intranet.lafargeholcim.com

Issued by GTS CA 1D2

About this certificate

This digital certificate with serial number 40:56:44:00:c7:7f:b2:9a:09:00:00:00:00:41:31:4e was issued on by Google Trust Services.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=intranet.lafargeholcim.com

Google Trust Services

Organization: Google Trust Services
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 40:56:44:00:c7:7f:b2:9a:09:00:00:00:00:41:31:4e
Serial Number (int): 85518508525663553311705886031226155342
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 74:23:c5:b1:11:0e:96:5b:0f:24:0e:4f:ee:43:76:62:26:c9:70:2d
AuthorityKeyId: b1:dd:32:5d:e8:b7:37:72:d2:ce:5c:ce:26:fe:47:79:e2:01:08:e9

Fingerprint (sha1): 8f:b2:0a:e6:9b:fa:ba:a3:40:c7:6a:7a:d3:d7:92:cf:e9:0c:08:14
Fingerprint (sha256): 0a:30:f2:4c:44:2e:4a:24:e7:47:3c:07:41:38:23:87:5e:95:08:42:1c:d2:5b:a8:a4:ff:61:95:1b:49:48:ad

Issuing Certificate URL: http://pki.goog/gsr2/GTS1D2.crt

Revocation information

OCSP Server: http://ocsp.pki.goog/gts1d2
CRL Distribution Point: http://crl.pki.goog/GTS1D2.crl

Check the revocation status for certificate intranet.lafargeholcim.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for intranet.lafargeholcim.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

intranet.lafargeholcim.com

Other certificates including the domain name lafargeholcim.com

(limited to 100 certificates)
indwebiz.lafargeholcim.com
itasia.lafargeholcim.com
brandportal.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
share.lafargeholcim.com
intranet.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
intranet.lafargeholcim.com
vanity2.jiveon.com
*.lafargeholcim.com
portal.zonda.lafargeholcim.com
fiori-mea.lafargeholcim.com
connect.lafargeholcim.com
lq3-logon.lafargeholcim.com
vanity2.jiveon.com
intranet.lafargeholcim.com
integrityline.holcim.com
jarvis.lafargeholcim.com
seawebiz.lafargeholcim.com
intranet.lafargeholcim.com
fiori-mea.lafargeholcim.com
jarvis.lafargeholcim.com
qa1-fiori.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
share.lafargeholcim.com
connect.lafargeholcim.com
dv1-fiori.lafargeholcim.com
connect.lafargeholcim.com
dv1-fiori.lafargeholcim.com
share.lafargeholcim.com
integrity.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
intranet-demo.lafargeholcim.com
brandportal.lafargeholcim.com
jarvis.lafargeholcim.com
intranet.lafargeholcim.com
vanity2.jiveon.com
intranet-demo.lafargeholcim.com
share.lafargeholcim.com
jarvis.lafargeholcim.com
vanity2.jiveon.com
financialreports.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
connect.lafargeholcim.com
brandportal.lafargeholcim.com
indwebiz.lafargeholcim.com
*.lafargeholcim.com
*.ideastoaction.lafargeholcim.com
vanity2.jiveon.com
integrity.lafargeholcim.com
*.lafargeholcim.com
itemea.lafargeholcim.com
brandportal.lafargeholcim.com
share.lafargeholcim.com
lp1-mobile-logon.lafargeholcim.com
itemea.lafargeholcim.com
*.ideastoaction.lafargeholcim.com
itasia.lafargeholcim.com
portal.dev.zonda.lafargeholcim.com
integrity.lafargeholcim.com
share.lafargeholcim.com
vanity2.jiveon.com
itasia.lafargeholcim.com
vanity2.jiveon.com
brandportal.lafargeholcim.com
portal.qa.zonda.lafargeholcim.com
intranet.lafargeholcim.com
itasia.lafargeholcim.com
brandportal.lafargeholcim.com
vanity2.jiveon.com
brandportal.lafargeholcim.com
lp1-mobile-logon.lafargeholcim.com
intranet.lafargeholcim.com
vanity2.jiveon.com
*.lafargeholcim.com
share.lafargeholcim.com
indwebiz.lafargeholcim.com
share.lafargeholcim.com
*.lafargeholcim.com
vanity2.jiveon.com
www.holcim.com
vanity2.jiveon.com
connect.lafargeholcim.com
connect.lafargeholcim.com
brandportal.lafargeholcim.com
intranet.lafargeholcim.com
itemea.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com
vanity2.jiveon.com
vanity2.jiveon.com
football.lafargeholcim.com
connect.lafargeholcim.com
vanity2.jiveon.com

