injuryfreenc.ncdhhs.gov

Issued by R3

About this certificate

This digital certificate with serial number 04:57:22:4a:1c:80:17:4a:6d:f6:fd:23:c4:07:7b:87:f4:b7 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=injuryfreenc.ncdhhs.gov

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:57:22:4a:1c:80:17:4a:6d:f6:fd:23:c4:07:7b:87:f4:b7
Serial Number (int): 378099288209042733463835665368484711756983
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 41:13:92:d3:27:1c:27:b2:d3:d3:95:51:83:d5:69:35:05:da:d4:26
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): f7:e9:f2:64:e4:9f:9a:6a:48:8a:46:75:78:c8:bd:fc:85:34:aa:9e
Fingerprint (sha256): 0a:62:91:e4:ef:fc:7c:85:51:91:19:b4:dd:8a:22:dc:9f:bd:31:31:46:ee:0a:30:82:5d:b3:1d:ca:ab:8a:ec

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate injuryfreenc.ncdhhs.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for injuryfreenc.ncdhhs.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

injuryfreenc.ncdhhs.gov

Other certificates including the domain name ncdhhs.gov

(limited to 100 certificates)
files.nc.gov
www.ncdhhs.gov
injuryfreenc.ncdhhs.gov
files.nc.gov
vendor-wic.ncdhhs.gov
testsecurity.ncdhhs.gov
files.nc.gov
www.credentials.ncdhhs.gov
*.ncdhhs.gov
mit.api.sip.mes.ncdhhs.gov
tobaccopreventionandcontrol.ncdhhs.gov
files.nc.gov
files.nc.gov
ncdhhs.gov
policies-dev.ncdhhs.gov
www.eureka.ncdhhs.gov
injuryfreenc.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
*.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
files.nc.gov
test.mft-console.sip.mes.ncdhhs.gov
ncdhhs.gov
files.nc.gov
myncwic-uat.ncdhhs.gov
icam.mes.ncdhhs.gov
www.credentials.ncdhhs.gov
ncdhhs.gov
injuryfreenc.ncdhhs.gov
sni.cloudflaressl.com
*.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
wrtk.ncdhhs.gov
uat.sip.mes.ncdhhs.gov
www.bcccp.ncdhhs.gov
www2.ncdhhs.gov
ncdhhs.gov
*.dph.ncdhhs.gov
*.ncdhhs.gov
sni.cloudflaressl.com
*.ncdhhs.gov
www.ccr.ncdhhs.gov
*.ncdhhs.gov
sni.cloudflaressl.com
files.nc.gov
*.ncdhhs.gov
news.ncdhhs.gov
*.ncdhhs.gov
bcccp.ncdhhs.gov
ncdhhs.gov
view.sms.email.ncdhhs.gov
www.dma.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
ncdhhs.gov
socializesafer-uat.ncdhhs.gov
*.ncdhhs.gov
go.ncdhhs.gov
*.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
*.dph.ncdhhs.gov
files.nc.gov
files.nc.gov
mes.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
phpmyadmin-uat.ncdhhs.gov
ehids.eh.ncdhhs.gov
vendor-wic.ncdhhs.gov
jtcommunicationbulletins.ncdhhs.gov
outreach.ncdhhs.gov
www.credentials.ncdhhs.gov
*.dph.ncdhhs.gov
loginpp.eh.ncdhhs.gov
testhcbs.ncdhhs.gov
*.ncdhhs.gov
ehids.eh.ncdhhs.gov
files.nc.gov
ehidstest.eh.ncdhhs.gov
ncir-dev8.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
jtcommunicationbulletins.ncdhhs.gov
*.ncdhhs.gov
*.ncdhhs.gov
sni.cloudflaressl.com
ncfastappinvp.ncdhhs.gov
news.ncdhhs.gov
bcccp.ncdhhs.gov
*.ncdhhs.gov
*.dph.ncdhhs.gov
files.nc.gov

