sommelier.ai

Issued by AlphaSSL CA - SHA256 - G2

About this certificate

This digital certificate with serial number 77:71:87:46:6c:97:f6:8d:50:3b:28:e9 was issued on by GlobalSign nv-sa.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=sommelier.ai,OU=Domain Control Validated,C=US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 77:71:87:46:6c:97:f6:8d:50:3b:28:e9
Serial Number (int): 36965963604928782801139607785
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: 31:1d:4f:04:fc:a6:3e:ce:24:8f:8e:50:e1:b9:43:5e:b9:6a:18:ac
AuthorityKeyId: f5:cd:d5:3c:08:50:f9:6a:4f:3a:b7:97:da:56:83:e6:69:d2:68:f7

Fingerprint (sha1): 44:b8:a4:a0:02:c4:78:e9:df:b7:6d:80:2c:d1:eb:ef:83:84:36:97
Fingerprint (sha256): 0f:dd:0f:01:1e:47:3a:b8:a1:46:52:a0:53:24:bd:4b:b5:25:d2:70:5a:b6:21:9d:e0:ae:e1:94:5d:83:8b:db

Issuing Certificate URL: http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsalphasha2g2
CRL Distribution Point: http://crl2.alphassl.com/gs/gsalphasha2g2.crl

Check the revocation status for certificate sommelier.ai

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sommelier.ai

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sommelier.ai

Other certificates including the domain name sommelier.ai

(limited to 100 certificates)
sommelier.ai
sommelier.ai
sommelier.ai
sommelier.ai
sommelier.ai
sommelier.ai
*.sommelier.ai
sommelier.ai
*.sommelier.ai
sommelier.ai
sommelier.ai

