assets.iota.org

Issued by R3

About this certificate

This digital certificate with serial number 04:69:8a:67:91:f2:ea:f3:f6:71:f5:48:97:44:cf:65:5b:a1 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=assets.iota.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:69:8a:67:91:f2:ea:f3:f6:71:f5:48:97:44:cf:65:5b:a1
Serial Number (int): 384362763483929595010877249486188343286689
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: a3:96:b6:d2:44:1d:98:eb:e6:3a:b2:ea:3d:f0:f1:b1:45:e2:04:93
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ff:ba:05:33:b4:8a:62:06:66:46:8c:b3:a0:47:d3:0e:be:e1:d4:35
Fingerprint (sha256): 05:0e:05:f6:1c:ba:da:17:2c:d4:6f:bb:45:33:57:bc:ca:83:f3:09:f5:d8:67:44:b0:5b:82:07:9a:4b:bc:2f

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate assets.iota.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for assets.iota.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.assets.iota.org
assets.iota.org

Other certificates including the domain name iota.org

(limited to 100 certificates)
powbox.testnet.iota.org
transparency.iota.org
iota.org
nodes.testnet.iota.org
transparency.iota.org
datum.iota.org
app.loginfo.ca
assets.iota.org
nodes.devnet.iota.org
insights.iota.org
tradedemo.iota.org
roadmap.iota.org
kyc.iota.org
sni164330.cloudflaressl.com
sni164330.cloudflaressl.com
dev.iota.org
iota.org
dev.iota.org
client.chatterslaundry.co.nz
kyc.iota.org
sni164330.cloudflaressl.com
standupbot.iota.org
sni164330.cloudflaressl.com
trinity-beta-ios.iota.org
industry.iota.org
utils-api.iota.org
utils-api.iota.org
ecosystem.iota.org
ppa.taneko.net
test.risk-focus.com
sni164330.cloudflaressl.com
blog.iota.org
data.iota.org
nodes.spamnet.iota.org
nodes.canary.spamnet.iota.org
nodes.stable.spamnet.iota.org
ipfs.iota.org
data.iota.org
sni164330.cloudflaressl.com
ssl470338.cloudflaressl.com
transparency.iota.org
ecosystem.iota.org
trinity-beta-ios.iota.org
faucet.devnet.iota.org
mfpvolunteer.com
vault.secops.fra.ext.iota.org
sni164330.cloudflaressl.com
vault.secops.fra.ext.iota.org
discord.iota.org
docs-api.iota.org
ssl470339.cloudflaressl.com
trinity-alpha.iota.org
roadmap.iota.org
nodes.spamnet.iota.org
nodes.stable.spamnet.iota.org
sni164330.cloudflaressl.com
nodes.iota.org
altnodes.devnet.iota.org
utils.iota.org
www.iota.org
dev.iota.org
dena.ai
docs.iota.org
trinity-alpha.iota.org
tumur.me
sni164330.cloudflaressl.com
newsletter-api.iota.org
status.iota.org
data.iota.org
faucet.devnet.iota.org
sni164330.cloudflaressl.com
ecosystem.iota.org
dev.iota.org
utils-api.iota.org
dev.iota.org
iota.org
docs.iota.org
trinity.iota.org
ipfs.iota.org
datum.iota.org
dashboards.spamnet.iota.org
sni164330.cloudflaressl.com
newsletter.iota.org
csworkindiauatpassword.creatorofone.in
nodes.devnet.iota.org
industry.iota.org
nodes.devnet.iota.org
faucet.testnet.iota.org
sni164330.cloudflaressl.com
nodes.spamnet.iota.org
talk.iota.org
eclass.iota.org
nodes.devnet.iota.org
docs-api.iota.org
sni164330.cloudflaressl.com
ssl470338.cloudflaressl.com
sni164330.cloudflaressl.com
eclass.iota.org
iota.org
datum.iota.org

