brainstorm.ubuntu.com
Issued by R3
About this certificate
This digital certificate with serial number 04:ec:d4:fd:cf:b5:b1:3d:77:11:66:1c:03:ad:69:a6:f8:c6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=brainstorm.ubuntu.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ec:d4:fd:cf:b5:b1:3d:77:11:66:1c:03:ad:69:a6:f8:c6Serial Number (int): 429038896519448013964771191978110482839750
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 40:a4:85:d7:1f:87:a8:de:92:94:00:87:12:bb:62:13:b3:ac:af:b3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): e4:79:50:b2:3d:16:1e:c7:22:8f:00:d0:e5:96:d1:ae:e6:7d:51:2c
Fingerprint (sha256): 09:9b:ce:e1:34:87:3d:13:87:a7:90:e1:21:77:b9:89:3c:67:80:a4:27:e4:c7:a6:12:37:31:e9:90:ba:16:b5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate brainstorm.ubuntu.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for brainstorm.ubuntu.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
brainstorm.ubuntu.com
Other certificates including the domain name ubuntu.com
(limited to 100 certificates)
changelogs.ubuntu.com
old-releases.ubuntu.com
usshop.ubuntu.com
lists.ubuntu.com
facebook-apps.ubuntu.com
people.ubuntu.com
buy.ubuntu.com
connectivity-check.ubuntu.com
search.apps.staging.ubuntu.com
maas.ubuntu.com
tour.ubuntu.com
myapps.developer.ubuntu.com
api.staging.snapcraft.io
manager.assets.staging.ubuntu.com
auth.esm.staging.ubuntu.com
design.ubuntu.com
jp.ubuntu.com
start.ubuntu.com
jp.staging.ubuntu.com
staging.ubuntu.com
docs.ubuntu.com
fridge.ubuntu.com
hr.archive.ubuntu.com
upload.apps.staging.ubuntu.com
assets.ubuntu.com
daisy.staging.ubuntu.com
webstats.ubuntu.com
juju.ubuntu.com
old-releases.ubuntu.com
certification.staging.ubuntu.com
assets.ubuntu.com
daisy.ubuntu.com
*.ubuntu.com
phone.docs.ubuntu.com
cn.ubuntu.com
assertions.ubuntu.com
docs.ubuntu.com
redirect.ubuntuforums.org
code-review.phablet.ubuntu.com
ask.ubuntu.com
discourse.ubuntu.com
upload.apps.staging.ubuntu.com
design.staging.ubuntu.com
keyserver.ubuntu.com
insights.ubuntu.com
ubuntu.grad.hr
developer.ubuntu.com
cloud-images.ubuntu.com
phone.docs.ubuntu.com
lists.ubuntu.com
jp.ubuntu.com
help.ubuntu.com
buy.ubuntu.com
merges.ubuntu.com
support.one.ubuntu.com
people.ubuntu.com
assets.ubuntu.com
*.staging.ubuntu.com
brainstorm.ubuntu.com
font.ubuntu.com
assets.ubuntu.com
pages.ubuntu.com
system-image.ubuntu.com
apps.ubuntu.com
ubuntu.com
login.staging.ubuntu.com
cdimage.ubuntu.com
certification.ubuntu.com
people.ubuntu.com
assertions.staging.ubuntu.com
fr.archive.ubuntu.com
qa.cube.ubuntu.com
releases.ubuntu.com
docs.ubuntu.com
bileto.ubuntu.com
keyserver.ubuntu.com
errors.staging.ubuntu.com
login-lp.staging.ubuntu.com
keyserver.ubuntu.com
brainstorm.ubuntu.com
kernel.ubuntu.com
hyperscale.ubuntu.com
fridge.ubuntu.com
buy.ubuntu.com
odm.ubuntu.com
start.ubuntu.com
assertions.ubuntu.com
errors.ubuntu.com
patches.ubuntu.com
discourse.ubuntu.com
daisy.ubuntu.com
support.one.ubuntu.com
certification.staging.ubuntu.com
summit.ubuntu.com
api.snapcraft.io
phone.docs.ubuntu.com
geoname-lookup.ubuntu.com
hockeypuck.ubuntu.com
start.ubuntu.com
try.cloud.staging.ubuntu.com
