cdn259.talksport.com

Issued by R3

About this certificate

This digital certificate with serial number 03:76:99:72:4c:60:f8:8d:88:27:97:9c:6d:81:d7:3b:eb:7b was issued on by Let's Encrypt.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=cdn259.talksport.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:76:99:72:4c:60:f8:8d:88:27:97:9c:6d:81:d7:3b:eb:7b
Serial Number (int): 301694142446294400590298614426426700196731
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 2b:a9:47:1c:aa:38:33:df:29:30:a6:72:79:6f:62:c5:a5:df:f5:93
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): d9:74:9e:ce:2b:d1:75:91:18:7a:90:f9:6b:f0:69:bd:8e:76:0a:87
Fingerprint (sha256): 0d:a0:5e:cb:bf:f9:1f:bc:fa:00:7d:12:d4:3c:79:5b:ef:8a:e6:18:cc:0b:75:03:9e:26:52:5c:7f:8a:c4:86

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate cdn259.talksport.com

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cdn259.talksport.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cdn259.talksport.com
cmp.amp.thetimes.co.uk
cmp.cdn.dreamteamfc.com
cmp.cdn.the-sun.com
cmp.cdn.thescottishsun.co.uk
cmp.cdn.thesun.co.uk
cmp.cdn.thesun.ie
cmp.cdn.thetimes.co.uk
cmp.store.thetimes.ie
cmpv2.talk.tv

Other certificates including the domain name talksport.com

(limited to 100 certificates)
pixelappcollector.thesun.co.uk
cdn259.talksport.com
alpha-api.talksport.com
pac.talksport.com
*.talksport.com
v2.pixel.nukp.data.newscorp.com
*.talksport.com
*.talksport.com
tags.thesun.co.uk
predictor.talksport.com
feeds.thesun.co.uk
feeds.thesun.co.uk
selector.talksport.com
bettrev.com
v2.pixel.nukd.data.newscorp.com
v2.pixel.nukp.data.newscorp.com
cms.talksport.com
predictor.talksport.com
nid.staging-thesun.co.uk
*.cloud-newsint.co.uk
cdn259.talksport.com
*.talksport.com
v2.pixel.nukp.data.newscorp.com
alpha-api.talksport.com
*.talksport.com
*.wireless.radio
feeds.thesun.co.uk
cmp.thesun.co.uk
predictor.talksport.com
v2.pixel.nukd.data.newscorp.com
cms.talksport.com
v2.pixel.nukp.data.newscorp.com
predictor.talksport.com
nid.club950.co.uk
origin-news-www-dev.uat-thesun.co.uk
feeds.thesun.co.uk
pixelappcollector.thesun.co.uk
alpha-api.talksport.com
talksport.com
alpha-api.talksport.com
alpha-api.talksport.com
cdn259.talksport.com
v2.pixel.nukp.data.newscorp.com
pixelappcollector.thesun.co.uk
nid-dev.club950.co.uk
cdn259.talksport.com
v2.pixel.nukp.data.newscorp.com
cms.talksport.com
tags.thesun.co.uk
*.nukcdn.com
feeds.thesun.co.uk
listen.talksport.com
predictor.talksport.com
v2.pixel.nukd.data.newscorp.com
*.talksport.com
selector.talksport.com
cdn259.talksport.com
*.nukcdn.com
alpha-api.talksport.com
app.talksport.com
*.cloud-newsint.co.uk
cdn259.talksport.com
nid.the-tls.co.uk
feeds.thesun.co.uk
bettrev.com
*.wireless.radio
*.talksport.com
origin-news-www.thesun.co.uk
pixelappcollector.thesun.co.uk
feeds.thesun.co.uk
ads.talksport.com
v2.pixel.nukd.data.newscorp.com
pac.talksport.com
pac.talksport.com
ads.talksport.com
bettrev.com
alpha-api.talksport.com
app.talksport.com
cdn259.talksport.com
predictor.talksport.com
login.talksport.com
pixelappcollector.thesun.co.uk
v2.pixel.nukp.data.newscorp.com
talksport.com

