harrison.bywatersolutions.com

Issued by R3

About this certificate

This digital certificate with serial number 03:2a:20:7b:e9:fb:bb:5a:0d:98:e5:65:52:7c:45:cd:44:1c was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=harrison.bywatersolutions.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:2a:20:7b:e9:fb:bb:5a:0d:98:e5:65:52:7c:45:cd:44:1c
Serial Number (int): 275671895900084561503355776542086328566812
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: ee:08:3f:9b:88:32:17:45:1e:24:78:05:d4:3b:98:73:d8:5f:e0:f4
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): fa:fe:bf:9e:98:fe:e6:09:31:f2:1b:d2:a0:5a:cd:fb:29:6e:86:14
Fingerprint (sha256): 06:3a:ad:fc:68:53:49:46:8d:fe:76:e4:66:a6:b5:4e:c8:82:b2:69:bd:db:62:59:a6:c6:c0:3a:86:b9:fb:bd

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate harrison.bywatersolutions.com

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for harrison.bywatersolutions.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

catalog.harrison.bywatersolutions.com
catalog.hm-lib.org
harrison.bywatersolutions.com
staff.harrison.bywatersolutions.com
staff.hm-lib.org

Other certificates including the domain name bywatersolutions.com

(limited to 100 certificates)
catalog.redlibrary.org
harrison.bywatersolutions.com
pals.bywatersolutions.com
cin.bywatersolutions.com
audubon.bywatersolutions.com
harrison.bywatersolutions.com
arcadiapl.bywatersolutions.com
model.bywatersolutions.com
bedfordtx.bywatersolutions.com
harrison.bywatersolutions.com
washoe-aspen.bywatersolutions.com
koha.bywatersolutions.com
farmington.bywatersolutions.com
www.astinus.bywatersolutions.com
catalog.redlibrary.org
idsa.bywatersolutions.com
devs.bywatersolutions.com
staff.ajaxlibrary.ca
farmington.bywatersolutions.com
ticket.bywatersolutions.com
camden.bywatersolutions.com
disneytech.bywatersolutions.com
demo.bywatersolutions.com
bywatersolutions.com
kohacon2018.bywatersolutions.com
kohacon2018.bywatersolutions.com
dovernet.bywatersolutions.com
vokal-aspen.bywatersolutions.com
texlaw.bywatersolutions.com
bywatersolutions.com
ajaxon.bywatersolutions.com
collingswood.bywatersolutions.com
kids.meadvillelibrary.org
demo.bywatersolutions.com
ticket.bywatersolutions.com
samuelmerritt.bywatersolutions.com
catalog.dnredwoods.bywatersolutions.com
bywatersolutions.com
kids.meadvillelibrary.org
sdlaw.bywatersolutions.com
catalog.bethelu.bywatersolutions.com
abbott.bywatersolutions.com
kohacon2018.bywatersolutions.com
media.bywatersolutions.com
devs.bywatersolutions.com
esri.bywatersolutions.com
catalog.redlibrary.org
catalog.rahwaylibrary.org
texlaw.bywatersolutions.com
bywatersolutions.com
roundrock.bywatersolutions.com
risl.bywatersolutions.com
farmington.bywatersolutions.com
bywatersolutions.com
merial.bywatersolutions.com
demo.bywatersolutions.com
collingswood.bywatersolutions.com
devs.bywatersolutions.com
catalog.rahwaylibrary.org
kids.meadvillelibrary.org
catalog.rahwaylibrary.org
bywatersolutions.com
siskiyou.bywatersolutions.com
catalog.redlibrary.org
hkic.bywatersolutions.com
disneytech.bywatersolutions.com
esri.bywatersolutions.com
bywatersolutions.com
demo.bywatersolutions.com
millbrook.bywatersolutions.com
uintah.bywatersolutions.com
vokal-aspen.bywatersolutions.com
catalog.redlibrary.org
catalog.rahwaylibrary.org
tnhsc.bywatersolutions.com
bywaterconsortium.aspendiscovery.org
kohacon2018.bywatersolutions.com
dovernet.bywatersolutions.com
demo.bywatersolutions.com
dovernet.bywatersolutions.com
aspen-arlingtontest.bywatersolutions.com
downtown.roseville-libki.bywatersolutions.com
help.aspendiscovery.org
kohacon2018.bywatersolutions.com
catamount.bywatersolutions.com
esri.bywatersolutions.com
ticket.bywatersolutions.com
catalog.rahwaylibrary.org
collingswood.bywatersolutions.com
kohacon2018.bywatersolutions.com
catalog.redlibrary.org
pals.bywatersolutions.com
aspen.bywatersolutions.com
ckls.bywatersolutions.com
catalog.rahwaylibrary.org
catalog.redlibrary.org
catalog.rahwaylibrary.org
ticket.bywatersolutions.com
ramapo.bywatersolutions.com
kohacon2018.bywatersolutions.com