Certificate

The complete raw certificate details for injuryfreenc.ncdhhs.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISBFciShyAF0pt9v0jxAd7h/S3MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA1MTAwMTMxMTRaFw0yMzA4MDgwMTMxMTNaMCIxIDAeBgNVBAMT
F2luanVyeWZyZWVuYy5uY2RoaHMuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvachkxyKLmqvXEo9pULHjhVt1HLOC8g8An4rAvYmBeL+4jwMGrtm
5W0lNEY6OhRLrBv2Gm+axNgves0BOZTCekggHRomqt5bmPZ5S5+JpFPUG327yNy2
ahL29dT4wYtwZz++xPinzlcRlFt4KAwrDqdR9MQApszna4FjQ+X53ZL4pExQ9LuV
Z4RRx0NujqQBSmiIxG6KiLfunkUHs5/LNcEpW6JQB2H+WcvjaocN9K5E57/A0LSM
EefSc9R7abTkzzS1vBhEhhya1XwyR4FLuKBImuXapAP3DF2E88hr5qZeiG/mnTd+
s2wwpX7hbUtGvUnBx6ivEirpcUZm+tWSXQIDAQABo4ICUjCCAk4wDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMB0GA1UdDgQWBBRBE5LTJxwnstPTlVGD1Wk1BdrUJjAfBgNVHSMEGDAWgBQU
LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG
FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku
bGVuY3Iub3JnLzAiBgNVHREEGzAZghdpbmp1cnlmcmVlbmMubmNkaGhzLmdvdjBM
BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB
FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUE
gfIA8AB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiAN/nbsA
AAQDAEYwRAIgaSpo+1YP3IzDCpLpsX2LrxE2uqCDmVdLZ2rKarMRvB0CIHNaVnLH
GsE05drrV45eKr5YWkYbXZqVzBhFspajafR6AHcAtz77JN+cTbp18jnFulj0bF38
Qs96nzXEnh0JgSXttJkAAAGIA3+dzwAABAMASDBGAiEArEjaWSCs8uxU7d6V46Tv
oYmuW227/V55U558Y5yktxgCIQDEQK/MAcjM/EHikOvuzDk8MAVTj9Kp1Q9sTRGL
UT8jbjANBgkqhkiG9w0BAQsFAAOCAQEAKpba9/EJvU2WvBqDDtV2jP1w69F8Taj7
4p2fLIoRwTMQKilO2DkqC0omCuY7vExEkhSDUczvlvWomzQGhoP5euFg6kytjXmg
nwfANEepi3T1Z2c977wQ0VK43qOlqt2xZs6fiseukbTf8UkWQyH4VhHmyDqMZ0sm
ZCpIBtqudde4HyvMzIMxE/USnYi/P8yrt2Q0alt/bRQeeqpFpM1C0iEsOHpvr4u+
5935IPkIGf6MDwLDZttd5StrOQW6uHVRkfze4nDiX628jbXIdf3DlU6DA0bknIoE
xmghysdCOQ/ZrFsTWbei775pRxyy0/ojoU7h1JirNszOKhuhZdKPrw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvachkxyKLmqvXEo9pULH
jhVt1HLOC8g8An4rAvYmBeL+4jwMGrtm5W0lNEY6OhRLrBv2Gm+axNgves0BOZTC
ekggHRomqt5bmPZ5S5+JpFPUG327yNy2ahL29dT4wYtwZz++xPinzlcRlFt4KAwr
DqdR9MQApszna4FjQ+X53ZL4pExQ9LuVZ4RRx0NujqQBSmiIxG6KiLfunkUHs5/L
NcEpW6JQB2H+WcvjaocN9K5E57/A0LSMEefSc9R7abTkzzS1vBhEhhya1XwyR4FL
uKBImuXapAP3DF2E88hr5qZeiG/mnTd+s2wwpX7hbUtGvUnBx6ivEirpcUZm+tWS
XQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 378099288209042733463835665368484711756983
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-10 01:31:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-08 01:31:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'injuryfreenc.ncdhhs.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23941455080805371518145969092444333744519557999963995874539036385849587505677763829013347841482587221244476658853550483206450726218039686816255932528380167666242523831147773671729154620489180973785655340377680543219771081140429900993387823977748030234571929916240357088390676621920701290811851291885476083411173306974479664101097280407451962308753759542374343619101928713228384317919080609490925748066726252519461866985418733690504565681314743368129082758903274197740487764267510145499065811670118728273630873556122678827115028946908092577856837318881115094744343666550063841328539919057798014464844454331258565399133
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							411392d3271c27b2d3d3955183d5693505dad426
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'injuryfreenc.ncdhhs.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000188037f9dbb00000403004630440220692a68fb560fdc8cc30a92e9b17d8baf1136baa08399574b676aca6ab311bc1d0220735a5672c71ac134e5daeb578e5e2abe585a461b5d9a95cc1845b296a369f47a007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000188037f9dcf0000040300483046022100ac48da5920acf2ec54edde95e3a4efa189ae5b6dbbfd5e79539e7c639ca4b718022100c440afcc01c8ccfc41e290ebeecc393c3005538fd2a9d50f6c4d118b513f236e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002a96daf7f109bd4d96bc1a830ed5768cfd70ebd17c4da8fbe29d9f2c8a11c133102a294ed8392a0b4a260ae63bbc4c4492148351ccef96f5a89b34068683f97ae160ea4cad8d79a09f07c03447a98b74f567673defbc10d152b8dea3a5aaddb166ce9f8ac7ae91b4dff149164321f85611e6c83a8c674b26642a4806daae75d7b81f2bcccc833113f5129d88bf3fccabb764346a5b7f6d141e7aaa45a4cd42d2212c387a6faf8bbee7ddf920f90819fe8c0f02c366db5de52b6b3905bab8755191fcdee270e25fadbc8db5c875fdc3954e830346e49c8a04c66821cac742390fd9ac5b1359b7a2efbe69471cb2d3fa23a14ee1d498ab36ccce2a1ba165d28faf