*.liip.ch

Issued by RapidSSL SHA256 CA - G4

About this certificate

This digital certificate with serial number 53:7a was issued on by GeoTrust Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=*.liip.ch

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 53:7a
Serial Number (int): 21370
Serial Number lenght: 15 bits, 2 octets

SubjectKeyId:
AuthorityKeyId: f3:b5:56:0c:c4:09:b0:b4:cf:1f:aa:f9:dd:23:56:f0:77:e8:a1:f9

Fingerprint (sha1): 0a:1d:72:17:73:49:21:a4:4a:34:7a:82:e9:1d:a0:f1:16:c0:96:e6
Fingerprint (sha256): 0f:e7:b8:62:49:5a:34:91:fe:af:3e:8b:d2:55:0f:93:50:83:83:f6:c0:e5:e5:d3:b3:71:1c:93:ed:16:fd:a5

Issuing Certificate URL: http://gz.symcb.com/gz.crt

Revocation information

OCSP Server: http://gz.symcd.com
CRL Distribution Point: http://gz.symcb.com/gz.crl

Check the revocation status for certificate *.liip.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.liip.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.liip.ch
liip.ch

Other certificates including the domain name liip.ch

(limited to 100 certificates)
zebra.liip.ch
liip.ch
beta-zebra.liip.ch
liip.ch
legacy-clients.k8s.liip.ch
prolek.stage01.sb.liip.ch
gitlab.liip.ch
monitoring.elearning.liip.ch
test-wiki.liip.ch
bundstarterkit.demo.liip.ch
crm.svc.clients.liip.ch
baspo.bedev.liip.ch
liip.ch
guess.liip.ch
support.liip.ch
playground.moodle.liip.ch
*.clients.liip.ch
unitar2.stage01.sb.liip.ch
blog.liip.ch
moodle.careum-weiterbildung.ch
liip.ch
techpool.stage01.sb.liip.ch
eduprep.sosaerzte.ch
nagios.liip.ch
account.liip.ch
repair-cafe-stage.clients.liip.ch
stage.bwo.clients.liip.ch
liip-moodle.devel01.sb.liip.ch
order.elearning.liip.ch
meinunterricht2.kvz-weiterbildung.ch
moodle.liip.ch
liip.ch
prolek.stage01.sb.liip.ch
memberplus.rai.clients.liip.ch
vagrantbox-public.liip.ch
blog.liip.ch
ehb.clients.liip.ch
iuffp1.clients.liip.ch
lsca.devel01.sb.liip.ch
mdl-tph-mnet.devel01.sb.liip.ch
preprod.liip.ch
mobi.demo.liip.ch
wks.devel01.sb.liip.ch
preprod.liip.ch
iuffp1.clients.liip.ch
moodle.liip.ch
iuffp1.clients.liip.ch
*.d.clients.liip.ch
download.liip.ch
guidelines.liip.ch
stage.bwo.clients.liip.ch
repair-cafe.clients.liip.ch
*.liip.ch
crm.svc.clients.liip.ch
bzwu.stage01.sb.liip.ch
liip.ch
account.liip.ch
moodle-sob.clients.liip.ch
monitoring.elearning.liip.ch
cpdf.liip.ch
techpool.stage01.sb.liip.ch
liip-moodle.live03.sb.liip.ch
lsca.devel01.sb.liip.ch
moodle.careum-weiterbildung.ch
h5p.devel01.sb.liip.ch
gtm-generator.liip.ch
slides.liip.ch
lhc.stage01.sb.liip.ch
account.liip.ch
slides.liip.ch
blog.liip.ch
moodle-dev.graduateinstitute.ch
bgs.stage01.elearning.liip.ch
projects.liip.ch
lama.liip.ch
baspo.bedev.liip.ch
chbox.clients.liip.ch
kompra.stage01.sb.liip.ch
elearning.liip.ch
futura21.devel01.sb.liip.ch
stage.bwo.clients.liip.ch
shop.stapferhaus.bedev.liip.ch
dev.zb.clients.liip.ch
iuffp1.clients.liip.ch
iuffp1.clients.liip.ch
liip-moodle.stage01.sb.liip.ch
baspo.bedev.liip.ch
liip-moodle.devel01.sb.liip.ch
stage.bwo.clients.liip.ch
hfgz.stage01.sb.liip.ch
bcv.demo.liip.ch
gtm-generator.liip.ch
stage.bwo.clients.liip.ch
sasdb.clients.liip.ch
liip.ch
tourismuskv.stage01.sb.liip.ch
solradmin.live03.sb.liip.ch
php-osx.liip.ch
vagrantbox-public.liip.ch
bzu.stage01.sb.liip.ch

