webreader-hst-uat.ouest-france.fr

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0c:13:e3:d2:09:90:e9:5c:68:db:c6:a0:ac:bf:1b:02 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=webreader-hst-uat.ouest-france.fr

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:13:e3:d2:09:90:e9:5c:68:db:c6:a0:ac:bf:1b:02
Serial Number (int): 16054010337585861546948321645424483074
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: e4:1e:f4:db:89:1a:31:a8:b4:b0:db:67:fa:44:f7:9a:44:3d:a5:06
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 6f:0f:b8:d1:b8:c7:ac:98:52:f3:3e:1e:47:fd:aa:2c:6d:0a:bd:d8
Fingerprint (sha256): 10:15:61:38:cc:9e:ce:0f:82:ac:e3:c4:76:0d:87:38:94:01:e6:f5:65:18:09:c8:53:26:d9:9a:f9:c4:4c:53

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate webreader-hst-uat.ouest-france.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for webreader-hst-uat.ouest-france.fr

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

webreader-hst-uat.ouest-france.fr
ofr-hst-webreader-uat.twipemobile.com

Other certificates including the domain name ouest-france.fr

(limited to 100 certificates)
off7.ouest-france.fr
ledrenche.fr
varnish.prod.aws.ouest-france.fr
madeinsaint-etienne.ouest-france.fr
mcetv.ouest-france.fr
static.blogs.ouest-france.fr
amphisciences.ouest-france.fr
oceanefm.ouest-france.fr
album-photo.ouest-france.fr
*.ouest-france.fr
tls.automattic.com
footamateur.ouest-france.fr
*.staging-k8s.aws.ouest-france.fr
podcasts.ouest-france.fr
*.ouest-france.fr
doc-enligne.ouest-france.fr
jeux-evenements.ouest-france.fr
agrimatic.fr
www.koderia.sk
jeudenoel.ouest-france.fr
w.elections.ouest-france.fr
w.elections.ouest-france.fr
inscription.ouest-france.fr
album-photo.ouest-france.fr
jaime-jardiner.com
extranet.ouest-france.fr
*.aws-sipa.ouest-france.fr
sni294fagl.wpc.edgecastcdn.net
partir.ouest-france.fr
agrimatic.fr
grandtirageausort.ouest-france.fr
*.ouest-france.fr
qualjournal-twipe.ouest-france.fr
of-development-refacto-of.tech.ingress.int.aws.ouest-france.fr
varnish.prod.aws.ouest-france.fr
off7.ouest-france.fr
*.prod-k8s.aws.ouest-france.fr
qual.guideete.ouest-france.fr
qual-dsc-api.ouest-france.fr
*.ouest-france.fr
*.auth.ouest-france.fr
webreader-hst-uat.ouest-france.fr
lattuada-familly.fr
ouest-france.fr
jeux-evenements.ouest-france.fr
madeinfoot.ouest-france.fr
trucmania.ouest-france.fr
weelz.fr
ipe.ivitrack.com
newsletters.ouest-france.fr
qualjournal-twipe.ouest-france.fr
www.ouest-france.fr
mcetv.ouest-france.fr
viceetversa.fr
*.ouest-france.fr
*.staging.aws.ouest-france.fr
link.calomeal.com
tables.chat
webreader-hst-prod.ouest-france.fr
telenantes.com
jaime-jardiner.com
inscription.ouest-france.fr
weelz.fr
mon.staging.aws.ouest-france.fr
of-development-49538-i-of.tech.ingress.int.aws.ouest-france.fr
privacy.ouest-france.fr
*.ouest-france.fr
webreader-cojn-uat.ouest-france.fr
www.portage.ouest-france.fr
vos-commercants.ouest-france.fr
tls.automattic.com
lemagduchat.ouest-france.fr
partir.ouest-france.fr
*.ouest-france.fr
adnanbhanji.com
of-development-47223-c-of.tech.ingress.int.aws.ouest-france.fr
jeux-evenements.ouest-france.fr
jeux-evenements.ouest-france.fr
tls.automattic.com
grandjeu.ouest-france.fr
jeux-evenements.ouest-france.fr
*.aws-sipa.ouest-france.fr
static.blogs.ouest-france.fr
grandjeu.ouest-france.fr
jeux-evenements.ouest-france.fr
runners.ouest-france.fr
grandjeu.ouest-france.fr
lemagduchat.ouest-france.fr
*.ouest-france.fr
webreader-mljn-uat.ouest-france.fr
lemagduchien.ouest-france.fr
podcasts.ouest-france.fr
bricoleurpro.ouest-france.fr
w.elections.ouest-france.fr
w.elections.ouest-france.fr
*.ouest-france.fr
evenements.ouest-france.fr
conjugaison.ouest-france.fr
amphisciences.ouest-france.fr
*.internal.aws-sipa.ouest-france.fr

