start.yext.com
Issued by GTS CA 1D4
About this certificate
This digital certificate with serial number 14:4f:00:a5:ed:ba:be:1a:09:98:19:bb:2d:18:93:d5 was issued on by Google Trust Services LLC.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=start.yext.com
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 14:4f:00:a5:ed:ba:be:1a:09:98:19:bb:2d:18:93:d5Serial Number (int): 26994764513743088954391277648182023125
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 50:2a:a5:a6:84:5d:0f:c6:00:3c:05:a7:ec:b1:51:eb:a5:31:6c:c3
AuthorityKeyId: 25:e2:18:0e:b2:57:91:94:2a:e5:d4:5d:86:90:83:de:53:b3:b8:92
Fingerprint (sha1): 8d:48:10:b8:87:44:56:73:be:e0:2e:98:19:57:e0:11:04:c4:c8:dd
Fingerprint (sha256): 06:70:33:82:0f:54:22:57:6a:a7:df:17:22:6e:34:c6:4b:f0:df:03:c4:b7:12:e6:d0:22:4a:86:83:37:c7:ee
Issuing Certificate URL: http://pki.goog/repo/certs/gts1d4.der
Revocation information
OCSP Server: http://ocsp.pki.goog/s/gts1d4/OYzyfG9PkFcCRL Distribution Point: http://crls.pki.goog/gts1d4/x2O7RTp0MTA.crl
Check the revocation status for certificate start.yext.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for start.yext.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
start.yext.com
Other certificates including the domain name yext.com
(limited to 100 certificates)
agent-qa.travelers.com
dev2.streamflow.finance
sni.cloudflaressl.com
covid19.yext.com
faqs.yext.com
sni.cloudflaressl.com
grow.yext.com
*.tx1.yext.com
*.yext.com
covid19-gov.yext.com
*.yext.com
techops.yext.com
blog.catalog.fi
sni.cloudflaressl.com
app-qa.eu.yext.com
answers-texaneyecare.pagescdn.com
sni.cloudflaressl.com
news.yext.com
*.yext.com
onward.yext.com
start.yext.com
*.yext.com
events.biggestfantour.com
wiki.yext.com
sni.cloudflaressl.com
offers.yext.com
*.yext.com
covid19.yext.com
covid19-healthcare.yext.com
*.yext.com
for.yext.com
san1.yext-cdn.com
embed-answers.cority.com.pagescdn.com
yext.com
store.yext.com
start.yext.com
locations.yext.com
*.hitchhikers.dev
*.thefrabric.com
design-system.yext.com
cac-documentation.hitchhikers.yext.com
docker.jfrog-poc.office.yext.com
news.yext.com
answers-autozone.pagescdn.com
news.yext.com
sni.cloudflaressl.com
livepreviewwebsockets-qa.yext.com
events.biggestfantour.com
ssl910335.cloudflaressl.com
answers.romeospizza.com
grow.yext.com
help.yext.com
sni.cloudflaressl.com
*.interview.yext.com
*.interview.yext.com
help.yext.com
sustainability.yext.com
api.eu.yext.com
bvas.yext.com
publishers.yext.com
start.yext.com
mulesoft.farmers.yext.com
sni.cloudflaressl.com
design-system.yext.com
sni.cloudflaressl.com
*.youst.in
hitchhiker-answers.yext.com
cube.yext.com
sni.cloudflaressl.com
*.office.yext.com
physicians.florida-allergy.com
*.yext.com
plfeeds.eu.yext.com
app.eu.yext.com
*.yext.com
sni.cloudflaressl.com
help.yext.com
*.hitchhikers.dev
blog-hitchhikers.yext.com
answers-embed.reseau-stan.com.pagescdn.com
sni.cloudflaressl.com
san1.yext-cdn.com
design-system.yext.com
www.yext.com
*.hitchhikers.dev
search.yext.com
wiki.yext.com
sni.cloudflaressl.com
sni.cloudflaressl.com
amp.locations.yext.com
