www.yalsa.ala.org
Issued by R3
About this certificate
This digital certificate with serial number 04:a3:6e:df:8c:63:59:11:b9:ea:6c:a1:72:05:f8:e9:5b:ef was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.yalsa.ala.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:a3:6e:df:8c:63:59:11:b9:ea:6c:a1:72:05:f8:e9:5b:efSerial Number (int): 404062545344298248339327467140139350318063
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0d:d9:e7:bc:3b:71:a4:77:ca:25:3b:84:5c:30:19:85:24:67:0f:bd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 6b:1e:80:d5:6d:46:52:8c:b2:f7:d8:97:b2:d4:7b:44:63:13:5b:43
Fingerprint (sha256): 02:01:b9:89:fd:b9:6e:2a:e6:d1:97:b1:70:b3:98:3c:5a:ef:15:c0:48:1c:d3:83:35:0f:b9:94:d6:12:97:3b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.yalsa.ala.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.yalsa.ala.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.yalsa.ala.org
yalsa.ala.org
yalsa.ala.org
Other certificates including the domain name ala.org
(limited to 100 certificates)
ourvoiceschicago.ala.org
itts.ala.org
discuss.ala.org
ecourses.ala.org
www.yalsa.ala.org
olos.ala.org
literacy.ala.org
oif.ala.org
publications.techsource.ala.org
wikis.ala.org
connect.ala.org
faq.suflex.com.br
www.ala.org
libcal.ala.org
games.ala.org
journals.ala.org
youthprivacy.ala.org
unitmanagers.ala.org
wikis.ala.org
olos.ala.org
alsc.ala.org
owa.ala.org
rmrtblog.ala.org
irrt.ala.org
support.taddoo.com
alcts.ala.org
rmrtblog.ala.org
alsc.ala.org
aasl.ala.org
acrl.ala.org
rmrtblog.ala.org
www.alastore.ala.org
faq.ala.org
alcts.ala.org
oif.ala.org
literacy.ala.org
apply.ala.org
edispeakers.ala.org
journals.ala.org
alsc.ala.org
cs.ala.org
libcal.ala.org
llama.ala.org
libcal.ala.org
discuss.ala.org
literacy.ala.org
ecourses.ala.org
acrl.ala.org
libcal.ala.org
acrl.ala.org
edispeakers.ala.org
faq.ala.org
literacy.ala.org
connect.ala.org
faifebookclub.ala.org
connect.ala.org
faq.ala.org
betaconnect.ala.org
connect.ala.org
idp.ala.org
elearning.ala.org
exhibitors-ala.heiexpo.com
betaconnect.ala.org
olos.ala.org
owa.ala.org
citrix.ala.org
www.ala.org
oif.ala.org
joblist.ala.org
filr.ala.org
journals.ala.org
alastore.ala.org
collectionconnection.alcts.ala.org
alcts.ala.org
discuss.ala.org
connect.ala.org
nmrt.ala.org
discuss.ala.org
cs.ala.org
www.alastore.ala.org
olos.ala.org
irrt.ala.org
itts.ala.org
collectionconnection.alcts.ala.org
aasl.ala.org
files.ala.org
rmrtblog.ala.org
journals.ala.org
www.yalsa.ala.org
discuss.ala.org
alastore.ala.org
elearning.ala.org
joblist.ala.org
journals.ala.org
connect.ala.org
exhibitors-ala.heiexpo.com
libcal.ala.org
oa.ala.org
oif.ala.org
edispeakers.ala.org
itts.ala.org
discuss.ala.org
ecourses.ala.org
www.yalsa.ala.org
olos.ala.org
literacy.ala.org
oif.ala.org
publications.techsource.ala.org
wikis.ala.org
connect.ala.org