Certificate

The complete raw certificate details for *.liip.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgICU3owDQYJKoZIhvcNAQELBQAwRzELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xIDAeBgNVBAMTF1JhcGlkU1NMIFNIQTI1
NiBDQSAtIEc0MB4XDTE2MDExMDEwMjQwMloXDTE2MDQxODE3MDgwNlowFDESMBAG
A1UEAwwJKi5saWlwLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
07S+2dnoYSfl3ZV3zDN/y8+6i+HNA8KLozqA5LBX3IFNukImeWhopQ1ZdfQjvrtC
UqTQsimGmEozKWRO/YOneeBM952Pz2Xwb7+4zQ/I5HJ8gfIoaRLeF6Q5GVunUc6e
MeZc7trbAbMP78Fo+v5O7VeZxZf6WFTi0RSVkDhkC3QeC7scmu6U0Hzk4bXLQ8hz
5GjqNjfzrzNDCidqynaA8yaFI38NdZAapi7lYBHsoNMfU8yoDB5gDLVCon3oVZMo
1/y9BG9fQcKu4p1JRe9cqgO4zg+GtyloN8J58Bt2Hg+odae5qlEw3zSWkAWp3E41
X1xJHA4CAJ3nEgNLXaLdZc60j2wgQM2+AMVgMMYWhH7D4ra7tZZCyzxwkU5Aei+G
jstPB4Ng1dHS21/P2/9W8517yfCdJasNWt3YBULI6Sluj1oiVCuN3AiYux7fWUkd
pG0gtDdbCUPbWg3HBpcHU+8BcMMrp5MyIEh7G5Y6T+epTpeDIBeth7Ze+W3useQb
5Ww9QCFCrG5RZiS6AonPdMY+SlSL5tZLGZKdcRa3IIXbgRvUIOTpCDkMrUU01IFk
/g9SxfEPpCD69Mw/8vDEwNECer0yp34dPk69+/ZDHE83zGl4Mj/K1qLZr8ELh9mx
E96JkcsMJm2fhAr//QqRQTOYivijHhPeObx2lo80vNUCAwEAAaOCAUowggFGMB8G
A1UdIwQYMBaAFPO1VgzECbC0zx+q+d0jVvB36KH5MFcGCCsGAQUFBwEBBEswSTAf
BggrBgEFBQcwAYYTaHR0cDovL2d6LnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0
cDovL2d6LnN5bWNiLmNvbS9nei5jcnQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHREEFjAUggkqLmxpaXAuY2iCB2xp
aXAuY2gwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2d6LnN5bWNiLmNvbS9nei5j
cmwwDAYDVR0TAQH/BAIwADBBBgNVHSAEOjA4MDYGBmeBDAECATAsMCoGCCsGAQUF
BwIBFh5odHRwczovL3d3dy5yYXBpZHNzbC5jb20vbGVnYWwwDQYJKoZIhvcNAQEL
BQADggEBAJk2aKW+fokxQ/BAPAxRIgLqhiLGQpsYcQIIRjbihztz0fyY9/5s7ThH
vboysCeXPxv+U2W5cDr+xnu9XzdH0/htr8ek3t0DV8hP9mBFUrG6vwiiQ1LTYWVi
+T8mH5HOnR6eYogpif4zfcBy5Yd3xZjdJjR90AmsEoM5d7cJpyhX5ntKd0OE8qZq
6abx2QW8yN2bmsHetChiBjDvGR2P2g/gHh8yLYPOc7LghaHIkIXzzwJVQAPgUa7R
DCj++TJaSYzDZhOzUWQ1mEMNRTV1024erRmkbaBZtwDPs5G6ZdfBg4CmJL1q3rHI
HdOkOvEff0heR71d9hAhsQMCaZzvYeI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA07S+2dnoYSfl3ZV3zDN/
y8+6i+HNA8KLozqA5LBX3IFNukImeWhopQ1ZdfQjvrtCUqTQsimGmEozKWRO/YOn
eeBM952Pz2Xwb7+4zQ/I5HJ8gfIoaRLeF6Q5GVunUc6eMeZc7trbAbMP78Fo+v5O
7VeZxZf6WFTi0RSVkDhkC3QeC7scmu6U0Hzk4bXLQ8hz5GjqNjfzrzNDCidqynaA
8yaFI38NdZAapi7lYBHsoNMfU8yoDB5gDLVCon3oVZMo1/y9BG9fQcKu4p1JRe9c
qgO4zg+GtyloN8J58Bt2Hg+odae5qlEw3zSWkAWp3E41X1xJHA4CAJ3nEgNLXaLd
Zc60j2wgQM2+AMVgMMYWhH7D4ra7tZZCyzxwkU5Aei+GjstPB4Ng1dHS21/P2/9W
8517yfCdJasNWt3YBULI6Sluj1oiVCuN3AiYux7fWUkdpG0gtDdbCUPbWg3HBpcH
U+8BcMMrp5MyIEh7G5Y6T+epTpeDIBeth7Ze+W3useQb5Ww9QCFCrG5RZiS6AonP
