myaccess.roche.com

Issued by GeoTrust TLS RSA CA G1

About this certificate

This digital certificate with serial number 0d:28:94:2d:26:d3:5c:66:6d:0c:67:68:0a:24:21:51 was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=myaccess.roche.com

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:28:94:2d:26:d3:5c:66:6d:0c:67:68:0a:24:21:51
Serial Number (int): 17490661193449903110300535579019059537
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 37:92:90:37:bb:d1:ab:fc:6c:6a:87:11:bb:9a:d5:80:b3:fd:d1:75
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57

Fingerprint (sha1): 20:c2:26:52:61:f8:47:28:db:5e:05:ed:e9:55:ba:33:f9:34:49:02
Fingerprint (sha256): 01:b9:fd:74:38:79:be:d6:81:8f:7f:d3:e1:50:86:27:ed:3e:aa:be:fd:41:8f:37:35:dd:7e:3e:a0:30:01:a3

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

Check the revocation status for certificate myaccess.roche.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for myaccess.roche.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

myaccess.roche.com

Other certificates including the domain name roche.com

(limited to 100 certificates)
involve.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com

Certificate

The complete raw certificate details for myaccess.roche.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIQDSiULSbTXGZtDGdoCiQhUTANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIzMDUwOTAwMDAwMFoXDTI0MDUwODIzNTk1OVowHTEbMBkGA1UEAxMSbXlh
Y2Nlc3Mucm9jaGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
lpDqS7l21LSLARWxqk3dgFZJ2RsozAWxLdkLz7uZ7uffapnz9yr+/hpNyWTAOsN6
vznXSkPUztgjXXt+sDSgbtrclhvKKrynbiseL5dJuk/VrTGET6LaB3EbK/Gw59oh
Q7dHyehAQKY+6RWjIdo5oQmc72UoONN53LGnDeoXOQB9NsJyQEmiB1G6tfXbS2hc
FlT9GkM3YnJFTyDNdA+SCeBFA4/dTvZYFQsB07qe6mncB+ORF0sUVKdgcB3nnMOg
OtJxFraY/RejpmG5lspQZYkz9cvvnd/dbtlTmvhGjgJ9Za4iiAVQaakrvghmjpUP
uQOmyKeVTG8DPge7bYQAMQIDAQABo4IDGTCCAxUwHwYDVR0jBBgwFoAUlE/UXYvk
pOKmgP792PkA76O+AlcwHQYDVR0OBBYEFDeSkDe70av8bGqHEbua1YCz/dF1MB0G
A1UdEQQWMBSCEm15YWNjZXNzLnJvY2hlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD8GA1UdHwQ4MDYwNKAyoDCGLmh0
dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcmwwPgYD
VR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp
Y2VydC5jb20vQ1BTMHYGCCsGAQUFBwEBBGowaDAmBggrBgEFBQcwAYYaaHR0cDov
L3N0YXR1cy5nZW90cnVzdC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9jYWNlcnRz
Lmdlb3RydXN0LmNvbS9HZW9UcnVzdFRMU1JTQUNBRzEuY3J0MAkGA1UdEwQCMAAw
ggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8
vOzew1FIWUZxH7WbAAABh/9E8KUAAAQDAEcwRQIgFhlXTBiOLH7c8QUThK6IZDcv
wGqxKPUZA/2YxEDomPsCIQDV4G7a4tanxzP6HWknBGBoBrijcln/JM71DeghaJ7O
qwB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABh/9E8NkAAAQD
AEcwRQIgMcqRwpPp2VLiPv+XZerxj/nOu2mRW+b/B0S95UCcbycCIQDiTH5Wz2nV
wQ+YeUkn7QBIBu+MXD4bA6e7rJv02+5SQAB3ANq2v2s/tbYin5vCu1xr6HCRcWy7
UYSFNL2kPTBI1/urAAABh/9E8KcAAAQDAEgwRgIhALMynKSyfWMvJfsXviPSsFBy
UTCyjovsjFpZJ8kb/ZmhAiEA07j5YfoeCdxtAG91MaMADQIJVP5BovLX04E/LSJw
S18wDQYJKoZIhvcNAQELBQADggEBAL4NnMdw+1YdfzsQzkwiLVD62CTMSvf0SLhM
