cass.e.staging.generation-y.net

Issued by R3

About this certificate

This digital certificate with serial number 04:05:3c:26:10:80:6e:78:7f:4c:96:e7:af:6a:28:4a:7a:4f was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=cass.e.staging.generation-y.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:05:3c:26:10:80:6e:78:7f:4c:96:e7:af:6a:28:4a:7a:4f
Serial Number (int): 350230506883367345663221217064699812280911
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 17:5e:ab:ea:3c:e5:33:f0:4d:df:3b:d7:5a:ea:4a:61:13:13:a4:ee
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 0c:48:d3:c9:03:cb:68:5a:f6:7d:a7:a4:91:18:96:30:86:4f:ae:1b
Fingerprint (sha256): 08:70:0e:cf:f6:56:8b:49:e9:ad:51:4e:41:94:f0:f8:20:f6:f4:c0:6b:6b:55:a0:89:c8:b4:f9:3e:1c:9f:7d

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate cass.e.staging.generation-y.net

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cass.e.staging.generation-y.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cass-technava-cy.com
cass.e.staging.generation-y.net
mail.cass.e.staging.generation-y.net
www.cass-technava-cy.com
www.cass.e.staging.generation-y.net

Other certificates including the domain name generation-y.net

(limited to 100 certificates)
opsidermaclinic.generation-y.net
wreal.org
spam-protector.hq.generation-y.net
generation-y.net
wdoha.generation-y.net
www.kkhomerealtygreece.e.staging.generation-y.net
healthyme.staging1.generation-y.net
damigos.generation-y.net
cass.e.staging.generation-y.net
djshop.generation-y.net
kappa.generation-y.net
vragenlijst.teambuildr.nl
helium.generation-y.net
confluence.generation-y.net
internodoors.staging.generation-y.net
delikaris-contest.generation-y.net
yodaclinic.gr
wdoha.generation-y.net
jumbo-al.staging1.generation-y.net
generation-y.net
forbetterskin.generation-y.net
gpatoulis.generation-y.net
yodaclinic.gr
treeofbeauty.staging1.generation-y.net
natures-contest.generation-y.net
sportistaseu.generation-y.net
astor.staging.generation-y.net
confluence.generation-y.net
manifest.k.staging.generation-y.net
cpanel.doctorshospital.gr
confluence.generation-y.net
wreal.generation-y.net
sigma.generation-y.net
sportistaseurope.generation-y.net
survey.epsight.fr
sargiapartners.com
treeofbeauty.staging1.generation-y.net
confluence.generation-y.net
premium.staging.generation-y.net
gep.generation-y.net
anthidis.generation-y.net
ceoclubsgreece.o.staging.generation-y.net
mail.tofournaki.gr
farmakeioexpress.generation-y.net
generation-y.net
asimomitis.generation-y.net
biomedcodewp.generation-y.net
vinylartclothing.beta.generation-y.net
gang-clothing.beta.generation-y.net
survey.ncauk.org
natures-contest.generation-y.net
a-pharmacy.gr.staging.generation-y.net
helium.generation-y.net
sportistaseurope.generation-y.net
lefkothiki.staging.generation-y.net
www.kliolios.e.staging.generation-y.net
assets-eu-1.generation-y.net
kappa.generation-y.net
metaixmio.staging.generation-y.net
assets-eu-1.generation-y.net
assets-eu-1.generation-y.net
gep.generation-y.net
zeta.generation-y.net
assets-eu-1.generation-y.net
astor.staging.generation-y.net
officium.generation-y.net
www.ethosmedia.o.staging.generation-y.net
mastermach.generation-y.net
kibble.generation-y.net
parisianou.staging1.generation-y.net
cpanel.salinoxglass.com
web02.prd.hc.generation-y.net
lapinkids.generation-y.net
sugarfreeshopsb.staging.generation-y.net
semilac.staging.generation-y.net
lapinkids.generation-y.net
gang-clothing.beta.generation-y.net
manifest.k.staging.generation-y.net
lorenzozani.staging.generation-y.net
naturality.generation-y.net
kibble.generation-y.net
epharmadeals.generation-y.net
feedback.zweihorn.org
halandriorizontas2023.generation-y.net
natures-contest.generation-y.net
damigos.generation-y.net
sigma.generation-y.net
delikaris-sport.beta.generation-y.net
git.generation-y.net
letrina.gr
zeta.generation-y.net
sigma.generation-y.net
fokas-tyres.generation-y.net
intergeneticseu.generation-y.net
gogreek.generation-y.net
survey.hhm.nl
sigma.generation-y.net
git.generation-y.net
generation-y.net
generation-y.net

