeley.edu
asa.berkeley.edu
bleex.me.berkeley.edu
5732694713434112-fe3.pantheonsite.io
5695872079757312-fe3.pantheonsite.io
cuwip.physics.berkeley.edu
pawsandclaws.berkeley.edu
goldenapple.berkeley.edu
5690145009303552-fe2.pantheonsite.io
puzzle.berkeley.edu
bc.berkeley.edu
accredible.tutor.com
cs184.eecs.berkeley.edu
5702666986455040-fe2.pantheonsite.io
esw.berkeley.edu
5745580152193024-fe4.pantheonsite.io
mcbcdna.berkeley.edu
biomechanics.berkeley.edu
www.site.demog.berkeley.edu
foresight.berkeley.edu
5657535201673216-fe3.pantheonsite.io
gdso.berkeley.edu
mcbcdna.berkeley.edu
zhoulab.berkeley.edu
edam.berkeley.edu
it.uahs.arizona.edu
braintree-qa.udar.berkeley.edu
admissions.emeritus.org
astep.berkeley.edu
journalofethics.berkeley.edu
5695872079757312-fe3.pantheonsite.io
orchestra.berkeley.edu
cluster3.technolutions.net
yearbook.berkeley.edu
communityinnovation.berkeley.edu
as-axolotl-qa.ist.berkeley.edu
coffinaward.berkeley.edu
libguides.law.berkeley.edu
sinberbest.berkeley.edu
dwx.berkeley.edu
5645628478586880-fe4.pantheonsite.io
ide.berkeley.edu
securessl-pst1.tessituranetworkhost.com
startup.berkeley.edu
labmon.qnl-internal.berkeley.edu
caldesignlab.berkeley.edu
wordsoundlife.berkeley.edu
5702351037923328-fe2.pantheonsite.io
astral.berkeley.edu
bioehs.berkeley.edu
interucconference.berkeley.edu
5702666986455040-fe2.pantheonsite.io
mtab.berkeley.edu
exhibits.ced.berkeley.edu
ucdc.edu
cluster3.technolutions.net
chrzan.mse.berkeley.edu
olab.berkeley.edu
proxy.kchsieh-dev0.api.berkeley.edu
ecoengine.berkeley.edu
southindiansociety.berkeley.edu
reservemapper.berkeley.edu
5704980631650304-fe4.pantheonsite.io
5693048138760192-fe2.pantheonsite.io
fp2.law.berkeley.edu
ce3.berkeley.edu
sailing.berkeley.edu
veteran.berkeley.edu
cryoem.berkeley.edu
solr.urel.berkeley.edu
qtsab.berkeley.edu
pasae.berkeley.edu
ulab.berkeley.edu
5636647567753216-fe1.pantheonsite.io
uav.berkeley.edu
nimitz.berkeley.edu
millslab.berkeley.edu
parking.berkeley.edu
prototype.berkeley.edu
nartc.fcm.arizona.edu

Certificate

The complete raw certificate details for riverrestoration.ced.berkeley.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISA7cRts+7A+rahGGZUJ7ZDhR/MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTQwMjI2MjJaFw0y
MDA1MTQwMjI2MjJaMCwxKjAoBgNVBAMTIXJpdmVycmVzdG9yYXRpb24uY2VkLmJl
cmtlbGV5LmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQ9EyDi
Kk7HlK3379JqScqMNoAirn1CulNQJebtbHB8b5rJKcNUmVEKx3bmh1Z1FVU1+WpH
S4eTghJ36lVBUGtB63F0dtvJ0AKyJIimcnNKytwH9gbIkAWNcbGgneS4/1bgnEb9
/w7/8gOzhCRoLCWE2I6py3LF/mVrr89ieb/LsoZVT0OXyzcIDZpwu0344lGdc82o
ML1X8bmnCxYeduEpJ3ZMlrN8mCYzIvzsfe+Gyq5QPy8MSzaHA8UhWx1d8ZckU1Lg
o0OinQpWU0Wr1jUhm/FmwQWrrYQhIy7oMldYT3ARGYoQrwOcFXuiTOg53L7AKNpG
7Ds0s/QvZcaPoy0CAwEAAaOCAp0wggKZMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
xQnxeBBUiiZzRXjouE9dFtNq/akwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl
7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5p
bnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p
bnQteDMubGV0c2VuY3J5cHQub3JnLzBTBgNVHREETDBKgiFyaXZlcnJlc3RvcmF0
aW9uLmNlZC5iZXJrZWxleS5lZHWCJXd3dy5yaXZlcnJlc3RvcmF0aW9uLmNlZC5i
ZXJrZWxleS5lZHUwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEw
KDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgor
BgEEAdZ5AgQCBIH1BIHyAPAAdwBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWW
gXFFWAAAAXBBu6guAAAEAwBIMEYCIQCKNOuspYAfDlFhf4LCHhT+wBjHFFWrJqzB
/IlccPN4WAIhAPScqSTFDd55BeJb8ZDXyB9RXI+C23ZXJUEp4ZDl+uyhAHUAB7dc
G+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwAAAFwQbuoVAAABAMARjBEAiBF
vuAKsvUR3GH0rP1fO6Yvc81EK9RizLU8oBsA2I5z8AIgYY107J3ZQwbx1hSU/4Cc
DNlwwxdcEcrntguQFgscOS4wDQYJKoZIhvcNAQELBQADggEBAIpLJNeCb4UK85Qd
wi17YYgb57z8Hw2HwtpnXeKYZR//j8XG3iP+nhxKhBFVZg9mmgzcxQRSj0n04hs2
xAGn5UcM97sf1iE9z4RWlTQBQNqvn/cjxJAJGURyeZcsKx3jr1TV/m/TBNi4d4nk
AVHYPc2TQjndbc8VWS8KPLhm2ipBn25I86EVf9u3ewoF73V9qyJdb0mpRSAO8a40
npfi2uRxyy145jKVGvFTEDU4MusOzQMaTSrZiDCXlbv2ugWxJeiM6GXUIXHC9lGu
oxrJRFeio/EqPp0S7R/0cN7yXZPxek50NRN9W/4uHFLtCnKxVWcRQt/uOUd1e+kM
gnQFosM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD0TIOIqTseUrffv0mpJ
yow2gCKufUK6U1Al5u1scHxvmskpw1SZUQrHduaHVnUVVTX5akdLh5OCEnfqVUFQ
a0HrcXR228nQArIkiKZyc0rK3Af2BsiQBY1xsaCd5Lj/VuCcRv3/Dv/yA7OEJGgs
JYTYjqnLcsX+ZWuvz2J5v8uyhlVPQ5fLNwgNmnC7TfjiUZ1zzagwvVfxuacLFh52
4SkndkyWs3yYJjMi/Ox974bKrlA/LwxLNocDxSFbHV3xlyRTUuCjQ6KdClZTRavW
NSGb8WbBBauthCEjLugyV1hPcBEZihCvA5wVe6JM6DncvsAo2kbsOzSz9C9lxo+j
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 323632077029044742383789367907723653289087
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-14 02:26:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-14 02:26:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'riverrestoration.ced.berkeley.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24772824840510299045589857634479611949687054516919599798235929942016635364358888558965666200810763686144696363032214664729614380349608213927135752438630534102788687192082057326713600221637869942806136245191515612576553585951370798864232268398083704838868426530173082937106970700171767603045742116218110661487513239055407398100298032110297176572258141948895319931328157712312883702476521065536149570504059748536287325497578479325481909118380258585243290656349451761441974054686991792350440210362780033596178951919688084657964719994467951519643585586269494028012694671685927159279493043472321177865736911907181734896429
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c509f17810548a26734578e8b84f5d16d36afda9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riverrestoration.ced.berkeley.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.riverrestoration.ced.berkeley.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000017041bba82e00000403004830460221008a34ebaca5801f0e51617f82c21e14fec018c71455ab26acc1fc895c70f37858022100f49ca924c50dde7905e25bf190d7c81f515c8f82db7657254129e190e5faeca100750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017041bba8540000040300463044022045bee00ab2f511dc61f4acfd5f3ba62f73cd442bd462ccb53ca01b00d88e73f00220618d74ec9dd94306f1d61494ff809c0cd970c3175c11cae7b60b90160b1c392e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008a4b24d7826f850af3941dc22d7b61881be7bcfc1f0d87c2da675de298651fff8fc5c6de23fe9e1c4a841155660f669a0cdcc504528f49f4e21b36c401a7e5470cf7bb1fd6213dcf845695340140daaf9ff723c4900919447279972c2b1de3af54d5fe6fd304d8b87789e40151d83dcd934239dd6dcf15592f0a3cb866da2a419f6e48f3a1157fdbb77b0a05ef757dab225d6f49a945200ef1ae349e97e2dae471cb2d78e632951af15310353832eb0ecd031a4d2ad988309795bbf6ba05b125e88ce865d42171c2f651aea31ac94457a2a3f12a3e9d12ed1ff470def25d93f17a4e7435137d5bfe2e1c52ed0a72b155671142dfee3947757be90c827405a2c3