spotlight-dev.capstage.net

Issued by Amazon

About this certificate

This digital certificate with serial number 05:04:e6:68:59:2b:ef:29:94:c0:61:e2:26:a1:1b:af was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=spotlight-dev.capstage.net

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:04:e6:68:59:2b:ef:29:94:c0:61:e2:26:a1:1b:af
Serial Number (int): 6671582387893739139689502658481167279
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ed:79:3a:38:63:a8:1a:6e:d6:d7:96:eb:fd:bc:f7:f2:a4:35:ec:06
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 1e:7c:6b:00:cc:b9:7d:f6:2d:15:35:bc:1f:d2:36:31:55:99:d3:58
Fingerprint (sha256): 06:17:69:32:a5:50:73:9c:93:81:dd:e1:9b:a0:a6:b5:ab:b9:b5:c7:57:fd:74:29:e0:6d:a5:6d:f2:98:e7:d1

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate spotlight-dev.capstage.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for spotlight-dev.capstage.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

spotlight-dev.capstage.net

Other certificates including the domain name capstage.net

(limited to 100 certificates)
pr1307.reviews.capstage.net
spotlight-ui-staging-1752.capstage.net
public-api-dev.capstage.net
sem-ui-staging-885.capstage.net
spotlight-dev.capstage.net
spotlight-ui-staging-1759.capstage.net
spotlight-ui-staging-2057.capstage.net
pr1306.reviews.capstage.net
vendor-page-dev.capstage.net
spotlight-ui-staging-1754.capstage.net
search-dev.capstage.net
main.capstage.net
pr1946.reviews.capstage.net
spotlight-ui-staging-1754.capstage.net
search-staging-694.capstage.net
spotlight-ui-staging-2320.capstage.net
*.capstage.net
pr1286.reviews.capstage.net
spotlight-ui-staging-1756.capstage.net
dirpa-ui-staging-2325.capstage.net
reviews.capstage.net
spotlight-ui-staging-1751.capstage.net
colin.capstage.net
spotlight-dev.capstage.net
vendor-page.capstage.net
spotlight-ui-staging-1745.capstage.net
reviews-dev.capstage.net
sa-ppl-form.capstage.net
pr1831.reviews.capstage.net
spotlight-ui-staging-2055.capstage.net
sem-ui-staging-1426.capstage.net
pr1832.reviews.capstage.net
colin.capstage.net
*.capstage.net
user-workspace-staging-1997.capstage.net
*.capstage.net
search-staging-692.capstage.net
spotlight-ui-staging-2056.capstage.net
reviews-dev.capstage.net
vp-ppl-qa.capstage.net
search.capstage.net
spotlight-ui-staging-1756.capstage.net
sem-ui-staging-1425.capstage.net
reviews.capstage.net
dirpa-ui-staging-2045.capstage.net
capterra.com
spotlight-ui-staging-1744.capstage.net
sem-ui-staging-1427.capstage.net
workspace-dev.capstage.net
*.capstage.net
capterra.com
dirpa-ui-staging-1402.capstage.net
pr1244.reviews.capstage.net
spotlight-ui-staging-2058.capstage.net
homepage-ui-staging-469.capstage.net
dirpa-ui-staging-1403.capstage.net
workspace-dev.capstage.net
nginx-latency.capstage.net
homepage-ui-staging-203.capstage.net
dirpa-ui-staging-2043.capstage.net
colin.capstage.net
pr1983.reviews.capstage.net
forms-as-a-service.capstage.net
search.capstage.net
pr1286.reviews.capstage.net
directory-page-dev.capstage.net
main.capstage.net
pr1304.reviews.capstage.net
public-api.capstage.net
vendor-page-dev.capstage.net
directory-page.capstage.net
dirpa-ui-staging-2045.capstage.net
compare.capstage.net
sem-ui-staging-1420.capstage.net
dirpa-ui-staging-2326.capstage.net
sem-ui-staging-1422.capstage.net
dirpa-ui-staging-1404.capstage.net
compare-ui-staging-667.capstage.net
workspaceauth-dev.capstage.net
dirpa-ui-staging-2046.capstage.net
spotlight.capstage.net
pr1286.reviews.capstage.net
spotlight-ui-staging-1749.capstage.net
sem-ui-staging-889.capstage.net
spotlight.capstage.net
dirpa-ui-staging-1405.capstage.net
reviews-dev.capstage.net
search-staging-693.capstage.net
dirpa-ui-staging-2327.capstage.net
spotlight-ui-staging-1755.capstage.net
reviews.capstage.net
compare-ui-staging-884.capstage.net
spotlight-dev.capstage.net
pr1286.reviews.capstage.net
compare-ui-staging-882.capstage.net
pr1308.reviews.capstage.net
sem-ui-staging-106.capstage.net
wauth-dev-ci-ga.capstage.net
dirpa-ui-staging-2047.capstage.net
sem-ui-staging-892.capstage.net