Certificate

The complete raw certificate details for webreader-hst-uat.ouest-france.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIQDBPj0gmQ6Vxo28agrL8bAjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDQyNDAwMDAwMFoXDTI0MDUyMTIzNTk1OVowLDEq
MCgGA1UEAxMhd2VicmVhZGVyLWhzdC11YXQub3Vlc3QtZnJhbmNlLmZyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Kfl5f9xZlvNaXJPDB//FYobrzp
q/3CqnaIBPM5tpXmHvZ6C1nqfFqMpLYVPcaGG/FLJ/xeiMCnGX36XFPLVT4n+TCc
fxPP+o04Lj1P2vP5kn2K6aio3cW8TnJDu/psUHHh4axDm7Z75yj0tAHhY6itchiC
R+HwU66qDNNPJpn0pERUH2agU2bM5dAHOVlO5tHiRtdXTpgcghcV9pYTSKNXJ0PZ
Ocz32LfAUROzhu0vBwU9Cg8KjYpg4rYmVoNu4eakeeuESAr/HznyOLsgX5Lvk75f
gMjLlrwrytV1WNzwKmleY0SKx2hbRKgVeVPNduA1LeO4pb7Gbyc4hHffYwIDAQAB
o4IDHzCCAxswHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0O
BBYEFOQe9NuJGjGotLDbZ/pE95pEPaUGMFMGA1UdEQRMMEqCIXdlYnJlYWRlci1o
c3QtdWF0Lm91ZXN0LWZyYW5jZS5mcoIlb2ZyLWhzdC13ZWJyZWFkZXItdWF0LnR3
aXBlbW9iaWxlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIu
YW1hem9udHJ1c3QuY29tL3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1
BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFt
YXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6
b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5
AgQCBIIBbASCAWgBZgB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7Wb
AAABh7PGB0UAAAQDAEcwRQIhAPXK7XLmzeAdqyGWba9swiiWSOf5XiINSY7KXn6i
3F+LAiAFEc+R4/SsiDiEBnvvx1n8Y+YE37eB8byXOr/iW7FfngB1AEiw42vapkc0
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABh7PGB4MAAAQDAEYwRAIgMOKH9bAz
mTAtIAkluxrudiRocXlDWhKAiQ1H1SodvsUCIDXBehlFV8yB4RuY+p2f3OdQuIvc
ttK1wUnCQ2IiQWBUAHUA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sA
AAGHs8YHTQAABAMARjBEAiA9WimeJXjdOHRg6CEyqRsWqvfaChiMe27bhUyEzkXN
EAIgJKO7CxVu2b42pb/10lgMfocDB4MKYwPlQ4SERLS4dNEwDQYJKoZIhvcNAQEL
BQADggEBAK5F5dYtjetW5+zIIkS5Gadrd5f/XCjs9cFaQlzm+yZBvlk3XxCsl/OH
XVxTdtrJUfafzMfJs11cFm+X+62ogyfAsHrgGFXnwO69MZ1HJxxK5Q2Ven5O4mjq
B9wlhtj77KmL/GgK/rCZ+p5tu29aO8ytRyW4dbpNbUeEPuNJGnCIEE8SblJKht84
4kHfDQB2k1tcZIHMxSbD94dxlXHNJwnkbPQL52FWDu67SNCahuhj87eie2GE87Sp
NAIojulaYsfJaH37ayBQzF4qolollHADHjZ3uUuWaUYUPVBnFDi9d7C/FPNGZxaX
h3skq38sWgDUbCKuVSxC1GkMKburkE4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Kfl5f9xZlvNaXJPDB/
/FYobrzpq/3CqnaIBPM5tpXmHvZ6C1nqfFqMpLYVPcaGG/FLJ/xeiMCnGX36XFPL
VT4n+TCcfxPP+o04Lj1P2vP5kn2K6aio3cW8TnJDu/psUHHh4axDm7Z75yj0tAHh
Y6itchiCR+HwU66qDNNPJpn0pERUH2agU2bM5dAHOVlO5tHiRtdXTpgcghcV9pYT
SKNXJ0PZOcz32LfAUROzhu0vBwU9Cg8KjYpg4rYmVoNu4eakeeuESAr/HznyOLsg
X5Lvk75fgMjLlrwrytV1WNzwKmleY0SKx2hbRKgVeVPNduA1LeO4pb7Gbyc4hHff
YwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16054010337585861546948321645424483074
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'webreader-hst-uat.ouest-france.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22179785853875176339935668531533871265597275442308242322347294094825411654487813359767088640712670915928937267973253399867360669133586116055074196806826303031781174823224851088835278403205144624972294113823911714882943726940469338198913360885939241515954223091169824496520768773247825754740971041976822310980220207138878053340635601665012407999663239341858187323497525494641560592660501569396095072494281023111109466650831563423158986654996432381677031984746381530588593393051149945777343995595021969150262971839881921631240007535697359589909665531127172098358560507231332640169006133825273139779720172304334973296483
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e41ef4db891a31a8b4b0db67fa44f79a443da506
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webreader-hst-uat.ouest-france.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ofr-hst-webreader-uat.twipemobile.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000187b3c607450000040300473045022100f5caed72e6cde01dab21966daf6cc2289648e7f95e220d498eca5e7ea2dc5f8b02200511cf91e3f4ac883884067befc759fc63e604dfb781f1bc973abfe25bb15f9e00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000187b3c607830000040300463044022030e287f5b03399302d200925bb1aee7624687179435a1280890d47d52a1dbec5022035c17a194557cc81e11b98fa9d9fdce750b88bdcb6d2b5c149c2436222416054007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000187b3c6074d000004030046304402203d5a299e2578dd387460e82132a91b16aaf7da0a188c7b6edb854c84ce45cd10022024a3bb0b156ed9be36a5bff5d2580c7e870307830a6303e543848444b4b874d1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ae45e5d62d8deb56e7ecc82244b919a76b7797ff5c28ecf5c15a425ce6fb2641be59375f10ac97f3875d5c5376dac951f69fccc7c9b35d5c166f97fbada88327c0b07ae01855e7c0eebd319d47271c4ae50d957a7e4ee268ea07dc2586d8fbeca98bfc680afeb099fa9e6dbb6f5a3bccad4725b875ba4d6d47843ee3491a7088104f126e524a86df38e241df0d0076935b5c6481ccc526c3f787719571cd2709e46cf40be761560eeebb48d09a86e863f3b7a27b6184f3b4a93402288ee95a62c7c9687dfb6b2050cc5e2aa25a259470031e3677b94b966946143d50671438bd77b0bf14f346671697877b24ab7f2c5a00d46c22ae552c42d4690c29bbab904e