lcanresearch.northwestern.edu

Issued by R3

About this certificate

This digital certificate with serial number 04:4f:fa:b1:b4:db:be:b3:34:c4:12:56:94:0e:16:d2:c3:0d was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=lcanresearch.northwestern.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:4f:fa:b1:b4:db:be:b3:34:c4:12:56:94:0e:16:d2:c3:0d
Serial Number (int): 375664680417529029879510666839329569161997
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: ed:01:1c:b4:d6:9f:eb:0a:df:d2:0e:81:ce:9e:09:b8:fa:0c:2a:74
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 90:3e:3e:82:45:b1:48:9d:95:45:09:92:f5:d1:99:59:7c:47:d2:d3
Fingerprint (sha256): 00:d4:cd:03:e6:22:79:ff:18:91:2c:9f:d5:89:13:5b:41:63:a9:eb:34:98:19:a9:ee:d8:16:2b:29:c9:cb:f6

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate lcanresearch.northwestern.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for lcanresearch.northwestern.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

lcanresearch.northwestern.edu
lcanresearch.soc.northwestern.edu

Other certificates including the domain name northwestern.edu

(limited to 100 certificates)
evcasper.ci.northwestern.edu
zfsmweb02.fsm.northwestern.edu
*.soc.northwestern.edu
hub.mmlc.northwestern.edu
idmspqa5.ci.northwestern.edu
degree.ai.northwestern.edu
askplrc.law.northwestern.edu
faoadmin-dev.api.fsm.northwestern.edu
carpepm.almonds.com
catalyst-sync-gateway.fsm.northwestern.edu
account-inventory-dev.entapp.northwestern.edu
ssl6901.cloudflare.com
ct-stem.northwestern.edu
cps.northwestern.edu
secure.ard.northwestern.edu
boshercollection.northwestern.edu
5707931811053568-fe1.pantheonsite.io
osep.northwestern.edu
web.madstudio.northwestern.edu
degree.robotics.northwestern.edu
www.alumni.northwestern.edu
tls.automattic.com
sesdlab.northwestern.edu
fed.it.northwestern.edu
admissions.emeritus.org
badges.gmac.com
websso.it.northwestern.edu
teenshealth.qatar.northwestern.edu
cluster.technolutions.net
lingwebx.ci.northwestern.edu
lyncedge.northwestern.edu
medillwatchdog.medill.northwestern.edu
buddhist-art.arthistory.northwestern.edu
nubio.northwestern.edu
nextcloud.sesp.northwestern.edu
scientificpractices.sesp.northwestern.edu
gallery.kellogg.northwestern.edu
dev-websso.it.northwestern.edu
calendar.sdzsafaripark.org
sec-pagely.at.northwestern.edu
ishi.earth.northwestern.edu
lcanresearch.northwestern.edu
dialects.soc.northwestern.edu
evcsdskypse1.adsdev.northwestern.edu
cspac.eecs.northwestern.edu
catracks-dev.northwestern.edu
www.nsis-train.northwestern.edu
childlab.northwestern.edu
tls.automattic.com
labmail.misitlab.northwestern.edu
features.qatar.northwestern.edu
abct.ebbp.northwestern.edu
nuplansqa.northwestern.edu
ssl371003.cloudflaressl.com
lfeev.adsdev.northwestern.edu
apply.music.northwestern.edu
5693200475881472-fe2.pantheonsite.io
nuqcsptmg.qatar.northwestern.edu
tqn.sesp.northwestern.edu
slpd.northwestern.edu
sesp.northwestern.edu
www6.kellogg.northwestern.edu
ansys.mccormick.northwestern.edu
obprodrest.ci.northwestern.edu
ldapqa1.ci.northwestern.edu
ecocasting.northwestern.edu
cms7test2012.kellogg.northwestern.edu
sec-pagely.at.northwestern.edu
cdn-test.battlefields.org
zfsmweb01.fsm.northwestern.edu
ozzie.traffic.northwestern.edu
nuhr.northwestern.edu
vmath.northwestern.edu
ilabcentral.sesp.northwestern.edu
eecs211.cs.northwestern.edu
liszt.northwestern.edu
parisprogram.northwestern.edu
www.mccormick.northwestern.edu
citeak.multidevcom.uaf.edu
illinoisjudges.law.northwestern.edu
compphotolab.northwestern.edu
kisb21a.kellogg.northwestern.edu
securedns1.planmygift.org
securedns1.planmygift.org
chhr92uatibweb1.ci.northwestern.edu
orfa.northwestern.edu
webssodev-vip.ci.northwestern.edu
bora.cs.northwestern.edu
badges.gmac.com
argallab.northwestern.edu
gabrielse.physics.northwestern.edu
allancollins.northwestern.edu
biology.northwestern.edu
ecstest.entapp.northwestern.edu
uec.adea-cloud.northwestern.edu
courses1.northwestern.edu
www.cfp.physics.northwestern.edu
crs-dev.fsm.northwestern.edu
musictherapy.soc.northwestern.edu
www.jlsp.law.northwestern.edu

