tickets.kinepolis.be

Issued by R3

About this certificate

This digital certificate with serial number 03:62:7b:53:00:21:ed:42:bb:2f:35:a0:d0:a2:2f:43:58:98 was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=tickets.kinepolis.be

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:62:7b:53:00:21:ed:42:bb:2f:35:a0:d0:a2:2f:43:58:98
Serial Number (int): 294848455760341470385698616408884616845464
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 18:9a:0b:69:71:13:06:89:6c:3d:38:70:70:50:ad:24:58:b4:ba:2f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 00:5a:65:87:cb:4f:a2:43:c6:1b:8d:39:c8:1d:44:6d:18:a3:f2:81
Fingerprint (sha256): 01:e4:0c:3b:0a:78:72:0d:49:b6:40:a8:a0:d4:63:d8:b1:49:58:3b:05:c7:6f:1c:f9:71:2d:3c:0b:4c:b9:84

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate tickets.kinepolis.be

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for tickets.kinepolis.be

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

akamai-test.kinepolis.com
test-tickets.kinepolis.be
tickets.kinepolis.be
tickets.kinepolis.ch
tickets.kinepolis.es
tickets.kinepolis.fr
tickets.kinepolis.lu
tickets.kinepolis.nl

Other certificates including the domain name kinepolis.be

(limited to 100 certificates)
kinepolis.lu
kinepolis.lu
hrfr.kinepolis.be
business.kinepolis.be
shop.kinepolis.be
tickets.kinepolis.be
kinepolis.be
kinepolis.lu
kinepolis.lu
secure0010.hubspot.com
shop-dev.kinepolis.be
corporate.kinepolis.be
www.kinepolis.be
tickets.kinepolis.be
shop-dev.kinepolis.be
business.kinepolis.be
kinepolis.lu
kinepolis.lu
shop-dev.kinepolis.fr
shop.kinepolis.be
kfd.kinepolis.be
kinepolis.lu
tickets.kinepolis.be
shop.kinepolis.be
kinepolis.megatix.be
shop.kinepolis.be
kinepolis.megatix.be
shop.kinepolis.be
tickets.kinepolis.be
secure0010.hubspot.com
shop-dev.kinepolis.be
hrfr.kinepolis.be
kinepolis.be
corporate.kinepolis.be
*.kinepolis.be
shop.kinepolis.be
hrfr.kinepolis.be
shop-dev.kinepolis.fr
corporate.kinepolis.be
kinepolis.lu
hrfr.kinepolis.be
corporate.kinepolis.be
www.business.kinepolis.be
shop.kinepolis.be
stage-kinepolis.megatix.be
kinepolis.lu
secure0010.hubspot.com
secure0010.hubspot.com
kinepolis.lu
corporate.kinepolis.be
corporate.kinepolis.be
*.kinepolis.be
corporate.kinepolis.be
shop.kinepolis.be
www.business.kinepolis.be
secure0010.hubspot.com
shop-dev.kinepolis.fr
shop-dev.kinepolis.fr
shop.kinepolis.be
kinepolis.be
kinepolis.be
secure0010.hubspot.com
secure0010.hubspot.com
secure0010.hubspot.com
corporate.kinepolis.be
shop.kinepolis.be
shop-dev.kinepolis.be
business.kinepolis.be
business.kinepolis.be
kinepolis.lu
business.kinepolis.be
secure0010.hubspot.com
kinepolis.megatix.be
corporate.kinepolis.be
www.business.kinepolis.be
business.kinepolis.be
*.kinepolis.be
kinepolis.megatix.be
greatescape-leuven.be
kinepolis.be
secure0010.hubspot.com
hrfr.kinepolis.be
secure0010.hubspot.com
tickets.kinepolis.be
corporate.kinepolis.be
business.kinepolis.be
kinepolis.megatix.be
shop.kinepolis.be
corporate.kinepolis.be
hrfr.kinepolis.be
tickets.kinepolis.be
kinepolis.lu
business.kinepolis.be
secure0010.hubspot.com
hrfr.kinepolis.be
hrfr.kinepolis.be
kinepolis.be
shop-dev.kinepolis.be
shop-dev.kinepolis.be
secure0010.hubspot.com