dMY+SlSL5tZLGZKdcRa3IIXbgRvUIOTpCDkMrUU01IFk/g9SxfEPpCD69Mw/8vDE
wNECer0yp34dPk69+/ZDHE83zGl4Mj/K1qLZr8ELh9mxE96JkcsMJm2fhAr//QqR
QTOYivijHhPeObx2lo80vNUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 21370
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-10 10:24:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-18 17:08:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.liip.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 863685278642895184063611791000417847852593140775887186228912795627722373835002861803322646915611006683221774626661339133235798460365632864095508469843468109513327055870496791692462821060184150595872408370460114242064928577458970219660193744990671873708211475234164565296041119099909443624747823820199855535119193880254937932357613947030605680419601388836559584699422285702344404663152828855994155294766337755453626177386240766026870144626638182749140698683880244500022413446297454260283380378756760511445143263283771578706905855021769214245417626703271240838616875214268213007573764757046086967841953825539193732176441419868419736854578971695824022149088880344480225029785217563532545120436807350446217115135642229960565422922130013109221835103397848954823655303474793059050490251841285107621416961012766206395589082388943361000741746054103547718821603579968609605242251393294252887577238992347938279367026465919215460764372498546376953056814839151389647727599190262332241543334523713974028830236953534981963067692289402658456057269639953533826545246805828197733288767305223625907792307207959418375795823628739786470068896331764431737502099220758658487102921033933752390768167111092387736525058719784911784594193904461814618192657621
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f3b5560cc409b0b4cf1faaf9dd2356f077e8a1f9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.liip.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liip.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00993668a5be7e893143f0403c0c512202ea8622c6429b187102084636e2873b73d1fc98f7fe6ced3847bdba32b027973f1bfe5365b9703afec67bbd5f3747d3f86dafc7a4dedd0357c84ff6604552b1babf08a24352d3616562f93f261f91ce9d1e9e62882989fe337dc072e58777c598dd26347dd009ac12833977b709a72857e67b4a774384f2a66ae9a6f1d905bcc8dd9b9ac1deb428620630ef191d8fda0fe01e1f322d83ce73b2e085a1c89085f3cf02554003e051aed10c28fef9325a498cc36613b351643598430d453575d36e1ead19a46da059b700cfb391ba65d7c18380a624bd6adeb1c81dd3a43af11f7f485e47bd5df61021b10302699cef61e2