link.buzzfeed.com
Issued by R3
About this certificate
This digital certificate with serial number 03:ae:de:6d:ee:f3:91:65:cd:60:df:42:c4:59:40:1a:d6:cd was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=link.buzzfeed.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ae:de:6d:ee:f3:91:65:cd:60:df:42:c4:59:40:1a:d6:cdSerial Number (int): 320841649061456791760362810295456414488269
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fa:d3:a4:d6:4a:57:54:a6:7a:27:2b:a2:ce:6d:f3:50:90:d3:bc:65
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): bb:15:ea:b1:58:5e:d2:eb:f1:11:48:c0:95:6e:49:fe:75:90:53:d6
Fingerprint (sha256): 06:4f:df:32:ea:8d:ac:35:7e:9d:2c:55:71:29:95:7a:30:38:65:94:a0:50:28:92:b7:fa:fd:b9:05:46:5b:0a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate link.buzzfeed.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for link.buzzfeed.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
link.buzzfeed.com
Other certificates including the domain name buzzfeed.com
(limited to 100 certificates)
statuspage.io
www.advertise.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
japan-status.dialpad.com
buzzfeed-brand.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
r.ssl.fastly.net
*.app-west.buzzfeed.io
*.buzzfeed.com
p.ssl.fastly.net
se.emails.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
beta-dashboard.buzzfeed.com
p.ssl.fastly.net
sslvs03.igloosoftware.com
f2.shared.global.fastly.net
shopwith.buzzfeed.com
p.ssl.fastly.net
p.ssl.fastly.net
*.app-west.buzzfeed.io
link.buzzfeed.com
returns.buzzfeed.com
f2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
r.ssl.fastly.net
japan-status.dialpad.com
r.ssl.fastly.net
buzzfeed.com
statuspage.io
statuspage.io
dns-vetting1l.map.fastly.net
statuspage.io
buzzfeed.map.fastly.net
dns-vetting1j.map.fastly.net
h5.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
japan-status.dialpad.com
statuspage.io
p.ssl.fastly.net
buzzfeed.com
n2.shared.global.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1l.map.fastly.net
sslvs03.igloosoftware.com
p.ssl.fastly.net
statuspage.io
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
n2.shared.global.fastly.net
sslvs03.igloosoftware.com
m.ssl.fastly.net
dns-vetting1j.map.fastly.net
statuspage.io
li.lisecurelink.com
statuspage.io
buzzfeed-community.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
link.buzzfeed.com
tech.buzzfeed.com
p.ssl.fastly.net
m.ssl.fastly.net
statuspage.io
f2.shared.global.fastly.net
n2.shared.global.fastly.net
r.ssl.fastly.net
statuspage.io
p.ssl.fastly.net
shop.buzzfeed.com
f2.shared.global.fastly.net
statuspage.io
m.ssl.fastly.net
n2.shared.global.fastly.net
statuspage.io
dns-vetting1l.map.fastly.net
b2-alt.shared.global.fastly.net
japan-status.dialpad.com
li.lisecurelink.com
www.buzzfeed.com
lab.buzzfeed.com
sslvs03.igloosoftware.com
h5.buzzfeed.com
h5.buzzfeed.com
link.buzzfeed.com
r.ssl.fastly.net
dns-vetting1j.map.fastly.net
buymethat.buzzfeed.com
auth-demo.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
r.ssl.fastly.net
f2.shared.global.fastly.net
