markusko.ch

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:53:b4:74:6b:8c:02:0b:a0:58:80:a7:23:10:b7:41:d8:70 was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=markusko.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:53:b4:74:6b:8c:02:0b:a0:58:80:a7:23:10:b7:41:d8:70
Serial Number (int): 376932445708466157319223907466444814801008
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 12:c5:9a:1d:a4:46:49:61:3a:70:a4:21:40:19:35:c0:a2:3c:e4:05
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 73:ed:3c:e9:b5:5d:b6:27:ae:71:5f:80:f1:e1:68:c4:8b:1d:e8:0f
Fingerprint (sha256): 09:9e:22:cc:10:a4:0c:8d:69:e3:b3:5d:b8:75:7e:9c:29:5d:fe:36:0c:91:9c:5d:d7:2f:b1:8e:79:d3:a0:d1

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate markusko.ch

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for markusko.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gallry.markusko.ch
markusko.ch
pastr.markusko.ch
pi.markusko.ch
q.markusko.ch
sesame.markusko.ch
stalkme.markusko.ch
www.markusko.ch

Other certificates including the domain name markusko.ch

(limited to 100 certificates)
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
stats.moin-alex.de
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch

Certificate

The complete raw certificate details for markusko.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG0jCCBbqgAwIBAgISBFO0dGuMAgugWICnIxC3QdhwMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDYxMzE4NTdaFw0y
MDA3MDUxMzE4NTdaMBYxFDASBgNVBAMTC21hcmt1c2tvLmNoMIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEAo54wWc9cyiRL0LMPxbDWe9kV2D8CT6MDjKV8
K786R4NVl5Mj/oHynFfjuglUxAyE4decViKomae1yuA4wCwStY1L6ALrUJ+cdUjg
8F2Py4AZJhEJuT15n7qY77psMQ50vUz3lFKUXK+043PtDjNgqMsjxid+UeTMX9dT
q1sz2VKnIf9Uv8is59gm7sLkzVnR3obNKfHBxzOeFHKTTiNiWQ/8tC47610JAZX6
Tp7WMENy8uKsbgV0anjhJe4WNs1UzlpOHTOgagEJkcVYN4uGfbOekba9Qt5fPXKq
E8Oy8okf1RN1W0T3EWCnTFSHiJjkYup0rMSIBKrOcZ2FWpH4LROYmlthYAk9I9jC
47vZRBWwwTekbVcoDXXUcVdFvXlQFhoj/C674UlM/Od0v6mZ3kjeVpNviLZJ+hC7
lldeNCyQbnIKoIKnKvBahhwZmtfunxpAMGFbQglNz8Ws63k3c+Q7OH1JLPTuXWYf
uiaisqwPrOkaozgRIF5SheF76z/fLMQw2Yqvi2mkrajjctMLzauw/oGMnKTTCMH8
F8TF6A7b2zpXFosTSaX0SuDAWy/yL50mIRpc8TGkVbqM6h4tAwOeXV4PcwvQ3N9s
KUVt9+j7qgvx87SQAptgZ6TAkgzhRw1cDcekD0Au9ihIco7dx4pd2ToMUJvkNcMq
v84SlssCAwEAAaOCAuQwggLgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUEsWaHaRG
SWE6cKQhQBk1wKI85AUwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw
bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu
bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu
bGV0c2VuY3J5cHQub3JnLzCBmAYDVR0RBIGQMIGNghJnYWxscnkubWFya3Vza28u
Y2iCC21hcmt1c2tvLmNoghFwYXN0ci5tYXJrdXNrby5jaIIOcGkubWFya3Vza28u
Y2iCDXEubWFya3Vza28uY2iCEnNlc2FtZS5tYXJrdXNrby5jaIITc3RhbGttZS5t
YXJrdXNrby5jaIIPd3d3Lm1hcmt1c2tvLmNoMEwGA1UdIARFMEMwCAYGZ4EMAQIB
MDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu
Y3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA8JWkWfIA0YJAEC0v
k4iOrUv+HUfjmeHQNKawqKqOsnMAAAFxT9vNzAAABAMARzBFAiAd0QdL0dBQvCyf
wjsB/Q88zazVzNlvmveBbRJ7IrKm2AIhAMWz4N/rpt7brhuyw543dhgicxBR9e61
45VHtwE7Upu9AHcAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFx
T9vN2AAABAMASDBGAiEAjn9CxyPf3P1yXv02x5+eX2usmWF374Ncto3ygpxeUI0C
IQCCcR34yEj0EclKIo3S6kiQIvBxBdiCJ2guk2xr/BArozANBgkqhkiG9w0BAQsF
AAOCAQEAJYeE+nJ+T3qhbYJutnF+ht72Q3FEXfnbyXKYA9+WQy96Ay3Hx4MAnL9g
GorriPFmpeTUgm5+GS43p1q+0yVNJxoYgvaWZtpKVfVVtviBGYI7WShTvjfjt6TM
8e0VgQxLngR6RW3fQqGcquTypxtYgdSuEW/mCM/nXCkL2+3S1WBgcIUT37Re7PI/
Nfk/I4C9xozt93DfXtDsn3I5mdc4biaDBYhhXt17Yibj74vUTRY72DA3orlPIWs1
7592b8dVe/qmH2Na9ArIotiy0HKCwYk1AJR2xrT+7GwznJJvisciYTTlpTd1wNjL
NLyh6q8PyHkvSsjRrlxiduDQ8k6RrA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo54wWc9cyiRL0LMPxbDW
e9kV2D8CT6MDjKV8K786R4NVl5Mj/oHynFfjuglUxAyE4decViKomae1yuA4wCwS
