www.fondationdelafaune.qc.ca

Issued by R3

About this certificate

This digital certificate with serial number 04:12:60:74:d5:05:f1:95:cf:21:6e:ae:7c:a7:99:4b:fe:28 was issued on by Let's Encrypt.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.fondationdelafaune.qc.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:12:60:74:d5:05:f1:95:cf:21:6e:ae:7c:a7:99:4b:fe:28
Serial Number (int): 354702438846272974278477784646803893517864
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: cc:06:31:71:79:f8:d2:fa:fc:70:b5:ee:f9:2b:ad:bd:14:9e:98:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3f:d9:7c:32:94:89:3b:c2:6e:31:05:73:22:94:60:cd:53:03:4d:c9
Fingerprint (sha256): 0f:30:7c:2f:1f:f2:09:0a:d6:59:33:af:8c:4d:bc:44:c4:96:c0:f2:96:8e:6b:f2:2f:34:7f:7a:3f:d1:a8:bd

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.fondationdelafaune.qc.ca

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.fondationdelafaune.qc.ca

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

faune.org
fondationdelafaune.qc.ca
fondationfaune.qc.ca
www.faune.org
www.fondationdelafaune.qc.ca
www.fondationfaune.qc.ca

Other certificates including the domain name fondationdelafaune.qc.ca

(limited to 100 certificates)
www.fondationdelafaune.qc.ca
campagne.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
sondage.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
ffq.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
campagne.fondationdelafaune.qc.ca
vps.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
www.campagne.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
macause.com
campagne.fondationdelafaune.qc.ca
www.campagne.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
www.campagne.fondationdelafaune.qc.ca
campagne.fondationdelafaune.qc.ca
sondage.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
campagne.fondationdelafaune.qc.ca
sondage.fondationdelafaune.qc.ca
vps.fondationdelafaune.qc.ca
sondage.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
campagne.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
dev.macause.com
sondage.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
sondage.fondationdelafaune.qc.ca
encan.fondationdelafaune.qc.ca
macause.com
campagne.fondationdelafaune.qc.ca
sondage.fondationdelafaune.qc.ca
macause.com
encan.fondationdelafaune.qc.ca
www.fondationdelafaune.qc.ca
campagne.fondationdelafaune.qc.ca

