*.opkey.com
Issued by R3
About this certificate
This digital certificate with serial number 03:03:54:39:68:97:e0:5c:e5:aa:62:c3:bc:b6:2f:73:46:24 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.opkey.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:03:54:39:68:97:e0:5c:e5:aa:62:c3:bc:b6:2f:73:46:24Serial Number (int): 262469658130013913016128581078671519073828
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 45:79:c8:cb:fb:65:23:d6:26:69:76:8c:f9:9a:d4:8e:eb:9e:6a:60
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 0d:69:f8:a4:22:f7:64:37:68:20:4d:41:cd:1b:9e:78:fa:8d:37:7d
Fingerprint (sha256): 05:11:a2:6c:d6:ac:3b:c3:5f:f3:0a:e2:9f:c3:1f:57:01:49:4d:56:29:92:d6:2f:13:71:aa:af:24:91:a5:a2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.opkey.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.opkey.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.opkey.com
opkey.com
opkey.com
Other certificates including the domain name opkey.com
(limited to 100 certificates)
*.opkey.com
sugarcrm.opkey.com
idempiere.opkey.com
backup.opkey.com
*.opkey.com
itsupport.nationalable.org
idempiere.opkey.com
itsupport.nationalable.org
fergusonsupport.opkey.com
odoo.opkey.com
ls.opkey.com
support.redmop.com
*.support.opkey.com
idempiere.opkey.com
idempiere.opkey.com
helpdesk.vacorp.com
sugarcrm.opkey.com
opkey.com
odoo.opkey.com
odoo.opkey.com
backup.opkey.com
support.opkey.com
odoo.opkey.com
itsupport.nationalable.org
odoo.opkey.com
*.opkey.com
fergusonsupport.opkey.com
*.sugarcrm.opkey.com
*.backup.opkey.com
*.staging.opkey.com
sugarcrm.opkey.com
opkey.com
*.helpdocs.opkey.com
*.opkey.com
www.testui.opkey.com
backup.opkey.com
openproject.opkey.com
openproject.opkey.com
ls.opkey.com
*.sugarcrm.opkey.com
backup.opkey.com
atencion.traffilog.mx
getit.saiapex.in
*.support.opkey.com
studentsupport.atpstar.com
support.opkey.com
www.account.opkey.com
*.openproject.opkey.com
getit.saiapex.in
itsupport.nationalable.org
idempiere.opkey.com
*.opkey.com
idempiere.opkey.com
opkey.com
opkey.com
getit.saiapex.in
support.ksportusa.com
support.opkey.com
pfizer.opkey.com
opkey.com
sales.miraclesmind.site
*.helpdocs.opkey.com
opkey.com
odoo.opkey.com
staging.opkey.com
backup.opkey.com
openproject.opkey.com
sugarcrm.opkey.com
openproject.opkey.com
sales.miraclesmind.site
*.openproject.opkey.com
sales.miraclesmind.site
getit.saiapex.in
support.egicat.com
sugarcrm.opkey.com
opkey.com
odoo.opkey.com
ls.opkey.com
idempiere.opkey.com
fergusonsupport.opkey.com
opkey.com
sugarcrm.opkey.com
openproject.opkey.com
support.tekxiph.com
backup.opkey.com
www.ct.opkey.com
ct.opkey.com
*.staging.opkey.com
www.testui.opkey.com
opkey.com
support.egicat.com
fergusonsupport.opkey.com
opkey.com
m.opkey.com
*.opkey.com
m.opkey.com
openproject.opkey.com
openproject.opkey.com
*.opkey.com
sales.miraclesmind.site
sugarcrm.opkey.com
idempiere.opkey.com
backup.opkey.com
*.opkey.com
itsupport.nationalable.org
idempiere.opkey.com
