aployalty.lenovo.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0c:f2:3a:b5:90:65:23:4e:b7:fa:76:ed:cf:63:c2:43 was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=aployalty.lenovo.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:f2:3a:b5:90:65:23:4e:b7:fa:76:ed:cf:63:c2:43
Serial Number (int): 17208462553926955296664503053883523651
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 38:8e:8e:b4:05:00:be:21:0b:25:85:b8:ff:a0:07:cf:cf:eb:b5:f7
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 25:8e:30:b7:f4:be:d6:f9:32:25:f2:b6:56:28:9a:d8:56:a3:77:90
Fingerprint (sha256): 02:97:4f:15:c7:fd:94:29:4a:20:22:25:ef:ad:4f:6e:72:e9:a7:22:4a:66:2c:d1:c1:08:8c:6b:44:46:c5:9a

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate aployalty.lenovo.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aployalty.lenovo.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aployalty.lenovo.com
emeasmbloyalty.lenovo.com
emealoyalty.lenovo.com
apsmbloyalty.lenovo.com

Other certificates including the domain name lenovo.com

(limited to 100 certificates)
777bpce76.saagie.com
marketplace-templates-vpoc.cp.lenovo.com
777bpce76.saagie.com
*.lenovo.com
displaycdn.lenovo.com
www.maestro.io
activate.connect.lenovo.com
outlet.de.lenovo.com
api-test.tsc.lenovo.com
osd.lenovo.com
cxs.lenovo.com
www.thinkbook.com
geo.uds-qa.lenovo.com
loyalty.lenovo.com
mail.lenovo.com
subaru3-dev.lenovo.com
webform.wd.lenovo.com
*.lenovo.com
io.gdi.lenovo.com
esourcingtest.lenovo.com
*.csw.lenovo.com
testforums.lenovo.com
secure01.lithium.com
lcfc01.blt.lenovo.com
rolandberger.relmeetingapp.lenovo.com
receiver.b2b.lenovo.com
esbclient-cn-t.lenovo.com
mqtt-mtls-load.naea1.uds-qa.lenovo.com
scoe.lenovo.com
secure01.lithium.com
smartalbumcloud.lenovo.com
aployalty.lenovo.com
brazil-mds.lenovo.com
*.csw-stage.lenovo.com
smartedu.lenovo.com
amer-es.tw22.lenovo.com
*.bycube.lenovo.com
sni.cloudflaressl.com
www.maestro.io
*.lenovo.com
cowork.us.owa.lenovo.com
www.maestro.io
*.lenovo.com
oauth.csw.lenovo.com
spokenenglish.smartedu.lenovo.com
aefepl01.lenovo.com
homeedgeserver.lenovo.com
www.maestro.io
*.lenovo.com
stscn.lenovo.com
www.thinkbook.com
qa-sit.hub.lenovo.com
apservicesales.lenovo.com
*.lenovo.com
secure01.lithium.com
*.lenovo.com
log-smart.lenovo.com
*.adminhosting.shea1.lenovo.com
nonprod-idp-xclarityone.lenovo.com
fpvpn.hk.lenovo.com
test.wx.lenovo.com
linux.lenovo.com
brandworld.lenovo.com
*.lenovo.com
lscs-qa.dev.cloud.lenovo.com
suwen.lenovo.com
www.thinkbook.com
dalestatus.mambu.com
www.maestro.io
wireless.lenovo.com
sts.us.lenovo.com
sni.cloudflaressl.com
pages.lenovo.com
status.apoteket.dk
mqtt-mtls.naea1.uds-sit.lenovo.com
sni.cloudflaressl.com
*.resources.lenovo.com
less.naea1.uds.lenovo.com
uds.lenovo.com
analytics.status.atlassian.com
cc20.status.jasper.com
mitest.lenovo.com
test.le-credit.lenovo.com
mcstaging.store.lenovo.com
techworld21.lenovo.com
stscn.lenovo.com
ldiplusstatus.uds.lenovo.com
emea-it.tw22.lenovo.com
*.dev.cloud.lenovo.com
b2b.lenovo.com
mave.dds.lenovo.com
geo.cnno1.uds-sit.lenovo.com
embed-answers.cority.com.pagescdn.com
webvpncnpek01.lenovo.com
tracking.lenovo.com
*.lenovo.com
*.brain.lenovo.com
mfa-test-login.icelab.lenovo.com
cap.lenovo.com
xclarityone.lenovo.com

