au.affirm.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 09:83:1f:55:0d:44:bd:eb:d4:34:ec:df:f2:71:f7:36 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=au.affirm.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 09:83:1f:55:0d:44:bd:eb:d4:34:ec:df:f2:71:f7:36
Serial Number (int): 12643878343730241150676103821087864630
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 94:e0:b9:bb:33:83:d8:56:2a:31:5a:75:99:56:ab:3e:f1:04:de:fb
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): fd:92:2e:e8:73:f0:f4:47:51:24:4c:c0:aa:33:93:c9:87:24:b8:af
Fingerprint (sha256): 0b:92:ea:ba:ef:fb:87:cc:1e:12:cf:01:7a:98:72:5e:ac:e2:59:a4:72:71:b1:80:60:42:a1:3d:e0:34:c3:9c

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate au.affirm.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for au.affirm.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

au.affirm.com
*.au.affirm.com

Other certificates including the domain name affirm.com

(limited to 100 certificates)
statuspage.io
au.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
cloud.e.affirm.com
sales-demo.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
appstatus.dancecapsules.merce.broadleafclients.com
status.affirm.com
cdn1.affirm.com
prospective2.shared.global.fastly.net
cdn1.au.affirm.com
prospective2.shared.global.fastly.net
cwl.status.cloudsigma.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
mailer.shop.affirm.com
education.team.affirm.com
hello.affirm.com
image.comms.caredeliveryorganization.com
demo.affirm.com
fp.affirm.com
prospective2.shared.global.fastly.net
leapfrog-ssl-40.gcs-web.com
cdn1.affirm.com
statuspage.io
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
lp.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
statuspage.io
twittertest.plusplus.app
prospective2.shared.global.fastly.net
leapfrog-ssl-40.gcs-web.com
statuspage.io
statuspage.io
statuspage.io
fp.affirm.com
prospective2.shared.global.fastly.net
image.comms.caredeliveryorganization.com
appstatus.dancecapsules.merce.broadleafclients.com
image.comms.caredeliveryorganization.com
statuspage.io
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
statuspage.io
au.affirm.com
statuspage.io
leapfrog-ssl-40.gcs-web.com
m.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
leapfrog-ssl-40.gcs-web.com
san-4-s11.tlsprovisioning.exacttarget.com
leapfrog-ssl-40.gcs-web.com
prospective2.shared.global.fastly.net
phabricator.team.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
statuspage.io
statuspage.io
statuspage.io
click.e.affirm.com
statuspage.io
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
mhdocs.affirm.com
static-ip-mtls.affirm.com
static-ip-mtls.sandbox.affirm.com
freelancer.plusplus.app
mi.affirm.com
affirm.plusplus.app
appstatus.dancecapsules.merce.broadleafclients.com
*.affirm.com
image.comms.caredeliveryorganization.com
lp.affirm.com
hello.affirm.com
lp.affirm.com
statuspage.io
status.affirm.com
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
prospective2.shared.global.fastly.net
appstatus.dancecapsules.merce.broadleafclients.com
okta.affirm.com
statuspage.io
m.affirm.com
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
statuspage.io
statuspage.io
*.global-sandbox.affirm.com
statuspage.io
global-stage.affirm.com
global.affirm.com
statuspage.io