Certificate

The complete raw certificate details for lcanresearch.northwestern.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISBE/6sbTbvrM0xBJWlA4W0sMNMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMjcxMjE3MDFaFw0yNDA0MjYxMjE3MDBaMCgxJjAkBgNVBAMT
HWxjYW5yZXNlYXJjaC5ub3J0aHdlc3Rlcm4uZWR1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAnu1aSNXvN8kiDVqvdb+BzXBFTNMc3LaituxmezjcpEFu
p3zys0J6HG4ZFU/8kshx3vcJtOWUQis4NSoRi+hIvQ9/Us629sc8HB0RsOJK48zU
xinhcmNjHWxXyX/vxEb/6BwGosjZNHSdZLzs1jMSFZTj49DShpZXYCp9GYSRuX3y
WIOrrEU35/n2JCXsS1gcuuwBWWzwWgIM0rmZNlaBNjoxnPiqnftURqmkZSOC2ONH
LF+09v7bUGYc+brMow+PpRNUn8w5m0DnbqJ3kZYMeqp6ejXl8S+4Tem4+ZZwV75w
glx7YAMd3zc898FgrKuCQyPL5T14kcXH+X/Ngjl0lQIDAQABo4ICQjCCAj4wDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBTtARy01p/rCt/SDoHOngm4+gwqdDAfBgNVHSME
GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB
BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov
L3IzLmkubGVuY3Iub3JnLzBLBgNVHREERDBCgh1sY2FucmVzZWFyY2gubm9ydGh3
ZXN0ZXJuLmVkdYIhbGNhbnJlc2VhcmNoLnNvYy5ub3J0aHdlc3Rlcm4uZWR1MBMG
A1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYASLDj
a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNSxEAwAAABAMARzBFAiA+
qwAT6gu7G5fLZOT8nMDeT6ApMloPHG1T1GIpx/FPyAIhAO2ZSszgvuZaiQtimeRN
lklrtqtWYDOqxuRMP0Ex6XZjAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZ
RnEftZsAAAGNSxEA7QAABAMARzBFAiApAS9FL6wvebf1iU1djAlOwukAG3dWqbur
k0fmSS58LQIhANo8V6wN/1fTsaeaRMBz3JOFrNphSQIc+NePItXSvpTgMA0GCSqG
SIb3DQEBCwUAA4IBAQCCHzg32BgP1sG5sANGyn5gTpG2PQcFrQ+EENRg9o7pYTAt
JocCyU+iDc8gsYsz5QWzOo3Eafj4tI7OPyC9BPwOHaGqYGQEqEZrDYckagMnOw3w
yEsV3aKsyDIVYSFwG9WAFMgRSG7V19ebHVT7a9Wp4RNwKdwVKs3SngeBvUl3rsYQ
JJqmDRGjxtYQzw3dJAv8RTwdG0X3eoRSizvgRFCoI401NYaRm1vOrEeb/qMxgCBK
wIuhJUQ0idrVsaz99Xq/rgDrdvJpX4m44PbYL8bGfe5O40M/MAfPGiRF2xYikxhR
3BXKtn8vnDlV1hgKAOwZSNui0rm/Kgo0k6clLklU
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu1aSNXvN8kiDVqvdb+B
zXBFTNMc3LaituxmezjcpEFup3zys0J6HG4ZFU/8kshx3vcJtOWUQis4NSoRi+hI
vQ9/Us629sc8HB0RsOJK48zUxinhcmNjHWxXyX/vxEb/6BwGosjZNHSdZLzs1jMS
FZTj49DShpZXYCp9GYSRuX3yWIOrrEU35/n2JCXsS1gcuuwBWWzwWgIM0rmZNlaB
NjoxnPiqnftURqmkZSOC2ONHLF+09v7bUGYc+brMow+PpRNUn8w5m0DnbqJ3kZYM
eqp6ejXl8S+4Tem4+ZZwV75wglx7YAMd3zc898FgrKuCQyPL5T14kcXH+X/Ngjl0
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 375664680417529029879510666839329569161997
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-27 12:17:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 12:17:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lcanresearch.northwestern.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20062695150380682660032483690996270432710310257420845282056080032666752714437159721831313970243086969330154347713743520620237699871390763036444732254810308183195079776325930937942437058541165964907973727473354569933147526799400561727231683574248392728095333686160827845740920089511602829783273292937004658093126621723097844691310120455010203657503135981099063616085967934551079674845593531874779755516030462219816383956809586684103291199417976924492708169374872265816828803304843455191432973762912613311674313467101480560183330223160538914639179189874810056656559430828849019323090009501120129500176640271594601149589
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ed011cb4d69feb0adfd20e81ce9e09b8fa0c2a74
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lcanresearch.northwestern.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lcanresearch.soc.northwestern.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d4b1100c0000004030047304502203eab0013ea0bbb1b97cb64e4fc9cc0de4fa029325a0f1c6d53d46229c7f14fc8022100ed994acce0bee65a890b6299e44d96496bb6ab566033aac6e44c3f4131e97663007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d4b1100ed0000040300473045022029012f452fac2f79b7f5894d5d8c094ec2e9001b7756a9bbab9347e6492e7c2d022100da3c57ac0dff57d3b1a79a44c073dc9385acda6149021cf8d78f22d5d2be94e0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00821f3837d8180fd6c1b9b00346ca7e604e91b63d0705ad0f8410d460f68ee961302d268702c94fa20dcf20b18b33e505b33a8dc469f8f8b48ece3f20bd04fc0e1da1aa606404a8466b0d87246a03273b0df0c84b15dda2acc832156121701bd58014c811486ed5d7d79b1d54fb6bd5a9e1137029dc152acdd29e0781bd4977aec610249aa60d11a3c6d610cf0ddd240bfc453c1d1b45f77a84528b3be04450a8238d353586919b5bceac479bfea33180204ac08ba125443489dad5b1acfdf57abfae00eb76f2695f89b8e0f6d82fc6c67dee4ee3433f3007cf1a2445db1622931851dc15cab67f2f9c3955d6180a00ec1948dba2d2b9bf2a0a3493a7252e4954