Certificate

The complete raw certificate details for cdn259.talksport.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISA3aZckxg+I2IJ5ecbYHXO+t7MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTgxMjIzMDFaFw0yNDA0MTcxMjIzMDBaMB8xHTAbBgNVBAMT
FGNkbjI1OS50YWxrc3BvcnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNtWkbudaZOeryqgF5QSIvfvg1hIItVau0aPyZJbI7a/fRGk2uqPW2Qi
MvVV9MJyh8DognUH8pj4KYYNdTGAWOpg+OXERlbbc/NZQSGSdAoC6YfJSo7di3T0
W9NiEkjMjUVG1k8Yj6PG7XisQDlNN0Gdo5tvGaVCf/vxFpUQ6GHsxpdYzr6IvFK2
nslVaTA3ctN4zn50Tf8dCpyBAJmZD8ip7w10BOkdcvjsBAny5LsyGM/kebtBJT1X
34jIIR1UDSMmNs0DiYaY+hzJHE/FLrp42vgGH41djdvp6ejvbd0ajlsdO7wqgEXY
jos6Tt0Vi+M0F/NvSMrvFUnio3FaVQIDAQABo4IC5jCCAuIwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBQrqUccqjgz3ykwpnJ5b2LFpd/1kzAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzCB7AYDVR0RBIHkMIHhghRjZG4yNTkudGFsa3Nwb3J0LmNvbYIWY21w
LmFtcC50aGV0aW1lcy5jby51a4IXY21wLmNkbi5kcmVhbXRlYW1mYy5jb22CE2Nt
cC5jZG4udGhlLXN1bi5jb22CHGNtcC5jZG4udGhlc2NvdHRpc2hzdW4uY28udWuC
FGNtcC5jZG4udGhlc3VuLmNvLnVrghFjbXAuY2RuLnRoZXN1bi5pZYIWY21wLmNk
bi50aGV0aW1lcy5jby51a4IVY21wLnN0b3JlLnRoZXRpbWVzLmllgg1jbXB2Mi50
YWxrLnR2MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBgYKKwYBBAHWeQIEAgSB9wSB
9ADyAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNHL1BvQAA
BAMASDBGAiEA75lY0GC9YkHhs8tMIZdZDTp4Dp5CZ1jzRksQN0aKp1ICIQCKLv/J
XAlrNjo+Ro4eVSJ/RCS9PD85OkDPcc0Jc07SKQB3AKLiv9Ye3i8vB6DWTm03p9xl
Q7DGtS6i2reK+Jpt9RfYAAABjRy9QcsAAAQDAEgwRgIhAJv28ZEmXZi+uk5fS9ny
603sTt/Qnne3RUNm8itE4cK/AiEA0jskPV3Dv5cfb3tEMRQnKfRP/5/c+KE+2VSE
W3TAAGMwDQYJKoZIhvcNAQELBQADggEBALnjYqkiIcoxy0ccRZYLM5wYwenHpEIg
fzByPt2yxpW6SYaAMBSuWPZBCd8zWivVLK6p5e0aYXS7unOhVk8eAtvuniPE2fri
riBxdl9hsMgGXc8f/IcioIsZIbHohGHfyli3OXdfvku+s+gMAD8i3EKP1VBvAP8e
Nu5u+IfqEKXkGFkX+O5IuPqC2UplhksynPlWNt8sfib//cMKOUNuuca+lMJECJD+
Vom96tkekWpZr9NTJlux0R4vqmIObz8RCuxq96LHVTiQgHf56DqcG4pZhG3N79jd
Fy6wXml//K08GtKgC+jlU2+hmktMHOQAbPw5Pixi5L7S1xs7wYhHyrQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNtWkbudaZOeryqgF5QS
Ivfvg1hIItVau0aPyZJbI7a/fRGk2uqPW2QiMvVV9MJyh8DognUH8pj4KYYNdTGA
WOpg+OXERlbbc/NZQSGSdAoC6YfJSo7di3T0W9NiEkjMjUVG1k8Yj6PG7XisQDlN
N0Gdo5tvGaVCf/vxFpUQ6GHsxpdYzr6IvFK2nslVaTA3ctN4zn50Tf8dCpyBAJmZ
D8ip7w10BOkdcvjsBAny5LsyGM/kebtBJT1X34jIIR1UDSMmNs0DiYaY+hzJHE/F
Lrp42vgGH41djdvp6ejvbd0ajlsdO7wqgEXYjos6Tt0Vi+M0F/NvSMrvFUnio3Fa
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 301694142446294400590298614426426700196731
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-18 12:23:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-17 12:23:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cdn259.talksport.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23336007792212445063898709751780453307137417388884196210706840183958946315782850739898659256474322835361715832095088772336105067105169504863245222794275743958822646424569101889751504474967333912295875321549225892304813881367646211613245275164034566195624405051053363658069606464558246371094953171661884117109445804964938638995730572724491785846234401943390273107894757171826973470405320626917469662932406562693004472952853907075323238052219672431034075758424987496947567711753439494278256718067460866028452283420716464161812548496269427197970918383845292855732116644055527906773959547217104819113185420050141577042517
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2ba9471caa3833df2930a672796f62c5a5dff593
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (228 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn259.talksport.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.amp.thetimes.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.cdn.dreamteamfc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.cdn.the-sun.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.cdn.thescottishsun.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.cdn.thesun.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.cdn.thesun.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.cdn.thetimes.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmp.store.thetimes.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmpv2.talk.tv'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d1cbd41bd0000040300483046022100ef9958d060bd6241e1b3cb4c2197590d3a780e9e426758f3464b1037468aa7520221008a2effc95c096b363a3e468e1e55227f4424bd3c3f393a40cf71cd09734ed229007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d1cbd41cb00000403004830460221009bf6f191265d98beba4e5f4bd9f2eb4dec4edfd09e77b7454366f22b44e1c2bf022100d23b243d5dc3bf971f6f7b4431142729f44fff9fdcf8a13ed954845b74c00063
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b9e362a92221ca31cb471c45960b339c18c1e9c7a442207f30723eddb2c695ba4986803014ae58f64109df335a2bd52caea9e5ed1a6174bbba73a1564f1e02dbee9e23c4d9fae2ae2071765f61b0c8065dcf1ffc8722a08b1921b1e88461dfca58b739775fbe4bbeb3e80c003f22dc428fd5506f00ff1e36ee6ef887ea10a5e4185917f8ee48b8fa82d94a65864b329cf95636df2c7e26fffdc30a39436eb9c6be94c2440890fe5689bdead91e916a59afd353265bb1d11e2faa620e6f3f110aec6af7a2c75538908077f9e83a9c1b8a59846dcdefd8dd172eb05e697ffcad3c1ad2a00be8e5536fa19a4b4c1ce4006cfc393e2c62e4bed2d71b3bc18847cab4