alaannual.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:62:19:bd:5a:94:da:79:1a:fd:fa:3e:26:8a:2e:79:84:c4 was issued on by Let's Encrypt.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=alaannual.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:62:19:bd:5a:94:da:79:1a:fd:fa:3e:26:8a:2e:79:84:c4
Serial Number (int): 294718743634743841858920070888026021659844
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 8b:90:9a:a0:4c:e4:32:af:18:d5:ee:26:e0:73:2e:4b:4d:c9:17:af
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): ed:a3:61:12:3c:53:33:bd:98:14:8a:0a:f1:df:c0:5b:65:b9:e0:32
Fingerprint (sha256): 0f:53:63:d2:a8:b6:bb:94:f6:23:09:6d:86:6e:0f:41:4e:4e:64:f6:9f:b6:87:68:67:91:29:37:5c:48:28:1f

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate alaannual.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for alaannual.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

alaannual.com
alaannualcom.heiexpo.com
alamidwinter.com
alamidwintercom.heiexpo.com
heiexhibitors.com
heiexhibitors.heiexpo.com

Other certificates including the domain name alaannual.com

(limited to 100 certificates)
alamidwintercom.heiexpo.com
alaannual.com
alaannual.com
alaannual.com
alaannual.com
alaannual.com
webdisk.alaannual.org
alaannual.com
alaannual.org
www.alaannual.heiexpo.com
alamidwintercom.heiexpo.com
2016.alaannual.com
heiexhibitors.com
alaannual.com
alaannual.com
heiexhibitors.heiexpo.com
heiexhibitors.heiexpo.com
alaannual.com
alamidwinter.com
alaannual.com
www.alamidwinter.com
alaannualcom.heiexpo.com

