koha.bywatersolutions.com

Issued by R3

About this certificate

This digital certificate with serial number 04:5d:56:65:8f:93:e1:f7:63:37:16:29:45:d9:f5:2f:e6:d2 was issued on by Let's Encrypt.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=koha.bywatersolutions.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:5d:56:65:8f:93:e1:f7:63:37:16:29:45:d9:f5:2f:e6:d2
Serial Number (int): 380210244792409524883453070805669780645586
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 8f:97:31:4e:5f:0c:56:81:84:12:bf:0a:e3:45:33:9a:0f:75:1f:43
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 4c:23:2c:b8:56:5f:27:e4:ef:92:71:7f:89:48:ad:31:ce:a6:68:a7
Fingerprint (sha256): 07:4e:9e:55:c3:d1:3f:4c:b9:13:e2:ac:0b:a2:d6:25:38:a6:cf:9f:a1:84:51:58:a0:ad:50:27:17:db:f9:9a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate koha.bywatersolutions.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for koha.bywatersolutions.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aspen.bywatersolutions.com
bywatersolutions.com
koha.bywatersolutions.com
www.bywatersolutions.com

Other certificates including the domain name bywatersolutions.com

(limited to 100 certificates)
catalog.redlibrary.org
harrison.bywatersolutions.com
cin.bywatersolutions.com
audubon.bywatersolutions.com
harrison.bywatersolutions.com
arcadiapl.bywatersolutions.com
model.bywatersolutions.com
bedfordtx.bywatersolutions.com
harrison.bywatersolutions.com
washoe-aspen.bywatersolutions.com
koha.bywatersolutions.com
farmington.bywatersolutions.com
www.astinus.bywatersolutions.com
catalog.redlibrary.org
idsa.bywatersolutions.com
devs.bywatersolutions.com
staff.ajaxlibrary.ca
farmington.bywatersolutions.com
ticket.bywatersolutions.com
camden.bywatersolutions.com
disneytech.bywatersolutions.com
demo.bywatersolutions.com
bywatersolutions.com
kohacon2018.bywatersolutions.com
kohacon2018.bywatersolutions.com
dovernet.bywatersolutions.com
vokal-aspen.bywatersolutions.com
texlaw.bywatersolutions.com
bywatersolutions.com
ajaxon.bywatersolutions.com
collingswood.bywatersolutions.com
kids.meadvillelibrary.org
demo.bywatersolutions.com
ticket.bywatersolutions.com
samuelmerritt.bywatersolutions.com
catalog.dnredwoods.bywatersolutions.com
bywatersolutions.com
kids.meadvillelibrary.org
sdlaw.bywatersolutions.com
catalog.bethelu.bywatersolutions.com
kohacon2018.bywatersolutions.com
media.bywatersolutions.com
devs.bywatersolutions.com
esri.bywatersolutions.com
catalog.redlibrary.org
catalog.rahwaylibrary.org
texlaw.bywatersolutions.com
bywatersolutions.com
roundrock.bywatersolutions.com
risl.bywatersolutions.com
farmington.bywatersolutions.com
bywatersolutions.com
merial.bywatersolutions.com
demo.bywatersolutions.com
collingswood.bywatersolutions.com
devs.bywatersolutions.com
catalog.rahwaylibrary.org
kids.meadvillelibrary.org
catalog.rahwaylibrary.org
bywatersolutions.com
siskiyou.bywatersolutions.com
catalog.redlibrary.org
hkic.bywatersolutions.com
disneytech.bywatersolutions.com
esri.bywatersolutions.com
bywatersolutions.com
demo.bywatersolutions.com
uintah.bywatersolutions.com
catalog.redlibrary.org
catalog.rahwaylibrary.org
tnhsc.bywatersolutions.com
bywaterconsortium.aspendiscovery.org
kohacon2018.bywatersolutions.com
dovernet.bywatersolutions.com
demo.bywatersolutions.com
dovernet.bywatersolutions.com
aspen-arlingtontest.bywatersolutions.com
downtown.roseville-libki.bywatersolutions.com
help.aspendiscovery.org
kohacon2018.bywatersolutions.com
catamount.bywatersolutions.com
esri.bywatersolutions.com
ticket.bywatersolutions.com
catalog.rahwaylibrary.org
collingswood.bywatersolutions.com
kohacon2018.bywatersolutions.com
catalog.redlibrary.org
pals.bywatersolutions.com
aspen.bywatersolutions.com
ckls.bywatersolutions.com
catalog.rahwaylibrary.org
catalog.redlibrary.org
catalog.rahwaylibrary.org
ticket.bywatersolutions.com
ramapo.bywatersolutions.com
kohacon2018.bywatersolutions.com
harrison.bywatersolutions.com
kohacon2018.bywatersolutions.com
tlccat.bywatersolutions.com
demo.bywatersolutions.com

