link.huffpost.com
Issued by R3
About this certificate
This digital certificate with serial number 04:22:5a:67:95:55:da:f6:37:c9:4f:7c:a6:1d:22:b8:2a:2d was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=link.huffpost.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:22:5a:67:95:55:da:f6:37:c9:4f:7c:a6:1d:22:b8:2a:2dSerial Number (int): 360138912557431156009205135978824847600173
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ad:e4:7a:4e:de:e1:b7:26:e9:f6:c5:83:34:60:fe:1d:61:bc:64:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 64:1f:13:32:79:6a:12:5c:30:29:f9:15:b5:36:47:6a:22:82:91:e6
Fingerprint (sha256): 07:c5:f3:4f:a5:83:13:ad:51:24:cd:11:6f:ad:5c:82:d7:68:a1:af:e5:7a:12:34:f5:6e:79:8a:48:d8:88:87
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate link.huffpost.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for link.huffpost.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
link.huffpost.com
Other certificates including the domain name huffpost.com
(limited to 100 certificates)
checkout.yahoo.com
qa5.add.my.aol.com
staging-origin-life.huffpo.net
preview.www.huffpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
coupons.huffpost.com
link.huffpost.com
*.aol.com
*.add.my.aol.com
checkout.yahoo.com
img.huffingtonpost.com
www.huffingtonpost.com
*.login.yahoo.com
consent.oath.com
*.dev.buzzfeed.io
cmp.huffpost.com
production.mapi.huffpost.com
img.staging.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
beta-origin-cambria-alb.huffpo.net
staging.mapi.huffpost.com
staging.www.huffingtonpost.com
*.aol.com
stage.consent.oath.com
stage.guce2.oath.com
cmp.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.search.yahoo.com
secure.huffingtonpost.com
checkout.yahoo.com
link.huffpost.com
dev.checkout.yahoo.com
huffpost.com
qa.preview.www.huffpost.com
*.aol.com
stage.consent.oath.com
api.huffpost.com
link.huffpost.com
cmp.huffpost.com
*.dev.buzzfeed.io
*.trunk.login.yahoo.com
stage.consent.oath.com
cmp.huffpost.com
*.search.yahoo.com
stage.guce2.oath.com
modulous.huffpost.com
stage.oidc.oath.com
qa.preview.www.huffpost.com
stage.consent.oath.com
staging.www.huffingtonpost.com
www.huffpost.com
mapi.huffpost.com
*.stage.login.yahoo.com
auth.stage.huffpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
se.emails.huffpost.com
*.search.yahoo.com
assist.aol.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
*.login.yahoo.com
www.huffingtonpost.com
*.login.yahoo.com
beta.www.huffpost.com
modulous.huffpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
cmp.huffpost.com
guce2.oath.com
origin-kraken.huffpo.net
src5.yahoo.com
checkout.yahoo.com
checkout.yahoo.com
stage.guce2.oath.com
*.assets.huffingtonpost.com
*.stage.login.yahoo.com
dev.checkout.yahoo.com
dev.checkout.yahoo.com
auth.stage.huffpost.com
trunk.consent.oath.com
*.stage.login.yahoo.com
dev.search.yahoo.com
se.emails.huffpost.com
*.stage.login.yahoo.com
*.search.yahoo.com
huffpost.com
stage.guce.huffpost.com
www.huffingtonpost.com
auth.huffpost.com
consent.oath.com
qa5.add.my.aol.com
staging-origin-life.huffpo.net
preview.www.huffpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
coupons.huffpost.com
link.huffpost.com
*.aol.com
*.add.my.aol.com
checkout.yahoo.com
img.huffingtonpost.com
www.huffingtonpost.com
*.login.yahoo.com
consent.oath.com
*.dev.buzzfeed.io
cmp.huffpost.com
production.mapi.huffpost.com
img.staging.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
beta-origin-cambria-alb.huffpo.net
staging.mapi.huffpost.com
staging.www.huffingtonpost.com
*.aol.com
stage.consent.oath.com
stage.guce2.oath.com
cmp.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.search.yahoo.com
secure.huffingtonpost.com
checkout.yahoo.com
link.huffpost.com
dev.checkout.yahoo.com
huffpost.com
qa.preview.www.huffpost.com
*.aol.com
stage.consent.oath.com
api.huffpost.com
link.huffpost.com
cmp.huffpost.com
*.dev.buzzfeed.io
*.trunk.login.yahoo.com
stage.consent.oath.com
cmp.huffpost.com
*.search.yahoo.com
stage.guce2.oath.com
modulous.huffpost.com
stage.oidc.oath.com
qa.preview.www.huffpost.com
stage.consent.oath.com
staging.www.huffingtonpost.com
www.huffpost.com
mapi.huffpost.com
*.stage.login.yahoo.com
auth.stage.huffpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