Certificate

The complete raw certificate details for tickets.kinepolis.be in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISA2J7UwAh7UK7LzWg0KIvQ1iYMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjA5MjAwNzUwNTZaFw0yMjEyMTkwNzUwNTVaMB8xHTAbBgNVBAMT
FHRpY2tldHMua2luZXBvbGlzLmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAodB/68+U4WOmf+5yxsG9jv7ABrFMHqpM8ozTpYZkQjX2rkCFdkyn5sSx
DDoWGX6G9mTB5lXp2YovrzbGDEU0fpo2qE/e8ELrujWoAmgeXqBAWENcb0FmHqKX
oxk5QA5ZCusf/qAy5E1S6z2nNEVjf9lsNcqPtXHFRdXnan8iwyhya3wmHc2ym8Nf
nmhHz9V+dd29moNuWYUtEa27AsV+xndhtRBhx+xbsmPFxEDX/hE3NAWuH6eM4JmN
DJYfWVw0pDh/exMrE9jBjXBnCJlaJaSFu3xbGXoXQ7pufElWgDoLMp+mjKfLDcKM
gKxojlbJIWLhumIsdlpttjCsVpp4IQIDAQABo4IC9jCCAvIwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBQYmgtpcRMGiWw9OHBwUK0kWLS6LzAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzCBxQYDVR0RBIG9MIG6ghlha2FtYWktdGVzdC5raW5lcG9saXMuY29t
ghl0ZXN0LXRpY2tldHMua2luZXBvbGlzLmJlghR0aWNrZXRzLmtpbmVwb2xpcy5i
ZYIUdGlja2V0cy5raW5lcG9saXMuY2iCFHRpY2tldHMua2luZXBvbGlzLmVzghR0
aWNrZXRzLmtpbmVwb2xpcy5mcoIUdGlja2V0cy5raW5lcG9saXMubHWCFHRpY2tl
dHMua2luZXBvbGlzLm5sMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T
AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB
BAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA36Veq2iCTx9sre64X04+WurNohKkal6O
OxLAIERcKnMAAAGDWhfZ7QAABAMARzBFAiAe5SL/ZOG+puZFWKBRBLrVxFogJ6FX
B+ok9AGxD+vfMwIhAIdHynwQz+JaXfW9DwRa3t8RhbI3O7iBsHe2baFNw+0IAHYA
RqVV63X6kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAGDWhfaFwAABAMARzBF
AiEAm79jJkYRS3EsdpiQZXGeoAJm4+9u9hxXiUhZp7CaAwYCIDJapVF3ioB3pD+J
dsQPWNaA2j7JIensuqO9ByZKjCmNMA0GCSqGSIb3DQEBCwUAA4IBAQAgBv5+V5H/
ulr6Lgo17SPnf4DKb9QxRiszdlwKItTwoSG8+i5RxRysmA89x+RYySV4qVKBzETl
uvf7hR953S94x9HQjO13skhFz+W2mHZAXbJg8PmK76Tw1EIznVWE2WHwnMhAaEqS
AgCEFmGKFWHsLk6N9vfLnY/i2oTu/bHAUDEJntEet5dxVcuH3Dm+evEkwn8URh4v
Qz1RGUMWNZ/yOx9CHgEVYcBKNM0PNh1av1MUDskXi7kMXdfSJ2LUZSNjodMuqmRt
l1rEnFkfuwAcMgiH9jeek6G0ltdsoNYiFbi4rx6AFc6JvyskRpnjE8ehH8MZfCuf
LhwXczjEjy73
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodB/68+U4WOmf+5yxsG9
jv7ABrFMHqpM8ozTpYZkQjX2rkCFdkyn5sSxDDoWGX6G9mTB5lXp2YovrzbGDEU0
fpo2qE/e8ELrujWoAmgeXqBAWENcb0FmHqKXoxk5QA5ZCusf/qAy5E1S6z2nNEVj
f9lsNcqPtXHFRdXnan8iwyhya3wmHc2ym8NfnmhHz9V+dd29moNuWYUtEa27AsV+
xndhtRBhx+xbsmPFxEDX/hE3NAWuH6eM4JmNDJYfWVw0pDh/exMrE9jBjXBnCJla
JaSFu3xbGXoXQ7pufElWgDoLMp+mjKfLDcKMgKxojlbJIWLhumIsdlpttjCsVpp4
IQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 294848455760341470385698616408884616845464
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-20 07:50:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-19 07:50:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tickets.kinepolis.be'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20427182129598839432708612575741157674781485139540603401701236291164229121828123021556450294265010565665805447136574140951260212321746697125539766837139544197956767872248447979359522068478615600841899586649079260966856403422026438070325818289648616979894710116459275538965828893319053104328456517856408157214850595407925541089824296919458807782632648213786152240666273700697682927959403326517626044739681299249094611127341217655911660711767751054567838625251788881787248065484977504739839409820756863960874204293433776522591749363767875712708722491120410412668032121120462247729312766227850358061116326044720917280801
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							189a0b69711306896c3d38707050ad2458b4ba2f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (189 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'akamai-test.kinepolis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-tickets.kinepolis.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.kinepolis.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.kinepolis.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.kinepolis.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.kinepolis.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.kinepolis.lu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.kinepolis.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dfa55eab68824f1f6cadeeb85f4e3e5aeacda212a46a5e8e3b12c020445c2a73000001835a17d9ed000004030047304502201ee522ff64e1bea6e64558a05104bad5c45a2027a15707ea24f401b10febdf330221008747ca7c10cfe25a5df5bd0f045adedf1185b2373bb881b077b66da14dc3ed0800760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d47000001835a17da1700000403004730450221009bbf632646114b712c76989065719ea00266e3ef6ef61c57894859a7b09a03060220325aa551778a8077a43f8976c40f58d680da3ec921e9ecbaa3bd07264a8c298d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002006fe7e5791ffba5afa2e0a35ed23e77f80ca6fd431462b33765c0a22d4f0a121bcfa2e51c51cac980f3dc7e458c92578a95281cc44e5baf7fb851f79dd2f78c7d1d08ced77b24845cfe5b69876405db260f0f98aefa4f0d442339d5584d961f09cc840684a9202008416618a1561ec2e4e8df6f7cb9d8fe2da84eefdb1c05031099ed11eb7977155cb87dc39be7af124c27f14461e2f433d51194316359ff23b1f421e011561c04a34cd0f361d5abf53140ec9178bb90c5dd7d22762d4652363a1d32eaa646d975ac49c591fbb001c320887f6379e93a1b496d76ca0d62215b8b8af1e8015ce89bf2b244699e313c7a11fc3197c2b9f2e1c177338c48f2ef7