drinkmd.com
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 90:40:bb:9c:6a:74:6c:0d was issued on by GoDaddy.com, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=drinkmd.com
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 90:40:bb:9c:6a:74:6c:0dSerial Number (int): 10394514220446411789
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 15:90:47:da:fe:4b:fa:e7:32:9a:bd:60:2a:42:72:ab:43:68:e3:c4
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): e4:4f:8a:99:e3:ff:0f:0b:24:45:de:8a:9a:cd:48:24:f4:17:d6:e9
Fingerprint (sha256): 08:a0:a9:b6:fc:93:0a:9a:19:1a:c4:de:d9:d8:d4:5e:04:39:9a:f6:77:90:47:d0:9b:f0:95:06:6f:92:de:50
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-6751.crl
Check the revocation status for certificate drinkmd.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for drinkmd.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
drinkmd.com
Other certificates including the domain name drinkmd.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for drinkmd.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHfDCCBmSgAwIBAgIJAJBAu5xqdGwNMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTIzMDcxMDE4MDIwN1oX DTI0MDcxMDE4MDIwN1owFjEUMBIGA1UEAxMLZHJpbmttZC5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQCq3XE/LORoi0pHcZ5snLCj0I2S6EqruLk4 oTLlUTH/ZH0R8uatroOzhYrcI3cp8T2Qc+qgo0UoVR/WiWjHs9TwebJ4Vh7+X/5k sMAALWgd43ZzBSSabvbgDOSuQrBw+zRpb9S9DcdBQ6WYzbNOhSwVuskvtTDugZuu p2fvVZ2cX6vupQ5H6fxPAgboyOLmxPRfvFY0SKPNwtLntmeKPsggVL9Ye26W7Qs5 Y5p5OmDJQHqpXpeeoOguZqD3vscOO2wbshh+b9h7CCP5Gy2/mX6L4s88ji21RlpJ GETBOzvYulz/4pG6dH5HVcXYvDAIRvGLoNxEEqepLeudxTNvUNQijaxjuCYNQKb5 FT3XZsNnA9tSJOGxfMyAfP8ZmoTs0AESivDo0T3r52ukxnjH5IgnXGoOfh+1r5zy phS3Vx/AI3MtRWXEUsh44ioJwuzgCgE+QAw1R+n+YUScD+ijEWorftp73lPX+kIf RB8B/zKRhLwzA3clcAGWu9vejATEk3ZvDnvW3aNBccF00jmXeo5zGfzTOJxNfTeZ cmOIYFuz99gNtnPhFDJ8NfAn06kEeWqO1NiAY6ZmN1Z/x38LYCGUu/8c0hLZC+QT jqjhzyiHbfVTwsqtPcPK9ICVVqxxlY0nu5uiJ8O8ScKgUXq54Gdwu8Kek9tjXnpU AgORcCtD9wIDAQABo4IDLDCCAygwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDgGA1UdHwQxMC8wLaAr oCmGJ2h0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMS02NzUxLmNybDBdBgNV HSAEVjBUMEgGC2CGSAGG/W0BBxcBMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0 aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMHYGCCsG AQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20v MEAGCCsGAQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3Jl cG9zaXRvcnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0 LIDOMBYGA1UdEQQPMA2CC2RyaW5rbWQuY29tMB0GA1UdDgQWBBQVkEfa/kv65zKa vWAqQnKrQ2jjxDCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA7s3QZNXbGs7F XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGJQPfK5wAABAMASDBGAiEAggXi74xR fgBXfOAZHBiLqez3e+fDlnMuXWyVWv3G6mkCIQCy+v0kbuYjWgWI8MEtnVHmoyuR bnSUEFTOreKg16K8XAB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABiUD3zBEAAAQDAEYwRAIgT873axmvoOovOuCLvMVdjLLiYkbB+aDLPiAqY8wE nRYCIGEgzmAOz06mWUmvNLK5VGvRSHQvaIpIgOCKnokaCdr5AHYA2ra/az+1tiKf m8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGJQPfMhAAABAMARzBFAiA5WZjWdj3x B28XZjrvmgkAMjQqYRUvR4zmsmMKWO1U+wIhAP09qkw48rIsXikrt+vGyqRL7OAn dGNQ2fWFXyw+153dMA0GCSqGSIb3DQEBCwUAA4IBAQAuioD+e98krLlk3wjQKr1C KGCSgNtuaTMbM+8Z4Ve5XkYDKazlBaZBktScjfCEwJBLD9rC9MaO69szpMtR0lnS TF9q7FcRdew4hyjVpNvl0rqji3ClFNhRE3mDHHEWJpJjP3u4mYPzDxWbh1B1cuiZ OpHJn+zW/2GG3kn9AdOOjt8DPeTwgKTACsy/oxi0fgpj7rIKTDRfyIOEzWNXdE/E jrqlUzWtwDdM24Qp7+VmJwz9RwjgLL8wGD2KwcUI/p4hlIp64FXFFmxoHT/QeZBQ dL+dEKV5uiVZbN9jQEz/zhj7rC5cOMQ1jehu7ruLEso00F+Kbcu8pEBkmgXFU5GB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqt1xPyzkaItKR3GebJyw o9CNkuhKq7i5OKEy5VEx/2R9EfLmra6Ds4WK3CN3KfE9kHPqoKNFKFUf1olox7PU 