demo.streamlit.snowflake.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 05:1a:55:2d:7c:62:7c:14:04:58:be:10:14:c5:89:ea was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=demo.streamlit.snowflake.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:1a:55:2d:7c:62:7c:14:04:58:be:10:14:c5:89:ea
Serial Number (int): 6782867305825310307603044073369602538
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 08:f7:68:b2:5d:5d:44:37:db:b2:6d:d7:78:22:de:15:a9:34:a8:17
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): dd:d2:9d:c8:a7:ad:a3:1a:0f:da:06:54:77:b0:cf:48:b5:8c:01:eb
Fingerprint (sha256): 06:d8:0d:ad:47:b1:93:a6:e0:07:1b:b2:bc:98:28:c3:44:ae:ae:b8:de:f0:02:ef:97:f7:2f:25:3c:c4:01:0d

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate demo.streamlit.snowflake.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for demo.streamlit.snowflake.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

demo.streamlit.snowflake.com

Other certificates including the domain name snowflake.com

(limited to 100 certificates)
1e291ab3status.snowflake.com
1e291ab3status.snowflake.com
developer.status.atlassian.com
*.autotestcore2.eastus2.azure-dev.app.snowflake.com
attstatus.snowflake.com
glmatching.snowflake.com
finserv.snowflake.com
attstatus.snowflake.com
*.ordevautotest.us-west-2.aws-dev.app.snowflake.com
*.c1.eu-west-1.aws.app.snowflake.com
*.devtemptest2core1.us-west-2.aws-dev.app.snowflake.com
pricingautomation.snowflake.com
*.autotestc1.eastus2.azure-dev.app.snowflake.com
app1e-status.outreach.io
event.snowflake.com
*.m1.us-gov-west-1.aws-gov.app.snowflake.com
attstatus.snowflake.com
*.c1.us-east-1.aws.app.snowflake.com
lift.snowflake.com
*.oltp1.us-west-2.aws-dev.app.snowflake.com
community.snowflake.com
partner-payment-api.snowflake.com
snowamp.snowflake.com
abemcertified.abem.org
ciscokineticbeta.iotspdev.io
events.snowflake.com
attstatus.snowflake.com
developer.status.atlassian.com
utc-converter.snowflake.com
*.gfts.us-east-2.aws.app.snowflake.com
app-cdn-staging.app.snowflake.com
attstatus.snowflake.com
app-cdntest1.snowflake.com
usergroups.snowflake.com
attstatus.snowflake.com
snowamp-uat.snowflake.com
seone.snowflake.com
app1e-status.outreach.io
1e291ab3status.snowflake.com
pricingautomation.snowflake.com
events.snowflake.com
events.snowflake.com
app1e-status.outreach.io
go.snowflake.com
developer.status.atlassian.com
seone-qa.snowflake.com
events.snowflake.com
attstatus.snowflake.com
ipe-em-ssm-activation-code-us-east-1.snowflake.com
demo.streamlit.snowflake.com
app1e-status.outreach.io
*.qa3.us-west-2.aws-dev.app.snowflake.com
sni204121.cloudflaressl.com
*.autotestc1.eastus2.azure-dev.app.snowflake.com
demo.streamlit.snowflake.com
liftdev.snowflake.com
1e291ab3status.snowflake.com
*.capitalone.us-east-1.aws.app.snowflake.com
attstatus.snowflake.com
cleanroom-sso.snowflake.com
accredible.armanl.eu
1e291ab3status.snowflake.com
*.snowvmtest.us-west-2.aws-dev.app.snowflake.com
*.core2.us-west-2.aws-dev.app.snowflake.com
attstatus.snowflake.com
it-ds-chromadb.snowflake.com
*.ordevautotest1.us-west-2.aws-dev.app.snowflake.com
events.snowflake.com
app1e-status.outreach.io
*.qa6.us-west-2.aws-dev.app.snowflake.com
app1e-status.outreach.io
app1e-status.outreach.io
corp-vpn.snowflake.com
argocd-it-dev.snowflake.com
app1e-status.outreach.io
*.ordevautotest1.us-west-2.aws-dev.app.snowflake.com
partner-payment-oauth.snowflake.com
events.snowflake.com
*.ordevautotest1.us-west-2.aws-dev.app.snowflake.com
events.snowflake.com
app.my-guitar-tabs.com
*.autotestcore2.eastus2.azure-dev.app.snowflake.com
*.t1.usgovvirginia.azure-gov.app.snowflake.com
abemcertified.abem.org
*.citi.us-east-2.aws.app.snowflake.com
*.devtemptest3core1.us-west-2.aws-dev.app.snowflake.com
api.developers.snowflake.com
lift.snowflake.com
leapfrog-ssl-33.gcs-web.com
*.c2.eastus2.azure-dev.app.snowflake.com
sni204121.cloudflaressl.com
events.snowflake.com
1e291ab3status.snowflake.com
app1e-status.outreach.io
app1e-status.outreach.io
*.c1.eu-west-1.aws.app.snowflake.com
sni204121.cloudflaressl.com
ciscokineticbeta.iotspdev.io
sales-engineering-account.snowflake.com
api.developers.snowflake.com

