www.kulturstiftung-thueringen.de
Issued by Starfield Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number b7:09:4c:5d:cc:09:ed:5a was issued on by Starfield Technologies, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.kulturstiftung-thueringen.de
Starfield Technologies, Inc.
Organization:
Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
Organization unit: http://certs.starfieldtech.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): b7:09:4c:5d:cc:09:ed:5aSerial Number (int): 13189156949470080346
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: f4:62:23:32:e1:eb:0b:ff:c3:50:fa:ab:59:bf:91:a0:5a:3c:85:15
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63
Fingerprint (sha1): 2d:c8:e0:3d:39:c8:67:c3:2f:ee:2f:1f:9b:d6:32:e1:72:69:f7:df
Fingerprint (sha256): 0a:16:4a:be:3c:94:95:06:52:31:22:05:9a:13:db:e1:d3:7f:5f:30:1d:fb:73:04:aa:90:ae:b4:f3:4e:eb:bf
Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt
Revocation information
OCSP Server: http://ocsp.starfieldtech.com/CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-585.crl
Check the revocation status for certificate www.kulturstiftung-thueringen.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kulturstiftung-thueringen.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
Other certificates including the domain name kulturstiftung-thueringen.de
(limited to 100 certificates)
www.kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
Certificate
The complete raw certificate details for www.kulturstiftung-thueringen.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG7TCCBdWgAwIBAgIJALcJTF3MCe1aMA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy MB4XDTIzMDYxNDA2MTYyMVoXDTI0MDYxNjEyMDUyMFowKzEpMCcGA1UEAxMgd3d3 Lmt1bHR1cnN0aWZ0dW5nLXRodWVyaW5nZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDW0c1csvTmncUF9Uwztv/CClO8FJdK3hFv4v74PuqedXGA KrjeH7H8YJ9j3fWcOY89qvs/ylTD244f6RjbHtfPoEDwUhti/Dig6LCMPvzKv84s gloOcVGXkDjU3FlzJd9zFxlYluwxp92AwDoOgjWOjFkTRj9FvoJ1cf56yV/poxfm tMTbjke6XcDQ1Jk2Vi66EFN8NMTItxjl3r9YR63Qz0EcCRZyufISIHzsiJ0PP0ok wm3a7PiKPtFAXkrAQl2F8I71IzVDxu6eNu0969Q1c2/2UsjvYAs0/1ENP1Btr9nf 0M4IDoKMiR+Q+sC0iky8fCtlfjeS2BzCnXFOiYLPAgMBAAGjggN2MIIDcjAMBgNV HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B Af8EBAMCBaAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zdGFyZmllbGR0 ZWNoLmNvbS9zZmlnMnMxLTU4NS5jcmwwYwYDVR0gBFwwWjBOBgtghkgBhv1uAQcX ATA/MD0GCCsGAQUFBwIBFjFodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJmaWVsZHRl Y2guY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATCBggYIKwYBBQUHAQEEdjB0MCoG CCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbS8wRgYIKwYB BQUHMAKGOmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVw b3NpdG9yeS9zZmlnMi5jcnQwHwYDVR0jBBgwFoAUJUWBaFAmOD07LSy+zWrZtj2z ZmMwSQYDVR0RBEIwQIIgd3d3Lmt1bHR1cnN0aWZ0dW5nLXRodWVyaW5nZW4uZGWC HGt1bHR1cnN0aWZ0dW5nLXRodWVyaW5nZW4uZGUwHQYDVR0OBBYEFPRiIzLh6wv/ w1D6q1m/kaBaPIUVMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDuzdBk1dsa zsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYi4jEylAAAEAwBGMEQCIHV69iwd Cs4jqfoeJYRL/Rxkr92a8itsEpp5AiqeZbx8AiAypVNkKTD8KBI984OcCDnIOcXI hXDffRWeXuNW4e0BEwB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABiLiMTcgAAAQDAEYwRAIgFIns8iiQ2zIn/7nEsBb3unFLcmvTd+6w7Ds8YZnX bo4CIGgly1j2flaZVlRJ6oNfvBMFKRP20VDYOO44zPtdXSULAHcA2ra/az+1tiKf