faq.suflex.com.br
www.ala.org
libcal.ala.org
games.ala.org
journals.ala.org
youthprivacy.ala.org
unitmanagers.ala.org
wikis.ala.org
olos.ala.org
alsc.ala.org
owa.ala.org
rmrtblog.ala.org
irrt.ala.org
support.taddoo.com
alcts.ala.org
rmrtblog.ala.org
alsc.ala.org
aasl.ala.org
acrl.ala.org
rmrtblog.ala.org
www.alastore.ala.org
faq.ala.org
alcts.ala.org
oif.ala.org
literacy.ala.org
apply.ala.org
edispeakers.ala.org
journals.ala.org
alsc.ala.org
cs.ala.org
libcal.ala.org
llama.ala.org
libcal.ala.org
discuss.ala.org
literacy.ala.org
ecourses.ala.org
acrl.ala.org
libcal.ala.org
acrl.ala.org
edispeakers.ala.org
faq.ala.org
literacy.ala.org
connect.ala.org
faifebookclub.ala.org
connect.ala.org
faq.ala.org
betaconnect.ala.org
connect.ala.org
idp.ala.org
elearning.ala.org
exhibitors-ala.heiexpo.com
betaconnect.ala.org
olos.ala.org
owa.ala.org
citrix.ala.org
www.ala.org
oif.ala.org
joblist.ala.org
filr.ala.org
journals.ala.org
alastore.ala.org
collectionconnection.alcts.ala.org
alcts.ala.org
discuss.ala.org
connect.ala.org
nmrt.ala.org
discuss.ala.org
cs.ala.org
www.alastore.ala.org
olos.ala.org
irrt.ala.org
itts.ala.org
collectionconnection.alcts.ala.org
aasl.ala.org
files.ala.org
rmrtblog.ala.org
journals.ala.org
www.yalsa.ala.org
discuss.ala.org
alastore.ala.org
elearning.ala.org
joblist.ala.org
journals.ala.org
connect.ala.org
exhibitors-ala.heiexpo.com
libcal.ala.org
oa.ala.org
oif.ala.org
edispeakers.ala.org
Certificate
The complete raw certificate details for www.yalsa.ala.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISBKNu34xjWRG56myhcgX46VvvMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDYwMjM1NDJaFw0yNDA4MDQwMjM1NDFaMBwxGjAYBgNVBAMT EXd3dy55YWxzYS5hbGEub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtcZQ2xxLiYEeI6SWCVlyvVDHPQwY1jE5f8+loABnMZ0FvokAy+35jjKcdJq0 IsSC3S7izlp3jv9RNAyqaYuaODtD0nv/RkQVzoD4kuwZAYACMOknDGebKIXPZ0tX /2a5hctxNS/9lyceQVUBk11pHrmygLjnygWJEExFOkH0szIRzwRrlMnQKRjbYCt1 BfcI/4dwHZS4WGrY5Lt6Yv9ibFGfLRLpKrXopiG4QOByPWgx6bNA/nHHJPTz4CfX GpQKDy2C1ilw9LpPX30HPco2+rn3hN8D2ADMGWlxosgzLYezWGoVdl5wVhyWTCzD fVAPiADOWkSS0F/1b0HuNIJkcQIDAQABo4ICITCCAh0wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBQN2ee8O3Gkd8olO4RcMBmFJGcPvTAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzArBgNVHREEJDAighF3d3cueWFsc2EuYWxhLm9yZ4INeWFsc2EuYWxhLm9y ZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1 AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABj0v4t8MAAAQDAEYw RAIgc53Oq2xMRZDwiQT/tuvIRD6JIfPL1dRlC9D3CoST3QgCIHa8iGkQmrFF5xd7 AhLgfUjmSwV/nOoDzKOCUm2SzJB1AHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGPS/i3sAAABAMARzBFAiBMfcap6s/4/Zv8alrg25USZK70L/45 k6Uzgoxv5KFCSgIhAL71TX6Nr9H0rmWCcZtdNiV1Xmt90LqnzJbJMDstVNttMA0G CSqGSIb3DQEBCwUAA4IBAQCbYCTgKKy+mOnwHZXNfyqy/+iJl36luFPUgQlLS4KP MmQi/yAEdpKmbxXLnCHkOa/lckCqzz/KQpKQ6fKU70EQsyBORAGJ6EK/8vl8V13l