canmove-app.ekol.lu.se
Issued by R3
About this certificate
This digital certificate with serial number 04:24:95:a6:a1:94:1c:90:34:cb:38:87:9d:94:b5:59:db:36 was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=canmove-app.ekol.lu.se
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:24:95:a6:a1:94:1c:90:34:cb:38:87:9d:94:b5:59:db:36Serial Number (int): 360898229106047794672560989133758732557110
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d6:a7:75:19:74:b0:5e:e9:63:24:ca:47:7e:e4:b4:67:7d:9b:b7:a3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 89:0e:0c:5d:dc:64:a5:e9:4c:fa:45:6e:14:2d:cb:46:e3:fa:7f:f7
Fingerprint (sha256): 00:8e:1b:13:e1:52:f6:30:cb:89:78:57:18:9f:49:1b:17:ff:09:ed:96:18:5d:b3:33:0f:95:13:eb:f7:c9:0c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate canmove-app.ekol.lu.se
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for canmove-app.ekol.lu.se
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
canmove-app.ekol.lu.se
Other certificates including the domain name lu.se
(limited to 100 certificates)
stf03.nuclear.lu.se
www.lu.se
connect.lu.se
www.lu.se
adm.rwi.lu.se
canmove-app.ekol.lu.se
moodle.nateko.lu.se
grytan.lunarc.lu.se
idpv4.lu.se
af.lu.se
lweb1122.sol.lu.se
www.lu.se
helpdesk.mhm.lu.se
rehab.adm.lu.se
lulock.luopen.lu.se
www.researchmagazine.lu.se
www.gerdahallen.lu.se
edit.info.lu.se
*.lu.se
cloud.nano.lu.se
intern.shop.lu.se
graduateland.com
jamf.esss.lu.se
crcservice.med.lu.se
www.lu.se
webmailtest.lu.se
desktop.lu.se
grub.lucas.lu.se
moodlealfa.omv.lu.se
hta-lundic.ht.lu.se
casa4.bmc.lu.se
ladoklpwlw-lnu.srv.lu.se
forvaltplan.ht.lu.se
*.gis.lu.se
workfolders.nateko.lu.se
imi-rhapsody.crc.med.lu.se
stf02.nuclear.lu.se
uportalhb-test.ldc.lu.se
www.venturelab.lu.se
www.lu.se
llasso393.srv.lu.se
monastica.ht.lu.se
ler486.srv.lu.se
lovisa.lub.lu.se
alarik.lunarc.lu.se
gernet.gerdahallen.lu.se
www.af.lu.se
grandbox.nateko.lu.se
intranet.rwi.lu.se
ipa1.lunarc.lu.se
libanswers.lub.lu.se
duo.maxlab.lu.se
jira.esss.lu.se
extern.shop.lu.se
passport.lu.se
*.gis.lu.se
intranet.rwi.lu.se
workfolders.lu.se
www.lu.se
lu.se
www.oikos.ekol.lu.se
canvas.education.lu.se
brown.crc.med.lu.se
git.ldc.lu.se
print.ehl.lu.se
ladokping-bth.srv.lu.se
jira.esss.lu.se
www.fokusforskning.lu.se
hta-lundic.ht.lu.se
extern.shop.lu.se
w-v-hdf5view-0.maxiv.lu.se
wfm423n2.srv.lu.se
kosmos.lth.se
idpv3.lu.se
gernet.gerdahallen.lu.se
kosmos.lth.se
www.gerdahallen.lu.se
whd.mhm.lu.se
dagfjarilar.lu.se
www.fokusforskning.lu.se
labguru-app.bmc.lu.se
www.jur.lu.se
venturelab.lu.se
connect.lu.se
Intranet.nateko.lu.se
citrix.med.lu.se
graduateland.com
cas.lu.se
ojstest.lub.lu.se
www.gerdahallen.lu.se
casa4.bmc.lu.se
www.gerdahallen.lu.se
exchange.lusem.lu.se
webmail.lu.se
lubas-uplan.lu.se
lms.liveatlund.lu.se
srv-ad-3.maxiv.lu.se
primweb.adm.lu.se
linteg558.srv.lu.se
connect.lu.se
www.lu.se
connect.lu.se
www.lu.se
adm.rwi.lu.se
canmove-app.ekol.lu.se
moodle.nateko.lu.se
grytan.lunarc.lu.se
