dev.lift.acquia.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0a:68:d6:11:12:61:43:d1:2b:b0:1c:04:b3:1a:b4:00 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=dev.lift.acquia.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:68:d6:11:12:61:43:d1:2b:b0:1c:04:b3:1a:b4:00
Serial Number (int): 13836620619359041240728446907625157632
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 27:12:89:86:a4:aa:37:7f:39:6e:94:97:9f:04:ad:c7:b7:91:51:2f
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): d6:2b:a8:84:0f:ed:62:d2:e9:93:5e:a8:85:9c:1a:41:3e:09:5d:9f
Fingerprint (sha256): 0a:50:1b:d7:94:35:9c:90:b4:92:ce:1e:be:57:c3:d2:99:7f:da:dd:90:89:b1:33:6e:2c:3a:bd:b3:cf:fa:f6

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate dev.lift.acquia.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dev.lift.acquia.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dev.lift.acquia.com
*.dev.lift.acquia.com

Other certificates including the domain name acquia.com

(limited to 100 certificates)
statuspage.io
status.acquia.com
statuspage.io
statuspage.io
statuspage.io
adxstatus.com
ssl973641.cloudflaressl.com
san-30-s12.tlsprovisioning.exacttarget.com
sni.cloudflaressl.com
statuspage.io
adxstatus.com
svn-2411.prod.hosting.acquia.com
*.acquia.com
statuspage.io
san-29-s12.tlsprovisioning.exacttarget.com
statuspage.io
lift.acquia.com
radash.acquia.com
useastucc5.acquia.com
*.content-hub.acquia.com
cskb.acquia.com
acquia-sites.com
cskb.acquia.com
adxstatus.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
lift.acquia.com
statuspage.io
*.c.ssl.fastly.net
otto.acquia.com
lift.acquia.com
statuspage.io
sni.cloudflaressl.com
helpdesk.gapsi.com
statuspage.io
cds2.cvent.com
*.jfrog.ais.acquia.io
adxstatus.com
adxstatus.com
statuspage.io
status.acquia.com
statuspage.io
cds2.cvent.com
statuspage.io
statuspage.io
statuspage.io
acquarium.acquia.com
portal.ops.acquia.com
helpdesk.gapsi.com
statuspage.io
lift.acquia.com
statuspage.io
acquia-sites.com
*.acquia.com
questionnaire.acquia.com
view.marketing.acquia.com
svn-2420.devcloud.hosting.acquia.com
statuspage.io
statuspage.io
san-30-s12.tlsprovisioning.exacttarget.com
statuspage.io
statuspage.io
*.acquia.com
ssl363537.cloudflaressl.com
*.c.ssl.fastly.net
adxstatus.com
*.acquia.com
sni.cloudflaressl.com
statuspage.io
statuspage.io
adxstatus.com
ssl363535.cloudflaressl.com
statuspage.io
statuspage.io
statuspage.io
dev.lift.acquia.com
ssl946310.cloudflaressl.com
*.sr-dev.acquia.com
cci.acquia.com
dev.lift.acquia.com
accounts.acquia.com
cds2.cvent.com
statuspage.io
sni.cloudflaressl.com
*.sr-dev.acquia.com
acquia-sites.com
acquia-sites.com
statuspage.io
adxstatus.com
test.bin.acquia.com
helpdesk.deistermachine.com
ssl363535.cloudflaressl.com
statuspage.io
bin.acquia.com
statuspage.io
statuspage.io
accounts.acquia.com

