portal.studenthealth.cuimc.columbia.edu

Issued by R3

About this certificate

This digital certificate with serial number 04:c2:7a:b7:7d:3b:95:29:75:fc:ad:d7:1d:96:aa:25:bf:3f was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=portal.studenthealth.cuimc.columbia.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:c2:7a:b7:7d:3b:95:29:75:fc:ad:d7:1d:96:aa:25:bf:3f
Serial Number (int): 414627041455535745542740925436282578255679
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 61:f1:6a:87:56:36:0a:2d:e8:6f:9d:0c:a6:58:79:24:88:1e:01:7c
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 57:e6:fe:0f:2c:ed:59:4c:ad:4f:e9:39:3b:85:d1:93:5b:f0:39:62
Fingerprint (sha256): 01:d7:cd:ca:16:40:a6:a5:4f:6d:a2:55:76:d3:0f:8b:eb:cf:7e:e4:e0:14:10:6a:49:11:4d:ab:87:e7:a3:76

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate portal.studenthealth.cuimc.columbia.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for portal.studenthealth.cuimc.columbia.edu

Public Key Algorithm

RSA

Key Size

3072

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

portal.studenthealth.cuimc.columbia.edu

Other certificates including the domain name columbia.edu

(limited to 100 certificates)
coursewebs.law.columbia.edu
mcftp.mc.cumc.columbia.edu
diamond.law.columbia.edu
classics.columbia.edu
tsividis.ee.columbia.edu
frontend.sisfrontend-uat.sis-r53.cuit.columbia.edu
povertycenter.columbia.edu
invest-serv2.ooi.columbia.edu
test-web-lws.edu.help
exprodmail01.cuit.columbia.edu
ssl.procurement.columbia.edu
nursingvolunteer.givingday.columbia.edu
*.hr.columbia.edu
5697124062724096-fe2.pantheonsite.io
us.prod.campusgroups.com
unleashing.tc.columbia.edu
www.mailman.columbia.edu
secure5bb5ec4d4764e8eaa9667dce.nationbuilder.com
wikischolars.columbia.edu
incapsula.com
nano.columbia.edu
emeritus.gsb.columbia.edu
courseworks2.columbia.edu
admissions.emeritus.org
video.engineering.columbia.edu
cluster3.technolutions.net
aspirerefugees.columbia.edu
cluster.technolutions.net
cluster3.technolutions.net
globalreports.columbia.edu
wwws-db.law.columbia.edu
us.prod.campusgroups.com
5691420614590464-fe3.pantheonsite.io
califano.c2b2.columbia.edu
dev.cumc.columbia.edu
amploadvance.com
www.icap.columbia.edu
icccr.tc.columbia.edu
guestaccess.law.columbia.edu
giving.columbia.edu
www.incite.columbia.edu
ad01.gsb.columbia.edu
thelowdown.alumni.columbia.edu
mail.biology.columbia.edu
*.isso.columbia.edu
digitaltutorials.jrn.columbia.edu
pawprtprodmprt1.cuit.columbia.edu
incapsula.com
5727389891952640-fe2.pantheonsite.io
columbia.edu
pawprtprodprt02.adcu.columbia.edu
stat.columbia.edu
palestine.mei.columbia.edu
m.lawnet.law.columbia.edu
abate-shen.cumc.columbia.edu
jira.columbia.edu
incite.columbia.edu
portal.neuro.columbia.edu
idmapp.cc.columbia.edu
incapsula.com
haywire.college.columbia.edu
sustainability.ei.columbia.edu
lockers-dev.paas.cc.columbia.edu
connect.woodstockacademy.org
indianeconomy.columbia.edu
ias-drupal6-test.cc.columbia.edu
mail-in.cc.columbia.edu
beisdev1.tc.columbia.edu
www.design-engineering.princeton.edu
5753050442498048-fe1.pantheonsite.io
tls.automattic.com
chagall.tc.columbia.edu
prod.25.slot.cdn.salesforce-communities.com
5691420614590464-fe3.pantheonsite.io
act.dbmi.columbia.edu
www.cser.columbia.edu
5703702744662016-fe4.pantheonsite.io
soc.cs.columbia.edu
sni.cloudflaressl.com
amploadvance.com
sslvs03.igloosoftware.com
cluster3.technolutions.net
sustainability.ei.columbia.edu
stat.columbia.edu
library.columbia.edu
pistars1.cpmc.columbia.edu
nxterra.ucop.edu
portal.studenthealth.cuimc.columbia.edu
cice-dev.paas.cc.columbia.edu
www.ffworkshop.columbia.edu
shoreline.ncdp.columbia.edu
hudson.jrn.columbia.edu
enhants.ee.columbia.edu
p-ctx-dc-02.mc.cumc.columbia.edu
admissions.nursing.columbia.edu
realrisks.dbmi.columbia.edu
*.gsas.columbia.edu
cluster2.technolutions.net
www.make.columbia.edu
lawnetportal.law.columbia.edu