Certificate

The complete raw certificate details for koha.bywatersolutions.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISBF1WZY+T4fdjNxYpRdn1L+bSMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjEyMDExNjU4MzNaFw0yMzAzMDExNjU4MzJaMCQxIjAgBgNVBAMT
GWtvaGEuYnl3YXRlcnNvbHV0aW9ucy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpQp0tVqqJGQSIM3in/bgo/aNp+B5Wwtbqp6ApVtQnXh4A6cGh
qxOoAav98weIcJG0knEaevh5elG/2uElXZ0zkCONetNNxs4KiTMe7XfUZ4+ast08
VIp1Sy6cKfMvN+5nCWRct5dDScZr00DOEvpojwCB59Uezg5cgpPli5h5Y3SrNVPI
tTneAygzIqr8ztJ6pz5n4+M8P+2pZfDf44/rYrMaesmoqeYEZ/jCb7baljSqiE3p
AXFvX+lgU3VvkJb3HqahaiaBcbyKrcdkZNFTkmeB7WVOduVz8TUxIog8+F7m2FFs
wrqLIZfwl3rTiPhlS/yNgzxGYdYHdpdWPOVFAgMBAAGjggKgMIICnDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFI+XMU5fDFaBhBK/CuNFM5oPdR9DMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMHAGA1UdEQRpMGeCGmFzcGVuLmJ5d2F0ZXJzb2x1dGlvbnMu
Y29tghRieXdhdGVyc29sdXRpb25zLmNvbYIZa29oYS5ieXdhdGVyc29sdXRpb25z
LmNvbYIYd3d3LmJ5d2F0ZXJzb2x1dGlvbnMuY29tMEwGA1UdIARFMEMwCAYGZ4EM
AQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0
c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAejKMVNi3LbYg
6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGEztcXtQAABAMASDBGAiEA1NpyjtD4
hK1VDl4uWTU81Id+VSu8swSAnR885AzYiz4CIQDtgQEvZj54XzfjBoxt5gRBNj17
Fq00wxiWV/ua1am1XgB1AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKK
AAABhM7XGcIAAAQDAEYwRAIgIXyXyGrON5o4GcT6Uxm079Jp5kSx02izWZYamrM5
logCIEY84jP87Fa7NxT0PXsXJDOex54IiX1zGXlwUfBCPooCMA0GCSqGSIb3DQEB
CwUAA4IBAQBFGzj8FEV7s3rOBnPg8aagsryVWDQ9fWVP7sxU7mEYk93ODzlv2wQs
we0SMlK93Zdu2LT1dkwyaSmT+Tih0XGHP+QKNZOiocFINEn2VFwGyC1n+mvdsepR
7WHGqSUEli+l4LM5ikk+1t2/2VSzF49RpgWbR3V6q9zB90U4qNaUdaZwFD27KKhI
Hruz0mUnYPPHgw9Gy6bao2dkvE5H3OFo/JY51wX3IIE8B50zNj65Bc0fkhYjVtV1
Axr8abgQ2uhOyDnPK3Bzb5tfZdV6UBbQ8ldgX0hf1OdP8DPduJ6nch9U6SRbvVcF
/Wo7EiyufL0QzrVeL44C15FJcOY/5dfG
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUKdLVaqiRkEiDN4p/24
KP2jafgeVsLW6qegKVbUJ14eAOnBoasTqAGr/fMHiHCRtJJxGnr4eXpRv9rhJV2d
M5AjjXrTTcbOCokzHu131GePmrLdPFSKdUsunCnzLzfuZwlkXLeXQ0nGa9NAzhL6
aI8AgefVHs4OXIKT5YuYeWN0qzVTyLU53gMoMyKq/M7Seqc+Z+PjPD/tqWXw3+OP
62KzGnrJqKnmBGf4wm+22pY0qohN6QFxb1/pYFN1b5CW9x6moWomgXG8iq3HZGTR
U5Jnge1lTnblc/E1MSKIPPhe5thRbMK6iyGX8Jd604j4ZUv8jYM8RmHWB3aXVjzl
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 380210244792409524883453070805669780645586
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-01 16:58:33 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-01 16:58:32 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'koha.bywatersolutions.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21367122113663525291587061950047679402991224781809129095602248857352635749062728949353280435572810355714472325435390329196790911345199998953612442414753412949276820713176246081303490105417833822051365995992563365549216581130410231462996830616890564275889973884626371603833363517000925795828775408101708262052673457059690945978777089990000661424276120267981013043604922660836244254994693634995250499891726200519052474365967317925829808117208734623880393538219716999668170944680229413133261430925019749585054617499964770273915281190619997402797950350669638169414506255733594047187146896136967760586425412798234025059653
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8f97314e5f0c56818412bf0ae345339a0f751f43
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aspen.bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'koha.bywatersolutions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bywatersolutions.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000184ced717b50000040300483046022100d4da728ed0f884ad550e5e2e59353cd4877e552bbcb304809d1f3ce40cd88b3e022100ed81012f663e785f37e3068c6de60441363d7b16ad34c3189657fb9ad5a9b55e007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000184ced719c200000403004630440220217c97c86ace379a3819c4fa5319b4efd269e644b1d368b359961a9ab33996880220463ce233fcec56bb3714f43d7b1724339ec79e08897d7319797051f0423e8a02
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00451b38fc14457bb37ace0673e0f1a6a0b2bc9558343d7d654feecc54ee611893ddce0f396fdb042cc1ed123252bddd976ed8b4f5764c32692993f938a1d171873fe40a3593a2a1c1483449f6545c06c82d67fa6bddb1ea51ed61c6a92504962fa5e0b3398a493ed6ddbfd954b3178f51a6059b47757aabdcc1f74538a8d69475a670143dbb28a8481ebbb3d2652760f3c7830f46cba6daa36764bc4e47dce168fc9639d705f720813c079d33363eb905cd1f92162356d575031afc69b810dae84ec839cf2b70736f9b5f65d57a5016d0f257605f485fd4e74ff033ddb89ea7721f54e9245bbd5705fd6a3b122cae7cbd10ceb55e2f8e02d7914970e63fe5d7c6