se.emails.huffpost.com
*.search.yahoo.com
assist.aol.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
*.login.yahoo.com
www.huffingtonpost.com
*.login.yahoo.com
beta.www.huffpost.com
modulous.huffpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
cmp.huffpost.com
guce2.oath.com
origin-kraken.huffpo.net
src5.yahoo.com
checkout.yahoo.com
checkout.yahoo.com
stage.guce2.oath.com
*.assets.huffingtonpost.com
*.stage.login.yahoo.com
dev.checkout.yahoo.com
dev.checkout.yahoo.com
auth.stage.huffpost.com
trunk.consent.oath.com
*.stage.login.yahoo.com
dev.search.yahoo.com
se.emails.huffpost.com
*.stage.login.yahoo.com
*.search.yahoo.com
huffpost.com
stage.guce.huffpost.com
www.huffingtonpost.com
auth.huffpost.com
consent.oath.com
Certificate
The complete raw certificate details for link.huffpost.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIENTCCAx2gAwIBAgISBCJaZ5VV2vY3yU98ph0iuCotMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMjA5MjIwODA1NTdaFw0yMjEyMjEwODA1NTZaMBwxGjAYBgNVBAMT EWxpbmsuaHVmZnBvc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7WWRkjcjc9887VpmqlCTNbOONIXQDyfU0hj9rSQmVy062p5eh73kwqeXzaXT W45xeMB0ocfH0Sa4QWS2zPqWDpTQagV1YcGC3CBQ6PRJup8zcX1gUqju8I+KievQ fJB4f6C0Zh/D95fkanqVhV2u6oHwFe+PaVNwUKj2pSbOuz06y+KtRCAtaZv1XEnE /5wF/rSd68VUtdwInGzoqVKiUsr9goXrju+SnkPTdjR42+cdD6VsQG1A87M9UkDo Do84uojsp7s32+Zfa06m7oqOYj9uMDh2JCNma4nilXfk1zTUsuZ2D22BxCbYdxwQ Kp5VdaHO5L2BkiJ2fPD3q1HPXQIDAQABo4IBWTCCAVUwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBSt5HpO3uG3Jun2xYM0YP4dYbxkFzAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzAcBgNVHREEFTATghFsaW5rLmh1ZmZwb3N0LmNvbTBMBgNVHSAERTBDMAgG BmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz LmxldHNlbmNyeXB0Lm9yZzATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0B AQsFAAOCAQEAj2UsezkkdXSZfbJW98UzzDfhxSzQ9cyVaOooQcqSzMDkz/qnMv0B fHDlVkz2EHQTx/3VYa473JbvuusMFPmNcVmKC+S1b/BfW2UkoaKOwU0aaDPcv24n awTcW7BLsEougMPZ552Cqgp4rrptLW8K5OvxU2JiLRiQFeL/wVMLUevU5ctH1JWd j5IIAWuUzL8lomuQyix1Xi54DRdU7ECtXH3a5UCOK2YkSy+yOVl+1rcEb2qPULw6 8eThj95RcmhNkJN/W6B/PwBC9q4cKCRlCAevQwtbKRxxxAAcdUBlX4pYlfFMCJyt GnodIW5mnkIZm5vjt6RfiVctyLpGsoDNpQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WWRkjcjc9887VpmqlCT NbOONIXQDyfU0hj9rSQmVy062p5eh73kwqeXzaXTW45xeMB0ocfH0Sa4QWS2zPqW DpTQagV1YcGC3CBQ6PRJup8zcX1gUqju8I+KievQfJB4f6C0Zh/D95fkanqVhV2u 6oHwFe+PaVNwUKj2pSbOuz06y+KtRCAtaZv1XEnE/5wF/rSd68VUtdwInGzoqVKi Usr9goXrju+SnkPTdjR42+cdD6VsQG1A87M9UkDoDo84uojsp7s32+Zfa06m7oqO Yj9uMDh2JCNma4nilXfk1zTUsuZ2D22BxCbYdxwQKp5VdaHO5L2BkiJ2fPD3q1HP XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 360138912557431156009205135978824847600173 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-22 08:05:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-21 08:05:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'link.huffpost.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29968563638725240893330425997763517047716026506092502216727563736175555572910823952468995319952467958916756624497586126909646893971593888384585770101714628351715894040418341579370038098752498023447544879336231831025995918889974516575041743952197350872959855848850042810705724293241958646804695273130394172895597396912029375100227589954308081635247920569449763350531639134554200808071623399750938368425561965490955927732311953238646750634238109826704613360243577150660875629752017126337804612388061802022777010855407198471689856685623582211436112521880121347980304324683923480742863271667330907866104366187233775046493 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ade47a4edee1b726e9f6c5833460fe1d61bc6417 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'link.huffpost.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008f652c7b39247574997db256f7c533cc37e1c52cd0f5cc9568ea2841ca92ccc0e4cffaa732fd017c70e5564cf6107413c7fdd561ae3bdc96efbaeb0c14f98d71598a0be4b56ff05f5b6524a1a28ec14d1a6833dcbf6e276b04dc5bb04bb04a2e80c3d9e79d82aa0a78aeba6d2d6f0ae4ebf15362622d189015e2ffc1530b51ebd4e5cb47d4959d8f9208016b94ccbf25a26b90ca2c755e2e780d1754ec40ad5c7ddae5408e2b66244b2fb239597ed6b7046f6a8f50bc3af1e4e18fde5172684d90937f5ba07f3f0042f6ae1c2824650807af430b5b291c71c4001c7540655f8a5895f14c089cad1a7a1d216e669e42199b9be3b7a45f89572dc8ba46b280cda5