bedfordtx.bywatersolutions.com

Issued by R3

About this certificate

This digital certificate with serial number 03:a6:6e:28:83:a1:ec:b4:20:fe:6f:8c:19:79:33:2e:47:e1 was issued on by Let's Encrypt.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=bedfordtx.bywatersolutions.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:a6:6e:28:83:a1:ec:b4:20:fe:6f:8c:19:79:33:2e:47:e1
Serial Number (int): 317970156145391855481856433570870668969953
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 9e:16:d1:4f:6c:ab:ba:26:5a:f5:6b:0e:63:c0:c1:6d:31:90:ec:93
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 67:24:62:01:6f:1c:04:7f:eb:47:9b:8e:d5:78:58:22:12:b7:2a:d6
Fingerprint (sha256): 05:3a:06:92:5d:5d:4b:87:ae:9f:87:13:cf:c3:3c:01:2b:bf:f1:c9:e8:69:c4:3a:67:cf:fd:65:fd:17:1b:d9

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate bedfordtx.bywatersolutions.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bedfordtx.bywatersolutions.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bedfordtx.bywatersolutions.com
catalog.bedfordlibrary.org
staff.bedfordlibrary.org
staff.bedfordtx.bywatersolutions.com

Other certificates including the domain name bywatersolutions.com

(limited to 100 certificates)
catalog.redlibrary.org
harrison.bywatersolutions.com
cin.bywatersolutions.com
audubon.bywatersolutions.com
harrison.bywatersolutions.com
arcadiapl.bywatersolutions.com
model.bywatersolutions.com
bedfordtx.bywatersolutions.com
harrison.bywatersolutions.com
washoe-aspen.bywatersolutions.com
koha.bywatersolutions.com
farmington.bywatersolutions.com
www.astinus.bywatersolutions.com
catalog.redlibrary.org
idsa.bywatersolutions.com
devs.bywatersolutions.com
staff.ajaxlibrary.ca
farmington.bywatersolutions.com
ticket.bywatersolutions.com
camden.bywatersolutions.com
disneytech.bywatersolutions.com
demo.bywatersolutions.com
bywatersolutions.com
kohacon2018.bywatersolutions.com
kohacon2018.bywatersolutions.com
dovernet.bywatersolutions.com
vokal-aspen.bywatersolutions.com
texlaw.bywatersolutions.com
bywatersolutions.com
ajaxon.bywatersolutions.com
collingswood.bywatersolutions.com
kids.meadvillelibrary.org
demo.bywatersolutions.com
ticket.bywatersolutions.com
samuelmerritt.bywatersolutions.com
catalog.dnredwoods.bywatersolutions.com
bywatersolutions.com
kids.meadvillelibrary.org
sdlaw.bywatersolutions.com
catalog.bethelu.bywatersolutions.com
kohacon2018.bywatersolutions.com
media.bywatersolutions.com
devs.bywatersolutions.com
esri.bywatersolutions.com
catalog.redlibrary.org
catalog.rahwaylibrary.org
texlaw.bywatersolutions.com
bywatersolutions.com
roundrock.bywatersolutions.com
risl.bywatersolutions.com
farmington.bywatersolutions.com
bywatersolutions.com
merial.bywatersolutions.com
demo.bywatersolutions.com
collingswood.bywatersolutions.com
devs.bywatersolutions.com
catalog.rahwaylibrary.org
kids.meadvillelibrary.org
catalog.rahwaylibrary.org
bywatersolutions.com
siskiyou.bywatersolutions.com
catalog.redlibrary.org
hkic.bywatersolutions.com
disneytech.bywatersolutions.com
esri.bywatersolutions.com
bywatersolutions.com
demo.bywatersolutions.com
uintah.bywatersolutions.com
catalog.redlibrary.org
catalog.rahwaylibrary.org
tnhsc.bywatersolutions.com
bywaterconsortium.aspendiscovery.org
kohacon2018.bywatersolutions.com
dovernet.bywatersolutions.com
demo.bywatersolutions.com
dovernet.bywatersolutions.com
aspen-arlingtontest.bywatersolutions.com
downtown.roseville-libki.bywatersolutions.com
help.aspendiscovery.org
kohacon2018.bywatersolutions.com
catamount.bywatersolutions.com
esri.bywatersolutions.com
ticket.bywatersolutions.com
catalog.rahwaylibrary.org
collingswood.bywatersolutions.com
kohacon2018.bywatersolutions.com
catalog.redlibrary.org
pals.bywatersolutions.com
aspen.bywatersolutions.com
ckls.bywatersolutions.com
catalog.rahwaylibrary.org
catalog.redlibrary.org
catalog.rahwaylibrary.org
ticket.bywatersolutions.com
ramapo.bywatersolutions.com
kohacon2018.bywatersolutions.com
harrison.bywatersolutions.com
kohacon2018.bywatersolutions.com
tlccat.bywatersolutions.com
demo.bywatersolutions.com