Certificate

The complete raw certificate details for aployalty.lenovo.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIQDPI6tZBlI063+nbtz2PCQzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDIxMzAwMDAwMFoXDTIzMDcxNDIzNTk1OVowHzEd
MBsGA1UEAxMUYXBsb3lhbHR5Lmxlbm92by5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrs0Gd1XcqcVSGt5N+zFJXjoIewxVQC8j99pHpR4snUupZ
vzJUmxGzE+UQ69r4uVpgXv06xttfcpapvoCa1xFz4g2kQPqXRG2XU94ZEDihKOff
ZFarTwgBWECE3SPz7TUkW27HwFdVlvTBcZDkI/vMxadlsXhtQsaybDW7s06BbQHz
+E83SVwz21sEFsdbu31W00KzDTXTG7/34Bf2pQBmxJWQTODz5pKYNNHA3VR7qBfO
uvWuDBjaeMEWKKbnvoPiLKm4iROncmeoYfDPOZ0EdwGgYRDMUwv4kJBqnJjOL+v7
Bvjt3Ql4h0TEJg7dSAKMXK72m3RVxGV/Ky7sWTFXAgMBAAGjggM5MIIDNTAfBgNV
HSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUOI6OtAUAviEL
JYW4/6AHz8/rtfcwawYDVR0RBGQwYoIUYXBsb3lhbHR5Lmxlbm92by5jb22CGWVt
ZWFzbWJsb3lhbHR5Lmxlbm92by5jb22CFmVtZWFsb3lhbHR5Lmxlbm92by5jb22C
F2Fwc21ibG95YWx0eS5sZW5vdm8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov
L2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29j
c3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0
LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADCC
AX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA6D7Q2j71BjUy51covIlryQPTy9ER
a+zraeF3fW0GvW4AAAGGTQxD1QAABAMARzBFAiEAx9xNdZMcaJkBBDMNMy6PmpsK
3RThxB02ICHaKk50JYYCIEK9qsytVJJeVa7dxXFEBTi9ypoIdGZyltlS90jnCFC3
AHUAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAGGTQxEEgAABAMA
RjBEAiADr24DzZfrQYoaTTg0dUl1iLpQ2U+63mbvoracg5b8DQIgEZ08fq10zwpa
rDI46+HLRgXBJl+L0nDY6acUI4cS48IAdwC3Pvsk35xNunXyOcW6WPRsXfxCz3qf
NcSeHQmBJe20mQAAAYZNDEPjAAAEAwBIMEYCIQCIpDaySynbuGpNmrVG14PCL5HO
FUOZv1XOw15klF6mgwIhAPDcRfjJhBGFWmV4v+eDZ2g9wEgGcTqjcUupKkNjNMn5
MA0GCSqGSIb3DQEBCwUAA4IBAQBQIGttdTuFYoCvzmDp5ZQ29nVg4flFwVH37H4p
BmHZ7Zc8U4TPcfEEUqnRw4E8OowY/4ahtYXMKKfglvdMSB+rCAvnTpMbr0GxxoWm
VB978g7uf0HDaC+0UxRC/CesxynTy0xXNFPWPh+1QaMDAOQpbPfMw6ymzCKgmorv
IikzGMjdQwEBG/8vLbNjecltI5aSRnqM6B4Nl+CbvGstvrXdq2XwD2TzWq3NM7/5
JByqbm42B2yu0gtwtauGBHDI8B/jnLNyi9v8wzPuoRRKOm8LXXbLg5jT0t6YBEH/
RqiFi583eBx6JFgVegrKc+2XN/aYsJTIcZOCF0fb1xb6t9u2
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7NBndV3KnFUhreTfsxS
V46CHsMVUAvI/faR6UeLJ1LqWb8yVJsRsxPlEOva+LlaYF79OsbbX3KWqb6AmtcR
c+INpED6l0Rtl1PeGRA4oSjn32RWq08IAVhAhN0j8+01JFtux8BXVZb0wXGQ5CP7
zMWnZbF4bULGsmw1u7NOgW0B8/hPN0lcM9tbBBbHW7t9VtNCsw010xu/9+AX9qUA
ZsSVkEzg8+aSmDTRwN1Ue6gXzrr1rgwY2njBFiim576D4iypuIkTp3JnqGHwzzmd
BHcBoGEQzFML+JCQapyYzi/r+wb47d0JeIdExCYO3UgCjFyu9pt0VcRlfysu7Fkx
VwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17208462553926955296664503053883523651
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aployalty.lenovo.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21675144732438204011223866708322260602823455588073654268888694382846834167474955690655913227276100933225795527724220310032174007177798337505962871572254772926903923342640726070846855766770255429148355073151181740402370436136190526011720089382671904119753766170954435241631614802483216474350626330198602549994530906026386066024084965358134431256508270782730892063021202846023666654083758108988970149682330482385074385922512957469575830185962591777197780170168904737652490772186345428866394041058982141034305079832761200609324298619498726454022508271758109741396292255014835159213670931332538486257615824687919401611607
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							388e8eb40500be210b2585b8ffa007cfcfebb5f7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aployalty.lenovo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'emeasmbloyalty.lenovo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'emealoyalty.lenovo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apsmbloyalty.lenovo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001864d0c43d50000040300473045022100c7dc4d75931c68990104330d332e8f9a9b0add14e1c41d362021da2a4e742586022042bdaaccad54925e55aeddc571440538bdca9a0874667296d952f748e70850b7007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001864d0c44120000040300463044022003af6e03cd97eb418a1a4d383475497588ba50d94fbade66efa2b69c8396fc0d0220119d3c7ead74cf0a5aac3238ebe1cb4605c1265f8bd270d8e9a714238712e3c2007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001864d0c43e3000004030048304602210088a436b24b29dbb86a4d9ab546d783c22f91ce154399bf55cec35e64945ea683022100f0dc45f8c98411855a6578bfe78367683dc04806713aa3714ba92a436334c9f9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0050206b6d753b856280afce60e9e59436f67560e1f945c151f7ec7e290661d9ed973c5384cf71f10452a9d1c3813c3a8c18ff86a1b585cc28a7e096f74c481fab080be74e931baf41b1c685a6541f7bf20eee7f41c3682fb4531442fc27acc729d3cb4c573453d63e1fb541a30300e4296cf7ccc3aca6cc22a09a8aef22293318c8dd4301011bff2f2db36379c96d239692467a8ce81e0d97e09bbc6b2dbeb5ddab65f00f64f35aadcd33bff9241caa6e6e36076caed20b70b5ab860470c8f01fe39cb3728bdbfcc333eea1144a3a6f0b5d76cb8398d3d2de980441ff46a8858b9f37781c7a2458157a0aca73ed9737f698b094c87193821747dbd716fab7dbb6