blackboard.richmond.edu

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 09:43:1b:5d:b9:14:4b:91:bc:e4:e2:46:ed:4d:36:54 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=blackboard.richmond.edu

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 09:43:1b:5d:b9:14:4b:91:bc:e4:e2:46:ed:4d:36:54
Serial Number (int): 12311490902143750928147138548884911700
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: d6:5a:5c:8d:e1:7c:10:1a:32:6a:4e:d5:82:6e:43:48:7a:a0:40:05
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 58:2f:31:70:e5:a3:cd:5a:3a:fa:81:51:d6:ac:43:21:18:00:8a:05
Fingerprint (sha256): 01:2a:8c:f1:5b:61:65:86:c5:d0:44:bf:a4:b7:ce:b7:39:9e:49:29:d3:60:01:5d:eb:b9:71:1c:f6:28:c4:e9

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate blackboard.richmond.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for blackboard.richmond.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

blackboard.richmond.edu
*.blackboard.com

Other certificates including the domain name richmond.edu

(limited to 100 certificates)
lawreview.richmond.edu
ems.richmond.edu
codingbootcamp.richmond.edu
collegian.richmond.edu
spiderchallenge.richmond.edu
cygnet.richmond.edu
connect.richmond.edu
spdr-rw.richmond.edu
blackboard.richmond.edu
md.richmond.edu
spidertechnet.richmond.edu
www.lawinfo.richmond.edu
lawreview.richmond.edu
spdr-vm.richmond.edu
king.richmond.edu
blog.richmond.edu
onecardweb.richmond.edu
effect.richmond.edu
libguides.richmond.edu
connect.richmond.edu
secure-usea1-1.tessituranetwork.com
bootcamps.richmond.edu
spidertechhub.richmond.edu
webapps.richmond.edu
webapps.richmond.edu
collegian.richmond.edu
spidergiving.richmond.edu
sorry.richmond.edu
masterplan.richmond.edu
avs-ess-sessmgr-sm100.richmond.edu
cassini.richmond.edu
secure-usea1-1.tessituranetwork.com
askboatwright.richmond.edu
secure-usea1-1.tessituranetwork.com
*.richmond.edu
dsl.richmond.edu
libsystest2.richmond.edu
libcal.richmond.edu
secure-usea1-1.tessituranetwork.com
www.student.richmond.edu
secure-usea1-1.tessituranetwork.com
idp.richmond.edu
lawreview.richmond.edu
effect.richmond.edu
jerkshistory.richmond.edu
emstest.richmond.edu
policy.richmond.edu
archives.richmond.edu
sprd-vm.richmond.edu
securessl-est1.tessituranetworkhost.com
dsl.richmond.edu
secure-usea1-1.tessituranetwork.com
websecure.richmond.edu
libcal.richmond.edu
xblog.richmond.edu
testapp.richmond.edu
secure-usea1-1.tessituranetwork.com
webpass.richmond.edu
secure-usea1-1.tessituranetwork.com
secure-usea1-1.tessituranetwork.com
tickets.modlin.richmond.edu
collegian.richmond.edu
codingbootcamp.richmond.edu
xemq20u1.richmond.edu
emstest.richmond.edu
securessl-est1.tessituranetworkhost.com
avs-cma.richmond.edu
scholarship.richmond.edu
testforms.richmond.edu
exchangemail.richmond.edu
sailaway.richmond.edu
richmond.edu
bannerweb.richmond.edu
codingbootcamp.richmond.edu
xeadmu.richmond.edu
scholarship.richmond.edu
collegian.richmond.edu
secure-usea1-1.tessituranetwork.com
askboatwright.richmond.edu
securessl-est1.tessituranetworkhost.com
secure-usea1-1.tessituranetwork.com
spdr-cms.richmond.edu
collegian.richmond.edu
urhere.richmond.edu
idp.richmond.edu
secure-usea1-1.tessituranetwork.com
xess19u1.richmond.edu
avs-ric-avp2.richmond.edu
helping.richmond.edu
upgradeweb.richmond.edu
*.coursedog.com
bootcamps.richmond.edu
xemc20u1.richmond.edu
libcal.richmond.edu
avs-ess-avp.richmond.edu
metcalf.richmond.edu
wwws.richmond.edu
effect.richmond.edu
securessl-est1.tessituranetworkhost.com
ldap.richmond.edu