Certificate

The complete raw certificate details for portal.studenthealth.cuimc.columbia.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISBMJ6t307lSl1/K3XHZaqJb8/MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MjExNTAxMTBaFw0yMzEyMjAxNTAxMDlaMDIxMDAuBgNVBAMT
J3BvcnRhbC5zdHVkZW50aGVhbHRoLmN1aW1jLmNvbHVtYmlhLmVkdTCCAaIwDQYJ
KoZIhvcNAQEBBQADggGPADCCAYoCggGBAMnRnHSW5LFbMf4zaQGM9jF7jcbElWva
G3eztRrecefFGU0sIy5QSU8spnvWFgu+QsWweCu1yFhyKlHr9/gYTUU8r8NWprZL
lDBl5AVQHDyixjawfkU8MptRFuvfUnEXqZnGpqIeYEYqJ3plVHbWFejsZ8Uso2Ne
NjSjEFHJk+V4sVWougoFAXIoYwaJAKfCN+gJrpAt6BphwUmSNrNc370DLIFqSr1l
TMaU01PAjbys7kshldAe0NxGS+UvC5DE2yu6naB3o7h3jvACbecxqhVg3IoMt+XA
00BAQVo68dHBNm7xxS8JdGG95QlDgNE1hYbHE1FgLGo9ytu9Bwx/iMSM2+4wrGOl
xgNhe4nHd+uKl+5z/E01h2XJRSY6hRw0DzYHrd3OTsTgl4Y7aLv1Sk+G31th9YL9
vjrKyQjUkrwSh3ITKdgmjhjIvMDpSNEoC5Tfw1PRYqmpR7ckeCUdMch1jqzIgiC4
1KgAkQoyfMSZb/XIynnZGT4uKFRnK4v5QQIDAQABo4ICKTCCAiUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBRh8WqHVjYKLehvnQymWHkkiB4BfDAfBgNVHSMEGDAWgBQU
LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG
FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku
bGVuY3Iub3JnLzAyBgNVHREEKzApgidwb3J0YWwuc3R1ZGVudGhlYWx0aC5jdWlt
Yy5jb2x1bWJpYS5lZHUwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5
AgQCBIH1BIHyAPAAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAA
AYq4eUmTAAAEAwBHMEUCIQDxXt+6S7awxI1li0KVv5tBu3I/zdyuo8RuMDF/op5a
1wIgR6Y8atHFP9xU43NjkeCxTMWGSRaEsbmXEVvo8rXgOzAAdgDoPtDaPvUGNTLn
Vyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYq4eUl1AAAEAwBHMEUCIFOsvzYEvtKs
8HX/O8fY5tLZjwffb0iJ1BremfTePLaaAiEA1QbmtV0Og5NtvoFL4yUajwlDr43M
RZnB4phSpEkh4cUwDQYJKoZIhvcNAQELBQADggEBAGPB3w3CXGIJC69Izh/721j2
JDaD6wMFz3SbfCGRrnS1tk+guMTA8k4ZxPioVxShZmDymoHnAEU25RPFoFmwCmoa
P1ZNb9ULnFrbU7XzjeR2bEsq1cFZE0Bcrxc+F2nuplJeZc6OPnu6B0D57gCDErE4
yLitOl9PczGDbaNIdspsqjnpW414oZlRb3VPk5FAjkSSFBn+CdpplZ2IGFrUp2cI
2uYcu0+7elzf8M7pko1z2eZeA1TvE9Lv5uA9o3WymPGzlJW2VcupNLHmicIPolD1
RmSqN1pF1khPGKwyNXPhBI/3LlCF+DgV9l2ujx0uJRE/MP9M6hGO9qHqFPJALDM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAydGcdJbksVsx/jNpAYz2
MXuNxsSVa9obd7O1Gt5x58UZTSwjLlBJTyyme9YWC75CxbB4K7XIWHIqUev3+BhN
RTyvw1amtkuUMGXkBVAcPKLGNrB+RTwym1EW699ScRepmcamoh5gRionemVUdtYV
6OxnxSyjY142NKMQUcmT5XixVai6CgUBcihjBokAp8I36AmukC3oGmHBSZI2s1zf
vQMsgWpKvWVMxpTTU8CNvKzuSyGV0B7Q3EZL5S8LkMTbK7qdoHejuHeO8AJt5zGq
FWDcigy35cDTQEBBWjrx0cE2bvHFLwl0Yb3lCUOA0TWFhscTUWAsaj3K270HDH+I
xIzb7jCsY6XGA2F7icd364qX7nP8TTWHZclFJjqFHDQPNget3c5OxOCXhjtou/VK
T4bfW2H1gv2+OsrJCNSSvBKHchMp2CaOGMi8wOlI0SgLlN/DU9FiqalHtyR4JR0x