idpv4.lu.se
af.lu.se
lweb1122.sol.lu.se
www.lu.se
helpdesk.mhm.lu.se
rehab.adm.lu.se
lulock.luopen.lu.se
www.researchmagazine.lu.se
www.gerdahallen.lu.se
edit.info.lu.se
*.lu.se
cloud.nano.lu.se
intern.shop.lu.se
graduateland.com
jamf.esss.lu.se
crcservice.med.lu.se
www.lu.se
webmailtest.lu.se
desktop.lu.se
grub.lucas.lu.se
moodlealfa.omv.lu.se
hta-lundic.ht.lu.se
casa4.bmc.lu.se
ladoklpwlw-lnu.srv.lu.se
forvaltplan.ht.lu.se
*.gis.lu.se
workfolders.nateko.lu.se
imi-rhapsody.crc.med.lu.se
stf02.nuclear.lu.se
uportalhb-test.ldc.lu.se
www.venturelab.lu.se
www.lu.se
llasso393.srv.lu.se
monastica.ht.lu.se
ler486.srv.lu.se
lovisa.lub.lu.se
alarik.lunarc.lu.se
gernet.gerdahallen.lu.se
www.af.lu.se
grandbox.nateko.lu.se
intranet.rwi.lu.se
ipa1.lunarc.lu.se
libanswers.lub.lu.se
duo.maxlab.lu.se
jira.esss.lu.se
extern.shop.lu.se
passport.lu.se
*.gis.lu.se
intranet.rwi.lu.se
workfolders.lu.se
www.lu.se
lu.se
www.oikos.ekol.lu.se
canvas.education.lu.se
brown.crc.med.lu.se
git.ldc.lu.se
print.ehl.lu.se
ladokping-bth.srv.lu.se
jira.esss.lu.se
www.fokusforskning.lu.se
hta-lundic.ht.lu.se
extern.shop.lu.se
w-v-hdf5view-0.maxiv.lu.se
wfm423n2.srv.lu.se
kosmos.lth.se
idpv3.lu.se
gernet.gerdahallen.lu.se
kosmos.lth.se
www.gerdahallen.lu.se
whd.mhm.lu.se
dagfjarilar.lu.se
www.fokusforskning.lu.se
labguru-app.bmc.lu.se
www.jur.lu.se
venturelab.lu.se
connect.lu.se
Intranet.nateko.lu.se
citrix.med.lu.se
graduateland.com
cas.lu.se
ojstest.lub.lu.se
www.gerdahallen.lu.se
casa4.bmc.lu.se
www.gerdahallen.lu.se
exchange.lusem.lu.se
webmail.lu.se
lubas-uplan.lu.se
lms.liveatlund.lu.se
srv-ad-3.maxiv.lu.se
primweb.adm.lu.se
linteg558.srv.lu.se
connect.lu.se
Certificate
The complete raw certificate details for canmove-app.ekol.lu.se in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+DCCA+CgAwIBAgISBCSVpqGUHJA0yziHnZS1Wds2MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDIyMjU0NTdaFw0yNDA1MzEyMjU0NTZaMCExHzAdBgNVBAMT FmNhbm1vdmUtYXBwLmVrb2wubHUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQC0d8Q90v3PsuS8FHqYMRZ1d9v1cUGx9sW3YFz1x6V/KuMxpOB6Grtd KNmsfARAb24FyP8NT85DTGgBzEJ+sMqtQY6n9BoBwjiu2/QzZ43zaV9vJFJwWQoc KBVI7UgfHYTogN0zXD4hkgcfpyOuy4rPz3bKCp78CrflKI0Rn8XlIsTnZY8LQH3B 1aSaxe3sTNCp9pMtxhXH6+kzRG6zN81ROiq8KchuMb+D2CMnaBIDPHFtN4A46FJZ PZZAGZ0dO9nEJrLhQNqK46fM+2g8arIqYiElPrAMxSFWOnoP3OxRMNFnidwKCKKx nXjXTDwtFXNwRxTphr4fGbd5/0jZakNfAgMBAAGjggIXMIICEzAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFNandRl0sF7pYyTKR37ktGd9m7ejMB8GA1UdIwQYMBaAFBQu sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s ZW5jci5vcmcvMCEGA1UdEQQaMBiCFmNhbm1vdmUtYXBwLmVrb2wubHUuc2UwEwYD VR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgA7U3d1 Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY4Bl5/bAAAEAwBHMEUCIF0/ lshHdSGP2F42OFR22wdkiOTxVNlJPZChf5YQJjzuAiEA5wA/bmbtFm7gr/KzdNYe z8YRGKL0Nce3Injg/G7sTo8AdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+Zn TFo6dAAAAY4Bl6HlAAAEAwBGMEQCIGaIDKI+vgeqQ8OxzpvEe1niDRujFSiIXkqf