staging.sustainabilityguarantee.eif.org
Issued by R3
About this certificate
This digital certificate with serial number 04:af:05:af:25:ec:f5:b9:ef:ff:53:18:9b:25:2d:a3:1f:4e was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=staging.sustainabilityguarantee.eif.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:af:05:af:25:ec:f5:b9:ef:ff:53:18:9b:25:2d:a3:1f:4eSerial Number (int): 408006113499357436167302210640138375208782
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 55:6f:48:6b:93:03:c8:17:e9:b7:90:b6:b9:ad:b1:b6:ae:ed:2e:49
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a4:d7:2d:f7:03:f2:1b:ea:a7:21:02:d3:86:bf:b5:02:4b:e5:7e:6a
Fingerprint (sha256): 10:c0:c3:e9:b6:fa:aa:8c:db:13:c7:fc:4b:15:5c:e8:dc:6e:3b:99:75:ce:f5:7e:b3:34:89:42:16:da:bf:6d
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate staging.sustainabilityguarantee.eif.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging.sustainabilityguarantee.eif.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging.sustainabilityguarantee.eif.org
Other certificates including the domain name eif.org
(limited to 100 certificates)
sip.eib.org
greenguide.eif.org
sip.eib.org
staging.sustainabilityguarantee.eif.org
engage.eif.org
sip2.eib.org
board.eif.org
sip2.eib.org
www.eif.org
sip.eib.org
sts.eib.org
www.eif.org
sts.eib.org
www.eif.org
*.eif.org
lsweb-ext2.eib.org
lsweb-ext.eib.org
data.thebench.eif.org
sip.eib.org
*.eif.org
thebench.eif.org
www.eif.org
newstaging.sustainabilityguarantee.eif.org
www.eif.org
*.data.thebench.eif.org
data.thebench.eif.org
filecloud.tech.eif.org
*.eif.org
ciphertrust-manager.tech.eif.org
sustainabilityguarantee.eif.org
data.thebench.eif.org
*.data.thebench.eif.org
sip2.eib.org
board.eif.org
thebench.eif.org
www.eif.org
sip.eib.org
data-escrow.test.tech.eif.org
lsweb-ext2.eib.org
data.thebench.eif.org
*.eif.org
new.sustainabilityguarantee.eif.org
sts.eib.org
data-escrow.production.tech.eif.org
staging.sustainabilityguarantee.eif.org
sts.eib.org
*.data.thebench.eif.org
*.eif.org
sip.eib.org
sts.test.eib.org
sts.eib.org
filecloud.test.tech.eif.org
sts.test.eib.org
filecloud.tech.eif.org
www.eif.org
www.eif.org
www.eif.org
*.eif.org
*.eif.org
sip2.eib.org
lsweb-ext2.eib.org
lsweb-ext2.eib.org
www.eif.org
api-onelogin.tech.eif.org
lsweb-ext2.eib.org
sip.eib.org
thebench.eif.org
sts-dev.eib.org
thebench.eif.org
sts.eib.org
lsweb-ext2.eib.org
sts.test.eib.org
sustainabilityguarantee.eif.org
greenguide.eif.org
sip.eib.org
staging.sustainabilityguarantee.eif.org
engage.eif.org
sip2.eib.org
board.eif.org
sip2.eib.org
www.eif.org
sip.eib.org
sts.eib.org
www.eif.org
sts.eib.org
www.eif.org
*.eif.org
lsweb-ext2.eib.org
lsweb-ext.eib.org
data.thebench.eif.org
sip.eib.org
*.eif.org
thebench.eif.org
www.eif.org
newstaging.sustainabilityguarantee.eif.org
www.eif.org
*.data.thebench.eif.org
data.thebench.eif.org
filecloud.tech.eif.org
*.eif.org
ciphertrust-manager.tech.eif.org
sustainabilityguarantee.eif.org
data.thebench.eif.org
*.data.thebench.eif.org
sip2.eib.org
board.eif.org
thebench.eif.org
www.eif.org
sip.eib.org
data-escrow.test.tech.eif.org
lsweb-ext2.eib.org
data.thebench.eif.org
*.eif.org
