roomag.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:98:a8:c8:ed:35:9c:c6:17:65:90:ca:ee:e3:86:8c:ae:e1 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=roomag.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:98:a8:c8:ed:35:9c:c6:17:65:90:ca:ee:e3:86:8c:ae:e1Serial Number (int): 313284131141105647036512482089467982425825
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e7:0d:9e:c2:92:d5:34:1f:29:60:9f:60:a5:7d:04:9f:07:1f:0e:93
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): bc:c2:8b:ed:dc:e9:59:8b:68:9c:44:a0:85:ed:c3:11:8b:bb:ea:56
Fingerprint (sha256): 01:fe:f4:c5:af:6d:63:d8:ca:74:23:ac:02:da:23:1c:d3:e4:6f:62:90:3f:a6:e8:fb:c8:03:e1:24:3b:8b:f5
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate roomag.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for roomag.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
roomag.org
www.roomag.org
www.roomag.org
Other certificates including the domain name roomag.org
(limited to 100 certificates)
roomag.org
roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
roomag.org
angad.roomag.org
roomag.org
roomag.org
roomag.org
roomag.org
nanak.roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
roomag.org
roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
nanak.roomag.org
nanak.roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
roomag.org
angad.roomag.org
roomag.org
roomag.org
roomag.org
roomag.org
nanak.roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
roomag.org
roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
ramdas.roomag.org
ramdas.roomag.org
nanak.roomag.org
nanak.roomag.org
ramdas.roomag.org
ramdas.roomag.org
ramdas.roomag.org
roomag.org
Certificate
The complete raw certificate details for roomag.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWzCCBUOgAwIBAgISA5ioyO01nMYXZZDK7uOGjK7hMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MDkxNDQ4MjFaFw0x OTExMDcxNDQ4MjFaMBUxEzARBgNVBAMTCnJvb21hZy5vcmcwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQDoB1pPiqqluLSGEDUhGRzUSv7mCigaE2lfG4Kv c9GGYVU1nXYD2DvaOYo2hOvQvmveO65xKSJFf7RmDe5D9eRKN3DkBjiMvtNKMid6 z/K7+IDeKt4/rLEYf1zPut/uZSEz1AGpkZp1Do04dKWXFt7lJSOCJAPM03r31QtG Wy3BLTIdfD1diYek/1zi/TCuZWEc768jXPeC94qlL4p5FEqE4vVHHdzVyVM7+WED clY7hBcxNgRVKfDwQFNFMQ2CqSucRHN1qZq3y3bAVdBdIbcr/Z1FZUu/Qife0Lbu zNUMYRvcR87NDsGY9eZl4WhkFQ7TozfHh7dt9LeWG4GYbTjXUOQbQrO4BzZ5IMuC w0PJR1IWNCAMRJAvB/aTU7ipABZ5c7/+LqTJ/RAV9/a5Ad9gXOvRonlnDIFQidl8 Tim5yYEcThvaYRPDtOjIG/0TUs28lZeQr5Tuoc2fX21Dt8CugWMP+Ycl0ubAetkK C8UcHAVJd8ZxSHCx01hZGppCXYOIV0Ic3/zccEWcnNKVsqvZ/t7cRx6GVUJRdssv 2RUAKVH5VMNy8RVKaAgyRNo0ud1+2eHrM1Vl96vj3DG2cy7xDYH6U33EjleKGaR6 CkGDg2siO3hdHumshsiuz+fLe26Y+Jera6A7SpNxoES4TSJzdwKw94+wLGFauR3A wfRVuQIDAQABo4ICbjCCAmowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTnDZ7CktU0 Hylgn2ClfQSfBx8OkzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMCUGA1UdEQQeMByCCnJvb21hZy5vcmeCDnd3dy5yb29t YWcub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHW eQIEAgSB9ASB8QDvAHUAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYA AAFsdxEKbgAABAMARjBEAiBfp7o8ewpf975Ef3JG9ihlHAUSY45m0D6dOB4NaezC PgIgJjT3szA8DPWfSRScnEUWjPALQFeGsaLQvdgmWPB9p9QAdgApPFGWVMg5Zbqq UPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWx3EQqNAAAEAwBHMEUCIQD91yqCwu8r 7ItqM7mp5q3sbPxRGUilOAGOsco9oZNuUgIgWKEJIz4XBl4hDeMxO7uT0ziLeODZ BX4uMo+y9Lm9C5QwDQYJKoZIhvcNAQELBQADggEBABSoyDlxy94Qu3GiX/0L9kOW 9jOuwUJPTekpOEUzJcGcjBrni79FGWtOyAVr5ANyMZBVSK0DPyySp9oC80Z5GJaN +/AxBYkEOlL2nxFEp9GW5c6uwIU77d0JPOSiruMRi/7Golj/iEg3fqAILr2bUCdY qHALSGqXjXpz901B9kk0qy+yVIx0w9jLPZlXV+FjxX0zQbmHMkPkkOBpqhQNZFHW 4nPoJnq73Ft7X9HEqXiG8e4GgpA69wqdig8OlNka9KdOTkeFT/QIHm8b/cc02mRt