Certificate

The complete raw certificate details for www.fondationdelafaune.qc.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISBBJgdNUF8ZXPIW6ufKeZS/4oMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA4MjEwMzA5NDZaFw0yMzExMTkwMzA5NDVaMCcxJTAjBgNVBAMT
HHd3dy5mb25kYXRpb25kZWxhZmF1bmUucWMuY2EwggIiMA0GCSqGSIb3DQEBAQUA
A4ICDwAwggIKAoICAQCyddktHFwdON6X9bwbNnEF2Z03DUXhM/yIx1ZMbhGXYs68
R0K3P1xga676G1Z+Aj0bt0aLLSr4HzPOKArylDWM4XSr5r8JHoprywtc+xCagSCf
5kf2jF2y4dGr5WG3hKJ6HvPFqrv2nGTkTpU8PHKZQn19yZkos41u4ML+1HHcOyZ1
cxfMWexaHSXQ4yjCOqp94H5ZwI72gMVAjwr3dD0fdxnKTPsD3AkvlasR9uqpCnyo
xvP9tGhqTq8F87gTsC6VLVhCmiS/6YEHXdxc7ooyHyy5M8dGcJOCnkvDDFQLjCuf
DHmJ36Jw1BrFXB3UdyfIO1t+RZFJyezxbqkIsYIjJ3NxP9cZ09fWAOz73R/5x2nF
77vDBpRcgPCkn+Kp82NxJoSdw7tSCozprjCUFRAqkjoPVjNAmCVljsN2k+DWZltO
t8Tpu7+T3XfDPmGCCNI4TZOXolGPOPpesybOx3RarEJxN/yg+Ylf/5xIuHrvGxVB
f/7P8UmFOBkSYybhcdNGxspuSxz185SqJP4D0zhtvXrvn1aZB8SE5wc79PXw84MW
Hol8+GTnWl2lBh7ImsJuOB4UyprgEU77IwvdDIzlAk5+JfLye61CZlmx+U6N1uWU
UCtQ9++qqggA+AsZVb/5reBJfLncmRD6IIOGoFnW5gTpLX9ogGzoM/M+3uVbGQID
AQABo4IChjCCAoIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTMBjFxefjS+vxwte75
K629FJ6YFzAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEF
BQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggr
BgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzCBjQYDVR0RBIGFMIGCgglm
YXVuZS5vcmeCGGZvbmRhdGlvbmRlbGFmYXVuZS5xYy5jYYIUZm9uZGF0aW9uZmF1
bmUucWMuY2GCDXd3dy5mYXVuZS5vcmeCHHd3dy5mb25kYXRpb25kZWxhZmF1bmUu
cWMuY2GCGHd3dy5mb25kYXRpb25mYXVuZS5xYy5jYTATBgNVHSAEDDAKMAgGBmeB
DAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ALc++yTfnE26dfI5xbpY9Gxd
/ELPep81xJ4dCYEl7bSZAAABihZI1S8AAAQDAEcwRQIgDn/WmRqjEkgoQ+Y5qSxK
+S1985wENUJsMV7H4iI7yEwCIQC9upr7gPQrLfBk4HuyVKSGSPkcU0t7UDoT3MGQ
S+KOlgB3AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABihZI1U0A
AAQDAEgwRgIhAMlWsSnjQ22pWEUXe/2Q41x8Y0oCHTzgA1q2luNp7BPoAiEAsrKk
RMYTKnajcoBe/39j0HvEkQPXlNGAkEvAHvjTDwIwDQYJKoZIhvcNAQELBQADggEB
AFd5gGhP3kFpBwvytisNuerDMFR14tJDIj+eCuC+Bnj2QhudergTQHASI/YOghXb
4XQG9TfIJTxWelhRyXARKe/TP8w9oS6UmwhJCTQAIadYzks0+QAikptS7b2HQqHU
4mWTipEuqUQ0177iEY8m2s8B75r7NJTOk7QuloqQk+qIHzpDBcDtJLJvnV7nCEWv
h6YfoakyiFt0O9PeKni5sUwrZ58o/q06YRSVigk3qLYXnNHxzAXCBEk2dB0WGR+h
aTbB4au1giXm3c0hxf/1k6JheMDARLQnEECiEm0v5aALhlairLB7UebK8P83MXMh
J2t+Tx7dkKu2MROunuP/rlc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsnXZLRxcHTjel/W8GzZx
BdmdNw1F4TP8iMdWTG4Rl2LOvEdCtz9cYGuu+htWfgI9G7dGiy0q+B8zzigK8pQ1
jOF0q+a/CR6Ka8sLXPsQmoEgn+ZH9oxdsuHRq+Vht4Sieh7zxaq79pxk5E6VPDxy
mUJ9fcmZKLONbuDC/tRx3DsmdXMXzFnsWh0l0OMowjqqfeB+WcCO9oDFQI8K93Q9
H3cZykz7A9wJL5WrEfbqqQp8qMbz/bRoak6vBfO4E7AulS1YQpokv+mBB13cXO6K
Mh8suTPHRnCTgp5LwwxUC4wrnwx5id+icNQaxVwd1HcnyDtbfkWRScns8W6pCLGC
IydzcT/XGdPX1gDs+90f+cdpxe+7wwaUXIDwpJ/iqfNjcSaEncO7UgqM6a4wlBUQ
KpI6D1YzQJglZY7DdpPg1mZbTrfE6bu/k913wz5hggjSOE2Tl6JRjzj6XrMmzsd0
WqxCcTf8oPmJX/+cSLh67xsVQX/+z/FJhTgZEmMm4XHTRsbKbksc9fOUqiT+A9M4
bb16759WmQfEhOcHO/T18PODFh6JfPhk51pdpQYeyJrCbjgeFMqa4BFO+yML3QyM
5QJOfiXy8nutQmZZsflOjdbllFArUPfvqqoIAPgLGVW/+a3gSXy53JkQ+iCDhqBZ
1uYE6S1/aIBs6DPzPt7lWxkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 354702438846272974278477784646803893517864
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-21 03:09:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-19 03:09:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.fondationdelafaune.qc.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 728054688247878684450906552629493633055535028639621653469890958801907692531315497018828126872686152581268461735899192498569636025883320748634572054574764052279710796210340290517048350598639918419522917167639785275974937260407126357263119449817652688844888079482211401104822241875569836417307210635059259782282990125984476916438080311082807987226554447020747115664813711098139693898230111732062219539103415463768534191223497242958963709115039581773858806648105204571945743427245006821278070941196295203550586022583374335670521464068167397349956780670912330938227681598702458602306060341302355416439479677915940145349888271965683447155853031515851652755881824763271290133449282743932369305515336258908466460336915356251657142674575294853639626826474214286091020506979493585547595498000618937810678378793954031351315083188221092064818352422567794383885048744505999966941607253740840339452581405574791344286662450142380377347263109689057624636043077135130955924225086712222564671782813285263194588173969859221550817984749705239135876009118049794442021245725921916101161887019176318047766197221910023346251545777618508219696506096888776187218916380950770105987251333008944767205524143190351784373689917119206766945988523096915549196999449
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cc06317179f8d2fafc70b5eef92badbd149e9817
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'faune.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fondationdelafaune.qc.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fondationfaune.qc.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.faune.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fondationdelafaune.qc.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fondationfaune.qc.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a1648d52f000004030047304502200e7fd6991aa312482843e639a92c4af92d7df39c0435426c315ec7e2223bc84c022100bdba9afb80f42b2df064e07bb254a48648f91c534b7b503a13dcc1904be28e960077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a1648d54d0000040300483046022100c956b129e3436da95845177bfd90e35c7c634a021d3ce0035ab696e369ec13e8022100b2b2a444c6132a76a372805eff7f63d07bc49103d794d180904bc01ef8d30f02
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00577980684fde4169070bf2b62b0db9eac3305475e2d243223f9e0ae0be0678f6421b9d7ab81340701223f60e8215dbe17406f537c8253c567a5851c9701129efd33fcc3da12e949b084909340021a758ce4b34f90022929b52edbd8742a1d4e265938a912ea94434d7bee2118f26dacf01ef9afb3494ce93b42e968a9093ea881f3a4305c0ed24b26f9d5ee70845af87a61fa1a932885b743bd3de2a78b9b14c2b679f28fead3a6114958a0937a8b6179cd1f1cc05c2044936741d16191fa16936c1e1abb58225e6ddcd21c5fff593a26178c0c044b4271040a2126d2fe5a00b8656a2acb07b51e6caf0ff37317321276b7e4f1edd90abb63113ae9ee3ffae57