Certificate

The complete raw certificate details for sommelier.ai in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIMd3GHRmyX9o1QOyjpMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE3MDYwMjE3NDkwOVoXDTE4MDYw
MzE3NDkwOVowRzELMAkGA1UEBhMCVVMxITAfBgNVBAsTGERvbWFpbiBDb250cm9s
IFZhbGlkYXRlZDEVMBMGA1UEAxMMc29tbWVsaWVyLmFpMIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEAz4myIlz3CSAxw7O48LGhIJ23ZDOFjgwWPh3sHMut
EvSo+UX1KLUZUl2V4eZQ1JsRrvwvhm+i8TOHcGvrALarlaZRbFsUrsaFai2NKiR1
GMsTK86cANb8COIlFjRI6DXEk6S6vUu57tBBKCb2Mo+XpshGUtUqrQqeoHFNOx3L
3nUzQo6+4v4QHykf0svRE5q1m8CIIe9a7x+9hIqq68kaQbVGNwQWiTX2hPgNORib
cW5JFSlA5i910BJS0wI1xsysU3R8w6uM0YZiAUhmfc9Af3RarpqEQr8H2k3O+fxk
c+I8O9l+djkiRwNXAhRA7lHPBTKutg801T+OczJ38e2Uz2XlIgh/mfGjLKHh6iMQ
41z9ccVUfiJiB3qVk9MIbBFrRBRXR+Sdi8/e5pKEwOvD2y4ueNBcgWCBb0h8ywQZ
LPEX0bl3sj2ii6caYCG2dizSfXFOysapzo9YekdLQvv3Xlo087KZHjMIZ+f3bhsU
h5YP3xtLJMSYj5x2N83usigWByTnRJka48KW2O8234o8cV3PET07FRCCCTvpENs2
DgPg9Or7qGglViTttvgCSTnyRTovsB3DQR8lYVWrl4pZxdb+bD9PzJDQiorlHaDc
2giU/FgARQaBX7MrctUGNM5U2gQnXO2ALxTu2D8xWDe6u6eCrvSrPvRndSlqn3em
vjsCAwEAAaOCAdEwggHNMA4GA1UdDwEB/wQEAwIFoDCBiQYIKwYBBQUHAQEEfTB7
MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0
L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwMi5n
bG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcyMFcGA1UdIARQME4wQgYKKwYBBAGg
MgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9y
ZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIwADA+BgNVHR8ENzA1MDOgMaAv
hi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20vZ3MvZ3NhbHBoYXNoYTJnMi5jcmww
FwYDVR0RBBAwDoIMc29tbWVsaWVyLmFpMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAdBgNVHQ4EFgQUMR1PBPymPs4kj45Q4blDXrlqGKwwHwYDVR0jBBgw
FoAU9c3VPAhQ+WpPOreX2laD5mnSaPcwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ
KoZIhvcNAQELBQADggEBANMnkZN7iJN4sZ4YdedMYXhQTYxVV/wyGMgLyQdxjmFk
En1ORwFGF3YLXZfgODb9l0aYzPvx/tnJGjvwtQN658YrNWICjK/6v40jiguuSUd9
1ocasjlJrE8X7nXI7yKxMfFu8swNBfw1YFoXNt2xj/UQsUpXTy8pV8sLWgukzZFc
6NCrwHGPuEaxEFMRyHwYKm8bwI8uxqxp9/Y0Gm+YA1jEfdPdbpQJ7v1bYBON/aAp
6XnHeGUW8Ed4KgRJWb0X48MrB9a+K2U09y84czn+HnH29A3tEwnvrf7FjTMTO3fs
gp3sMbNbOlpXeiMxAorAn5OStt/aeJzG4umPiXJWi4A=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAz4myIlz3CSAxw7O48LGh
IJ23ZDOFjgwWPh3sHMutEvSo+UX1KLUZUl2V4eZQ1JsRrvwvhm+i8TOHcGvrALar
laZRbFsUrsaFai2NKiR1GMsTK86cANb8COIlFjRI6DXEk6S6vUu57tBBKCb2Mo+X
pshGUtUqrQqeoHFNOx3L3nUzQo6+4v4QHykf0svRE5q1m8CIIe9a7x+9hIqq68ka
QbVGNwQWiTX2hPgNORibcW5JFSlA5i910BJS0wI1xsysU3R8w6uM0YZiAUhmfc9A
f3RarpqEQr8H2k3O+fxkc+I8O9l+djkiRwNXAhRA7lHPBTKutg801T+OczJ38e2U
z2XlIgh/mfGjLKHh6iMQ41z9ccVUfiJiB3qVk9MIbBFrRBRXR+Sdi8/e5pKEwOvD
2y4ueNBcgWCBb0h8ywQZLPEX0bl3sj2ii6caYCG2dizSfXFOysapzo9YekdLQvv3
Xlo087KZHjMIZ+f3bhsUh5YP3xtLJMSYj5x2N83usigWByTnRJka48KW2O8234o8
cV3PET07FRCCCTvpENs2DgPg9Or7qGglViTttvgCSTnyRTovsB3DQR8lYVWrl4pZ
xdb+bD9PzJDQiorlHaDc2giU/FgARQaBX7MrctUGNM5U2gQnXO2ALxTu2D8xWDe6
u6eCrvSrPvRndSlqn3emvjsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 36965963604928782801139607785
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AlphaSSL CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-02 17:49:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-03 17:49:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sommelier.ai'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 846680658033116529870513766773298285092011624883077425660351605338987331555477230476534594725557883031464558683302054081953303923333282030163802720721715052290832325635553689351129748997284100953779706596123402663777946495770402382663785713452870834068184230325025789242554369480882985616689874002685280171584392918768935648268228042618561544687696280821009147019119189423230536463865800389446470397220420311224143274091235544154613855300196879811314169079892932592166087823824599460004841774478603235498749036432863180616096833532515671674967563426157038418654233370584104412079371893596560384682373427258523953971795563694027445280171017265487720667263757682877637853343350731697511665738029751017169446073648602277867078182516902403427590193811484979012022568086317721895994865556831991772943308640581044304091343646898224040757889596994967129396514363084422090392347040161000878341555555159157428190757087515885207523905110754431016193669022064427095580083167837416365576571166849626747898383480205168082387576628482722170859018722607024644538247683371171241787761850697012020676035236779722007465376021241712644360044083749980195604286554453900492829189130179581590373886809057823803789263314929286530276762339754660082540265019
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (125 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsalphasha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10.10 (Domain Validation Certificates Policy - AlphaSSL)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.alphassl.com/gs/gsalphasha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sommelier.ai'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							311d4f04fca63ece248f8e50e1b9435eb96a18ac
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f5cdd53c0850f96a4f3ab797da5683e669d268f7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00d32791937b889378b19e1875e74c6178504d8c5557fc3218c80bc907718e6164127d4e47014617760b5d97e03836fd974698ccfbf1fed9c91a3bf0b5037ae7c62b3562028caffabf8d238a0bae49477dd6871ab23949ac4f17ee75c8ef22b131f16ef2cc0d05fc35605a1736ddb18ff510b14a574f2f2957cb0b5a0ba4cd915ce8d0abc0718fb846b1105311c87c182a6f1bc08f2ec6ac69f7f6341a6f980358c47dd3dd6e9409eefd5b60138dfda029e979c7786516f047782a044959bd17e3c32b07d6be2b6534f72f387339fe1e71f6f40ded1309efadfec58d33133b77ec829dec31b35b3a5a577a2331028ac09f9392b6dfda789cc6e2e98f8972568b80