itsupport.nationalable.org
fergusonsupport.opkey.com
odoo.opkey.com
ls.opkey.com
support.redmop.com
*.support.opkey.com
idempiere.opkey.com
idempiere.opkey.com
helpdesk.vacorp.com
sugarcrm.opkey.com
opkey.com
odoo.opkey.com
odoo.opkey.com
backup.opkey.com
support.opkey.com
odoo.opkey.com
itsupport.nationalable.org
odoo.opkey.com
*.opkey.com
fergusonsupport.opkey.com
*.sugarcrm.opkey.com
*.backup.opkey.com
*.staging.opkey.com
sugarcrm.opkey.com
opkey.com
*.helpdocs.opkey.com
*.opkey.com
www.testui.opkey.com
backup.opkey.com
openproject.opkey.com
openproject.opkey.com
ls.opkey.com
*.sugarcrm.opkey.com
backup.opkey.com
atencion.traffilog.mx
getit.saiapex.in
*.support.opkey.com
studentsupport.atpstar.com
support.opkey.com
www.account.opkey.com
*.openproject.opkey.com
getit.saiapex.in
itsupport.nationalable.org
idempiere.opkey.com
*.opkey.com
idempiere.opkey.com
opkey.com
opkey.com
getit.saiapex.in
support.ksportusa.com
support.opkey.com
pfizer.opkey.com
opkey.com
sales.miraclesmind.site
*.helpdocs.opkey.com
opkey.com
odoo.opkey.com
staging.opkey.com
backup.opkey.com
openproject.opkey.com
sugarcrm.opkey.com
openproject.opkey.com
sales.miraclesmind.site
*.openproject.opkey.com
sales.miraclesmind.site
getit.saiapex.in
support.egicat.com
sugarcrm.opkey.com
opkey.com
odoo.opkey.com
ls.opkey.com
idempiere.opkey.com
fergusonsupport.opkey.com
opkey.com
sugarcrm.opkey.com
openproject.opkey.com
support.tekxiph.com
backup.opkey.com
www.ct.opkey.com
ct.opkey.com
*.staging.opkey.com
www.testui.opkey.com
opkey.com
support.egicat.com
fergusonsupport.opkey.com
opkey.com
m.opkey.com
*.opkey.com
m.opkey.com
openproject.opkey.com
openproject.opkey.com
*.opkey.com
sales.miraclesmind.site
Certificate
The complete raw certificate details for *.opkey.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgISAwNUOWiX4FzlqmLDvLYvc0YkMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTEwMTI4NDNaFw0yNDAyMDkwMTI4NDJaMBYxFDASBgNVBAMM Cyoub3BrZXkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv445 KFibol0epcOkGBqaYLevVkchIYbPMYBplsEtUVKy9dSKicCpm7eJSodTfIUxowFP uN0Am1jT6NjcNFAG994NkqRZMJ50l9Y4VTVnw5n6T+oYvUxqy3T0E4Wf1N8KSb9G feQd3p5Js+hMJp2kenHiR7r1BEh3EVxsrJdTlnXek5I+h4ax7RaaJXVBlgKeAUHK 4I3rKtOEdYV4Ca+93P7CRsWS15cQGGLinKWckk9/FnkpJlckAVK96Whk06sfZeJg mpLAGOWy4S4a02ju88cfOfGVt+sYs7z5fNn0PSLo+rA/uc/kM2hQHWInRU667Bmu zgmQoFPSq1MJS3Q/PwIDAQABo4ICGTCCAhUwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBRFecjL+2Uj1iZpdoz5mtSO655qYDAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAh BgNVHREEGjAYggsqLm9wa2V5LmNvbYIJb3BrZXkuY29tMBMGA1UdIAQMMAowCAYG Z4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAO1N3dT4tuYBOizBbBv5A O2fYT8P0x70ADS1yb+H61BcAAAGLvDXICgAABAMASDBGAiEA+m1MTA8my55rFtw+ OcyZ/RqEFrNrhv/kbpUDhJdURFkCIQCs8MBgE6MYVuUZxoDqVH/bPVUXse6FC20s mTz2lFRG1wB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi7w1 yfcAAAQDAEcwRQIhALpKDEEuU4Z7DzYmXVoMl6mayPQK18xSMYQMrjmRhjCCAiAF FmmJ9dDrLgTFVS5d2pIGZY+69+xchkOU023nwunW0TANBgkqhkiG9w0BAQsFAAOC