buzzfeed.com

Issued by Amazon

About this certificate

This digital certificate with serial number 08:70:c2:14:f7:56:77:ac:32:97:2e:58:6f:73:f9:98 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=buzzfeed.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 08:70:c2:14:f7:56:77:ac:32:97:2e:58:6f:73:f9:98
Serial Number (int): 11219297663008916571430835339354438040
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: e4:ba:bd:e5:37:67:5c:3b:04:f9:ea:5a:e8:ee:1b:80:aa:ec:a0:52
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): a5:96:04:aa:a6:18:98:1b:4f:86:e8:f0:e1:87:0e:d6:c4:dc:10:d9
Fingerprint (sha256): 03:65:ed:1c:c6:3f:09:06:4b:0c:40:9a:48:8f:5b:93:84:75:90:44:93:87:67:f6:3f:e2:c6:7c:95:68:0f:6e

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate buzzfeed.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for buzzfeed.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

buzzfeed.com
*.buzzfeed.com

Other certificates including the domain name buzzfeed.com

(limited to 100 certificates)
statuspage.io
www.advertise.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
japan-status.dialpad.com
buzzfeed-brand.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
r.ssl.fastly.net
*.app-west.buzzfeed.io
*.buzzfeed.com
p.ssl.fastly.net
se.emails.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
beta-dashboard.buzzfeed.com
p.ssl.fastly.net
sslvs03.igloosoftware.com
f2.shared.global.fastly.net
shopwith.buzzfeed.com
p.ssl.fastly.net
p.ssl.fastly.net
*.app-west.buzzfeed.io
link.buzzfeed.com
returns.buzzfeed.com
f2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
r.ssl.fastly.net
japan-status.dialpad.com
r.ssl.fastly.net
buzzfeed.com
statuspage.io
statuspage.io
dns-vetting1l.map.fastly.net
statuspage.io
buzzfeed.map.fastly.net
dns-vetting1j.map.fastly.net
h5.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
japan-status.dialpad.com
statuspage.io
p.ssl.fastly.net
buzzfeed.com
n2.shared.global.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1l.map.fastly.net
sslvs03.igloosoftware.com
p.ssl.fastly.net
statuspage.io
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
n2.shared.global.fastly.net
sslvs03.igloosoftware.com
m.ssl.fastly.net
dns-vetting1j.map.fastly.net
statuspage.io
li.lisecurelink.com
statuspage.io
buzzfeed-community.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
link.buzzfeed.com
tech.buzzfeed.com
p.ssl.fastly.net
m.ssl.fastly.net
statuspage.io
f2.shared.global.fastly.net
n2.shared.global.fastly.net
r.ssl.fastly.net
statuspage.io
p.ssl.fastly.net
shop.buzzfeed.com
f2.shared.global.fastly.net
statuspage.io
m.ssl.fastly.net
n2.shared.global.fastly.net
statuspage.io
dns-vetting1l.map.fastly.net
b2-alt.shared.global.fastly.net
japan-status.dialpad.com
li.lisecurelink.com
www.buzzfeed.com
lab.buzzfeed.com
sslvs03.igloosoftware.com
h5.buzzfeed.com
h5.buzzfeed.com
link.buzzfeed.com
r.ssl.fastly.net
dns-vetting1j.map.fastly.net
buymethat.buzzfeed.com
auth-demo.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
r.ssl.fastly.net
f2.shared.global.fastly.net