Certificate

The complete raw certificate details for bedfordtx.bywatersolutions.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISA6ZuKIOh7LQg/m+MGXkzLkfhMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTAxMjQwOTA5MDJaFw0yMTA0MjQwOTA5MDJaMCkxJzAlBgNVBAMT
HmJlZGZvcmR0eC5ieXdhdGVyc29sdXRpb25zLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAOk12QIqCgCzg614zpX7WKngIHNt7jC8onh8eFoDwq9D
bKpNhr7ZGxxRQrT5S2r0i+y1Hd6ADe13HczFF2v0+XtpJ2odqiPb9W/XG6sntWvi
TuqTOtXvbUGOx5Pp9FMn7Cz9n7UXxnYnJ1nSe3IL7dMWeWu00iatcMdJMbgjJoRD
GmmSC03kjvs630K3mRUg2b2kIcP60cC0qUyDROhi2a6EiOowpOWrKmQFDicpAYV0
Qz8JbtL/tkEpkV1oF+0PellW95HHxkaD1+IfG0Di4Xx0wPm0vZU0jgkKhLFHGuSv
SC+wluispEjwuMUdd140fvLkOUl4o50qJ6MHgG7B7qcCAwEAAaOCArUwggKxMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUnhbRT2yruiZa9WsOY8DBbTGQ7JMwHwYDVR0j
BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9yMy5pLmxlbmNyLm9yZy8wgYUGA1UdEQR+MHyCHmJlZGZvcmR0eC5ieXdhdGVy
c29sdXRpb25zLmNvbYIaY2F0YWxvZy5iZWRmb3JkbGlicmFyeS5vcmeCGHN0YWZm
LmJlZGZvcmRsaWJyYXJ5Lm9yZ4Ikc3RhZmYuYmVkZm9yZHR4LmJ5d2F0ZXJzb2x1
dGlvbnMuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgw
JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYB
BAHWeQIEAgSB9ASB8QDvAHUAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbH
DsoAAAF3M95NRwAABAMARjBEAiAzcKHN7kSyaNDAjFUJxqMQ9/7SF1pB7Ce3Kmg6
1Rt0KQIgBD+o4jtAK1zggbK4+4azDTKws3RXoNFvJ7PVkn/AUuAAdgD2XJQv0Xcw
IhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXcz3k1IAAAEAwBHMEUCIBya4fwl
Ktc9Hv/1WH6A5cFHJC5BeEzDIAQx5qrQfIc9AiEAq63pF3QwLkcTbIZvgFww6/r/
Gi13YwECVsNo1qopuacwDQYJKoZIhvcNAQELBQADggEBAJCsKAQq8E1ZF6WON69d
GdW/B3516fkvgHUF/ImO2QKRQMvxc5LxAMhEHw0MbuQqn8fdPmzSDL3Uln9Jhk0k
Z/WVW1RFPPt7tRMDD9msQLg5BVauPnS7N+ThGmt5LImfn9v3mPMH+n/7wIaK9LmD
YV3CQ3CdK3GDCad5xciTfxgygTrh9UhbT9uTSRKnEbKWA/62f3UDNQlw+ODKXAEX
pALjn9wd9u6dRcVMEwWlKlMqEhmsfSQ8vA8AZO4ErlectHm1GWmQ5fBSRZ35MaHE
rGcOMflJpjtRb/X1+0Rns/VAxG8pSYon94shr7JEL7RIuslojQCuf4GCNvdSWgqo
zKg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TXZAioKALODrXjOlftY
qeAgc23uMLyieHx4WgPCr0Nsqk2GvtkbHFFCtPlLavSL7LUd3oAN7XcdzMUXa/T5
e2knah2qI9v1b9cbqye1a+JO6pM61e9tQY7Hk+n0UyfsLP2ftRfGdicnWdJ7cgvt
0xZ5a7TSJq1wx0kxuCMmhEMaaZILTeSO+zrfQreZFSDZvaQhw/rRwLSpTINE6GLZ
roSI6jCk5asqZAUOJykBhXRDPwlu0v+2QSmRXWgX7Q96WVb3kcfGRoPX4h8bQOLh
fHTA+bS9lTSOCQqEsUca5K9IL7CW6KykSPC4xR13XjR+8uQ5SXijnSonoweAbsHu
pwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 317970156145391855481856433570870668969953
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-24 09:09:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-24 09:09:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bedfordtx.bywatersolutions.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29440078342326817896266778435726708400523176892145573396901657496500503618120673134761578242394735921071654899068389166353741414443010277141297078808152529956049710044181701732338140118851842255084996263412743215987520572838637787807574650236290099505232794303957112667760987133916874300142767113174671074291063935786125356781859572932547592827372945642305618080880556325000861809990612651203245505511304654485368605125620740263206736849515898625933774367495336798603837431438013699537297894722834358056118318880474747779778031689142587327946483896686633048555935099502897379135802838259024344084191789111973268024999
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9e16d14f6cabba265af56b0e63c0c16d3190ec93
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bedfordtx.bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'catalog.bedfordlibrary.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staff.bedfordlibrary.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staff.bedfordtx.bywatersolutions.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000017733de4d47000004030046304402203370a1cdee44b268d0c08c5509c6a310f7fed2175a41ec27b72a683ad51b74290220043fa8e23b402b5ce081b2b8fb86b30d32b0b37457a0d16f27b3d5927fc052e0007600f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000017733de4d48000004030047304502201c9ae1fc252ad73d1efff5587e80e5c147242e41784cc3200431e6aad07c873d022100abade91774302e47136c866f805c30ebfaff1a2d7763010256c368d6aa29b9a7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0090ac28042af04d5917a58e37af5d19d5bf077e75e9f92f807505fc898ed9029140cbf17392f100c8441f0d0c6ee42a9fc7dd3e6cd20cbdd4967f49864d2467f5955b54453cfb7bb513030fd9ac40b8390556ae3e74bb37e4e11a6b792c899f9fdbf798f307fa7ffbc0868af4b983615dc243709d2b718309a779c5c8937f1832813ae1f5485b4fdb934912a711b29603feb67f7503350970f8e0ca5c0117a402e39fdc1df6ee9d45c54c1305a52a532a1219ac7d243cbc0f0064ee04ae579cb479b5196990e5f052459df931a1c4ac670e31f949a63b516ff5f5fb4467b3f540c46f29498a27f78b21afb2442fb448bac9688d00ae7f818236f7525a0aa8cca8