new.sustainabilityguarantee.eif.org
sts.eib.org
data-escrow.production.tech.eif.org
staging.sustainabilityguarantee.eif.org
sts.eib.org
*.data.thebench.eif.org
*.eif.org
sip.eib.org
sts.test.eib.org
sts.eib.org
filecloud.test.tech.eif.org
sts.test.eib.org
filecloud.tech.eif.org
www.eif.org
www.eif.org
www.eif.org
*.eif.org
*.eif.org
sip2.eib.org
lsweb-ext2.eib.org
lsweb-ext2.eib.org
www.eif.org
api-onelogin.tech.eif.org
lsweb-ext2.eib.org
sip.eib.org
thebench.eif.org
sts-dev.eib.org
thebench.eif.org
sts.eib.org
lsweb-ext2.eib.org
sts.test.eib.org
sustainabilityguarantee.eif.org
Certificate
The complete raw certificate details for staging.sustainabilityguarantee.eif.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHDCCBQSgAwIBAgISBK8FryXs9bnv/1MYmyUtox9OMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTkwODI1MDNaFw0yNDA2MTcwODI1MDJaMDIxMDAuBgNVBAMT J3N0YWdpbmcuc3VzdGFpbmFiaWxpdHlndWFyYW50ZWUuZWlmLm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBANPGkW7a0r8OCOh15MhonEGn/kZJrSPU D7T7Reks+yislZoluzYrDwHr2CzlfBEOFzkP2keGu5wjT4nRIH8UbIkesefIY8mA rV09S0laO5u76OxvxJoSsBjmAGt4P+YHSCHEaLMZujS2aLzgJgKReWKEoYB6hci9 T2vXq0I9QgGCHLd2RfvnaAbnFZzG8IUd+G5zr4uBL/R94mLUmIwCzqdkdTCK+YYf SyHjlmslbc1VVoCd3DXKxR0n0dLqyW8f7SG32jU5ZSDj9pDUv5solZbOhXzEH6LG bwlQvqxHCDuA23Ii3nabRtWnN4C4X+JuvGExjg/AAiPKVueU+2+pq8MQhipvT3I9 sAvv3w0gpT7IxVzTrs4bT44PFMmroTYjSaoNYRfQK4oodAM3GcGDNhG8uag/MkG9 PTwoIDx0lluS0MpcdbIaA279SWfU9In4LcqhvPk3P0UMebATY+Ij0PXyTy28iU69 7vz3pP48uktNAvsxzSygVKKxP+KP1R80bDFzEU/Xeh8anTxW4KdLHsbKCcmUoIbC Rxz9uEGxZkMbPioLMfynI22n+E2gXb3jHPVbmlcOWSKFkmcrdwMjPKA6QwuqjCNN ibIzfhi3LYdeNF2vIjXVcO/XPGCWFJsubNRTMR6lU5U55CYK9Ue2cmWZgM+AEm6O bNtybazKlvOlAgMBAAGjggIqMIICJjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFVv SGuTA8gX6beQtrmtsbau7S5JMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52L FMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVu Y3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMDIGA1Ud EQQrMCmCJ3N0YWdpbmcuc3VzdGFpbmFiaWxpdHlndWFyYW50ZWUuZWlmLm9yZzAT BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AEiw 42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjlYHT74AAAQDAEcwRQIh ANMXKiimO3cIbRC2ilCTxiupL9Wsb7mA3F30DH/D/kvBAiBhWMFHJiuktmIrxoAj 0tcWr9hW+xp1L8m/tR56XKhbIwB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI WUZxH7WbAAABjlYHT8YAAAQDAEgwRgIhAKIDw3Rq5H2l/7PnVsABuUwadfE17fNf kyto6ZMwELmFAiEA/qbOAsKjd8Zu464jBYIHxXh4Ydg95zaux9Eq6xnxDGwwDQYJ KoZIhvcNAQELBQADggEBACUyqBNLuT9crjfqsIwe3edwznnIuR6s3ZySK9D5vc93 /uzZT60jNO9OekU37/rJG0zIenY7X6FmUI1vQMRNcZJd+iBkKvMS+OzmVRjqOIjP P2wauC8x83vdAOy1iR6VBf/Y3N5C1dsEJccxRfDa8AjBPMpcvp+80iMmPAehope8 7WVj0TeuDHn5Nx+xBhP0rwcHVWQuDStb/ZHd+VkZZRA742oMqCJajg/S7wn05W04 bHQw9Po3veX/jnlifxGgIedfan3LZjvD+nzJ+SPS78sWPtzu9JQog3jYGTe5yRdj lnfdB8mLtjI/4HBSLnkUV79nCmWrdGP/lXgcojxm4kk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA08aRbtrSvw4I6HXkyGic Qaf+RkmtI9QPtPtF6Sz7KKyVmiW7NisPAevYLOV8EQ4XOQ/aR4a7nCNPidEgfxRs iR6x58hjyYCtXT1LSVo7m7vo7G/EmhKwGOYAa3g/5gdIIcRosxm6NLZovOAmApF5 YoShgHqFyL1Pa9erQj1CAYIct3ZF++doBucVnMbwhR34bnOvi4Ev9H3iYtSYjALO p2R1MIr5hh9LIeOWayVtzVVWgJ3cNcrFHSfR0urJbx/tIbfaNTllIOP2kNS/myiV ls6FfMQfosZvCVC+rEcIO4DbciLedptG1ac3gLhf4m68YTGOD8ACI8pW55T7b6mr