v+gORDZqAiBL9QRjONBeAUOPFVr+YAsa/RENIEwvhZSG7wk5TW34zzANBgkqhkiG 9w0BAQsFAAOCAQEApleohaaael+qdNApf9kNebOPYPgo/dcDqqNYlBuS0p+uuXg7 Fpu7Ne6KTzixvPJgPW3M8fRXW8Qxel9lf643pgQf+7WqoWTQDRWKXn/WA7wRLJV5 kyo5xCrt7XG5EsY+QGRW46npL4DZnuv5Uu2lNJZxIm6HTfrNLmNO01T6s00r7AP7 7asPQUYUkR7KfpdpJEWd51unN3zYUezeanv1K38sb2EL6gcWB1ffHEm+mLQ2lfzp VdmUVgYRwRIfzTn3VAPdUH9stW4UXE+caX/tTc6VB4B0DWMVhxRJT02RPRqUdcO8 GHogHJgqX8EgrytrORlR34qLC5s1LoeZW9+v6w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHfEPdL9z7LkvBR6mDEW dXfb9XFBsfbFt2Bc9celfyrjMaTgehq7XSjZrHwEQG9uBcj/DU/OQ0xoAcxCfrDK rUGOp/QaAcI4rtv0M2eN82lfbyRScFkKHCgVSO1IHx2E6IDdM1w+IZIHH6cjrsuK z892ygqe/Aq35SiNEZ/F5SLE52WPC0B9wdWkmsXt7EzQqfaTLcYVx+vpM0RuszfN UToqvCnIbjG/g9gjJ2gSAzxxbTeAOOhSWT2WQBmdHTvZxCay4UDaiuOnzPtoPGqy KmIhJT6wDMUhVjp6D9zsUTDRZ4ncCgiisZ1410w8LRVzcEcU6Ya+Hxm3ef9I2WpD XwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 360898229106047794672560989133758732557110 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-02 22:54:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-31 22:54:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canmove-app.ekol.lu.se' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22781953989912607181850024863546733244839727165537253355869882760304169706851719960006528938416930538361335663416687603223575922001788033011244107149805330831361238871411548870480638390712502426639996593539229059861929815503728279880259211196050452266333330640039471781988310073274940226202597647917109881348572583257353214830378354148192269538274563507271017298354103291334331053272780592879084422397881790653147599711026911267214439599285236591824990409067385414326031527742421990899951235395980086897223792092486833346114467787376884475674407463912320798044174584163242219656137339414650726228755915145564218082143 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d6a7751974b05ee96324ca477ee4b4677d9bb7a3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canmove-app.ekol.lu.se' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e01979fdb000004030047304502205d3f96c84775218fd85e36385476db076488e4f154d9493d90a17f9610263cee022100e7003f6e66ed166ee0aff2b374d61ecfc61118a2f435c7b72278e0fc6eec4e8f00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e0197a1e50000040300463044022066880ca23ebe07aa43c3b1ce9bc47b59e20d1ba31528885e4a9fbfe80e44366a02204bf5046338d05e01438f155afe600b1afd110d204c2f859486ef09394d6df8cf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a657a885a69a7a5faa74d0297fd90d79b38f60f828fdd703aaa358941b92d29faeb9783b169bbb35ee8a4f38b1bcf2603d6dccf1f4575bc4317a5f657fae37a6041ffbb5aaa164d00d158a5e7fd603bc112c9579932a39c42aeded71b912c63e406456e3a9e92f80d99eebf952eda5349671226e874dfacd2e634ed354fab34d2bec03fbedab0f414614911eca7e976924459de75ba7377cd851ecde6a7bf52b7f2c6f610bea07160757df1c49be98b43695fce955d994560611c1121fcd39f75403dd507f6cb56e145c4f9c697fed4dce950780740d63158714494f4d913d1a9475c3bc187a201c982a5fc120af2b6b391951df8a8b0b9b352e87995bdfafeb