yHWOrMiCILjUqACRCjJ8xJlv9cjKedkZPi4oVGcri/lBAgMBAAE=
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 414627041455535745542740925436282578255679
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-21 15:01:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 15:01:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'portal.studenthealth.cuimc.columbia.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 4580029973065332948313135354106263698357570285982914282482528738655188113103651647069908708901417342979855979478640095873010830565458150444080968544165071488160064466654899796387109108895950404684668800115131998802847759848453057153386226537318062032823151505095355878246299352767890828931637856520701155939780759504353904445596152032016848947242887840256419178176210087299013316905944477908385938170892577102031212521239882959768260517164849398252182876022481750904762722382907511780328168274309681194675093402457911199729068111844991546732139550278532597809924013184586514310548761931521395004990251474712325240070051051443138139468514188227471888246636290083439131520472183584933812384506234569729819862212613926905591180117387423828404483692790991892755941989042398264222785843054799105921020320878367442304869943535055247253245172644129842071364557432174128510560315555665589426024236119192446870352586563032779963758913
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							61f16a8756360a2de86f9d0ca6587924881e017c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.studenthealth.cuimc.columbia.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ab87949930000040300473045022100f15edfba4bb6b0c48d658b4295bf9b41bb723fcddcaea3c46e30317fa29e5ad7022047a63c6ad1c53fdc54e3736391e0b14cc586491684b1b997115be8f2b5e03b30007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018ab87949750000040300473045022053acbf3604bed2acf075ff3bc7d8e6d2d98f07df6f4889d41ade99f4de3cb69a022100d506e6b55d0e83936dbe814be3251a8f0943af8dcc4599c1e29852a44921e1c5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0063c1df0dc25c62090baf48ce1ffbdb58f6243683eb0305cf749b7c2191ae74b5b64fa0b8c4c0f24e19c4f8a85714a16660f29a81e7004536e513c5a059b00a6a1a3f564d6fd50b9c5adb53b5f38de4766c4b2ad5c15913405caf173e1769eea6525e65ce8e3e7bba0740f9ee008312b138c8b8ad3a5f4f7331836da34876ca6caa39e95b8d78a199516f754f9391408e44921419fe09da69959d88185ad4a76708dae61cbb4fbb7a5cdff0cee9928d73d9e65e0354ef13d2efe6e03da375b298f1b39495b655cba934b1e689c20fa250f54664aa375a45d6484f18ac323573e1048ff72e5085f83815f65dae8f1d2e25113f30ff4cea118ef6a1ea14f2402c33