store.discovery.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 08:fb:d3:59:a6:15:47:ef:98:ed:97:0c:66:4d:3f:f7 was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=store.discovery.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 08:fb:d3:59:a6:15:47:ef:98:ed:97:0c:66:4d:3f:f7
Serial Number (int): 11941377168904641770344045681442635767
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 6b:12:e3:d4:6d:39:88:f5:da:fb:70:15:cd:40:a4:35:56:79:98:49
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 1a:63:5e:fc:ae:78:9a:0b:a3:5b:74:86:13:c5:4d:8c:c7:25:43:13
Fingerprint (sha256): 05:86:83:00:28:9c:01:cb:a3:d3:00:25:27:63:2d:99:35:48:89:5f:94:93:6e:8b:10:38:c8:63:1c:55:cf:86

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate store.discovery.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for store.discovery.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

store.discovery.com

Other certificates including the domain name discovery.com

(limited to 100 certificates)
tvlistings-qa.discovery.com
insider.discovery.com
indiamail.discovery.com
*.disco-api.com
*.discovery.com
passwordsafe-dev.discovery.com
*.nw.discovery.com
email.discovery.com
AWUZAPONARPRO01.dci.discovery.com
*.infra.discovery.com
iasm.discovery.com
adsalesdesign.discovery.com
deliver-qa.discovery.com
*.qa2.sauce.digitalstudios.discovery.com
creaapcps01.discovery.com
dev-momentum.discovery.com
insider.discovery.com
adsalesdesign.discovery.com
lnmail1.discovery.com
ir.corporate.discovery.com
japan.discovery.com
dtag-jsreport.devops.discovery.com
discovery.com
lync2013.dci.discovery.com
woody.discovery.com
auth.discovery.com
MUMAAPLYNCSBC02.dci.discovery.com
www.mexico.discovery.com
access.discovery.com
sapsanprd.discovery.com
hybridmail.discovery.com
corporate.discovery.com
*.sauce.digitalstudios.discovery.com
screening.discovery.com
dads.discovery.com
oktaadmin.discovery.com
remote.discovery.com
securestore.discovery.com
lnmail1.discovery.com
ssa.discovery.com
*.dev.discovery.com
adsalesdesign.discovery.com
store.discovery.com
cxoqa.discovery.com
inlet.discovery.com
images.dds.discovery.com
www.adsalesevents.discovery.com
api.digitalstudios.discovery.com
tlssyslog.discovery.com
org.discovery.com
games.discovery.com
leapfrog-ssl-4.gcs-web.com
citrix-director.discovery.com
edgepool2013.discovery.com
insider.discovery.com
deliver-uat.discovery.com
gohelp.discovery.com
*.bcqa.discovery.com
hrmobileinboxsba.discovery.com
www.food.com
dgoauth-qa.discovery.com
cloud-qa.discovery.com
access.discovery.com
*.discovery.com
entrada.discovery.com
lync2013.dci.discovery.com
soundfx.discovery.com
*.videogo.sauce.digitalstudios.discovery.com
straapiptv.discovery.com
lync2013.dci.discovery.com
strrapotxt01.discovery.com
*.prod.discovery.com
discovery.com
blacklineqa1.discovery.com
people.discovery.com
preprod.projectcat.discovery.com
gohelp.discovery.com
dtag-api.devops.discovery.com
tkyzaplyncsba01.dci.discovery.com
strzadtraps01.dci.discovery.com
insider.discovery.com
www.consumerproducts.discovery.com
CXO.discovery.com
*.disco-api.com
linkit-stage.dci.discovery.com
gohelp.discovery.com
lnmail5.discovery.com
www.adsalesevents.discovery.com
auth.discovery.com
epak.discovery.com
gohelp.discovery.com
www.food.com
bk.inotes.discovery.com
*.nw.discovery.com
photoassets.discovery.com
leapfrog-ssl-4.gcs-web.com
access.discovery.com
discovery.com
KTCZIPWRKSFT01.dci.discovery.com
discovery.com

Certificate

The complete raw certificate details for store.discovery.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIQCPvTWaYVR++Y7ZcMZk0/9zANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MDUyMTAwMDAwMFoXDTI1MDYyMDIzNTk1OVowHjEc
MBoGA1UEAxMTc3RvcmUuZGlzY292ZXJ5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSsHZQx6zaexqJzOO21q6knXeXsWRbyci0A0BfTwpFFt7kE
rjROwKhNSB0vAlWfHcYNdHSYi8pCaSElFOd6c5UVj2vD2HoaZcCyY0bddRzsxFYt
uQmSLMO5YqbDw62bsCBKGeOYYOYOQ5nr62ZBIf09ovOVCwwjezMkpsSds2Li2XNN
K8n95t2ORLu5UustXHpSGqtRpI39UOSFRUWBoSJrJNKd0V53B3gy9IMFuTKB2lAO
Mo7wgtnXMCdg82/78vi++4pvqSuXoKgQ9uzBxOkAWTmMizHGhdM3MIkuiQCSGlCt
0ZZYywsq6fqhpSUuoh70lFT/fpg79HGs2YxdvgUCAwEAAaOCAu8wggLrMB8GA1Ud
IwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBRrEuPUbTmI9dr7
cBXNQKQ1VnmYSTAeBgNVHREEFzAVghNzdG9yZS5kaXNjb3ZlcnkuY29tMBMGA1Ud
IAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0w
Mi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggr
BgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsG
AQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5j
ZXIwDAYDVR0TAQH/BAIwADCCAYEGCisGAQQB1nkCBAIEggFxBIIBbQFrAHcATnWj
J1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPmYfk8QAABAMASDBGAiEA
4ERdLCsw6fJP+CpsczH9eRsxjIKdteQpDIprIE1jT2cCIQDe7OWZItV3wE7kV1o2
OV46VJ3RRCMeeo2olzxdxiatyAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv
2Q6MLnm4AAABj5mH5IAAAAQDAEgwRgIhALhQmEx99E77pKQpAvJ0ZxBmJNO1svWH
pfz+YjNHvh/3AiEApUCfpxlE2cgFYT2XbLcMD7/4wSvkstxj0bU3WqbUBmQAdwDm
0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY+Zh+SQAAAEAwBIMEYC
IQCD3AdOMKClCrlpM0y0VEpszJIt8aOCbCqhePBILprGQAIhAO+FTIhM9S0XtmBS
3keJNyibsiwBNsv1UCN0EJWNETVKMA0GCSqGSIb3DQEBCwUAA4IBAQCT7QRVpXqw
Je0rW7re8JqSKYmWX17cfMZa0PNxtsrjOAj5mGYVWUtM/G+EpPmChfX3ngvRW/yx
GKySR/Pvzx454xDbheE/gUVoIxyiFve0WWCeXbnaZfB76ZO7qfQcygxRZ5eJSS3Y
Y//fhRYIQADlnfbvuUH2DAe/zHP5pwvddr6D7ReBhmfCtkZeMB3J3YbwArqaxuwF
7PvN5RCo7yQNiMLN6EBGuFAbAanPqP1zjlui3tOY00igTqjzhzTvYFU+F39IGIcY
89QyjjkvvKrcTwcnKx/6ziaTkRdJk54wPEr0XwzEymYnqT/xINF+qXQ+OGRx0eOQ
4Zbk3wS6Ursq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKwdlDHrNp7GonM47bWr
qSdd5exZFvJyLQDQF9PCkUW3uQSuNE7AqE1IHS8CVZ8dxg10dJiLykJpISUU53pz
lRWPa8PYehplwLJjRt11HOzEVi25CZIsw7lipsPDrZuwIEoZ45hg5g5DmevrZkEh
/T2i85ULDCN7MySmxJ2zYuLZc00ryf3m3Y5Eu7lS6y1celIaq1Gkjf1Q5IVFRYGh
Imsk0p3RXncHeDL0gwW5MoHaUA4yjvCC2dcwJ2Dzb/vy+L77im+pK5egqBD27MHE
6QBZOYyLMcaF0zcwiS6JAJIaUK3RlljLCyrp+qGlJS6iHvSUVP9+mDv0cazZjF2+
BQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11941377168904641770344045681442635767
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'store.discovery.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20787955351725870888602642651974809635363618362025853412772608996986310567405572042369285913046692999562641497947775034522105856450316156472208315540165707607548227596854284905554253074003298693129602535431640153478026556075946187454654483102102281003475169375708399519397761968377773751751371959483191745395893132527553138879076201623512864547539788837381325779908895326276214198468998865572681781268085226802391798292949938559766369602215013558373436549928149602353474895986041226150131546968929604681177361685741777762945700522860593611574225863072869342079933293766889136057146924509876760992579140886395696823813
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6b12e3d46d3988f5dafb7015cd40a43556799849
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.discovery.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
							016b0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f9987e4f10000040300483046022100e0445d2c2b30e9f24ff82a6c7331fd791b318c829db5e4290c8a6b204d634f67022100deece59922d577c04ee4575a36395e3a549dd144231e7a8da8973c5dc626adc80077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f9987e4800000040300483046022100b850984c7df44efba4a42902f27467106624d3b5b2f587a5fcfe623347be1ff7022100a5409fa71944d9c805613d976cb70c0fbff8c12be4b2dc63d1b5375aa6d40664007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f9987e490000004030048304602210083dc074e30a0a50ab969334cb4544a6ccc922df1a3826c2aa178f0482e9ac640022100ef854c884cf52d17b66052de478937289bb22c0136cbf550237410958d11354a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0093ed0455a57ab025ed2b5bbadef09a922989965f5edc7cc65ad0f371b6cae33808f9986615594b4cfc6f84a4f98285f5f79e0bd15bfcb118ac9247f3efcf1e39e310db85e13f814568231ca216f7b459609e5db9da65f07be993bba9f41cca0c51679789492dd863ffdf8516084000e59df6efb941f60c07bfcc73f9a70bdd76be83ed17818667c2b6465e301dc9dd86f002ba9ac6ec05ecfbcde510a8ef240d88c2cde84046b8501b01a9cfa8fd738e5ba2ded398d348a04ea8f38734ef60553e177f48188718f3d4328e392fbcaadc4f07272b1fface2693911749939e303c4af45f0cc4ca6627a93ff120d17ea9743e386471d1e390e196e4df04ba52bb2a