/Vi4dygOfzwjTI2y7jvZn/GqRrdVDpudcEbe6qRCuueQdvQzLA5mcptSprGw/P3K
uicQHfF2iY24u0ywG2FmoVOXBgIS+VHP+LDRs4aygSGluOFehp9qiUh8/VeaAq+y
8qcCqLQGhEHKecC1jxCTfjAJJwmyCm0+hAa2+I4AyVI/5Hh1vgOkj7sUbkc8fla0
lAb3NFseJAZuP1MQP7PP2/yxUREDu+hRhkjySN9wpxkOoX8qeIFEWRWEdeTBiHvx
8Yol9o5WmsE9iN9VONvrpKq/dyIUMqcPDjD2ywKksMOlgpIQeL8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpDqS7l21LSLARWxqk3d
gFZJ2RsozAWxLdkLz7uZ7uffapnz9yr+/hpNyWTAOsN6vznXSkPUztgjXXt+sDSg
btrclhvKKrynbiseL5dJuk/VrTGET6LaB3EbK/Gw59ohQ7dHyehAQKY+6RWjIdo5
oQmc72UoONN53LGnDeoXOQB9NsJyQEmiB1G6tfXbS2hcFlT9GkM3YnJFTyDNdA+S
CeBFA4/dTvZYFQsB07qe6mncB+ORF0sUVKdgcB3nnMOgOtJxFraY/RejpmG5lspQ
ZYkz9cvvnd/dbtlTmvhGjgJ9Za4iiAVQaakrvghmjpUPuQOmyKeVTG8DPge7bYQA
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17490661193449903110300535579019059537
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'myaccess.roche.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19007206102250688771910247446333096878956398783715372738302455341583458859079234395261170870470900074624898466548583780095216870352757934786751972346481602417921702466853739903569798139709460579670491447756903029223338302747952747033286294845379885710845830190734881296978865599734083651442420343936771994214322119610187183863145932432730287092370636742843420992750814770371134843073442909225353017171094336630095537075980899878886602073684026822184705480270506865648283324617244230881041370141941092732449978399666639424327479604557866675708474127022386912935990287286504348347108407250368174772552634458537717923889
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							37929037bbd1abfc6c6a8711bb9ad580b3fdd175
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myaccess.roche.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000187ff44f0a5000004030047304502201619574c188e2c7edcf1051384ae8864372fc06ab128f51903fd98c440e898fb022100d5e06edae2d6a7c733fa1d692704606806b8a37259ff24cef50de821689eceab00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000187ff44f0d90000040300473045022031ca91c293e9d952e23eff9765eaf18ff9cebb69915be6ff0744bde5409c6f27022100e24c7e56cf69d5c10f98794927ed004806ef8c5c3e1b03a7bbac9bf4dbee5240007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000187ff44f0a70000040300483046022100b3329ca4b27d632f25fb17be23d2b050725130b28e8bec8c5a5927c91bfd99a1022100d3b8f961fa1e09dc6d006f7531a3000d020954fe41a2f2d7d3813f2d22704b5f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00be0d9cc770fb561d7f3b10ce4c222d50fad824cc4af7f448b84cfd58b877280e7f3c234c8db2ee3bd99ff1aa46b7550e9b9d7046deeaa442bae79076f4332c0e66729b52a6b1b0fcfdcaba27101df176898db8bb4cb01b6166a15397060212f951cff8b0d1b386b28121a5b8e15e869f6a89487cfd579a02afb2f2a702a8b4068441ca79c0b58f10937e30092709b20a6d3e8406b6f88e00c9523fe47875be03a48fbb146e473c7e56b49406f7345b1e24066e3f53103fb3cfdbfcb1511103bbe8518648f248df70a7190ea17f2a78814459158475e4c1887bf1f18a25f68e569ac13d88df5538dbeba4aabf77221432a70f0e30f6cb02a4b0c3a582921078bf