Certificate

The complete raw certificate details for alaannual.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgISA2IZvVqU2nka/fo+JooueYTEMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA4MjMwMzU3MjlaFw0x
ODExMjEwMzU3MjlaMBgxFjAUBgNVBAMTDWFsYWFubnVhbC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBuidlkGNGwT8AbVZZhzseuYq7i6ywg+xa
XF8TSNyaTvpU75669nabDZ2cgMHl8/SjgO7tczYOek3LBw7AXayau8XoGmW9BN1W
lVb0Y9arIN9ZYWu62c1OttH0ZBhNxEHJ9ANS2uwUwa6YHb/CeyZKhgzKv+iuffhZ
p01JoHfsZcpAVdV1uka5ALjZ5fIZ4UZxyt5frUqAG8mHsV90yVozTdlNceWHQ0Qv
UTyLU0JURzGimsu/PjxSK5b9tXaMMA70dP+F9StT2MVWxMhbsh12dsCJ4GEQ5krS
dLX1suCZF4L3WylNY6DwNIomW7wtLwdTKrJletNyjAZ+SRN2y5SlAgMBAAGjggOQ
MIIDjDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIuQmqBM5DKvGNXuJuBzLktNyRev
MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw
YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y
ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y
Zy8wgZEGA1UdEQSBiTCBhoINYWxhYW5udWFsLmNvbYIYYWxhYW5udWFsY29tLmhl
aWV4cG8uY29tghBhbGFtaWR3aW50ZXIuY29tghthbGFtaWR3aW50ZXJjb20uaGVp
ZXhwby5jb22CEWhlaWV4aGliaXRvcnMuY29tghloZWlleGhpYml0b3JzLmhlaWV4
cG8uY29tMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB
1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsG
AQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQg
dXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3
aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRz
ZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEA
dwDBFkrgp3LS1DktyArBB3DU8MSb3pkaSEDB+gdRZPYzYAAAAWVlJQUyAAAEAwBI
MEYCIQDjLidoeZBiuIZv4+TQRvT0hKCylWCqIJ9jfU+4L6bKQQIhAJhI3FKZE55R
x2S+wyTt7crpNjJ09QFqKbWGdXfdncIAAHYAKTxRllTIOWW6qlD8WAfUt2+/WHop
ctykwwz05UVH9HgAAAFlZSUFSgAABAMARzBFAiEAkSvANv7HR4ZB7yCfQFF9146a
/sdohiGOXQFiflijBVYCIGpIObrL28cDysVm1trHEYHehKe/cBEYdo28L+xvjnAS
MA0GCSqGSIb3DQEBCwUAA4IBAQA52EYsH0+2SX9HwlC+a8jVS6oSM40OKxT4O1n5
UtshW6T2ZgY1sYCf5JMgju2a/Bx2IpKq8C0BcPMeUAeiPWzlwThiS13PDA9NKh37
8POjpBJTMw9a9qU/enUkrWNTrFfezaEqKmBC5xg3oHNQogM+IZC3pqiKYHdSgRUe
CcHjM8W7NslH5edkA6Io7Kp3N5VMDwF/JdxtYd8SbJl6xBw/5fTESYrojjUOVCC/
yXSm49jE0mGHsM3ffNhBSQbpefj4tj2jifRk12fOn6ZPgs5+kh5muklsa02BKXD3
Ou7XTuMLeEmJAJVLof5jfUMSJnr/8Ypd0+3eizCQ97oi0YHq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbonZZBjRsE/AG1WWYc7
HrmKu4ussIPsWlxfE0jcmk76VO+euvZ2mw2dnIDB5fP0o4Du7XM2DnpNywcOwF2s
mrvF6BplvQTdVpVW9GPWqyDfWWFrutnNTrbR9GQYTcRByfQDUtrsFMGumB2/wnsm
SoYMyr/orn34WadNSaB37GXKQFXVdbpGuQC42eXyGeFGccreX61KgBvJh7FfdMla
M03ZTXHlh0NEL1E8i1NCVEcxoprLvz48UiuW/bV2jDAO9HT/hfUrU9jFVsTIW7Id
dnbAieBhEOZK0nS19bLgmReC91spTWOg8DSKJlu8LS8HUyqyZXrTcowGfkkTdsuU
pQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 294718743634743841858920070888026021659844
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-23 03:57:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-21 03:57:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alaannual.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24455788764611421367476494529366641192615626107023697213059156216016625322538286760768544383156021006676665567592119696831962199241798670634223682061114005187714022200552422825207430753663306050700455387912116124064174357946624423323665294239988464026245330354909799039446259686170061891696033312550531290232473911546541929217448649560986080371053419677738705990661245299517211069181752942627479270172949640736032371227870355427794676736869668243171268275539454138607793481359798388285645908161983331362482980405914074385465289189030544000937779959855599489163738311058516918780394153652166152308349777857530024400037
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8b909aa04ce432af18d5ee26e0732e4b4dc917af
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (137 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alaannual.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alaannualcom.heiexpo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alamidwinter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alamidwintercom.heiexpo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heiexhibitors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heiexhibitors.heiexpo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700c1164ae0a772d2d4392dc80ac10770d4f0c49bde991a4840c1fa075164f6336000000165652505320000040300483046022100e32e2768799062b8866fe3e4d046f4f484a0b29560aa209f637d4fb82fa6ca410221009848dc5299139e51c764bec324ededcae9363274f5016a29b5867577dd9dc200007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001656525054a0000040300473045022100912bc036fec7478641ef209f40517dd78e9afec76886218e5d01627e58a3055602206a4839bacbdbc703cac566d6dac71181de84a7bf701118768dbc2fec6f8e7012
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0039d8462c1f4fb6497f47c250be6bc8d54baa12338d0e2b14f83b59f952db215ba4f6660635b1809fe493208eed9afc1c762292aaf02d0170f31e5007a23d6ce5c138624b5dcf0c0f4d2a1dfbf0f3a3a41253330f5af6a53f7a7524ad6353ac57decda12a2a6042e71837a07350a2033e2190b7a6a88a60775281151e09c1e333c5bb36c947e5e76403a228ecaa7737954c0f017f25dc6d61df126c997ac41c3fe5f4c4498ae88e350e5420bfc974a6e3d8c4d26187b0cddf7cd8414906e979f8f8b63da389f464d767ce9fa64f82ce7e921e66ba496c6b4d812970f73aeed74ee30b78498900954ba1fe637d4312267afff18a5dd3edde8b3090f7ba22d181ea