Certificate

The complete raw certificate details for harrison.bywatersolutions.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAyoge+n7u1oNmOVlUnxFzUQcMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA0MjExMzAwMTFaFw0yMzA3MjAxMzAwMTBaMCgxJjAkBgNVBAMT
HWhhcnJpc29uLmJ5d2F0ZXJzb2x1dGlvbnMuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEApxq02dQPAikBmGSNopvaODYeLH8TouBOZQ3N34T5nNEz
8yQp3iKcMISUv4zaCKitZkJ/j7q9M9gcGvDPs5RM04SOLA84YQMFvC5nggv89GtJ
dkdxF0OdYybsRVCA4ylFgzFWPTa6WR4sR65RAoizgoAOeqgoqv/xccnTl65woRhg
h0xdnwzmlM/OexnK3oFSC7pJrJQALMixJsnYkDpUexI6fbgbuBaidByNUZyXcCZI
Qz00HB6OIKWhOprOwrWsNekSEyoAQp49bYUGgvfbJpQ2qnJDyxiSEL5xo01Y/UX4
YV8k5kZxxQZi8qluXH4CXOLfwH5o1nisv6ICLBIRKwIDAQABo4ICzjCCAsowDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBTuCD+biDIXRR4keAXUO5hz2F/g9DAfBgNVHSME
GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB
BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov
L3IzLmkubGVuY3Iub3JnLzCBnAYDVR0RBIGUMIGRgiVjYXRhbG9nLmhhcnJpc29u
LmJ5d2F0ZXJzb2x1dGlvbnMuY29tghJjYXRhbG9nLmhtLWxpYi5vcmeCHWhhcnJp
c29uLmJ5d2F0ZXJzb2x1dGlvbnMuY29tgiNzdGFmZi5oYXJyaXNvbi5ieXdhdGVy
c29sdXRpb25zLmNvbYIQc3RhZmYuaG0tbGliLm9yZzBMBgNVHSAERTBDMAgGBmeB
DAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
dHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AHoyjFTYty22
IOo44FIe6YQWcDIThU070ivBOlejUutSAAABh6QdhsIAAAQDAEcwRQIgL13sIC20
oEe7rmkTnmuG4KGXbmrUYh/HNoSgFHWPBLYCIQCM4iVbCzHIdl+LpNiNARsqWRGb
lZAx+bY2H6/NoJlMzAB3AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1u
AAABh6QdhrEAAAQDAEgwRgIhAISBhKIxGO4IkWGXtu6yvy7nyPUZ3LRryNH9BcoM
qlfgAiEA+J0OkXr0M1A0AkbZyzjlO3n8FdSb8fL5GC1vCBFDFEowDQYJKoZIhvcN
AQELBQADggEBAAr+/o3PIfgEWNe1oiFkHdCJJMIOyFcYAl1I5hVrAkMV4YxVbVqj
v1hZBHvf1uWSfGQIR7qRVpF5qSxBjsiERF3REpdfhIYqtYowrrrUGy0HBIxHd39P
TI8iwqkpOuSLw31LuQVx9cpEjzDnJydjk3kZu37SCqFAQRrW6j8x+vS6Jh4GjpPq
v2lE++S+GfAJyqCfDviN1L9xVwV1nRjDMIwgVY9HBC8BxXfdbw8WRhGE0P7zTE1f
AFMuXCz6P8Y8bszFkyz8E87U2s0P0AljioDH6cLrk8bn0n2I1SF4mFKvQ9slQeyW
i6MrzgqO5jYO4r3MkHZhhIih0ScZ/2WZLyU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxq02dQPAikBmGSNopva
ODYeLH8TouBOZQ3N34T5nNEz8yQp3iKcMISUv4zaCKitZkJ/j7q9M9gcGvDPs5RM
04SOLA84YQMFvC5nggv89GtJdkdxF0OdYybsRVCA4ylFgzFWPTa6WR4sR65RAoiz
goAOeqgoqv/xccnTl65woRhgh0xdnwzmlM/OexnK3oFSC7pJrJQALMixJsnYkDpU
exI6fbgbuBaidByNUZyXcCZIQz00HB6OIKWhOprOwrWsNekSEyoAQp49bYUGgvfb
JpQ2qnJDyxiSEL5xo01Y/UX4YV8k5kZxxQZi8qluXH4CXOLfwH5o1nisv6ICLBIR
KwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 275671895900084561503355776542086328566812
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-21 13:00:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-20 13:00:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'harrison.bywatersolutions.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21094966370065321983364441876212368715170665814650490272137956446643634773612427543732597233053582897779839933460465334258647233765702220840281096975518312379710959129216017600500898274711633073082781403477178429456962170841671964789776432861473648715493305253053710197566110766653011630430102218437970926376490755566125678152607106256036841307359118476321919305588148774367254124838584151596449219938156272760300891515471193850136027469840760628451118405710756771254999578938317906949146232941884393454603462463938045625490058939095952296430664920867345998892669332289225963989204797034369652240654326779309129339179
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ee083f9b883217451e247805d43b9873d85fe0f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (148 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'catalog.harrison.bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'catalog.hm-lib.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'harrison.bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staff.harrison.bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staff.hm-lib.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000187a41d86c2000004030047304502202f5dec202db4a047bbae69139e6b86e0a1976e6ad4621fc73684a014758f04b60221008ce2255b0b31c8765f8ba4d88d011b2a59119b959031f9b6361fafcda0994ccc007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000187a41d86b10000040300483046022100848184a23118ee08916197b6eeb2bf2ee7c8f519dcb46bc8d1fd05ca0caa57e0022100f89d0e917af43350340246d9cb38e53b79fc15d49bf1f2f9182d6f081143144a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000afefe8dcf21f80458d7b5a221641dd08924c20ec85718025d48e6156b024315e18c556d5aa3bf5859047bdfd6e5927c640847ba91569179a92c418ec884445dd112975f84862ab58a30aebad41b2d07048c47777f4f4c8f22c2a9293ae48bc37d4bb90571f5ca448f30e7272763937919bb7ed20aa140411ad6ea3f31faf4ba261e068e93eabf6944fbe4be19f009caa09f0ef88dd4bf715705759d18c3308c20558f47042f01c577dd6f0f16461184d0fef34c4d5f00532e5c2cfa3fc63c6eccc5932cfc13ced4dacd0fd009638a80c7e9c2eb93c6e7d27d88d521789852af43db2541ec968ba32bce0a8ee6360ee2bdcc9076618488a1d12719ff65992f25