www.advertise.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
japan-status.dialpad.com
buzzfeed-brand.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
r.ssl.fastly.net
*.app-west.buzzfeed.io
*.buzzfeed.com
p.ssl.fastly.net
se.emails.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
beta-dashboard.buzzfeed.com
p.ssl.fastly.net
sslvs03.igloosoftware.com
f2.shared.global.fastly.net
shopwith.buzzfeed.com
p.ssl.fastly.net
p.ssl.fastly.net
*.app-west.buzzfeed.io
link.buzzfeed.com
returns.buzzfeed.com
f2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
r.ssl.fastly.net
japan-status.dialpad.com
r.ssl.fastly.net
buzzfeed.com
statuspage.io
statuspage.io
dns-vetting1l.map.fastly.net
statuspage.io
buzzfeed.map.fastly.net
dns-vetting1j.map.fastly.net
h5.buzzfeed.com
statuspage.io
f2.shared.global.fastly.net
japan-status.dialpad.com
statuspage.io
p.ssl.fastly.net
buzzfeed.com
n2.shared.global.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1l.map.fastly.net
sslvs03.igloosoftware.com
p.ssl.fastly.net
statuspage.io
dns-vetting1j.map.fastly.net
advertise.buzzfeed.com
n2.shared.global.fastly.net
sslvs03.igloosoftware.com
m.ssl.fastly.net
dns-vetting1j.map.fastly.net
statuspage.io
li.lisecurelink.com
statuspage.io
buzzfeed-community.buzzfeed.com
statuspage.io
statuspage.io
n2.shared.global.fastly.net
link.buzzfeed.com
tech.buzzfeed.com
p.ssl.fastly.net
m.ssl.fastly.net
statuspage.io
f2.shared.global.fastly.net
n2.shared.global.fastly.net
r.ssl.fastly.net
statuspage.io
p.ssl.fastly.net
shop.buzzfeed.com
f2.shared.global.fastly.net
statuspage.io
m.ssl.fastly.net
n2.shared.global.fastly.net
statuspage.io
dns-vetting1l.map.fastly.net
b2-alt.shared.global.fastly.net
japan-status.dialpad.com
li.lisecurelink.com
www.buzzfeed.com
lab.buzzfeed.com
sslvs03.igloosoftware.com
h5.buzzfeed.com
h5.buzzfeed.com
link.buzzfeed.com
r.ssl.fastly.net
dns-vetting1j.map.fastly.net
buymethat.buzzfeed.com
auth-demo.buzzfeed.com
n2.shared.global.fastly.net
statuspage.io
r.ssl.fastly.net
f2.shared.global.fastly.net
Certificate
The complete raw certificate details for link.buzzfeed.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgISA67ebe7zkWXNYN9CxFlAGtbNMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTYyMDU5MjNaFw0yNDAzMTUyMDU5MjJaMBwxGjAYBgNVBAMT EWxpbmsuYnV6emZlZWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8w3+jLJ+e088OV1Awzvm0Fdp2UUHw6wdDPUFHFzafQhSWW6hr4n2BrzXBRaJ UxBbyqviRtsoXuOTqWhj9yttS3nxfPNIQmYsKsSozx/6d8gSnoll8RzjVSmM685B 1X9ms9JYnH/qio+sOqaIVUZkZGxFQzgNWpu25+9sa1IYetOvVDnNXcN0/ymEi+gb CrhhovXa4UNhvhiDrdArbo62Umojslmz8LrW5fNbyq2YCQUDKF7LDb6UJtaiDhhA 62D6IySI8cb9UuYDU2uMXhHx1ojydOtPLiF0oJto7EKv9lmMIFJw81qDVB0lTDNN Gwo5TYNeT16LQdvIGdqZ12iviQIDAQABo4ICEjCCAg4wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBT606TWSldUpnonK6LObfNQkNO8ZTAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzAcBgNVHREEFTATghFsaW5rLmJ1enpmZWVkLmNvbTATBgNVHSAEDDAKMAgG BmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ADtTd3U+LbmAToswWwb+ QDtn2E/D9Me9AA0tcm/h+tQXAAABjHSkJWwAAAQDAEYwRAIgUkRGFtzIF3X6HDe4 FbTjBBBZwQQN7v1qRrcahnyxWXwCIGIEmYDO+n5BW9pMvLl6Ix5rEaE0SBM23ZHe 