Certificate

The complete raw certificate details for demo.streamlit.snowflake.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgIQBRpVLXxifBQEWL4QFMWJ6jANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDIwOTAwMDAwMFoXDTIzMDkyNTIzNTk1OVowJzEl
MCMGA1UEAxMcZGVtby5zdHJlYW1saXQuc25vd2ZsYWtlLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAJSSUO0jzN3EoHIFUNeIh1MbReymQj4c7Br7
YPI5ke9CSXyNqvOOe9pHHVCGApxNfOW2Gns2eX3s1TIzKxDQugehd5dnIJmUl5Xa
f3dKadXyZg3QkO1yADyuYStUCxyh5pOVD0v+EGi/ZnMdbzLAjiwlRUIADTkTXM/1
yrQ1v5S2V0C5pYC5FXyXG/9+iOmWzY7lhr8YVTd2BMQqo9Kc+XJPCDbY6B+0IUIW
1CrsRJoVrBDbURdTM0Ivrr6DC+9FdF7tdUAWUIpb9RC+moBOP5XLfhLujILzC3I5
qjac7Gxxxy//9umPQWZv0or9gvkd3nE8tdMOOQxEfE+p8KUtWskCAwEAAaOCAvUw
ggLxMB8GA1UdIwQYMBaAFIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBQI
92iyXV1EN9uybdd4It4VqTSoFzAnBgNVHREEIDAeghxkZW1vLnN0cmVhbWxpdC5z
bm93Zmxha2UuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMS5h
bWF6b250cnVzdC5jb20vcjJtMDEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUG
CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDEuYW1h
em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAxLmFtYXpv
bnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkC
BAIEggFuBIIBagFoAHYA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A
AAGGOHcCmQAABAMARzBFAiEA+CEqw/jO42SXSHoy+EdEh58s/Afq1QBfpSBFR6FC
s1cCIBSmenjCM8BWn29+SA+Uc5ucMUzInqOSvaXDcr7oNGVfAHYAs3N3B+GEUPhj
htYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAGGOHcC+gAABAMARzBFAiEAhh9WF+lt
xEPQGEZ1YoQwb/Z/ixGldH78VRYHliybowoCIGmQ7TwA1Hxez1bycTw0wlfVFTuU
4YUGd4NGVZqmMya4AHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkA
AAGGOHcCxgAABAMARzBFAiBBPtdMklthq1keDijbpeRx0iVmvueVobLncDHXkCdY
EAIhAN4VLLIsjLww5nHyg4n3J8KeAKaM4wHz5DD72fXR5BdVMA0GCSqGSIb3DQEB
CwUAA4IBAQAk66vQCAO0L/ma0b0WULLnZlfd/AjUJ+IVNe9T+ZDAxH80a4W0Iyb1
kP77f/0ih+xJSIuGGccyaXDSmmlKaQNysKzR2J2WMjKC1V6mTU0ohcvIwys8b1eI
uYrVYCgYCXv1uhiStPBt3lLRN0QCDIEJCTnGDudGKDzCd5dqEemcHl2dKj4H/J4b
Vkz7ZA67ZgbLIEnFdV4KKcHLZt8crNEWaG6Rs9tN+0pRKreHJDUBtOieygiMI/oN
yXsGAqIX92dQHuI+NFpA/euyEKNOwfPKdsPMiT2C8yLVNqiLimfmulJ/G3YC9yAx
Gs63JtdX2UYJ8h4VuvVJeFlZoOfr1hE8
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJJQ7SPM3cSgcgVQ14iH
UxtF7KZCPhzsGvtg8jmR70JJfI2q84572kcdUIYCnE185bYaezZ5fezVMjMrENC6
B6F3l2cgmZSXldp/d0pp1fJmDdCQ7XIAPK5hK1QLHKHmk5UPS/4QaL9mcx1vMsCO
LCVFQgANORNcz/XKtDW/lLZXQLmlgLkVfJcb/36I6ZbNjuWGvxhVN3YExCqj0pz5