wxCGKm9Pcj2wC+/fDSClPsjFXNOuzhtPjg8UyauhNiNJqg1hF9Ariih0AzcZwYM2 Eby5qD8yQb09PCggPHSWW5LQylx1shoDbv1JZ9T0ifgtyqG8+Tc/RQx5sBNj4iPQ 9fJPLbyJTr3u/Pek/jy6S00C+zHNLKBUorE/4o/VHzRsMXMRT9d6HxqdPFbgp0se xsoJyZSghsJHHP24QbFmQxs+Kgsx/Kcjbaf4TaBdveMc9VuaVw5ZIoWSZyt3AyM8 oDpDC6qMI02JsjN+GLcth140Xa8iNdVw79c8YJYUmy5s1FMxHqVTlTnkJgr1R7Zy ZZmAz4ASbo5s23JtrMqW86UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 408006113499357436167302210640138375208782 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-19 08:25:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-17 08:25:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging.sustainabilityguarantee.eif.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 863969301329290970466167555794124196724539033245992199338437366726795825446503751112801260333965302749837317976841262159469912924101499208598792520065301357584097812523898250558183880833959318472612052177988356345977681322654001658327464179992434594533310959024792430955566042442970007085813456234462457296039748918700247128012638542830280176214318840034755875873053485538276506265664541023903746973132606265901622322870571562568310136775351853349073200586598962393200268123930773535927454413488701515057270845336865834351855157177370387263508086370619114980051038909631599272235242883438372619952297619775710928230883736524889796415953144774618848475421167777207934980480154309342846520713126715637707411438818331962876866014258966637837012681518334276812876145222582293234112913289532199873064471675941105770343557438632582542636867741524553604095867529073811176327291103853755929616569368383472030328299184413214588790313986663620458333915022492614186420802651073011301781810324560474473512115534818432249283434636371793604220272668010872935165369102150603135208197752997911550711864084732547433547135282560727140565717870903523347734774538131135867677591806918551330805280890592356417211803870738942561920257124945378672079467429 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 556f486b9303c817e9b790b6b9adb1b6aeed2e49 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.sustainabilityguarantee.eif.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e56074fbe0000040300473045022100d3172a28a63b77086d10b68a5093c62ba92fd5ac6fb980dc5df40c7fc3fe4bc102206158c147262ba4b6622bc68023d2d716afd856fb1a752fc9bfb51e7a5ca85b23007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e56074fc60000040300483046022100a203c3746ae47da5ffb3e756c001b94c1a75f135edf35f932b68e9933010b985022100fea6ce02c2a377c66ee3ae23058207c5787861d83de736aec7d12aeb19f10c6c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002532a8134bb93f5cae37eab08c1edde770ce79c8b91eacdd9c922bd0f9bdcf77feecd94fad2334ef4e7a4537effac91b4cc87a763b5fa166508d6f40c44d71925dfa20642af312f8ece65518ea3888cf3f6c1ab82f31f37bdd00ecb5891e9505ffd8dcde42d5db0425c73145f0daf008c13cca5cbe9fbcd223263c07a1a297bced6563d137ae0c79f9371fb10613f4af070755642e0d2b5bfd91ddf9591965103be36a0ca8225a8e0fd2ef09f4e56d386c7430f4fa37bde5ff8e79627f11a021e75f6a7dcb663bc3fa7cc9f923d2efcb163edceef494288378d81937b9c917639677dd07c98bb6323fe070522e791457bf670a65ab7463ff95781ca23c66e249