6TLa3R2jAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMdKQl mAAABAMARzBFAiBkg3v1FM/z01TKi/JZgyhyjfZhl2Y9ku73znW+f7MHQQIhAIoh u/AE+ACNAwwzqulyveCLm6MDKKngBlhbz4cRgEvFMA0GCSqGSIb3DQEBCwUAA4IB AQAhi0Qeq4jxMfRHWeoUnok/D+XsmncGhQVUKnAvJJFz8/Qm1DDsJrD9pCwO1NXF fvbHu4cg7Ytd4fuFm3KxgVCzYH7Rx2a/57FAurwNMMzKafQuRwk8ABkYXFImqS4x 19QarDw2jvmSLpxKh16dFRAeVMEoP8LP8T1qKnz0ZV0tF3280TjFTveZh6l7cnPG tpfKTofRKXp6ApRIw+261z4xd6CstakQwOcDC15eddDT1WmofVvK6zxr11hu7h5Y tqj5lEpscp1DnPxF9hxR+rBC2TdX4l4n64vkvNIOsmPHCEtGysX0aiVCkLp4GSXz aueyh/q5QC18NIJmezYYc8Sy -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8w3+jLJ+e088OV1Awzvm 0Fdp2UUHw6wdDPUFHFzafQhSWW6hr4n2BrzXBRaJUxBbyqviRtsoXuOTqWhj9ytt S3nxfPNIQmYsKsSozx/6d8gSnoll8RzjVSmM685B1X9ms9JYnH/qio+sOqaIVUZk ZGxFQzgNWpu25+9sa1IYetOvVDnNXcN0/ymEi+gbCrhhovXa4UNhvhiDrdArbo62 Umojslmz8LrW5fNbyq2YCQUDKF7LDb6UJtaiDhhA62D6IySI8cb9UuYDU2uMXhHx 1ojydOtPLiF0oJto7EKv9lmMIFJw81qDVB0lTDNNGwo5TYNeT16LQdvIGdqZ12iv iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 320841649061456791760362810295456414488269 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-16 20:59:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-15 20:59:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'link.buzzfeed.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30682808970228571511661977510420607890137426101174916834445992792971558686974622755965614333722266174709828182017590759327624511945722976730390365799727031983643908981029224644575838592668790800453074620685770320067538072949162231118571454605394690635738460976250429766564537508562777279410546193693632527457969400165541133775465769725831941733833858583156626210466105638493449881776483913216881942115530126205092598456876946636991516999322172008127952686319703677261562340282909672256647435657094134104826283865531798434918098723349880342713698679353175426890607216312655877220622357748594461147402674473812586180489 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fad3a4d64a5754a67a272ba2ce6df35090d3bc65 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'link.buzzfeed.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c74a4256c0000040300463044022052444616dcc81775fa1c37b815b4e3041059c1040deefd6a46b71a867cb1597c022062049980cefa7e415bda4cbcb97a231e6b11a134481336dd91dee932dadd1da300760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c74a425980000040300473045022064837bf514cff3d354ca8bf2598328728df66197663d92eef7ce75be7fb307410221008a21bbf004f8008d030c33aae972bde08b9ba30328a9e006585bcf8711804bc5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00218b441eab88f131f44759ea149e893f0fe5ec9a77068505542a702f249173f3f426d430ec26b0fda42c0ed4d5c57ef6c7bb8720ed8b5de1fb859b72b18150b3607ed1c766bfe7b140babc0d30ccca69f42e47093c0019185c5226a92e31d7d41aac3c368ef9922e9c4a875e9d15101e54c1283fc2cff13d6a2a7cf4655d2d177dbcd138c54ef79987a97b7273c6b697ca4e87d1297a7a029448c3edbad73e3177a0acb5a910c0e7030b5e5e75d0d3d569a87d5bcaeb3c6bd7586eee1e58b6a8f9944a6c729d439cfc45f61c51fab042d93757e25e27eb8be4bcd20eb263c7084b46cac5f46a254290ba781925f36ae7b287fab9402d7c3482667b361873c4b2