Certificate

The complete raw certificate details for dev.lift.acquia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIQCmjWERJhQ9ErsBwEsxq0ADANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA3MjMwMDAwMDBaFw0xOTA4MjMx
MjAwMDBaMB4xHDAaBgNVBAMTE2Rldi5saWZ0LmFjcXVpYS5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuACvcBuCI7ec6bKhggDS1MLJMnAMPm4WI
cUePyVYmxAjLB6eArAftpZ7DGERStuPu90vZ8NAavNBWewDQsrRPliJJei+NlJkw
IwiItt4hcvQ9zpHt8MCEzMBUOnWpDGuzLC979lGtXIshfYuiTNJyPhC/YfTsF1Fm
TA2Sf5VTho66gAVI75l1vghmk2cMioSpuKi67w5hyTvM41NH8qJqtCahBP9XCEkF
Mg5cAM7qeUUrsy3BjHi+7s4C706srpTEtBs5oX/fJgxQhjCqJENhiDQQ6RIE+KMp
jrjfmYu0fCMc+YmegBDDw02fnZ9RPCft2jzGeyMPJfZ4n6pv0+YLAgMBAAGjggKX
MIICkzAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU
JxKJhqSqN385bpSXnwStx7eRUS8wNQYDVR0RBC4wLIITZGV2LmxpZnQuYWNxdWlh
LmNvbYIVKi5kZXYubGlmdC5hY3F1aWEuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0
cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZ
MBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYB
BQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF
BQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0
MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhY
FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWTH7aaCAAAEAwBIMEYCIQCA202z
TMJo6SJoPOp0EDix0H0G+funSdnPxjqkBhTqKgIhALZb2avGkd6BK5AiZR3T/b7r
GmpbsmgRDPLfExJTxjQhAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16g
gw8AAAFkx+2nUwAABAMARzBFAiA/spg/naXEhAiKmCxqQskNsl7KD1GjzuJ3/XXS
9OD3OAIhAN8TN0ssUNgRvRE5+T9JLHbbEd7el9z/tvzs4S+DTtKXMA0GCSqGSIb3
DQEBCwUAA4IBAQC6Atv+vQI6Tp0xvzB/E04F1OaTr1LILTWAND/ZK5dLeRj8uZ1b
UJrom3B0Et2fBGe/X3KHKYWJoPckMz0GQOlxykSP65PAQtn9I6ncWuHpaXKSuwXN
oyxzObWqrwdke6DE+QQSpD6foJfqY7AgOc/ANlpL/bFKYyq2rx6PIRmYIYzYWOmc
m7esUR3denuh4CykxPXanMsgNBpMOVdHkgvyuws9g/nJJQwt4lPNiRR9iVeER4AE
4UmoiJyyIh6yZMYpZBiXLrNRGZTVvz2PiDC6vW89iJ//AXL17zM8I4ZXJcIqfOiy
PoNoROgeBNU3WkJ8SlV7PL8utJvMkJVMPyPH
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgAr3AbgiO3nOmyoYIA0
tTCyTJwDD5uFiHFHj8lWJsQIywengKwH7aWewxhEUrbj7vdL2fDQGrzQVnsA0LK0
T5YiSXovjZSZMCMIiLbeIXL0Pc6R7fDAhMzAVDp1qQxrsywve/ZRrVyLIX2LokzS
cj4Qv2H07BdRZkwNkn+VU4aOuoAFSO+Zdb4IZpNnDIqEqbiouu8OYck7zONTR/Ki
arQmoQT/VwhJBTIOXADO6nlFK7MtwYx4vu7OAu9OrK6UxLQbOaF/3yYMUIYwqiRD
YYg0EOkSBPijKY6435mLtHwjHPmJnoAQw8NNn52fUTwn7do8xnsjDyX2eJ+qb9Pm
CwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13836620619359041240728446907625157632
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-23 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dev.lift.acquia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21965549548139668728452541194935542311151645560652160249427585806414406481011454062903070233559632151504071733384411813514795658050947590439368882828062292559141082177890061799345464735507437528011167133903132011480772104603721889942241440768375555292970682002490239343179409804738278154789121509536180133803943897065776263710966066253383200133579250217868702488440900641166573650731947073900499357919523650836045478130387162668825871169578036053622258482270260403341472865412186169079970378277361533642270786732731138261336003675086470598524741333959011852196506003534435589631818875312262876381649564440849902986763
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							27128986a4aa377f396e94979f04adc7b791512f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.lift.acquia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev.lift.acquia.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000164c7eda682000004030048304602210080db4db34cc268e922683cea741038b1d07d06f9fba749d9cfc63aa40614ea2a022100b65bd9abc691de812b9022651dd3fdbeeb1a6a5bb268110cf2df131253c634210076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000164c7eda753000004030047304502203fb2983f9da5c484088a982c6a42c90db25eca0f51a3cee277fd75d2f4e0f738022100df13374b2c50d811bd1139f93f492c76db11dede97dcffb6fcece12f834ed297
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ba02dbfebd023a4e9d31bf307f134e05d4e693af52c82d3580343fd92b974b7918fcb99d5b509ae89b707412dd9f0467bf5f7287298589a0f724333d0640e971ca448feb93c042d9fd23a9dc5ae1e9697292bb05cda32c7339b5aaaf07647ba0c4f90412a43e9fa097ea63b02039cfc0365a4bfdb14a632ab6af1e8f211998218cd858e99c9bb7ac511ddd7a7ba1e02ca4c4f5da9ccb20341a4c395747920bf2bb0b3d83f9c9250c2de253cd89147d895784478004e149a8889cb2221eb264c6296418972eb3511994d5bf3d8f8830babd6f3d889fff0172f5ef333c23865725c22a7ce8b23e836844e81e04d5375a427c4a557b3cbf2eb49bcc90954c3f23c7