AQEACA211r4xWI4SFYKxoYuFO9bOATuztg9Dj6cdJ8ihP20JaslThMqj+FeB6i74 OMLJQWwp+1bPj2muw95S7Cw67bosUv2vblc63op3fQapiuzw8R2IuLrXs30Ft4R1 ea/hE9dlZxzJe2Q/ilDWZmwG62GH0jhZVgDBp1djWKrG4jq60aWurbaGxwtBdG2/ o/Y3OePXWcY6UE6WHJdFyp2HtjCiDMMszuVDiVlhKFGIr5bPOQISoyAA6ZZSiSgm PIVCk/5qtR1rVdBIoVR1Z8NlH7OeuhOCHDDqoZlhJbWzK5nPE7MNFOfAkmUUszKr NwfvCuI3azEhVKOvqaJZklVMNQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv445KFibol0epcOkGBqa YLevVkchIYbPMYBplsEtUVKy9dSKicCpm7eJSodTfIUxowFPuN0Am1jT6NjcNFAG 994NkqRZMJ50l9Y4VTVnw5n6T+oYvUxqy3T0E4Wf1N8KSb9GfeQd3p5Js+hMJp2k enHiR7r1BEh3EVxsrJdTlnXek5I+h4ax7RaaJXVBlgKeAUHK4I3rKtOEdYV4Ca+9 3P7CRsWS15cQGGLinKWckk9/FnkpJlckAVK96Whk06sfZeJgmpLAGOWy4S4a02ju 88cfOfGVt+sYs7z5fNn0PSLo+rA/uc/kM2hQHWInRU667BmuzgmQoFPSq1MJS3Q/ PwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 262469658130013913016128581078671519073828 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-11 01:28:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-09 01:28:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.opkey.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24181649157772031975834932358481121683243965578998934199324542221261197703300906333098447078014946827227116044109458479118613260757501500623481879925920281500911569635953657740551065509431576862530503753686988113488576022289739619769695553839600809506971306413735598127508098588016080187884140929770837227730056186670998025546813213126408550118403970235845106786885707005016504208899034440691876311090928814528077593165258169326920265596371264564876001880286716289772506200950282596467576576358481908780866209872457959503771061443535025767891773754132452178032685935582569901823266150947133737112145437508245055094591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4579c8cbfb6523d62669768cf99ad48eeb9e6a60 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.opkey.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opkey.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bbc35c80a0000040300483046022100fa6d4c4c0f26cb9e6b16dc3e39cc99fd1a8416b36b86ffe46e95038497544459022100acf0c06013a31856e519c680ea547fdb3d5517b1ee850b6d2c993cf6945446d700760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bbc35c9f70000040300473045022100ba4a0c412e53867b0f36265d5a0c97a99ac8f40ad7cc5231840cae3991863082022005166989f5d0eb2e04c5552e5dda9206658fbaf7ec5c864394d36de7c2e9d6d1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00080db5d6be31588e121582b1a18b853bd6ce013bb3b60f438fa71d27c8a13f6d096ac95384caa3f85781ea2ef838c2c9416c29fb56cf8f69aec3de52ec2c3aedba2c52fdaf6e573ade8a777d06a98aecf0f11d88b8bad7b37d05b7847579afe113d765671cc97b643f8a50d6666c06eb6187d238595600c1a7576358aac6e23abad1a5aeadb686c70b41746dbfa3f63739e3d759c63a504e961c9745ca9d87b630a20cc32ccee543895961285188af96cf390212a32000e996528928263c854293fe6ab51d6b55d048a1547567c3651fb39eba13821c30eaa1996125b5b32b99cf13b30d14e7c0926514b332ab3707ef0ae2376b312154a3afa9a25992554c35