staging.allgaeu-triathlon.de

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:99:17:5a:66:43:0b:3b:41:77:91:8e:ca:e2:19:eb:f5:94 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=staging.allgaeu-triathlon.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:99:17:5a:66:43:0b:3b:41:77:91:8e:ca:e2:19:eb:f5:94
Serial Number (int): 400543387490682435127772226649464633030036
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 2a:4a:28:30:52:0d:a0:a9:07:e7:9f:a6:b1:40:48:d6:00:38:31:73
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 18:3c:32:d9:31:cb:d1:45:11:6e:14:5a:a7:83:65:b5:ba:28:ce:d5
Fingerprint (sha256): 01:bf:9a:f4:d4:6f:6a:1e:6f:47:4b:d1:0d:dc:d0:c1:2b:95:44:8f:8a:8d:49:36:cf:dc:46:21:ed:8f:94:60

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate staging.allgaeu-triathlon.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for staging.allgaeu-triathlon.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

staging.allgaeu-triathlon.de
staging.hannes-hawaii-tours.de

Other certificates including the domain name allgaeu-triathlon.de

(limited to 100 certificates)
staging.allgaeu-triathlon.de
www.allgaeu-triathlon.de
recruitment.laveraitalia.it
forms.ksplusplus.de
allgaeu-triathlon.de
forms.ksplusplus.de
aceaquatecsupport.invma.co.uk
allgaeu-triathlon.de
staging.allgaeu-triathlon.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
staging.allgaeu-triathlon.de
www.allgaeu-triathlon.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
recruitment.laveraitalia.it
www.allgaeu-triathlon.de
forms.centimo.nl
www.allgaeu-triathlon.de
halloween.rusgymnasium.at
info.digitalizadores.es
my.samuelz.com
forms.yarvis.de
recruitment.laveraitalia.it
formulare.allgaeu-triathlon.de
forms.the-minted.com
recruitment.laveraitalia.it
forms.lawplus.co.uk
allgaeu-triathlon.de
claims.saneux.com
staging.allgaeu-triathlon.de
halloween.rusgymnasium.at
forms.renera.energy
forms.lawplus.co.uk
forms.the-minted.com
bo.hannes-hawaii-tours.de
recruitment.laveraitalia.it
forms.centimo.nl
recruitment.laveraitalia.it
forms.nublock.holdings
allgaeu-triathlon.de
www.allgaeu-triathlon.de
www.allgaeu-triathlon.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
bo.hannes-hawaii-tours.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
www.allgaeu-triathlon.de
allgaeu-triathlon.de
staging.allgaeu-triathlon.de
recruitment.laveraitalia.it
allgaeu-triathlon.de
forms.renera.energy
allgaeu-triathlon.de
www.allgaeu-triathlon.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
allgaeu-triathlon.de
recruitment.laveraitalia.it
allgaeu-triathlon.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
bo.hannes-hawaii-tours.de
forms.ksplusplus.de
halloween.rusgymnasium.at
forms.ksplusplus.de
staging.allgaeu-triathlon.de
www.allgaeu-triathlon.de
recruitment.laveraitalia.it
allgaeu-triathlon.de
www.allgaeu-triathlon.de
claims.saneux.com
halloween.rusgymnasium.at
bo.hannes-hawaii-tours.de
recruitment.laveraitalia.it
recruitment.laveraitalia.it
recruitment.laveraitalia.it
recruitment.laveraitalia.it
bo.hannes-hawaii-tours.de
claims.saneux.com
bo.hannes-hawaii-tours.de
formulare.allgaeu-triathlon.de
allgaeu-triathlon.de
allgaeu-triathlon.de
aceaquatecsupport.invma.co.uk
recruitment.laveraitalia.it
recruitment.laveraitalia.it
recruitment.laveraitalia.it
allgaeu-triathlon.de
info.digitalizadores.es
claims.saneux.com
recruitment.laveraitalia.it
recruitment.laveraitalia.it
bo.hannes-hawaii-tours.de
forms.musthavetickets.co.uk
forms.musthavetickets.co.uk
staging.allgaeu-triathlon.de
forms.sia-connect.com
my.samuelz.com