Certificate

The complete raw certificate details for intranet.lafargeholcim.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIQQFZEAMd/spoJAAAAAEExTjANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMRMw
EQYDVQQDEwpHVFMgQ0EgMUQyMB4XDTIwMTIwNTAzMDY0NloXDTIxMDMwNTAzMDY0
NlowJTEjMCEGA1UEAxMaaW50cmFuZXQubGFmYXJnZWhvbGNpbS5jb20wggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVry+8CBCPrm/NnbNS0m/N2chcOi2n
W8cccyb7Vy9HV2TB4cnnVI/sr9mGPVPlCvliaYaItrnkV5lXzvQlC8sOLE64An4W
PQ/SdEwDQJNp7E+AmSGRwOMlI87Z/ZhIZnbWZoN81oCp8rg2GApJ+M9sSQ5VUOH7
tsnJSpY1mN0TvDDLhCv6WxJBEDDdsAsGX0zuODzGIZc/07xZo96ctAU3EaPPr/KO
c/BABBN9v3Eg8PELn8mlT2pBtRS5iKDQxmr5Vy3NbzqcZHqoCHhJ815BMmJEjEAN
/3O+/0Yy7zxSExt7kFtX39X8pR7AMXZEuvuvRsQsg7RBM8hM9qmjKOHTAgMBAAGj
ggJeMIICWjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUdCPFsREOllsPJA5P7kN2YibJcC0wHwYDVR0j
BBgwFoAUsd0yXei3N3LSzlzOJv5HeeIBCOkwZAYIKwYBBQUHAQEEWDBWMCcGCCsG
AQUFBzABhhtodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHMxZDIwKwYIKwYBBQUHMAKG
H2h0dHA6Ly9wa2kuZ29vZy9nc3IyL0dUUzFEMi5jcnQwJQYDVR0RBB4wHIIaaW50
cmFuZXQubGFmYXJnZWhvbGNpbS5jb20wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYK
KwYBBAHWeQIFAzAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vY3JsLnBraS5nb29n
L0dUUzFEMi5jcmwwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQDuwJXujXJkD5Lj
w7kbxxKjaWoJe0tqGhQ45keyy+3F+QAAAXYxFLB0AAAEAwBGMEQCIByJd8lqPg4V
AdoFLGmekMMaEhoi+w1RH2SYl2bNMT46AiBWjUtE8G44x5IclV+PhkYxSuEXTCFQ
HP9DQPGiIWWxxAB1AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAAB
djEUsiIAAAQDAEYwRAIgesX8VScFGSFJvLQHolaliG326T3EOhjL7Br0PT3wtOQC
IDv9JpaAf5JhQ6YOcV6duXKPbC6p/fws7fbMMII7EqCzMA0GCSqGSIb3DQEBCwUA
A4IBAQCLLEd8xFUeJ5ijlzoXgr6+XAYZAT7+YDW0UYaDw7lzJFypyZP6zY/XbO5V
kgphlcagi/Wd5N5fMi3ZvaFnXRzxK6aDvb6wjNB7xxLXAvimheMRuxuNRFOFglS2
5SzYsL+xzruKhxLFuSSc90040xBsNl0kBFXlY0zCslWfqKJierOZvhGc9OK1gemE
c15jmklKRVGNbxhMJYedUCwtXdKW6BNF9sTtTdEUSZrFsvph9NKZEW7Q0dximwDn
l2t5WhvB+ZJcMM3RSQcOD2K6WpcZr9wQQrek7lThIzE+2+Jm6oLbjEgDnRlAiIMk
KzYTDfoBj1Blb8mW34siK/nHV/sQ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1a8vvAgQj65vzZ2zUtJv
zdnIXDotp1vHHHMm+1cvR1dkweHJ51SP7K/Zhj1T5Qr5YmmGiLa55FeZV870JQvL
DixOuAJ+Fj0P0nRMA0CTaexPgJkhkcDjJSPO2f2YSGZ21maDfNaAqfK4NhgKSfjP
bEkOVVDh+7bJyUqWNZjdE7wwy4Qr+lsSQRAw3bALBl9M7jg8xiGXP9O8WaPenLQF
NxGjz6/yjnPwQAQTfb9xIPDxC5/JpU9qQbUUuYig0MZq+VctzW86nGR6qAh4SfNe
QTJiRIxADf9zvv9GMu88UhMbe5BbV9/V/KUewDF2RLr7r0bELIO0QTPITPapoyjh
0wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 85518508525663553311705886031226155342
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1D2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-05 03:06:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-05 03:06:46 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'intranet.lafargeholcim.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26975146622330462787565443704753586327675799423264889323607841102862051275266107545300081021548477032581724034999976576263781028130629949646039445465864235955417786837497799263521480185740575841301234331163334207860440708591906501863731514718671246426537570155183032854001213562724164246691336433652114236827487231334427982275170919598459915111380228016607537727526305840018785051143245156032638071635755904763147091643148126356686747325409915948084293580642516085454664118996632197269019959329102581252351822210397833954761864044268555851462993628532871710553263898901638003335530085708175329059153164819948873769427
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7423c5b1110e965b0f240e4fee43766226c9702d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b1dd325de8b73772d2ce5cce26fe4779e20108e9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/gts1d2'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/gsr2/GTS1D2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intranet.lafargeholcim.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.pki.goog/GTS1D2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500eec095ee8d72640f92e3c3b91bc712a3696a097b4b6a1a1438e647b2cbedc5f9000001763114b074000004030046304402201c8977c96a3e0e1501da052c699e90c31a121a22fb0d511f64989766cd313e3a0220568d4b44f06e38c7921c955f8f8646314ae1174c21501cff4340f1a22165b1c40075007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d7000001763114b222000004030046304402207ac5fc552705192149bcb407a256a5886df6e93dc43a18cbec1af43d3df0b4e402203bfd2696807f926143a60e715e9db9728f6c2ea9fdfc2cedf6cc30823b12a0b3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008b2c477cc4551e2798a3973a1782bebe5c0619013efe6035b4518683c3b973245ca9c993facd8fd76cee55920a6195c6a08bf59de4de5f322dd9bda1675d1cf12ba683bdbeb08cd07bc712d702f8a685e311bb1b8d4453858254b6e52cd8b0bfb1cebb8a8712c5b9249cf74d38d3106c365d240455e5634cc2b2559fa8a2627ab399be119cf4e2b581e984735e639a494a45518d6f184c25879d502c2d5dd296e81345f6c4ed4dd114499ac5b2fa61f4d299116ed0d1dc629b00e7976b795a1bc1f9925c30cdd149070e0f62ba5a9719afdc1042b7a4ee54e123313edbe266ea82db8c48039d19408883242b36130dfa018f50656fc996df8b222bf9c757fb10