jabberguest.ge.ch

- Republique et Canton de Geneve -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 59:6b:04:c2:01:74:e7:b4:17:87:88:75:84:12:1c:c2:2a:19:fc:26 was issued on Tuesday Jan 15, 2019 at 3:07PM by SwissSign AG.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

We have idenified some issues with this certificate:

KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate had 0 embedded SCTs. Browser policy may require 3 for this certificate. Check if certificate has enough embedded SCTs to meet Apple CT Policy (https://support.apple.com/en-us/HT205280)

Republique et Canton de Geneve

Organization: Republique et Canton de Geneve
Organization unit: OCSIN

State / Province: Geneva
Locality: Geneva
Country: CH

SwissSign AG

Organization: SwissSign AG

Country: CH

This certificate has expire since Friday Jan 15, 2021 at 3:07PM UTC

Certificate Details

Serial Number (hex): 59:6b:04:c2:01:74:e7:b4:17:87:88:75:84:12:1c:c2:2a:19:fc:26
Serial Number (int): 510486772805423637972287281971893877412372020262
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 93:de:e4:ba:08:4c:85:b1:97:e4:32:d1:bd:b9:79:0d:e9:09:6e:f8
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): 11:2c:1f:44:c4:84:e8:e9:96:2d:b5:83:ba:92:b6:6e:f6:c3:df:2a
Fingerprint (sha256): 0d:a2:33:ee:16:f2:3b:f2:30:de:cb:fe:07:1a:c8:41:e2:0e:88:9f:55:83:0e:c6:6a:ad:72:0e:48:ad:d8:b7

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate jabberguest.ge.ch

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for jabberguest.ge.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

Fully Qualified Domain Names

jabberguest.ge.ch

jabbergexpe002.ge.ch

jabbergexpe001.ge.ch

jabbergexpe001.ceti.etat-ge.ch

jabbergexpe002.ceti.etat-ge.ch

jabbergexpe.ceti.etat-ge.ch

jabberguest.ge.ch
jabbergexpe002.ge.ch
jabbergexpe001.ge.ch
jabbergexpe001.ceti.etat-ge.ch
jabbergexpe002.ceti.etat-ge.ch
jabbergexpe.ceti.etat-ge.ch

Other certificates including the domain name ge.ch

(limited to 100 certificates)

impuserlabo000-ms.ceti.etat-ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch

Certificate

The complete raw certificate details for jabberguest.ge.ch in PEM and ASN.1 format.

Certificate (PEM)

Public Key (PEM)

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 510486772805423637972287281971893877412372020262
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-15 15:07:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-15 15:07:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneva'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneva'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OCSIN'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'jabberguest.ge.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 589928582881316650832803225737923239970483918771501330676393760099249692941216680592115869796261815038017457016290432016361381717663455371098930918781440937425117766996215415097105093122368913368825576742432646257269671218568157248572316566884974515827166830429665055841841042247085904168102304340591239208886393603584758255795705212802558717840092783696675512959292228703186384294418994196147155623981136845011091719666535969400831738424155263097411247060762737667155691329364426622100953747677072415872765188471031250859272529321858046308970296860121446871897693501893394635921970103619040021333615590842079029149280960484859229459995179001128879046943873321484439541633556336500149408254666357957122919741280299190048333613371839929271528725915046110423919562273364956177722960367244412034773554414854999261917488578692976522314858151914380445485805370191022050291919839729885469990174142772809796525766715557192043664409131547317127371773071097880457596717987229696340326749848883216872956531532834325593591528261093638331838911256755170316142200316975352708229558884478683180231894773192912165682308479883574983283028663934508126430373304039252916598687671962375155032677800147343387945541920890374728186421900539538212876193333
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jabberguest.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jabbergexpe002.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jabbergexpe001.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jabbergexpe001.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jabbergexpe002.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jabbergexpe.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							93dee4ba084c85b197e432d1bdb9790de9096ef8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003dd97e88997c3f4125b277973613e1dcf219f6e4767ed5759ba92365c65213c57549b10bf17b7907f7799c38e95513d5f55ad41343d72aa83a35ae7a46b48e5f935f6970172db3273e0a8d1241bbbdece36aab747fe29e91580983211fcd688da897bf594a1e81260e2b7a8a7fc057d7d3ec9e22a6101de62f169811f27376b13d8d88b7693d3ea7145dda368c25b6a271c12ff339f0e47ea036d12f97a2b83a70f85e6815ab7c7ef99537a6ce94a623fc8bef3ab6a6ed2061dad1482e23fb5a7b75ceb9d35fe382d20592c84593fd640fb6fe506cb3a8720cdf01853876fc401cb4dca2270e74d48e9f78af7f6be15266ebf1c7db172c353e7818f2dce699fa