research.un.org
Issued by R3
About this certificate
This digital certificate with serial number 04:67:34:f5:08:91:18:9f:1d:33:0a:4d:01:85:6c:e0:05:84 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=research.un.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:67:34:f5:08:91:18:9f:1d:33:0a:4d:01:85:6c:e0:05:84Serial Number (int): 383568619662163785372496048066833120494980
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 13:03:a6:ba:95:33:b5:e1:5f:51:98:0b:15:3b:c7:6f:df:cd:ae:70
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 17:8c:2c:24:78:e4:d1:98:1c:42:8a:b6:d0:eb:55:dc:0c:34:fa:25
Fingerprint (sha256): 08:42:c2:27:c1:8f:e1:ee:2e:fa:a3:fc:26:21:53:07:fe:26:b3:fa:73:a9:43:0c:bc:0a:f2:a4:1f:95:a0:3b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate research.un.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for research.un.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
research.un.org
Other certificates including the domain name un.org
(limited to 100 certificates)
*.un.org
*.un.org
lpk-cms.ilearn.un.org
kh.one.un.org
lpk-cms.ilearn.un.org
*.wf.un.org
cims-test.so.one.un.org
5726971199750144-fe1.pantheonsite.io
ilearn-cms.umoja.un.org
cerf.un.org
5679778661138432-fe3.pantheonsite.io
un.org
ask.un.org
jo.one.un.org
un.org
dprkorea.un.org
afghanistan.un.org
untermportal.un.org
mw.one.un.org
bkkuccx02.escap.un.org
ask.un.org
ask.un.org
*.qa.un.org
syria.un.org
5673073118281728-fe4.pantheonsite.io
hcc-hpsb-training.ilearn.un.org
*.news.un.org
elearning-cms.unstats.un.org
5684961520648192-fe4.pantheonsite.io
ci.one.un.org
*.escap.un.org
sdgprimer.un.org
expccl.ptc.un.org
elearning-cms.unstats.un.org
inspira.un.org
learning.un.org
5726971199750144-fe1.pantheonsite.io
ss.one.un.org
ask.un.org
cims.so.one.un.org
conf.un.org
kh.one.un.org
*.dss.un.org
papuanewguinea.un.org
migrationnetwork.un.org
ungsc-remotesupport.un.org
inspira.un.org
un.org
elearning.un.org
india.un.org
unp.un.org
5673073118281728-fe4.pantheonsite.io
*.dfs.un.org
uniteaware.un.org
peru.un.org
www.tm.one.un.org
lyncsip.dfs.un.org
roadsafetyfund.un.org
research.un.org
lpk.ilearn.un.org
ilearn-cms.umoja.un.org
ilearn.un.org
zm.one.un.org
research.un.org
expecl.video.un.org
mail.stc.un.org
apidocs.cna.com
*.unite.un.org
enterpriseenrollment.dfs.un.org
un-az.org
shop.un.org
countryteam.org
officewebapp.dfs.un.org
5673073118281728-fe4.pantheonsite.io
cims.so.one.un.org
roadsafetyfund.un.org
hcc-cms.ilearn.un.org
digitallibrary.in.one.un.org
journal.qa.un.org
morocco.un.org
crmlearning.un.org
crmlearning-cms.un.org
*.umoja.un.org
cims.so.one.un.org
af.one.un.org
cameroon.un.org
*.dfs.un.org
service.ilearn.un.org
fdp.un.org
remote.dfs.un.org
hcc-cms.ilearn.un.org
remote.dfs.un.org
lpk-cms.ilearn.un.org
cm.one.un.org
hcc-hpsb-training.ilearn.un.org
cd.one.un.org
mm.one.un.org
vdi.dfs.un.org
www.un.or.th
ci.one.un.org
*.un.org
lpk-cms.ilearn.un.org
kh.one.un.org
lpk-cms.ilearn.un.org
*.wf.un.org