Certificate

The complete raw certificate details for au.affirm.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIQCYMfVQ1EvevUNOzf8nH3NjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDkxMDAwMDAwMFoXDTI0MTAwOTIzNTk1OVowGDEW
MBQGA1UEAxMNYXUuYWZmaXJtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBANgyQLxIace2aCaOqzq8nYjZ3G9kL0ik7dwfkKFiUTKVyXIvVgj/Q+3j
uTXciRW7MfZZT688ASgl1wyHnM2bSZJcmRE3R4CVQNRG7s/IdeaydDbrex5akUcV
yvtaELMFBk52wzTcUJdmJEuuJntXicknkIWLuAl1SrsTow96IkqcRp+bpOM2oUac
3lyhcVBmhVCf5j2DV/XP7NsYASwilMP7xSAgMoy0YKNXiF6x8/eQBvnjY9TjINeZ
hFfhxMwvlpqUgBXXVeiGhHo6FvZcl6jpZYBv+eU7xWAUAmPL9hqjA4VFMU7P37oV
XHIQ5dsLLJeTEMaq2ngd+fRiRFvGuiMCAwEAAaOCAvYwggLyMB8GA1UdIwQYMBaA
FMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSU4Lm7M4PYVioxWnWZVqs+
8QTe+zApBgNVHREEIjAggg1hdS5hZmZpcm0uY29tgg8qLmF1LmFmZmlybS5jb20w
EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js
LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBn
MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20w
NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3Iy
bTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA
dgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYp9OC65AAAEAwBH
MEUCIQCLilwpJzcBVPYA333TsYMUyGLm67W2OfsJEErVbaUQoAIgdWfkwk2Z2Y/r
DFBK3lhqT0YKS+Cddg9gBfOrtkoyS7gAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bd
LIHZu7+rOdiEcwAAAYp9OC6EAAAEAwBGMEQCIBiZ+jzQ2sQ8wq3ksYP2l9SXIQei
kW/lv+kf9lq5abG3AiBM1WK1GWM1hyXpaGmh255g0iRHcLi0dMzl9isyUL3oOQB2
ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABin04LiQAAAQDAEcw
RQIgFmKmtnvbQVdFG3nF0tA5uA6ThSqrPA7fR7nUiZlcNigCIQDkpQIgSJVFrSLq
fHt5IXNgTGPCzB2zQqYhycsnonSeQzANBgkqhkiG9w0BAQsFAAOCAQEAbFm7t7nQ
wYK/y6eRJjHzanEzE4x3EkU4WMcu8A/MHgQZbGLEhBC4ShYq9n5FTxFpC701zB9e
/4PWMo2h1lAMnA0lFBfYn5MrbVdsDXgU8h9h/pX90mbMIQsiDbN/7XXDcfC0yH9D
l69XniYsSLi5KAhyVRxzaUX64n25fgPodTMS2L6XKnCFqobPSQoXrYMjIysLr/wo
Ye4tumiwpREKBixOCF+q20BdiKTa11JmUHjd3LwCpymEg3mB5uWTO176eqgV+jnP
nbw85hLPwQ2d/bEjVQVHjodnj9oov9p6UPJkRdA5QH86ydZUqSqiqsHI/3tQ5YwV
t/oXf5WZ3W4XXg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DJAvEhpx7ZoJo6rOryd
iNncb2QvSKTt3B+QoWJRMpXJci9WCP9D7eO5NdyJFbsx9llPrzwBKCXXDIeczZtJ
klyZETdHgJVA1Ebuz8h15rJ0Nut7HlqRRxXK+1oQswUGTnbDNNxQl2YkS64me1eJ
ySeQhYu4CXVKuxOjD3oiSpxGn5uk4zahRpzeXKFxUGaFUJ/mPYNX9c/s2xgBLCKU
w/vFICAyjLRgo1eIXrHz95AG+eNj1OMg15mEV+HEzC+WmpSAFddV6IaEejoW9lyX
qOllgG/55TvFYBQCY8v2GqMDhUUxTs/fuhVcchDl2wssl5MQxqraeB359GJEW8a6
IwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12643878343730241150676103821087864630
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'au.affirm.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27292254487915611605153898212387548534826855298643700898139756957954587665807510071081084490947296699495925390489353284108657675174256256605391101653192017903865311742188862839156996795780099240049555862062944458377934446175068806566837412547446901342211206537806317199297986048541524959770950715419919290230485448002147589080271186651107119810592210624112862871507566699578133129598973834266807581509290262521137368924366536039630187773124785946489464379322773098169411151753918181819231672851701791388463197809957186211321402356989512929827176314119518616941011098441928522553403216308295567011093665877487671228963
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							94e0b9bb3383d8562a315a759956ab3ef104defb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'au.affirm.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.au.affirm.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018a7d382eb900000403004730450221008b8a5c2927370154f600df7dd3b18314c862e6ebb5b639fb09104ad56da510a002207567e4c24d99d98feb0c504ade586a4f460a4be09d760f6005f3abb64a324bb800750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a7d382e84000004030046304402201899fa3cd0dac43cc2ade4b183f697d4972107a2916fe5bfe91ff65ab969b1b702204cd562b51963358725e96869a1db9e60d2244770b8b474cce5f62b3250bde839007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a7d382e24000004030047304502201662a6b67bdb4157451b79c5d2d039b80e93852aab3c0edf47b9d489995c3628022100e4a50220489545ad22ea7c7b792173604c63c2cc1db342a621c9cb27a2749e43
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006c59bbb7b9d0c182bfcba7912631f36a7133138c7712453858c72ef00fcc1e04196c62c48410b84a162af67e454f11690bbd35cc1f5eff83d6328da1d6500c9c0d251417d89f932b6d576c0d7814f21f61fe95fdd266cc210b220db37fed75c371f0b4c87f4397af579e262c48b8b9280872551c736945fae27db97e03e8753312d8be972a7085aa86cf490a17ad8323232b0baffc2861ee2dba68b0a5110a062c4e085faadb405d88a4dad752665078dddcbc02a72984837981e6e5933b5efa7aa815fa39cf9dbc3ce612cfc10d9dfdb1235505478e87678fda28bfda7a50f26445d039407f3ac9d654a92aa2aac1c8ff7b50e58c15b7fa177f9599dd6e175e