m8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGIuIxOMAAABAMASDBGAiEAhobkZUCu gpIP8aET2Hij89cbYT4CvIQocf0I4uDR31ICIQDUePaExhvFOEd6hx99IIAU4l8C +Z7ijpVDjL9m9vzbYTANBgkqhkiG9w0BAQsFAAOCAQEAMANy8rkhIlaI/l6N4HeG oMCFR59bathzVQYFbTVZFYw6vawTuIxhlOwBNJHnHWBSq8N+WRbNgbCzDf3SKm6b E8eH91GMAnTTg425O5hX2+bjaVyXbP6RENQr0CW2KJvepL/3wvJKsocUbcB17UiM zxn15nOKcE7w4iNicmu3kpRx2rCOH9TDwfBA9hMYxFDWs8RsGqiOozsyqtzL5OUj 9sF19QxmLuQPfNoH/hQQb/hIwkb2KA+geyrmppirOBOUzxNucOWcDvEcpXx3FD3t VzAsjSFJ5qGchWG7libhN2UGib/0kSEp/lonLFhnYMwwEPMmLLPTILqZhQHeA5j5 lQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tHNXLL05p3FBfVMM7b/ wgpTvBSXSt4Rb+L++D7qnnVxgCq43h+x/GCfY931nDmPPar7P8pUw9uOH+kY2x7X z6BA8FIbYvw4oOiwjD78yr/OLIJaDnFRl5A41NxZcyXfcxcZWJbsMafdgMA6DoI1 joxZE0Y/Rb6CdXH+eslf6aMX5rTE245Hul3A0NSZNlYuuhBTfDTEyLcY5d6/WEet 0M9BHAkWcrnyEiB87IidDz9KJMJt2uz4ij7RQF5KwEJdhfCO9SM1Q8bunjbtPevU NXNv9lLI72ALNP9RDT9Qba/Z39DOCA6CjIkfkPrAtIpMvHwrZX43ktgcwp1xTomC zwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13189156949470080346 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-14 06:16:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-16 12:05:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kulturstiftung-thueringen.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27118454581355731441145309705166000813264029841497221156604017891370647031243360548613778552469293930254634161495181881680316808430672111262337480066686161142134147198073251094362360339824510693628324166283058422154174488266619538322093552139144956613813465610933572857077969854964356881666361233630958732970561950323451475243941814608490218947969427945113353770898226229990575301487995325526946925809150039393055955602166665328122644942369891110499817034910667167443767404415051641254852908768684556538730172231951870116710243021228508259359495288635116866857975471954230245731306727601634694981098222217269325955791 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-585.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4622332e1eb0bffc350faab59bf91a05a3c8515 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188b88c4ca500000403004630440220757af62c1d0ace23a9fa1e25844bfd1c64afdd9af22b6c129a79022a9e65bc7c022032a553642930fc28123df3839c0839c839c5c88570df7d159e5ee356e1ed011300750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000188b88c4dc8000004030046304402201489ecf22890db3227ffb9c4b016f7ba714b726bd377eeb0ec3b3c6199d76e8e02206825cb58f67e5699565449ea835fbc13052913f6d150d838ee38ccfb5d5d250b007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188b88c4e3000000403004830460221008686e46540ae82920ff1a113d878a3f3d71b613e02bc842871fd08e2e0d1df52022100d478f684c61bc538477a871f7d208014e25f02f99ee28e95438cbf66f6fcdb61 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00300372f2b921225688fe5e8de07786a0c085479f5b6ad8735506056d3559158c3abdac13b88c6194ec013491e71d6052abc37e5916cd81b0b30dfdd22a6e9b13c787f7518c0274d3838db93b9857dbe6e3695c976cfe9110d42bd025b6289bdea4bff7c2f24ab287146dc075ed488ccf19f5e6738a704ef0e22362726bb7929471dab08e1fd4c3c1f040f61318c450d6b3c46c1aa88ea33b32aadccbe4e523f6c175f50c662ee40f7cda07fe14106ff848c246f6280fa07b2ae6a698ab381394cf136e70e59c0ef11ca57c77143ded57302c8d2149e6a19c8561bb9626e137650689bff4912129fe5a272c586760cc3010f3262cb3d320ba998501de0398f995