Certificate

The complete raw certificate details for spotlight-dev.capstage.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIQBQTmaFkr7ymUwGHiJqEbrzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAzMTUwMDAwMDBaFw0yMDA0MTUx
MjAwMDBaMCUxIzAhBgNVBAMTGnNwb3RsaWdodC1kZXYuY2Fwc3RhZ2UubmV0MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2180snf3ffybePQwsxRxGH3e
/hdbLAKJv3Lr/Kleux5ggCWEbQqccnRxzOHChlPDfbyOvYazx32nnpX0TU+l0Xr7
lUJlmPuuy6rQenubYUHy7XURzJ28uv8OTg/eD9ZoqtVLgDqXRZzraomd+l5QhTnu
fWhxXzN/C9ivOB0Tx1WqNhemWvIe+Pi7ec708KJAxXPSYd6nIRpROqOjVCsXDovB
VAO8+SVlFK1eN1NdS+kY+jIV3R6OsBQdBCmDVILYm9Xm5Oi9oqtlrH+jwg8S7JF5
o0Q93LV+SlqZqr7j4tDC7lN9lY1y63s9YmLaRzEeDAL7odDkb4grl6JcS0fuTwID
AQABo4IChTCCAoEwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYD
VR0OBBYEFO15OjhjqBpu1teW6/289/KkNewGMCUGA1UdEQQeMByCGnNwb3RsaWdo
dC1kZXYuY2Fwc3RhZ2UubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5z
Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZI
AYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0
dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0
cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB
/wQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCkuQmQtBhYFIe7E6LMZ3AK
PDWYBPkb37jjd80OyA3cEAAAAWmDCxX5AAAEAwBGMEQCIGq3mEF2siFm4Y2fIcYz
YleMO0meKZ34fzaC87tYg87fAiBku1eUtx5B1yDGUXGATvUg+UuLm6pH++HO5IZS
hA5XXQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABaYMLF2AA
AAQDAEcwRQIhAMEYLTnh/nqSW/xRUxA9E2Nx7FHnt7dVmKSiqco2ai79AiBLSSMv
rDoN82YssJYuPXLI7lzZ/sXOUC8rqRUyXfkiwzANBgkqhkiG9w0BAQsFAAOCAQEA
Rzm4XC3pVxZ8DFe0qcQnZEWqBmpRXRqFP8ZaGDSxqVqmGbAgvTMUW4hcd4JR88fy
GwE1E68ZP3rkVHyYCEAMkUEI3Ok63tV4jVL+PEpEsMBhcqnMfahxVekUnXMo8Sn5
ErkQ166M2A7dZVGqvX87MyRhVEn033ET5gFps5gB+aaiq3sBnocm3RhSVQIXcHQ9
J66NMPSh+cJKVia2lmsg2DPtjbCaYtGaRtwD/FO4YUlZYYGrUdvFzU17p1LVptQG
RYHBT1PMpyOJR+NRCNhFkHNe63RUrF3gOorm5Lwgxyenbh7xnUKpgEN7vvmMnuF7
6uzFfx/9cHO9wt/4gfHYcw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2180snf3ffybePQwsxRx
GH3e/hdbLAKJv3Lr/Kleux5ggCWEbQqccnRxzOHChlPDfbyOvYazx32nnpX0TU+l
0Xr7lUJlmPuuy6rQenubYUHy7XURzJ28uv8OTg/eD9ZoqtVLgDqXRZzraomd+l5Q
hTnufWhxXzN/C9ivOB0Tx1WqNhemWvIe+Pi7ec708KJAxXPSYd6nIRpROqOjVCsX
DovBVAO8+SVlFK1eN1NdS+kY+jIV3R6OsBQdBCmDVILYm9Xm5Oi9oqtlrH+jwg8S
7JF5o0Q93LV+SlqZqr7j4tDC7lN9lY1y63s9YmLaRzEeDAL7odDkb4grl6JcS0fu
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6671582387893739139689502658481167279
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-15 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'spotlight-dev.capstage.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27693136541088405446303127479652602126549185528633869795680790384216065678244482969305048795903059779755102842934866488617957030331346590096945698924018675728862321445527941953097529011422527156599623438166928413491039078210164420402956755735638818907689226733198962301011400878462740751256415443898369972663986701942382545316549617631666951871970802737452678009491372971425782344285237135654711383109032816904572245393020380154141804949482654672520270529761471987869948208425201817769379357737683948770683512743302472400980786634719771690673564970211117556327079427828498889743208642130064080688509520961104834457167
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ed793a3863a81a6ed6d796ebfdbcf7f2a435ec06
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spotlight-dev.capstage.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000169830b15f9000004030046304402206ab7984176b22166e18d9f21c63362578c3b499e299df87f3682f3bb5883cedf022064bb5794b71e41d720c65171804ef520f94b8b9baa47fbe1cee48652840e575d0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000169830b17600000040300473045022100c1182d39e1fe7a925bfc5153103d136371ec51e7b7b75598a4a2a9ca366a2efd02204b49232fac3a0df3662cb0962e3d72c8ee5cd9fec5ce502f2ba915325df922c3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004739b85c2de957167c0c57b4a9c4276445aa066a515d1a853fc65a1834b1a95aa619b020bd33145b885c778251f3c7f21b013513af193f7ae4547c9808400c914108dce93aded5788d52fe3c4a44b0c06172a9cc7da87155e9149d7328f129f912b910d7ae8cd80edd6551aabd7f3b3324615449f4df7113e60169b39801f9a6a2ab7b019e8726dd185255021770743d27ae8d30f4a1f9c24a5626b6966b20d833ed8db09a62d19a46dc03fc53b86149596181ab51dbc5cd4d7ba752d5a6d4064581c14f53cca7238947e35108d84590735eeb7454ac5de03a8ae6e4bc20c727a76e1ef19d42a980437bbef98c9ee17beaecc57f1ffd7073bdc2dff881f1d873