Certificate

The complete raw certificate details for staging.allgaeu-triathlon.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISBJkXWmZDCztBd5GOyuIZ6/WUMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDgwMTQwMzhaFw0y
MDA3MDcwMTQwMzhaMCcxJTAjBgNVBAMTHHN0YWdpbmcuYWxsZ2FldS10cmlhdGhs
b24uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5uiRDiDqBECPE
RqqKIzd4yDBkOGgAKxZBIfzJ5MGbjUKSbqHKVZCLEhLjie1O3h+hpEWYBVtnGyd+
wAfcvycIvAz3WnxwlUXiJhyjE2sY9Ee12Q12SMJvkeQNyHmGsI9lNuFbzT+AN2ih
2nldnD34g4kfiBbqGKj3mSsobQwco84oo2P9wbZi39PZKYsrMzGAkXNKYgDhfeP7
ERoEd7gc5HRR6rDo8RiQJN8wEhSu6aYmx2hzsg1vj71ipyK5dgInk0nqaCCzdxHi
c5Adwqdgea7JY23oogZ3mOAz2MDD2feleXsp/g5cN74ksgBdV1HbDCBknleVGR97
6eywvzULAgMBAAGjggKRMIICjTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCpKKDBS
DaCpB+efprFASNYAODFzMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh
MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz
LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz
LmxldHNlbmNyeXB0Lm9yZy8wRwYDVR0RBEAwPoIcc3RhZ2luZy5hbGxnYWV1LXRy
aWF0aGxvbi5kZYIec3RhZ2luZy5oYW5uZXMtaGF3YWlpLXRvdXJzLmRlMEwGA1Ud
IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0
dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
AHUAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwAAAFxV6kx8gAABAMA
RjBEAiBbt3epDZEI7nrn++67rEiL6pf/nN4NJDqCXBQSDCrrYQIgERZcPNNO1zG5
t914V4l9a3ckxawr62SoytjRxK1uFaUAdwBvU3asMfAxGdiZAKRRFf93FRwR2QLB
ACkGjbIImjfZEwAAAXFXqTJyAAAEAwBIMEYCIQCEu8GtPpKrDhDiQstLTAYRTe+D
7EPfKQ7dE3K/3u4K0gIhALt2r9PrJ/QkcqbmPQW6A0yt0a0MRV8yncBXmtSx3qDs
MA0GCSqGSIb3DQEBCwUAA4IBAQBWwgjx7tV7uBeWRP37Zr1s7YMNw7yQnw1gEytf
fAoLJalsKG1P6JoRHI9Qn6RO9IMxsU9YjWFjWmO7Jk1Tlx84kZlihrwBep+nZhvN
vXJOdInXZRAKJzzOpbp7QQH4lRJ/95kHw0iJ5anB5WHWb62xZtJVFmzbUHrmLe63
ssot5VejSpbwkSf+PNjN3Fc7V2se6PPF5XJKIpTnX8h+yFtiTwZdrxZRDPLBXs0a
ko4XehG5j6ec+CkAJd4VPEr8VuWHlwVLgn5MQTCNT0kD/Z1HvNU3HADTABMBd0OG
qitvfk4hi3E2Vq5bzCO1kjpb2uDq9qOJCTWBF7cuP29PIkpQ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubokQ4g6gRAjxEaqiiM3
eMgwZDhoACsWQSH8yeTBm41Ckm6hylWQixIS44ntTt4foaRFmAVbZxsnfsAH3L8n
CLwM91p8cJVF4iYcoxNrGPRHtdkNdkjCb5HkDch5hrCPZTbhW80/gDdoodp5XZw9
+IOJH4gW6hio95krKG0MHKPOKKNj/cG2Yt/T2SmLKzMxgJFzSmIA4X3j+xEaBHe4
HOR0Ueqw6PEYkCTfMBIUrummJsdoc7INb4+9YqciuXYCJ5NJ6mggs3cR4nOQHcKn
YHmuyWNt6KIGd5jgM9jAw9n3pXl7Kf4OXDe+JLIAXVdR2wwgZJ5XlRkfe+nssL81
CwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 400543387490682435127772226649464633030036
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-08 01:40:38 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-07 01:40:38 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging.allgaeu-triathlon.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23445876290082895749054543565401372982486454872405508141184261840736274456418063276632201778764173112619400886571035090252422401686954106785779958541352296997221320184941432137816229846174377875152496424199898997326084495261718066306793204108247447981415857618985383166292095881730111402643288585656564432858448492481223849476270938093032558783230902264214824209457983073873155555788278465187980304424194662280025262931176938227192569490154166707474404280936134590569960851021233587974589726771909666755164642116323928458321686263675347518555141328322234656351193495639269310600656024400378044450176189276382826542347
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2a4a2830520da0a907e79fa6b14048d600383173
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.allgaeu-triathlon.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.hannes-hawaii-tours.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017157a931f2000004030046304402205bb777a90d9108ee7ae7fbeebbac488bea97ff9cde0d243a825c14120c2aeb61022011165c3cd34ed731b9b7dd7857897d6b7724c5ac2beb64a8cad8d1c4ad6e15a50077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017157a93272000004030048304602210084bbc1ad3e92ab0e10e242cb4b4c06114def83ec43df290edd1372bfdeee0ad2022100bb76afd3eb27f42472a6e63d05ba034cadd1ad0c455f329dc0579ad4b1dea0ec
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0056c208f1eed57bb8179644fdfb66bd6ced830dc3bc909f0d60132b5f7c0a0b25a96c286d4fe89a111c8f509fa44ef48331b14f588d61635a63bb264d53971f3891996286bc017a9fa7661bcdbd724e7489d765100a273ccea5ba7b4101f895127ff79907c34889e5a9c1e561d66fadb166d255166cdb507ae62deeb7b2ca2de557a34a96f09127fe3cd8cddc573b576b1ee8f3c5e5724a2294e75fc87ec85b624f065daf16510cf2c15ecd1a928e177a11b98fa79cf8290025de153c4afc56e58797054b827e4c41308d4f4903fd9d47bcd5371c00d3001301774386aa2b6f7e4e218b713656ae5bcc23b5923a5bdae0eaf6a38909358117b72e3f6f4f224a50