old-releases.ubuntu.com
usshop.ubuntu.com
lists.ubuntu.com
facebook-apps.ubuntu.com
people.ubuntu.com
buy.ubuntu.com
connectivity-check.ubuntu.com
search.apps.staging.ubuntu.com
maas.ubuntu.com
tour.ubuntu.com
myapps.developer.ubuntu.com
api.staging.snapcraft.io
manager.assets.staging.ubuntu.com
auth.esm.staging.ubuntu.com
design.ubuntu.com
jp.ubuntu.com
start.ubuntu.com
jp.staging.ubuntu.com
staging.ubuntu.com
docs.ubuntu.com
fridge.ubuntu.com
hr.archive.ubuntu.com
upload.apps.staging.ubuntu.com
assets.ubuntu.com
daisy.staging.ubuntu.com
webstats.ubuntu.com
juju.ubuntu.com
old-releases.ubuntu.com
certification.staging.ubuntu.com
assets.ubuntu.com
daisy.ubuntu.com
*.ubuntu.com
phone.docs.ubuntu.com
cn.ubuntu.com
assertions.ubuntu.com
docs.ubuntu.com
redirect.ubuntuforums.org
code-review.phablet.ubuntu.com
ask.ubuntu.com
discourse.ubuntu.com
upload.apps.staging.ubuntu.com
design.staging.ubuntu.com
keyserver.ubuntu.com
insights.ubuntu.com
ubuntu.grad.hr
developer.ubuntu.com
cloud-images.ubuntu.com
phone.docs.ubuntu.com
lists.ubuntu.com
jp.ubuntu.com
help.ubuntu.com
buy.ubuntu.com
merges.ubuntu.com
support.one.ubuntu.com
people.ubuntu.com
assets.ubuntu.com
*.staging.ubuntu.com
brainstorm.ubuntu.com
font.ubuntu.com
assets.ubuntu.com
pages.ubuntu.com
system-image.ubuntu.com
apps.ubuntu.com
ubuntu.com
login.staging.ubuntu.com
cdimage.ubuntu.com
certification.ubuntu.com
people.ubuntu.com
assertions.staging.ubuntu.com
fr.archive.ubuntu.com
qa.cube.ubuntu.com
releases.ubuntu.com
docs.ubuntu.com
bileto.ubuntu.com
keyserver.ubuntu.com
errors.staging.ubuntu.com
login-lp.staging.ubuntu.com
keyserver.ubuntu.com
brainstorm.ubuntu.com
kernel.ubuntu.com
hyperscale.ubuntu.com
fridge.ubuntu.com
buy.ubuntu.com
odm.ubuntu.com
start.ubuntu.com
assertions.ubuntu.com
errors.ubuntu.com
patches.ubuntu.com
discourse.ubuntu.com
daisy.ubuntu.com
support.one.ubuntu.com
certification.staging.ubuntu.com
summit.ubuntu.com
api.snapcraft.io
phone.docs.ubuntu.com
geoname-lookup.ubuntu.com
hockeypuck.ubuntu.com
start.ubuntu.com
try.cloud.staging.ubuntu.com
Certificate
The complete raw certificate details for brainstorm.ubuntu.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+DCCA+CgAwIBAgISBOzU/c+1sT13EWYcA61ppvjGMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMzExNzI4NThaFw0yNDA2MjkxNzI4NTdaMCAxHjAcBgNVBAMT FWJyYWluc3Rvcm0udWJ1bnR1LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAKHetZmLncZmYQT8QQkKLKvLRNXtHcbiGvOeq8do9VFpm00MJXOkYdij UYiY1xak+iE0/EiaVT85T1NSifzJC/Q/RylOxwCHyM+Fq/WJzPYGoTQA+paM8A0B 99NdGVfGNcZyqpUc/IZYCp7U1935Q1C7tlgTzZeWt62hxefAgO0Qlg1xFYSvJIdU uppMsNiv3j/d4Llij7Z4IRUCkZAS4NecWPzFaiKhjr4mhO6AHfyTC90gR80TpOWw RaNBUcEZDEmVhsf7VQ/lO9sfprOWBbOH3Mp4WJfNYAzVlsh704QBKsaB12hIs7Ki GM6EiqwqwJTj51YkBpSzGlrcdyVqavMCAwEAAaOCAhgwggIUMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUQKSF1x+HqN6SlACHErtiE7Osr7MwHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wIAYDVR0RBBkwF4IVYnJhaW5zdG9ybS51YnVudHUuY29tMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAO1N3dT4t uYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGOlcWYOwAABAMASDBGAiEAu9D5 z+NZDA5sYNQRsLQwu4JpyzGFBnxUmyvuG40VaNACIQCiH7ArN/sEyJ0pMmfMnezZ a5dx8obodbwfY891d/+4AgB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZx H7WbAAABjpXFmEUAAAQDAEcwRQIgVv7lzEjN5RuCt76Hj+HMyZQVePvTUjgUrqoc CdhEztQCIQCw8n7jwmyyC2WSOQ48WfZEKNW9F7c/agjk36tZtrvU0jANBgkqhkiG 9w0BAQsFAAOCAQEAGjuK3CjLlGJOEMN1CoD8edFOVG7xVq2pESXi2WEN0Gtd7BpU R/+ZZrFYELUvmhI8P4tRRxkT81J0XoJDdhPmd3YmGzGwz9D6E3G2zOy9HxOIKiqX 3Vh3ivuq5yZ/dN3XXxN0dt41WguOGWAKq3TMIASSeIw1bpWRNJavXmg0v27UtdKV Y24Wewbjox9HUyu495bDB+jRcvROKhzRI2aa/ST71Dw5Gm+iuJDhTDFfp3SFv/uw moFYk3RdwGdeXotCXxDe0qBA6/YlCdINH+FZ6MPAhoKO3WjztkRUIMg0SHN9dbfW CTrdg7a/l7PdJKyqP3acVja6SVc4x5OEn2jwXw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod61mYudxmZhBPxBCQos q8tE1e0dxuIa856rx2j1UWmbTQwlc6Rh2KNRiJjXFqT6ITT8SJpVPzlPU1KJ/MkL 9D9HKU7HAIfIz4Wr9YnM9gahNAD6lozwDQH3010ZV8Y1xnKqlRz8hlgKntTX3flD ULu2WBPNl5a3raHF58CA7RCWDXEVhK8kh1S6mkyw2K/eP93guWKPtnghFQKRkBLg 15xY/MVqIqGOviaE7oAd/JML3SBHzROk5bBFo0FRwRkMSZWGx/tVD+U72x+ms5YF s4fcynhYl81gDNWWyHvThAEqxoHXaEizsqIYzoSKrCrAlOPnViQGlLMaWtx3JWpq 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 429038896519448013964771191978110482839750 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-31 17:28:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-29 17:28:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'brainstorm.ubuntu.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20434189185062124019724411129278562749920549193376751456060194376102224994223518095737535877252362549047023146215108630691714483342089601566363999390854399292990798467234317652239440451341225186657763165413041250630219270273345154030663136070415332787721973327860581994427753032730910687957848530630593165359670652716833677749266641636831160117947112092987876491902825267536149322539560342668026135642958941550510901306263190940136817929585142838048901531806950397836560924866229004597094905916914263226666960893246121064339257846425177816707636413012865818342047788266349369058965028551250828829834517321074921335539 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 40a485d71f87a8de9294008712bb6213b3acafb3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brainstorm.ubuntu.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e95c5983b0000040300483046022100bbd0f9cfe3590c0e6c60d411b0b430bb8269cb3185067c549b2bee1b8d1568d0022100a21fb02b37fb04c89d293267cc9decd96b9771f286e875bc1f63cf7577ffb802007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e95c598450000040300473045022056fee5cc48cde51b82b7be878fe1ccc9941578fbd3523814aeaa1c09d844ced4022100b0f27ee3c26cb20b6592390e3c59f64428d5bd17b73f6a08e4dfab59b6bbd4d2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001a3b8adc28cb94624e10c3750a80fc79d14e546ef156ada91125e2d9610dd06b5dec1a5447ff9966b15810b52f9a123c3f8b51471913f352745e82437613e67776261b31b0cfd0fa1371b6ccecbd1f13882a2a97dd58778afbaae7267f74ddd75f137476de355a0b8e19600aab74cc200492788c356e95913496af5e6834bf6ed4b5d295636e167b06e3a31f47532bb8f796c307e8d172f44e2a1cd123669afd24fbd43c391a6fa2b890e14c315fa77485bffbb09a815893745dc0675e5e8b425f10ded2a040ebf62509d20d1fe159e8c3c086828edd68f3b6445420c83448737d75b7d6093add83b6bf97b3dd24acaa3f769c5636ba495738c793849f68f05f