Certificate

The complete raw certificate details for cass.e.staging.generation-y.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISBAU8JhCAbnh/TJbnr2ooSnpPMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MjcxNTQ0NTZaFw0yMzEyMjYxNTQ0NTVaMCoxKDAmBgNVBAMT
H2Nhc3MuZS5zdGFnaW5nLmdlbmVyYXRpb24teS5uZXQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCtf0g9nRRsD2hjy/uGLTtmH2oJbwfFtX0lrrMLH9Gd
0tEAmHmmhT9/0qZmw+uReLmw8cG+35A0tZ0qO9KFgZHtTNJEQ713qlAjIFM6dbwe
dlUoJG5qg7DwN837mUvcrvm454pDu2s+Y/NOUdMv1jGLbqzOAVQAXv7T41yrO+TW
VA+Ct/haCMnhVzkDUqOTKIPiMmop2uG1NJqbbc+4+FIix0IWaeKtqA3xFeLgwZMg
El9vrjrhbPZsV03/m4XW5wEtb8p3n/Maxvg6FBb2CHpAnxDsF7uxcKg4oBgspoq+
gJ4X06+eJG4AM4OUBVRYl4pPwJZcRDu0OLS+yABi3iMVAgMBAAGjggKgMIICnDAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFBdeq+o85TPwTd8711rqSmETE6TuMB8GA1Ud
IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr
BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw
Oi8vcjMuaS5sZW5jci5vcmcvMIGnBgNVHREEgZ8wgZyCFGNhc3MtdGVjaG5hdmEt
Y3kuY29tgh9jYXNzLmUuc3RhZ2luZy5nZW5lcmF0aW9uLXkubmV0giRtYWlsLmNh
c3MuZS5zdGFnaW5nLmdlbmVyYXRpb24teS5uZXSCGHd3dy5jYXNzLXRlY2huYXZh
LWN5LmNvbYIjd3d3LmNhc3MuZS5zdGFnaW5nLmdlbmVyYXRpb24teS5uZXQwEwYD
VR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCt9776
fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYrXh4NqAAAEAwBIMEYCIQCN
FivhkEFmomV9GlvuaWy3iww4xbIrZop7H4hO1cfTJAIhANfSX+2Y34xSIkDkynQw
1ARpUAi6CBiiZF4bFp6bd4DBAHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6
V6NS61IAAAGK14eDTgAABAMARzBFAiBBmIlgztyVBcJ9M3XhpJDt6LcJ0txv5YP/
NuRQmX4ncAIhAOaqoKLFrBvHZqZtnQ8kR1pW6Tcy+vj+zQw5lu39FLXpMA0GCSqG
SIb3DQEBCwUAA4IBAQBJUGJREi1a+5pRVhaixiZbWDZyzvU8AqFAqrM3UE2Bon7L
GzBD4iQcVJupEkcBMCHbMXTj0ptarV2hWvkH3i55je3+2zWw42VevepqYiwqLD/E
FX85lIhTlI3n42IYo2eRgm52rY8eufUorcYSUgyi+x0iEQDOZuDwSm7GZva10vB3
kCh1ifP7Md5QrG6bVuIziXJcEdInnm5mBhhTYW2HOflIIB24elfwrt/9zSOKctZq
5CEG3C8OzAMfRN6zqJlfm+8iL0uJlKVmOmB5vuQlqMzUvU98klxfFrjkQGrvg9Dv
inl02zW2NtUShOoQVCJrzaxJhiHxBKwShDuB1jM1
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX9IPZ0UbA9oY8v7hi07
Zh9qCW8HxbV9Ja6zCx/RndLRAJh5poU/f9KmZsPrkXi5sPHBvt+QNLWdKjvShYGR
7UzSREO9d6pQIyBTOnW8HnZVKCRuaoOw8DfN+5lL3K75uOeKQ7trPmPzTlHTL9Yx
i26szgFUAF7+0+Ncqzvk1lQPgrf4WgjJ4Vc5A1KjkyiD4jJqKdrhtTSam23PuPhS
IsdCFmniragN8RXi4MGTIBJfb6464Wz2bFdN/5uF1ucBLW/Kd5/zGsb4OhQW9gh6
QJ8Q7Be7sXCoOKAYLKaKvoCeF9OvniRuADODlAVUWJeKT8CWXEQ7tDi0vsgAYt4j
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 350230506883367345663221217064699812280911
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-27 15:44:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 15:44:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cass.e.staging.generation-y.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21901991946381087803882587955586385444363463280863870559495041230905299532665505983898228670809334329430780786450452984313770916551692376932918991746945818264151665198564753426876461528210172594836869047868000484280350662329897039250158111549144375712999947195417045351811623374530921018832616573789081958365194387649585227984189462636448497485321376707678633840361558364503590158473366890754832556242466786758891873403932147473579155603816867203832302370446282494319030696022254191962165186955295845591475231645896351272425777214841888792794208473776860338658693039396071756320062320683086098467226677531894853018389
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							175eabea3ce533f04ddf3bd75aea4a611313a4ee
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cass-technava-cy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cass.e.staging.generation-y.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.cass.e.staging.generation-y.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cass-technava-cy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cass.e.staging.generation-y.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018ad787836a00000403004830460221008d162be1904166a2657d1a5bee696cb78b0c38c5b22b668a7b1f884ed5c7d324022100d7d25fed98df8c522240e4ca7430d404695008ba0818a2645e1b169e9b7780c10076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ad787834e0000040300473045022041988960cedc9505c27d3375e1a490ede8b709d2dc6fe583ff36e450997e2770022100e6aaa0a2c5ac1bc766a66d9d0f24475a56e93732faf8fecd0c3996edfd14b5e9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0049506251122d5afb9a515616a2c6265b583672cef53c02a140aab337504d81a27ecb1b3043e2241c549ba91247013021db3174e3d29b5aad5da15af907de2e798dedfedb35b0e3655ebdea6a622c2a2c3fc4157f39948853948de7e36218a36791826e76ad8f1eb9f528adc612520ca2fb1d221100ce66e0f04a6ec666f6b5d2f07790287589f3fb31de50ac6e9b56e23389725c11d2279e6e66061853616d8739f948201db87a57f0aedffdcd238a72d66ae42106dc2f0ecc031f44deb3a8995f9bef222f4b8994a5663a6079bee425a8ccd4bd4f7c925c5f16b8e4406aef83d0ef8a7974db35b636d51284ea1054226bcdac498621f104ac12843b81d63335