Certificate

The complete raw certificate details for buzzfeed.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIQCHDCFPdWd6wyly5Yb3P5mDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAyMDQwMDAwMDBaFw0yMzAzMDUy
MzU5NTlaMBcxFTATBgNVBAMTDGJ1enpmZWVkLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALJbNwCJQjI6YFHuN8FhRdka81TquVOKALdzc4OJ+uFr
n4miu2yLr9I2vdEdhYC01Ms6fkELTYavTwH/4eikZx/o353/bVJmn2+rJp2KcmKU
tTjHKMyWd2sMLSfXqkv47erbHmRug6uOleRwCtIU7hH7VWSodOe90GxsnbM0IauH
fTb6OWMsC6DkCEPbbI8f41rKtk7oxn4ild6tgzA5Tss59G6+13puNZKG2TcW6CKk
gPnWDShXSkLBN4LRU+DG2DPdfRg0Q/Nl/LNW33nx5veG+UaDTKFG8DMKXTmJdK/d
RiOKppaWOiE5f5JyelyiiRSex+qync//7VadUngE9XMCAwEAAaOCAvkwggL1MB8G
A1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBTkur3lN2dc
OwT56lro7huAquygUjAnBgNVHREEIDAeggxidXp6ZmVlZC5jb22CDiouYnV6emZl
ZWQuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zY2ExYi5hbWF6b250
cnVzdC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYB
BQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250
cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1
c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBgAYKKwYBBAHWeQIEAgSC
AXAEggFsAWoAdwDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX7C
ikVtAAAEAwBIMEYCIQDS6G3D6SOE7YDJ2WR3caqq9BIWzNcaG25BAlLKcGe9JgIh
AJ0qi9F+/PSPZrXuIs5OTBLrOXkSgqydOshD09PYuqE/AHYANc8ZG7+xbFe/D61M
bULLu7YnICZR6j/hKu+oA8M71kwAAAF+wopFqgAABAMARzBFAiEAnUeKw/SnAIVV
co8yzYCg29N5IGS+AlgzhAzfpqn7arMCIAujSTc5D9btu1DduydoJrhMXtKfw9d1
IPkzV28+G3OeAHcAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAF+
wopF2gAABAMASDBGAiEAjySMymrwqfYe0y9i3wLDqspM+3veYA8TtFqTr9heDiYC
IQD6MqLkyEOerPPjCTGqSkixwWNuNY1CFJ1sVIm3FuNbnDANBgkqhkiG9w0BAQsF
AAOCAQEALEMBO6yGJwZzqj8QJ00/t1yIuvu9yLp2nZjU9jJqTzSZTCYroTT04kgh
LZAQ0gS0QZ7TTtFhVi4RZvS6Tz1qpzPeQfM4xEH5orzxH5/kN1UVxIGLEZifpzjQ
FMegj++pjvkKzi5KxsO1ABzWLImPPBV/zSUKR5IlJRoTE+1IvrBY9XPdN+fi+ogv
nvNQL2tlyrRudk3asBD+h9eYIWb/5HBn4Ta3GssqNNUcrRNG1BS8QSTg2UyymQJP
fqJXY94e+WyZfeaRu4VFDs8Rq/Jv9ZSQ7xW0UcWyn1v1DedDF7lsLJ3dHLp64oCW
dLKc3WWZLcpVb0LxddJ0zTJfV8ieVw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsls3AIlCMjpgUe43wWFF
2RrzVOq5U4oAt3Nzg4n64WufiaK7bIuv0ja90R2FgLTUyzp+QQtNhq9PAf/h6KRn
H+jfnf9tUmafb6smnYpyYpS1OMcozJZ3awwtJ9eqS/jt6tseZG6Dq46V5HAK0hTu
EftVZKh0573QbGydszQhq4d9Nvo5YywLoOQIQ9tsjx/jWsq2TujGfiKV3q2DMDlO
yzn0br7Xem41kobZNxboIqSA+dYNKFdKQsE3gtFT4MbYM919GDRD82X8s1bfefHm
94b5RoNMoUbwMwpdOYl0r91GI4qmlpY6ITl/knJ6XKKJFJ7H6rKdz//tVp1SeAT1
cwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11219297663008916571430835339354438040
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'buzzfeed.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22515398003862852233325606595802748318684919317750083398550653229473155675323532372783506275576726526200506494710649873795178581678375658311334558083960042351627796260294769785590585012255912017842931076756055982660033630466589881670803959174346487804617860157122740087343076254025780453491155240489434155436544169550923499441010219587728015939051728778254205737495983040358384018155770454567423565270077370915776000638844449090639371073261227643821270814424040927168817067174492288431907779390712515705719845309226016989295684057947799975331275381170609682519282282043510294252059010130051684411942596861637431719283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e4babde537675c3b04f9ea5ae8ee1b80aaeca052
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buzzfeed.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.buzzfeed.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017ec28a456d0000040300483046022100d2e86dc3e92384ed80c9d9647771aaaaf41216ccd71a1b6e410252ca7067bd260221009d2a8bd17efcf48f66b5ee22ce4e4c12eb39791282ac9d3ac843d3d3d8baa13f00760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017ec28a45aa00000403004730450221009d478ac3f4a7008555728f32cd80a0dbd3792064be025833840cdfa6a9fb6ab302200ba34937390fd6edbb50ddbb276826b84c5ed29fc3d77520f933576f3e1b739e007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017ec28a45da00000403004830460221008f248cca6af0a9f61ed32f62df02c3aaca4cfb7bde600f13b45a93afd85e0e26022100fa32a2e4c8439eacf3e30931aa4a48b1c1636e358d42149d6c5489b716e35b9c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002c43013bac86270673aa3f10274d3fb75c88bafbbdc8ba769d98d4f6326a4f34994c262ba134f4e248212d9010d204b4419ed34ed161562e1166f4ba4f3d6aa733de41f338c441f9a2bcf11f9fe4375515c4818b11989fa738d014c7a08fefa98ef90ace2e4ac6c3b5001cd62c898f3c157fcd250a479225251a1313ed48beb058f573dd37e7e2fa882f9ef3502f6b65cab46e764ddab010fe87d7982166ffe47067e136b71acb2a34d51cad1346d414bc4124e0d94cb299024f7ea25763de1ef96c997de691bb85450ecf11abf26ff59490ef15b451c5b29f5bf50de74317b96c2c9ddd1cba7ae2809674b29cdd65992dca556f42f175d274cd325f57c89e57