tY1L6ALrUJ+cdUjg8F2Py4AZJhEJuT15n7qY77psMQ50vUz3lFKUXK+043PtDjNg
qMsjxid+UeTMX9dTq1sz2VKnIf9Uv8is59gm7sLkzVnR3obNKfHBxzOeFHKTTiNi
WQ/8tC47610JAZX6Tp7WMENy8uKsbgV0anjhJe4WNs1UzlpOHTOgagEJkcVYN4uG
fbOekba9Qt5fPXKqE8Oy8okf1RN1W0T3EWCnTFSHiJjkYup0rMSIBKrOcZ2FWpH4
LROYmlthYAk9I9jC47vZRBWwwTekbVcoDXXUcVdFvXlQFhoj/C674UlM/Od0v6mZ
3kjeVpNviLZJ+hC7lldeNCyQbnIKoIKnKvBahhwZmtfunxpAMGFbQglNz8Ws63k3
c+Q7OH1JLPTuXWYfuiaisqwPrOkaozgRIF5SheF76z/fLMQw2Yqvi2mkrajjctML
zauw/oGMnKTTCMH8F8TF6A7b2zpXFosTSaX0SuDAWy/yL50mIRpc8TGkVbqM6h4t
AwOeXV4PcwvQ3N9sKUVt9+j7qgvx87SQAptgZ6TAkgzhRw1cDcekD0Au9ihIco7d
x4pd2ToMUJvkNcMqv84SlssCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 376932445708466157319223907466444814801008
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-06 13:18:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-05 13:18:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'markusko.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 667502898269786541657977590044255162765046810686462990047265630277990189739831075436840956314905301883260608905676753234933745515012979073522502585452074598693319111811250809905117359219075402547702552536783273743700930332056727448829099259414017872555056541178142830088995651327682852527711075911549756198187578918678645503386774135238466429041035704279439862500195980112629456068222836975688412392595632624674941416062999037817940082380423276446950890257536501225056747228841815640379493781089921914739782973075214461095149946696092774054693051398699872301037201794697332017794505185036540606565943348212620728069264094606312542585082672640416326532605000847494318910181658232049510333553784598431334934972750975629419437864284186995621682946775234309804954525663912573613086796405074358692703751878804409994187244798506108208497766772632175846063738256553159729971211985435698807985782772809414482248478689014097109136180680091629131174689713139247836889395120499742107665587225007648486787262385159666025944281376075705174722359793539216492730009173224954141483568344884197491689800779671562383957396758534860702212138344229802238162702765972948629025441131661577501913545056872372548545083863785645462560488520952607645661042379
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							12c59a1da44649613a70a421401935c0a23ce405
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (144 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gallry.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pastr.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pi.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'q.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sesame.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stalkme.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.markusko.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb273000001714fdbcdcc000004030047304502201dd1074bd1d050bc2c9fc23b01fd0f3ccdacd5ccd96f9af7816d127b22b2a6d8022100c5b3e0dfeba6dedbae1bb2c39e37761822731051f5eeb5e39547b7013b529bbd007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001714fdbcdd800000403004830460221008e7f42c723dfdcfd725efd36c79f9e5f6bac996177ef835cb68df2829c5e508d02210082711df8c848f411c94a228dd2ea489022f07105d88227682e936c6bfc102ba3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00258784fa727e4f7aa16d826eb6717e86def64371445df9dbc9729803df96432f7a032dc7c783009cbf601a8aeb88f166a5e4d4826e7e192e37a75abed3254d271a1882f69666da4a55f555b6f88119823b592853be37e3b7a4ccf1ed15810c4b9e047a456ddf42a19caae4f2a71b5881d4ae116fe608cfe75c290bdbedd2d56060708513dfb45eecf23f35f93f2380bdc68cedf770df5ed0ec9f723999d7386e26830588615edd7b6226e3ef8bd44d163bd83037a2b94f216b35ef9f766fc7557bfaa61f635af40ac8a2d8b2d07282c18935009476c6b4feec6c339c926f8ac7226134e5a53775c0d8cb34bca1eaaf0fc8792f4ac8d1ae5c6276e0d0f24e91ac