Certificate

The complete raw certificate details for assets.iota.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISBGmKZ5Hy6vP2cfVIl0TPZVuhMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTQyMzM1MjNaFw0yNDA0MTMyMzM1MjJaMBoxGDAWBgNVBAMT
D2Fzc2V0cy5pb3RhLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKZJa7UxBgdc1Fu0tycOPYBqVn8uudxF0clbN3ZsvFRzox2PrqKVZiQKfgclwL4Q
lOa0LF9hNNKPtK/6CCwaprVST+AINbs8UHzFQ+Q74HoBtQIw+Zbll8h7C9RhbwtN
iduKTzOF36m9rEdd82LB1U3Evg+cBKcgHf6Te0EYzSYXGbi52mc0PRdglrieyqVU
SX2FxSH7bVwmHIaJXsqrh4dyEvTYcYnmi5Yju01tPhZ2sgtrWsZm9+bc+LP97+VI
+OF0QJv4pYHmuP1SHKlUO9e10ALr2jjHyuCH7CuPW6K6j4FsGxyHckrsOathKQJB
5VqlGDeUOSN3VA9g7g9XNUm5xvnm1IyxUMKnwEVE9ppSg8NWRwTscEuFbeqn7G49
OcevM6xV0e5Ps/2ehFvkiPMw5AVSnmTlSYhZBI5AYFH1C9YwtzxIHveRf4enYynC
l6cRVrrAzDq48UL8dlGoRixMHtaaU8Y/Zj7MYBsiwjNfbY6fvp7dclMX5MW5r8fm
eCiKfil9CbPV1/YYGcSzhunwXHysV022wWN0zyZfg9XZECigaLMLPzw+YX4BxO1H
6DhaA1Yd1HXB+YNSqjHKbu5B74WNxbX1J9+3PPiXz/6il9ClPAFBq5MfkYsUvRtf
Fx3iYkS8BMyeLzVrPW2wLA6hua1jg1dKHyaPOAal3eXVAgMBAAGjggIkMIICIDAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFKOWttJEHZjr5jqy6j3w8bFF4gSTMB8GA1Ud
IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr
BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw
Oi8vcjMuaS5sZW5jci5vcmcvMC0GA1UdEQQmMCSCESouYXNzZXRzLmlvdGEub3Jn
gg9hc3NldHMuaW90YS5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEE
AdZ5AgQCBIH1BIHyAPAAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1
mwAAAY0Ki2JPAAAEAwBHMEUCIQCZP6wugOM3D9KVYn7lfFWZVVSpaliv1UrYqV9/
R/8A/QIgEFrnlSI2WLMb6kYHVMquaAcAs2MEbdbRx6oYxtuogMIAdgCi4r/WHt4v
Lweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY0Ki2R5AAAEAwBHMEUCIQD7kWJt
zDmVR1EjJHQyNVFNRVF2Xkd03Bk2Cc2RG1xdjQIgMUzaAGvs48aOrUX/35WTLpLm
XW42iO1pbGq8m3+okacwDQYJKoZIhvcNAQELBQADggEBAEFKkVSLTm08PHg2OlLT
NjMAUDhMHY6rrjWniQEVlLlhnBOX12cyWi+2xyayouX1fptNWaGDScp4ycHCf/Hq
hZh0+zmlPZEvPfprC2ev8CiW2QkmA8VCvf6vinaO3kVwPSy4i5ca+dCquz1HPMQP
ETzHQeReZoigB284kz8pHYRqyWINgVRI7waAGwzFNOExTtBhd/LUVqqxq/TnVhYy
88Vt8VQy/VNpJ6DEVOSKJ06lZUu/fw/ZJVXt+71qXGOWkle4pXncyfQLX2fR2GKy
s+v47ncFJLIdFdplbvMaJtvrLf+mg8841xWBkW4nDlK6maZttDQLSDqL5ymSKakg
hxE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApklrtTEGB1zUW7S3Jw49
gGpWfy653EXRyVs3dmy8VHOjHY+uopVmJAp+ByXAvhCU5rQsX2E00o+0r/oILBqm
tVJP4Ag1uzxQfMVD5DvgegG1AjD5luWXyHsL1GFvC02J24pPM4Xfqb2sR13zYsHV
TcS+D5wEpyAd/pN7QRjNJhcZuLnaZzQ9F2CWuJ7KpVRJfYXFIfttXCYcholeyquH
h3IS9NhxieaLliO7TW0+FnayC2taxmb35tz4s/3v5Uj44XRAm/ilgea4/VIcqVQ7
17XQAuvaOMfK4IfsK49borqPgWwbHIdySuw5q2EpAkHlWqUYN5Q5I3dUD2DuD1c1
SbnG+ebUjLFQwqfARUT2mlKDw1ZHBOxwS4Vt6qfsbj05x68zrFXR7k+z/Z6EW+SI
8zDkBVKeZOVJiFkEjkBgUfUL1jC3PEge95F/h6djKcKXpxFWusDMOrjxQvx2UahG
LEwe1ppTxj9mPsxgGyLCM19tjp++nt1yUxfkxbmvx+Z4KIp+KX0Js9XX9hgZxLOG
6fBcfKxXTbbBY3TPJl+D1dkQKKBosws/PD5hfgHE7UfoOFoDVh3UdcH5g1KqMcpu
7kHvhY3FtfUn37c8+JfP/qKX0KU8AUGrkx+RixS9G18XHeJiRLwEzJ4vNWs9bbAs