cims-test.so.one.un.org
5726971199750144-fe1.pantheonsite.io
ilearn-cms.umoja.un.org
cerf.un.org
5679778661138432-fe3.pantheonsite.io
un.org
ask.un.org
jo.one.un.org
un.org
dprkorea.un.org
afghanistan.un.org
untermportal.un.org
mw.one.un.org
bkkuccx02.escap.un.org
ask.un.org
ask.un.org
*.qa.un.org
syria.un.org
5673073118281728-fe4.pantheonsite.io
hcc-hpsb-training.ilearn.un.org
*.news.un.org
elearning-cms.unstats.un.org
5684961520648192-fe4.pantheonsite.io
ci.one.un.org
*.escap.un.org
sdgprimer.un.org
expccl.ptc.un.org
elearning-cms.unstats.un.org
inspira.un.org
learning.un.org
5726971199750144-fe1.pantheonsite.io
ss.one.un.org
ask.un.org
cims.so.one.un.org
conf.un.org
kh.one.un.org
*.dss.un.org
papuanewguinea.un.org
migrationnetwork.un.org
ungsc-remotesupport.un.org
inspira.un.org
un.org
elearning.un.org
india.un.org
unp.un.org
5673073118281728-fe4.pantheonsite.io
*.dfs.un.org
uniteaware.un.org
peru.un.org
www.tm.one.un.org
lyncsip.dfs.un.org
roadsafetyfund.un.org
research.un.org
lpk.ilearn.un.org
ilearn-cms.umoja.un.org
ilearn.un.org
zm.one.un.org
research.un.org
expecl.video.un.org
mail.stc.un.org
apidocs.cna.com
*.unite.un.org
enterpriseenrollment.dfs.un.org
un-az.org
shop.un.org
countryteam.org
officewebapp.dfs.un.org
5673073118281728-fe4.pantheonsite.io
cims.so.one.un.org
roadsafetyfund.un.org
hcc-cms.ilearn.un.org
digitallibrary.in.one.un.org
journal.qa.un.org
morocco.un.org
crmlearning.un.org
crmlearning-cms.un.org
*.umoja.un.org
cims.so.one.un.org
af.one.un.org
cameroon.un.org
*.dfs.un.org
service.ilearn.un.org
fdp.un.org
remote.dfs.un.org
hcc-cms.ilearn.un.org
remote.dfs.un.org
lpk-cms.ilearn.un.org
cm.one.un.org
hcc-hpsb-training.ilearn.un.org
cd.one.un.org
mm.one.un.org
vdi.dfs.un.org
www.un.or.th
ci.one.un.org
Certificate
The complete raw certificate details for research.un.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgISBGc09QiRGJ8dMwpNAYVs4AWEMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTExMTQ5NDVaFw0yNDAyMDkxMTQ5NDRaMBoxGDAWBgNVBAMT D3Jlc2VhcmNoLnVuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AOMkxfcy7CuGIQbsofG+pLc9ZZkjq+/k8ie6nLx4HBJBMoUOe/UhXI1DOW+OGHVO YoanTH+mnulPW7YIPsixs4v7ZsjbMI5+6brxnNMxdt3es5sJWK66u1r+/ieal2Qe twcNo2xARTDid6UfCqf3Jw4RTuaufw1d8bNY5ayVZtVIRL4ZbpnofFAnYBbBRav7 TrwrD5jw3Xo+KD2XMirDOhIkWsVd23tpXlxyM0Whtx50M6TDER7NOWb2rraH4bxo mwqAiS4obliLO6NIk72Ji8mD6CxdtGF3RuGbLzhl4QeA4ca8AnvIx9Yc4XB5bdGN aqHFHdYZdRMGCbzhVDKV1EUCAwEAAaOCAg8wggILMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUEwOmupUzteFfUZgLFTvHb9/NrnAwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wGgYDVR0RBBMwEYIPcmVzZWFyY2gudW4ub3JnMBMGA1UdIAQMMAowCAYGZ4EM AQIBMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUASLDja9qmRzQP5WoC+p0w6xxS ActW3SyB2bu/qznYhHMAAAGLvm5btwAABAMARjBEAiAvHLQLIqEai88NwwYMaR9O V0Df16B/KUGJnBqcSY/vvAIgWWVNjDPhdIle0nweBI19EXpVADPGhMDv81GqtX3E lvAAdQA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYu+blu7AAAE AwBGMEQCIH8LsELBy+7GBuqUYk/isJs+6b8PKCdoS4lPiTZdfK1xAiBCb/p8Kkwc