yext.com
ssl468786.cloudflaressl.com
*.office.yext.com
*.office.yext.com
*.yext.com
www.start.yext.com
wiki.yext.com
sni.cloudflaressl.com
app.eu.yext.com
sni.cloudflaressl.com
dev2.streamflow.finance
sni.cloudflaressl.com
covid19.yext.com
faqs.yext.com
sni.cloudflaressl.com
grow.yext.com
*.tx1.yext.com
*.yext.com
covid19-gov.yext.com
*.yext.com
techops.yext.com
blog.catalog.fi
sni.cloudflaressl.com
app-qa.eu.yext.com
answers-texaneyecare.pagescdn.com
sni.cloudflaressl.com
news.yext.com
*.yext.com
onward.yext.com
start.yext.com
*.yext.com
events.biggestfantour.com
wiki.yext.com
sni.cloudflaressl.com
offers.yext.com
*.yext.com
covid19.yext.com
covid19-healthcare.yext.com
*.yext.com
for.yext.com
san1.yext-cdn.com
embed-answers.cority.com.pagescdn.com
yext.com
store.yext.com
start.yext.com
locations.yext.com
*.hitchhikers.dev
*.thefrabric.com
design-system.yext.com
cac-documentation.hitchhikers.yext.com
docker.jfrog-poc.office.yext.com
news.yext.com
answers-autozone.pagescdn.com
news.yext.com
sni.cloudflaressl.com
livepreviewwebsockets-qa.yext.com
events.biggestfantour.com
ssl910335.cloudflaressl.com
answers.romeospizza.com
grow.yext.com
help.yext.com
sni.cloudflaressl.com
*.interview.yext.com
*.interview.yext.com
help.yext.com
sustainability.yext.com
api.eu.yext.com
bvas.yext.com
publishers.yext.com
start.yext.com
mulesoft.farmers.yext.com
sni.cloudflaressl.com
design-system.yext.com
sni.cloudflaressl.com
*.youst.in
hitchhiker-answers.yext.com
cube.yext.com
sni.cloudflaressl.com
*.office.yext.com
physicians.florida-allergy.com
*.yext.com
plfeeds.eu.yext.com
app.eu.yext.com
*.yext.com
sni.cloudflaressl.com
help.yext.com
*.hitchhikers.dev
blog-hitchhikers.yext.com
answers-embed.reseau-stan.com.pagescdn.com
sni.cloudflaressl.com
san1.yext-cdn.com
design-system.yext.com
www.yext.com
*.hitchhikers.dev
search.yext.com
wiki.yext.com
sni.cloudflaressl.com
sni.cloudflaressl.com
amp.locations.yext.com
yext.com
ssl468786.cloudflaressl.com
*.office.yext.com
*.office.yext.com
*.yext.com
www.start.yext.com
wiki.yext.com
sni.cloudflaressl.com
app.eu.yext.com
sni.cloudflaressl.com
Certificate
The complete raw certificate details for start.yext.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEbTCCA1WgAwIBAgIQFE8Ape26vhoJmBm7LRiT1TANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFENDAeFw0yMzA2MjUyMjE2MTBaFw0yMzA5MjMy MzAzMTlaMBkxFzAVBgNVBAMTDnN0YXJ0LnlleHQuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAvXioAorX1JLrlEhYNVARx8WiBhscArzwcg9wMaWj pCWjygYn5DpMmFMZgaCigDOT/uSPiwfM165piTv81rofai8sUOWkQrEnnvmjQuWi M1lG6AvTu4UXS7/RbbEUaKJdEY9uhbOXqBpxbWpQIMmEQUHWi4vd73s6bhmC7V1G ZMa1N9Ee+p9swMCTAFjrU6n3agxCjk4pWtyOo7R+eShzxxfdyePt2B78Easu87GL PzYnIbtleGv+apieoT/RjeMoJ+8uVM911wY8cmMdSEAKOP4VK2ORrFV9UshLvLR+ qa6bZH6+SX/Ho44W48Y0Kkk+POPaldOGUKQXYNNDAiwemQIDAQABo4IBgjCCAX4w DgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFFAqpaaEXQ/GADwFp+yxUeulMWzDMB8GA1UdIwQYMBaAFCXi GA6yV5GUKuXUXYaQg95Ts7iSMHgGCCsGAQUFBwEBBGwwajA1BggrBgEFBQcwAYYp aHR0cDovL29jc3AucGtpLmdvb2cvcy9ndHMxZDQvT1l6eWZHOVBrRmMwMQYIKwYB BQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFkNC5kZXIwGQYD VR0RBBIwEIIOc3RhcnQueWV4dC5jb20wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYK KwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29v Zy9ndHMxZDQveDJPN1JUcDBNVEEuY3JsMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G CSqGSIb3DQEBCwUAA4IBAQAh8tqK6GnBGUCKt8ltgtLW/87u4tUd9Iq3JuRffC5i 5f/MFaYiqLSi6i5wOFasiJsYCxxHZypJ51wTe9UfETePxJAoI1gbT1FWP5Bnd4J8 3N0UyK1bPxRiZItBztT29YO73cxkpNxbIqB4mpBFZLrfhP+veq2HkRlVCJXExURo UAKRG/TQyri0CV31rXEmjh4pG5D4X09Sb+5O0VIb/0GCkJGoGjTIvjmbek0puwxu onGqeop/5PPr+1/6GFXadcS3nNWwlIfZTiLRm4vzMvY4IZJxYM8vVgDfqn8VhhV+ RTlLa8a+87px0WbfcbVCTKt/b9+xJCo7yh5lO/kw7fuZ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXioAorX1JLrlEhYNVAR x8WiBhscArzwcg9wMaWjpCWjygYn5DpMmFMZgaCigDOT/uSPiwfM165piTv81rof ai8sUOWkQrEnnvmjQuWiM1lG6AvTu4UXS7/RbbEUaKJdEY9uhbOXqBpxbWpQIMmE QUHWi4vd73s6bhmC7V1GZMa1N9Ee+p9swMCTAFjrU6n3agxCjk4pWtyOo7R+eShz xxfdyePt2B78Easu87GLPzYnIbtleGv+apieoT/RjeMoJ+8uVM911wY8cmMdSEAK OP4VK2ORrFV9UshLvLR+qa6bZH6+SX/Ho44W48Y0Kkk+POPaldOGUKQXYNNDAiwe mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 26994764513743088954391277648182023125 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1D4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-25 22:16:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-23 23:03:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'start.yext.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23918537472103664722831394891612724463231529192690355271419360951696527130795487922403133913068276114561291034366742593245591044199814381837635058719720557484163724926756341085977346025046866032882358063392469191845411618390097317010526534992838502116638267401994967532397818768196381291016112665737626418401213977324362514162786267608479281040225196196796689274720309044326311414729922208162896768639211251402801640700944735243315209176191928197897010012030280153604025552752560330885080950686701817548099356951201066464433804642109035059431107047792256939856700647890417620098324840307594391709533268060900338441881 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 502aa5a6845d0fc6003c05a7ecb151eba5316cc3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 25e2180eb25791942ae5d45d869083de53b3b892 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1d4/OYzyfG9PkFc' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1d4.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'start.yext.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1d4/x2O7RTp0MTA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0021f2da8ae869c119408ab7c96d82d2d6ffceeee2d51df48ab726e45f7c2e62e5ffcc15a622a8b4a2ea2e703856ac889b180b1c47672a49e75c137bd51f11378fc4902823581b4f51563f906777827cdcdd14c8ad5b3f1462648b41ced4f6f583bbddcc64a4dc5b22a0789a904564badf84ffaf7aad879119550895c4c544685002911bf4d0cab8b4095df5ad71268e1e291b90f85f4f526fee4ed1521bff41829091a81a34c8be399b7a4d29bb0c6ea271aa7a8a7fe4f3ebfb5ffa1855da75c4b79cd5b09487d94e22d19b8bf332f63821927160cf2f5600dfaa7f1586157e45394b6bc6bef3ba71d166df71b5424cab7f6fdfb1242a3bca1e653bf930edfb99