DqG5rWODV0ofJo84BqXd5dUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 384362763483929595010877249486188343286689
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-14 23:35:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-13 23:35:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'assets.iota.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 678390956150502764162160453489288292985506874081813025634151176153729488308452116402278716578617742062369025497594318086303932619760956647512111893035918145005368074722815828574369515685666908438453118676090231745315598832826249168363079342154525361676929085199494777750036188468028629242708145216603523453340844085674974428335476667577518823839498780738467107082408822605065983477364401243069596115460211541999112285182172477461856649819968780329434870178723471950535093639207476017621664328411574195426266265004996476651563359711669498158779102625003681584397087471234445591629217632307101803270528649929946288833733231422647006644037844206565526755392550837419155769146528342765542098399832894388867919555946885918700157157624993697710014588855695449098447226893538852308468808119500452931013233287811248210803937792828776671110589596750790591195457457803931924932035946892203018051408269614475124743245472038967946422325650372915002478319084040924336696141486988671075987704931597951377197445784016092477249201309041441344434684330735008191177911782268294159788252649292080105276386516689120679901202760723767775650049061155804541725683807577632502128008240480240932869819172534130797952732238930716268246942901649146333846431189
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a396b6d2441d98ebe63ab2ea3df0f1b145e20493
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.assets.iota.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.iota.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d0a8b624f0000040300473045022100993fac2e80e3370fd295627ee57c55995554a96a58afd54ad8a95f7f47ff00fd0220105ae795223658b31bea460754caae680700b363046dd6d1c7aa18c6dba880c2007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d0a8b64790000040300473045022100fb91626dcc399547512324743235514d4551765e4774dc193609cd911b5c5d8d0220314cda006bece3c68ead45ffdf95932e92e65d6e3688ed696c6abc9b7fa891a7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00414a91548b4e6d3c3c78363a52d336330050384c1d8eabae35a789011594b9619c1397d767325a2fb6c726b2a2e5f57e9b4d59a18349ca78c9c1c27ff1ea859874fb39a53d912f3dfa6b0b67aff02896d9092603c542bdfeaf8a768ede45703d2cb88b971af9d0aabb3d473cc40f113cc741e45e6688a0076f38933f291d846ac9620d815448ef06801b0cc534e1314ed06177f2d456aab1abf4e7561632f3c56df15432fd536927a0c454e48a274ea5654bbf7f0fd92555edfbbd6a5c63969257b8a579dcc9f40b5f67d1d862b2b3ebf8ee770524b21d15da656ef31a26dbeb2dffa683cf38d71581916e270e52ba99a66db4340b483a8be7299229a9208711