Certificate

The complete raw certificate details for blackboard.richmond.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgIQCUMbXbkUS5G85OJG7U02VDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMDkxNjAwMDAwMFoXDTI0MTAxNDIzNTk1OVowIjEg
MB4GA1UEAxMXYmxhY2tib2FyZC5yaWNobW9uZC5lZHUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDLfPgbaWEwg/T/sunAInGHiPhN7tu2KjrARuFguKk8
jU+GuPsopBWzX7Otverx8a/ewzJ7xkV90CXdiYywdG56cM67YmDufl1N45CoA5x1
UOTb0DTYzfQ7xs5nau6yggTJJsBMqfA84VUQ2JQP/0S4YnSBv0U4IstWXERJy15L
dXeSqQ6GIwNrqTS4rMySOXpmI/nfl1fv+KXch7K09klqKnD3kXmva7QRI5JhMsrj
NOfmvUCsSFTyrEzS+YUpgFuLS9+5uOZbKAbQktt4uVU5Bl1VnKOC9aVh+b9bT5rv
Sm7usTCWAS3UkzhPTNrAeljjNUQoYKfEe9n6REVol8gTAgMBAAGjggMEMIIDADAf
BgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU1lpcjeF8
EBoyak7Vgm5DSHqgQAUwNAYDVR0RBC0wK4IXYmxhY2tib2FyZC5yaWNobW9uZC5l
ZHWCECouYmxhY2tib2FyZC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8E
NDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0w
My5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5y
Mm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJt
MDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBgAYK
KwYBBAHWeQIEAgSCAXAEggFsAWoAdwDuzdBk1dsazsVct520zROiModGfLzs3sNR
SFlGcR+1mwAAAYqcILWTAAAEAwBIMEYCIQD3zPXgO5234wqQwL20Jdv2SEn3I1Wf
pLPLxLFFtcuQ1QIhAMn0HtcsVi5T2gWKVpg6abz5o1l/X7ROwzN19G7DOJeQAHcA
SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGKnCC1VAAABAMASDBG
AiEAwGNycIob2/0SyoZmhNrtgKkKspuFdu9Hi1a0fy0GMbYCIQCl1xFd0bGheQ2+
Jh6/9mRQNOtPCSkOenXm8dBeKCR3rwB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSF
NL2kPTBI1/urAAABipwgtSMAAAQDAEcwRQIhAMsGwXtS3wKS+EgFdBW8ipRWMM3B
xAhU8LwN5V7WSj5PAiAIMQLQ740f1h6QrcHtEZovTZFwizDYNsiKBxt3uplOIjAN
BgkqhkiG9w0BAQsFAAOCAQEAYzItn2bH1Y9jRd/ILZq3/EEi5U+8+jjNGeZZmg+1
GDNE4cKri2bak90WMQxF7zPBZlkhECtOHQLgHwP+3JancIdHR13ZTz2PSmB13720
Xmw1EJYsaKbaJYqDlwJBvLS7ab7NJL3KP+d1AHAMSHfK0ZOs+dVeVkPexu0dgp5/
0f1qApb8tsOyD7wHZXxRwKYdOqQ+CLqjfMtzHE8us39SdxyOjBn2fj9UCcyhl9fx
QJP769+XeJzcMuzFcDhz0fPcad4+2OuApp4IkDqMF5NXli8Y5f5f8Zopm7vUI7JN
nC1ZSCSoHjKVbwiBe5TRX/Xb9l4Ncvfp7DcMyLqke/JRKw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3z4G2lhMIP0/7LpwCJx
h4j4Te7btio6wEbhYLipPI1Phrj7KKQVs1+zrb3q8fGv3sMye8ZFfdAl3YmMsHRu
enDOu2Jg7n5dTeOQqAOcdVDk29A02M30O8bOZ2rusoIEySbATKnwPOFVENiUD/9E
uGJ0gb9FOCLLVlxEScteS3V3kqkOhiMDa6k0uKzMkjl6ZiP535dX7/il3IeytPZJ
aipw95F5r2u0ESOSYTLK4zTn5r1ArEhU8qxM0vmFKYBbi0vfubjmWygG0JLbeLlV
OQZdVZyjgvWlYfm/W0+a70pu7rEwlgEt1JM4T0zawHpY4zVEKGCnxHvZ+kRFaJfI
EwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12311490902143750928147138548884911700
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blackboard.richmond.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25688000501763117653166424642639375064421486013258630759120024107023045894751525557631574132594800351592148492133042528379432963545916887148013113459690937499113363535949833254368951067360980407893840966210736122928549630068659277324927912726087372780483738684806224878182202166184141904163090445058715555678262990654806800739248719537607585511149570636258695327834903720626538653172565875554818364521614451841184657213126275114964549138634190402398825250457253422489812382880227819556853147247163856916601514605896951717876575711763258512246235508675985803214011818124903527368122132163162438948852389457553597646867
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d65a5c8de17c101a326a4ed5826e43487aa04005
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blackboard.richmond.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.blackboard.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018a9c20b5930000040300483046022100f7ccf5e03b9db7e30a90c0bdb425dbf64849f723559fa4b3cbc4b145b5cb90d5022100c9f41ed72c562e53da058a56983a69bcf9a3597f5fb44ec33375f46ec338979000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a9c20b5540000040300483046022100c06372708a1bdbfd12ca866684daed80a90ab29b8576ef478b56b47f2d0631b6022100a5d7115dd1b1a1790dbe261ebff6645034eb4f09290e7a75e6f1d05e282477af007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a9c20b5230000040300473045022100cb06c17b52df0292f848057415bc8a945630cdc1c40854f0bc0de55ed64a3e4f0220083102d0ef8d1fd61e90adc1ed119a2f4d91708b30d836c88a071b77ba994e22
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0063322d9f66c7d58f6345dfc82d9ab7fc4122e54fbcfa38cd19e6599a0fb5183344e1c2ab8b66da93dd16310c45ef33c1665921102b4e1d02e01f03fedc96a7708747475dd94f3d8f4a6075dfbdb45e6c3510962c68a6da258a83970241bcb4bb69becd24bdca3fe77500700c4877cad193acf9d55e5643dec6ed1d829e7fd1fd6a0296fcb6c3b20fbc07657c51c0a61d3aa43e08baa37ccb731c4f2eb37f52771c8e8c19f67e3f5409cca197d7f14093fbebdf97789cdc32ecc5703873d1f3dc69de3ed8eb80a69e08903a8c179357962f18e5fe5ff19a299bbbd423b24d9c2d594824a81e32956f08817b94d15ff5dbf65e0d72f7e9ec370cc8baa47bf2512b