i3Ef4vjUm1EiaINRXdcnQrvozp08ZVC9Fi4YWy4GhCfZhKeS0SuiChXOXQnA/Mk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6AdaT4qqpbi0hhA1IRkc 1Er+5gooGhNpXxuCr3PRhmFVNZ12A9g72jmKNoTr0L5r3juucSkiRX+0Zg3uQ/Xk Sjdw5AY4jL7TSjInes/yu/iA3ireP6yxGH9cz7rf7mUhM9QBqZGadQ6NOHSllxbe 5SUjgiQDzNN699ULRlstwS0yHXw9XYmHpP9c4v0wrmVhHO+vI1z3gveKpS+KeRRK hOL1Rx3c1clTO/lhA3JWO4QXMTYEVSnw8EBTRTENgqkrnERzdamat8t2wFXQXSG3 K/2dRWVLv0In3tC27szVDGEb3EfOzQ7BmPXmZeFoZBUO06M3x4e3bfS3lhuBmG04 11DkG0KzuAc2eSDLgsNDyUdSFjQgDESQLwf2k1O4qQAWeXO//i6kyf0QFff2uQHf YFzr0aJ5ZwyBUInZfE4pucmBHE4b2mETw7ToyBv9E1LNvJWXkK+U7qHNn19tQ7fA roFjD/mHJdLmwHrZCgvFHBwFSXfGcUhwsdNYWRqaQl2DiFdCHN/83HBFnJzSlbKr 2f7e3EcehlVCUXbLL9kVAClR+VTDcvEVSmgIMkTaNLndftnh6zNVZfer49wxtnMu 8Q2B+lN9xI5XihmkegpBg4NrIjt4XR7prIbIrs/ny3tumPiXq2ugO0qTcaBEuE0i c3cCsPePsCxhWrkdwMH0VbkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 313284131141105647036512482089467982425825 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-09 14:48:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-07 14:48:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'roomag.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 946594598428507749381560887520633772954511006604166219198478233516644398533856531401721395816097553462600798481952211433989982557663624069016819144811355007196148617970059914166971766129788101206023785994992084527383632978132998972766782279926055470645658051001786932272564172876710706935072500523979879892026832902661670882267207052314423984810216076867103805616636353226184756293649609924533452541771390190948449324805590557305883913027812080059764479794359194730364380443776500790850311239512075833641493967246189829927456285281805479500140891434331982516254820510173976151606269098485642352301884037968246234568255532044060760776320320965732993930390683279794450339090498750650113416724338977988327325679185300363822056599608161739855399654987957203955171327513895284995563440499918515792291694253025935549370807631763417235535405185089401140883973602112698902413781904006800782773712444935304561993397207238296195533030921346329911842267122441511754477965250308839038335570645655390773981419382465516114563667830006748441724839182241556026728167930751653447091748964388318274580919529805644994070565025214721205647440730386628313774419657180877962189860964383759079706011258899155425334476507498570316407200289022862879817487801 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e70d9ec292d5341f29609f60a57d049f071f0e93 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roomag.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.roomag.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c77110a6e000004030046304402205fa7ba3c7b0a5ff7be447f7246f628651c0512638e66d03e9d381e0d69ecc23e02202634f7b3303c0cf59f49149c9c45168cf00b405786b1a2d0bdd82658f07da7d4007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c77110a8d0000040300473045022100fdd72a82c2ef2bec8b6a33b9a9e6adec6cfc511948a538018eb1ca3da1936e52022058a109233e17065e210de3313bbb93d3388b78e0d9057e2e328fb2f4b9bd0b94 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0014a8c83971cbde10bb71a25ffd0bf64396f633aec1424f4de92938453325c19c8c1ae78bbf45196b4ec8056be4037231905548ad033f2c92a7da02f3467918968dfbf0310589043a52f69f1144a7d196e5ceaec0853beddd093ce4a2aee3118bfec6a258ff8848377ea0082ebd9b502758a8700b486a978d7a73f74d41f64934ab2fb2548c74c3d8cb3d995757e163c57d3341b9873243e490e069aa140d6451d6e273e8267abbdc5b7b5fd1c4a97886f1ee0682903af70a9d8a0f0e94d91af4a74e4e47854ff4081e6f1bfdc734da646d8b711fe2f8d49b51226883515dd72742bbe8ce9d3c6550bd162e185b2e068427d984a792d12ba20a15ce5d09c0fcc9