www.baltic-amber.biz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a2:30:5f:b4:42:17:f7:93:0d:62:f7:1c:59:a9:c8:67:44 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.baltic-amber.biz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a2:30:5f:b4:42:17:f7:93:0d:62:f7:1c:59:a9:c8:67:44Serial Number (int): 316526901104542212629042748243757584901956
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6a:7a:55:17:ff:68:dc:18:41:df:ba:ac:38:93:4d:fb:9f:d6:9b:81
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 78:e1:4b:1b:b8:cd:2a:58:d8:16:4a:e8:bb:fa:4e:c9:4b:4a:b2:3c
Fingerprint (sha256): 06:f3:c8:06:99:76:e0:7d:92:d0:8d:a8:2b:fb:22:e0:cd:72:92:1c:1e:bd:03:2f:d6:8d:c8:9c:d3:17:c7:6e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.baltic-amber.biz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.baltic-amber.biz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
Other certificates including the domain name baltic-amber.biz
(limited to 100 certificates)
www.baltic-amber.biz
www.baltic-amber.biz
baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
money1.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
money1.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
money1.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
money1.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
test.baltic-amber.biz
www.baltic-amber.biz
www.baltic-amber.biz
Certificate
The complete raw certificate details for www.baltic-amber.biz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJTCCBQ2gAwIBAgISA6IwX7RCF/eTDWL3HFmpyGdEMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA2MTgxOTA1NDhaFw0x ODA5MTYxOTA1NDhaMB8xHTAbBgNVBAMTFHd3dy5iYWx0aWMtYW1iZXIuYml6MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bNfIO8PAZGop+seylKvmr2l jqg7ODxMizkJMLy90mlAIKsLrYcOeXnCLCJgKdWo9ZfJshhHphPtJo3r5F6qbMIB iMd7+slQcJWBaKx27aa6oIhFD8w70Zfe4/hrWXZnnkab9Brim//7/VQq48MP249L MBa9O5TlJe+UBpPappE3K3qFzCsSWJUPWhNO5nTE2cv1P3ES4RANpqVROncVlpzB xvPjbJueSztzlC6OkR3kXl+eRWzBW7uk09W5Hy1KjAW0fZQAkGpzVJt7mjBcxIqz Ed/O7TNposu+89Jf4ydTfw5hdRz12AE+pBurKXkwxDjlLOOj+Z8RQkRCTN9n+QID AQABo4IDLjCCAyowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRqelUX/2jcGEHfuqw4 k037n9abgTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j cnlwdC5vcmcvMDEGA1UdEQQqMCiCEGJhbHRpYy1hbWJlci5iaXqCFHd3dy5iYWx0 aWMtYW1iZXIuYml6MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLf EwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcw gasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSBy ZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3Jk YW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6 Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wggEEBgorBgEEAdZ5AgQCBIH1 BIHyAPAAdwDbdK/uyynssf7KPnFtLOW5qrs294Rxg8ddnU83th+/ZAAAAWQUgOSj AAAEAwBIMEYCIQDkhqH+TlVJqHOy0/BcNPMgPn0v3JPWlSSPe4z2UTmdDgIhAL4k 8qux8SgswqHb7Kgg3envyHB+IBiagnQQmD0KVBpVAHUAKTxRllTIOWW6qlD8WAfU t2+/WHopctykwwz05UVH9HgAAAFkFIDksgAABAMARjBEAiBockjQPImoWEbCyGXk OckX/hAPmf3JGCIAQrlnu2BoeQIgGkE6xdq0g6t6q1A1t2o97c2iUjLrWxUm0m+p ltZ5vzcwDQYJKoZIhvcNAQELBQADggEBACLH/BRUsyPHpXjCmEeYXtORGSQW7HIF kToaf/bcrhLvT0Y8t3FyjuAm7kB4yWrtJcrEwfN1O2r2kYK9//gpO8x8oVWRX7Wn D1Zbg5GVhh/9T1vYvrix97eAFutiOwsL7zhzhMIWP6L68B9EOuNZjVOBumLqkO1M g7ZOtxRqTVC7Xk6mLXYxDjmsOPfG1H6t/09uFRM0UiCaynTyFH7fpfOag7sGrQSC CxNrR9TVXJ+vBH1MDHr2lYW7UKcyUi7eEKM+MNZ3VabGgsfU8pdRXj08rfYPZUZK NBQhCOPTYSuFZy4186jS6q3GZceF5GCzhGCKF/KVlpDxCOQJ9B04WWE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bNfIO8PAZGop+seylKv mr2ljqg7ODxMizkJMLy90mlAIKsLrYcOeXnCLCJgKdWo9ZfJshhHphPtJo3r5F6q bMIBiMd7+slQcJWBaKx27aa6oIhFD8w70Zfe4/hrWXZnnkab9Brim//7/VQq48MP 249LMBa9O5TlJe+UBpPappE3K3qFzCsSWJUPWhNO5nTE2cv1P3ES4RANpqVROncV lpzBxvPjbJueSztzlC6OkR3kXl+eRWzBW7uk09W5Hy1KjAW0fZQAkGpzVJt7mjBc xIqzEd/O7TNposu+89Jf4ydTfw5hdRz12AE+pBurKXkwxDjlLOOj+Z8RQkRCTN9n +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316526901104542212629042748243757584901956 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-18 19:05:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-16 19:05:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.baltic-amber.biz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28492070048118953484241107505707589301680630955763028588651938773648104222109824414625674258118874958631877606078524768814947651030810362913893321240755294732464318145191958985203798920409039709955770916222024246170184455898091641277398672083966784394797003192640110777524815633006257893286943816494043550150861698256409546557115267966567235150656151408758211629450308316178186439013364175009119042945381627996093631808742872832310368719699219590160983766873968749133934649907592060492917637087535747387646747220351396077611277311040066454468315510835312471019661324543906337262241236310712165640144476433816099973113 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6a7a5517ff68dc1841dfbaac38934dfb9fd69b81 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'baltic-amber.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.baltic-amber.biz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf64000001641480e4a30000040300483046022100e486a1fe4e5549a873b2d3f05c34f3203e7d2fdc93d695248f7b8cf651399d0e022100be24f2abb1f1282cc2a1dbeca820dde9efc8707e20189a827410983d0a541a55007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001641480e4b200000403004630440220687248d03c89a85846c2c865e439c917fe100f99fdc918220042b967bb60687902201a413ac5dab483ab7aab5035b76a3dedcda25232eb5b1526d26fa996d679bf37 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0022c7fc1454b323c7a578c29847985ed391192416ec7205913a1a7ff6dcae12ef4f463cb771728ee026ee4078c96aed25cac4c1f3753b6af69182bdfff8293bcc7ca155915fb5a70f565b839195861ffd4f5bd8beb8b1f7b78016eb623b0b0bef387384c2163fa2faf01f443ae3598d5381ba62ea90ed4c83b64eb7146a4d50bb5e4ea62d76310e39ac38f7c6d47eadff4f6e15133452209aca74f2147edfa5f39a83bb06ad04820b136b47d4d55c9faf047d4c0c7af69585bb50a732522ede10a33e30d67755a6c682c7d4f297515e3d3cadf60f65464a34142108e3d3612b85672e35f3a8d2eaadc665c785e460b384608a17f2959690f108e409f41d385961