dmOZbXlP288vuqdMZ5P+UWB70KagwumrPjANBgkqhkiG9w0BAQsFAAOCAQEAG2sM o5RD7j67pmhq1RAffMyejgOjHOa6DbIfIHzlFtvGs4qnhBL6ytpJuW/92QZOaSUB Zn+etjSSDdBvHlz9AqDGjJkEVqFtQo9fifiEgO6Yip9YPXePqc6WXBJASW3QHXBB qiBm5jJxFliC1StfiKyxFN3wsGcpm5mX3ZEtRbq1U8DmnMJoi1C3v0Bt1OKZmVE9 nmMjX1pphOfqb8DUF2dPeCZQkukLuMX9jdI+sksLSJxu9MruhTxHxLHez0/QLdw2 sXiUhTC3Whi8vb4LICaR6GRnohK7Zta2GzAadv1/LljX5Ue9YXXy8nH7vpHv1YRx wjgIx9DkaEgn3VVZrw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yTF9zLsK4YhBuyh8b6k tz1lmSOr7+TyJ7qcvHgcEkEyhQ579SFcjUM5b44YdU5ihqdMf6ae6U9btgg+yLGz i/tmyNswjn7puvGc0zF23d6zmwlYrrq7Wv7+J5qXZB63Bw2jbEBFMOJ3pR8Kp/cn DhFO5q5/DV3xs1jlrJVm1UhEvhlumeh8UCdgFsFFq/tOvCsPmPDdej4oPZcyKsM6 EiRaxV3be2leXHIzRaG3HnQzpMMRHs05ZvautofhvGibCoCJLihuWIs7o0iTvYmL yYPoLF20YXdG4ZsvOGXhB4DhxrwCe8jH1hzhcHlt0Y1qocUd1hl1EwYJvOFUMpXU RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 383568619662163785372496048066833120494980 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-11 11:49:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-09 11:49:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'research.un.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28674228818954460779770472251583949216346788471105583396079266128076496279660573583210352346244019069151673660564758464431960008486791677168804697187872257698560802735501516101427296331428504387950319046002396958878207494549386756929871012287965658831100370168596974741058941843318131694366955079594501473324766461192556328019790060892087823661436538987898667518828174703236569578838368821985198672830684687827213387596533122420108933875659623408721137866933427941970145341024454073338953774548474179173048710435304589115189699870984379189302969427043927934266015881058773367151322430104681583211505983972831487448133 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1303a6ba9533b5e15f51980b153bc76fdfcdae70 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'research.un.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bbe6e5bb7000004030046304402202f1cb40b22a11a8bcf0dc3060c691f4e5740dfd7a07f2941899c1a9c498fefbc022059654d8c33e174895ed27c1e048d7d117a550033c684c0eff351aab57dc496f00075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bbe6e5bbb000004030046304402207f0bb042c1cbeec606ea94624fe2b09b3ee9bf0f2827684b894f89365d7cad710220426ffa7c2a4c1c7663996d794fdbcf2fbaa74c6793fe51607bd0a6a0c2e9ab3e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001b6b0ca39443ee3ebba6686ad5101f7ccc9e8e03a31ce6ba0db21f207ce516dbc6b38aa78412facada49b96ffdd9064e692501667f9eb634920dd06f1e5cfd02a0c68c990456a16d428f5f89f88480ee988a9f583d778fa9ce965c1240496dd01d7041aa2066e63271165882d52b5f88acb114ddf0b067299b9997dd912d45bab553c0e69cc2688b50b7bf406dd4e29999513d9e63235f5a6984e7ea6fc0d417674f78265092e90bb8c5fd8dd23eb24b0b489c6ef4caee853c47c4b1decf4fd02ddc36b178948530b75a18bcbdbe0b202691e86467a212bb66d6b61b301a76fd7f2e58d7e547bd6175f2f271fbbe91efd58471c23808c7d0e4684827dd5559af