ck8INtjoH7QhQhbUKuxEmhWsENtRF1MzQi+uvoML70V0Xu11QBZQilv1EL6agE4/
lct+Eu6MgvMLcjmqNpzsbHHHL//26Y9BZm/Siv2C+R3ecTy10w45DER8T6nwpS1a
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6782867305825310307603044073369602538
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'demo.streamlit.snowflake.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18755420302103514522305929685642520747897184483733152847344567276286513131457601248279050919102577231275626783654068801868680114217960153926563973052706089154100729482849502531798750813870249099192655889078618972679199009420132017159991601043308807482004484627945294432119537331053517132538508831309456507737229125808169556026748025370040644252167111917740364649882926476108454222063040019319871198755493280074403292026278252174473745169972466163136632420801799219148941786349249496245744689266379348767103483301827152339435176601858462910805170554730527803297788518126095026345842522532898551494154468992965441051337
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							08f768b25d5d4437dbb26dd77822de15a934a817
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo.streamlit.snowflake.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000186387702990000040300473045022100f8212ac3f8cee36497487a32f84744879f2cfc07ead5005fa5204547a142b357022014a67a78c233c0569f6f7e480f94739b9c314cc89ea392bda5c372bee834655f007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000186387702fa0000040300473045022100861f5617e96dc443d01846756284306ff67f8b11a5747efc551607962c9ba30a02206990ed3c00d47c5ecf56f2713c34c257d5153b94e18506778346559aa63326b8007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000186387702c600000403004730450220413ed74c925b61ab591e0e28dba5e471d22566bee795a1b2e77031d790275810022100de152cb22c8cbc30e671f28389f727c29e00a68ce301f3e430fbd9f5d1e41755
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0024ebabd00803b42ff99ad1bd1650b2e76657ddfc08d427e21535ef53f990c0c47f346b85b42326f590fefb7ffd2287ec49488b8619c7326970d29a694a690372b0acd1d89d96323282d55ea64d4d2885cbc8c32b3c6f5788b98ad5602818097bf5ba1892b4f06dde52d13744020c81090939c60ee746283cc277976a11e99c1e5d9d2a3e07fc9e1b564cfb640ebb6606cb2049c5755e0a29c1cb66df1cacd116686e91b3db4dfb4a512ab787243501b4e89eca088c23fa0dc97b0602a217f767501ee23e345a40fdebb210a34ec1f3ca76c3cc893d82f322d536a88b8a67e6ba527f1b7602f720311aceb726d757d94609f21e15baf549785959a0e7ebd6113c