8HmyeFYe/l/+ZLDAAC1oHeN2cwUkmm724AzkrkKwcPs0aW/UvQ3HQUOlmM2zToUs FbrJL7Uw7oGbrqdn71WdnF+r7qUOR+n8TwIG6Mji5sT0X7xWNEijzcLS57Znij7I IFS/WHtulu0LOWOaeTpgyUB6qV6XnqDoLmag977HDjtsG7IYfm/Yewgj+Rstv5l+ i+LPPI4ttUZaSRhEwTs72Lpc/+KRunR+R1XF2LwwCEbxi6DcRBKnqS3rncUzb1DU Io2sY7gmDUCm+RU912bDZwPbUiThsXzMgHz/GZqE7NABEorw6NE96+drpMZ4x+SI J1xqDn4fta+c8qYUt1cfwCNzLUVlxFLIeOIqCcLs4AoBPkAMNUfp/mFEnA/ooxFq K37ae95T1/pCH0QfAf8ykYS8MwN3JXABlrvb3owExJN2bw571t2jQXHBdNI5l3qO cxn80zicTX03mXJjiGBbs/fYDbZz4RQyfDXwJ9OpBHlqjtTYgGOmZjdWf8d/C2Ah lLv/HNIS2QvkE46o4c8oh231U8LKrT3DyvSAlVascZWNJ7uboifDvEnCoFF6ueBn cLvCnpPbY156VAIDkXArQ/cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10394514220446411789 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-10 18:02:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-10 18:02:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'drinkmd.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 697068421454496114638845408078029501560856921318601723580871875152565724941302236179361568876046061748697302727244288594560092181546466286987309456714895023815411523166777533496346194780654226322789015803048055737804571282072560806678795362326632226022459517379406952753890215724683952805172989992672885559587923665033871967355981048850873463282716561728782678899177806886771063682986380672091947565671122352827617240655549614870413505419274238149975251655450349554727695156212504349355248859627328021351614791391654551503497306382035962347847047671258227061859336754122388336594017532689089552112638624604796822147118547069247032945884953277895580107190354164507132606377226803562551068991625658937262971122960450656675035299696303161906462784304943486983527832164173652156785814384837301103105740056206372272023121075181087198107950772154031750654954502901789070422783710264687083021579326388748953125108608862046312122655472543525074090200026344292551171639418526461566467174661525746407280707797024123592786789392884835048693965680253594157943007963185581935809573604868465668207915219637727086504507551777759733052256086293328830543696259944917388106927265710036500813306155544017999669666709363898023785332942915647499810849783 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-6751.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drinkmd.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 159047dafe4bfae7329abd602a4272ab4368e3c4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018940f7cae700000403004830460221008205e2ef8c517e00577ce0191c188ba9ecf77be7c396732e5d6c955afdc6ea69022100b2fafd246ee6235a0588f0c12d9d51e6a32b916e74941054ceade2a0d7a2bc5c00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018940f7cc11000004030046304402204fcef76b19afa0ea2f3ae08bbcc55d8cb2e26246c1f9a0cb3e202a63cc049d1602206120ce600ecf4ea65949af34b2b9546bd148742f688a4880e08a9e891a09daf9007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018940f7cc8400000403004730450220395998d6763df1076f17663aef9a090032342a61152f478ce6b2630a58ed54fb022100fd3daa4c38f2b22c5e292bb7ebc6caa44bece027746350d9f5855f2c3ed79ddd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002e8a80fe7bdf24acb964df08d02abd4228609280db6e69331b33ef19e157b95e460329ace505a64192d49c8df084c0904b0fdac2f4c68eebdb33a4cb51d259d24c5f6aec571175ec388728d5a4dbe5d2baa38b70a514d8511379831c71162692633f7bb89983f30f159b87507572e8993a91c99fecd6ff6186de49fd01d38e8edf033de4f080a4c00accbfa318b47e0a63eeb20a4c345fc88384cd6357744fc48ebaa55335adc0374cdb8429efe566270cfd4708e02cbf30183d8ac1c508fe9e21948a7ae055c5166c681d3fd079905074bf9d10a579ba25596cdf63404cffce18fbac2e5c38c4358de86eeebb8b12ca34d05f8a6dcbbca440649a05c5539181