k00SkwFu/9gx3oaGhh6KwMsw/0n9KNkPrwCnmsM2IW5dMc3WteXkr8ktc7LsmIZZ QbEaxMdtZ+GjN8K02lJp/QbEi7eB3VlotE/j5xr/f72YqmYLzO+xd0uiwAQUL//N bPMY6yGzd9e+XLBSRA0KPBo81ITwOoCfNv3vO1BGib8tjLu8eVW5YKgCzFsrFStX GS+tWnaz80+pu1PYO/nLuvyf0lRe3ZFnu/0iGlyBhQqP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcZQ2xxLiYEeI6SWCVly vVDHPQwY1jE5f8+loABnMZ0FvokAy+35jjKcdJq0IsSC3S7izlp3jv9RNAyqaYua ODtD0nv/RkQVzoD4kuwZAYACMOknDGebKIXPZ0tX/2a5hctxNS/9lyceQVUBk11p HrmygLjnygWJEExFOkH0szIRzwRrlMnQKRjbYCt1BfcI/4dwHZS4WGrY5Lt6Yv9i bFGfLRLpKrXopiG4QOByPWgx6bNA/nHHJPTz4CfXGpQKDy2C1ilw9LpPX30HPco2 +rn3hN8D2ADMGWlxosgzLYezWGoVdl5wVhyWTCzDfVAPiADOWkSS0F/1b0HuNIJk cQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 404062545344298248339327467140139350318063 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-06 02:35:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-04 02:35:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.yalsa.ala.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22946926386020078175053376355076216812279570173205459867854406319406227862967176693834392586842255490088105533943203922316448930494434232352184463267355856901406115000678240633565933446508010365317909248766517609282851575510709595031466849207939140541774847462740019052597152180657570138200074457855131651826629201372274655196145512494624397260839628179232912094894074196208561200275191244782232573095484587595316836362706795551216865070171941159931506649724846667106056386957127711808674634137429868181674434526602954111965821174457204054227246015490429539655989947602756751334136898317041970960126962360422202762353 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0dd9e7bc3b71a477ca253b845c30198524670fbd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yalsa.ala.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yalsa.ala.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f4bf8b7c300000403004630440220739dceab6c4c4590f08904ffb6ebc8443e8921f3cbd5d4650bd0f70a8493dd08022076bc8869109ab145e7177b0212e07d48e64b057f9cea03cca382526d92cc9075007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f4bf8b7b0000004030047304502204c7dc6a9eacff8fd9bfc6a5ae0db951264aef42ffe3993a533828c6fe4a1424a022100bef54d7e8dafd1f4ae6582719b5d3625755e6b7dd0baa7cc96c9303b2d54db6d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009b6024e028acbe98e9f01d95cd7f2ab2ffe889977ea5b853d481094b4b828f326422ff20047692a66f15cb9c21e439afe57240aacf3fca429290e9f294ef4110b3204e440189e842bff2f97c575de5934d1293016effd831de8686861e8ac0cb30ff49fd28d90faf00a79ac336216e5d31cdd6b5e5e4afc92d73b2ec98865941b11ac4c76d67e1a337c2b4da5269fd06c48bb781dd5968b44fe3e71aff7fbd98aa660bccefb1774ba2c004142fffcd6cf318eb21b377d7be5cb052440d0a3c1a3cd484f03a809f36fdef3b504689bf2d8cbbbc7955b960a802cc5b2b152b57192fad5a76b3f34fa9bb53d83bf9cbbafc9fd2545edd9167bbfd221a5c81850a8f