online.berklee.edu

Issued by Amazon

About this certificate

This digital certificate with serial number 04:89:ab:47:8e:ba:07:a5:a7:d4:af:9f:ee:f9:df:d3 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=online.berklee.edu

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:89:ab:47:8e:ba:07:a5:a7:d4:af:9f:ee:f9:df:d3
Serial Number (int): 6031730614172465534585327395662323667
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 07:ba:d5:0c:19:62:1e:20:55:e3:7e:13:38:78:51:fe:d2:14:cf:be
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): a4:56:40:b7:84:17:af:29:a6:cf:33:0d:5f:aa:29:71:cc:c0:39:e0
Fingerprint (sha256): 11:a0:d3:9a:6f:ce:0a:50:76:41:79:27:15:ec:36:14:c3:e5:e0:04:f0:38:a1:f8:d7:0c:fb:63:5a:4d:36:ac

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate online.berklee.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for online.berklee.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

online.berklee.edu
*.online.berklee.edu

Other certificates including the domain name berklee.edu

(limited to 100 certificates)
informer.berklee.edu
5674069752020992-fe1.pantheonsite.io
ucdc.edu
amploadvance.com
ask.library.berklee.edu
test.eis.uw.edu
ol.berklee.edu
guides.library.berklee.edu
development.moodlerooms.com
development.moodlerooms.com
acquia-sites.com
remix.berklee.edu
archives.berklee.edu
apsprd108.berklee.edu
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
remote-vpn.berklee.edu
n002.offcampuspartners.com
san-14-s12.tlsprovisioning.exacttarget.com
n002.offcampuspartners.com
development.moodlerooms.com
acquia-sites.com
development.moodlerooms.com
n002.offcampuspartners.com
library-stage.berklee.edu
ol.berklee.edu
5674069752020992-fe1.pantheonsite.io
hub.berklee.edu
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
offcampushousing.fau.edu
5674069752020992-fe1.pantheonsite.io
amploadvance.com
givingday.berklee.edu
apsprd014.berklee.edu
admissions.berklee.edu
welcome.online.berklee.edu
demo.canvas.online.berklee.edu
fts.berklee.edu
lrmedia.berklee.edu
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
centralnicstatus.com
san-14-s12.tlsprovisioning.exacttarget.com
ask.library.berklee.edu
5674069752020992-fe1.pantheonsite.io
208.lsnc.net
n002.offcampuspartners.com
n002.offcampuspartners.com
development.moodlerooms.com
development.moodlerooms.com
development.moodlerooms.com
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
acquia-sites.com
development.moodlerooms.com
n002.offcampuspartners.com
5674069752020992-fe1.pantheonsite.io
online.berklee.edu
acquia-sites.com
developer.blackboardopenlms.com
bos-isepan1.berklee.edu
scsc-casper.berklee.edu
offcampushousing.fau.edu
*.genesis.k8s.online.berklee.edu
remote-vpn.berklee.edu
development.moodlerooms.com
ask.library.berklee.edu
online.berklee.edu
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
acquia-sites.com
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
5674069752020992-fe1.pantheonsite.io
online.berklee.edu
opcpostback.berklee.edu
5674069752020992-fe1.pantheonsite.io
amploadvance.com
5674069752020992-fe1.pantheonsite.io
developer.blackboardopenlms.com
learningcenter-stage.berklee.edu
wbstst004.berklee.edu
learningcenter.berklee.edu
5674069752020992-fe1.pantheonsite.io
development.moodlerooms.com
5674069752020992-fe1.pantheonsite.io
*.online.berklee.edu
5674069752020992-fe1.pantheonsite.io
cms.online.berklee.edu
offcampushousing.fau.edu
5674069752020992-fe1.pantheonsite.io
5674069752020992-fe1.pantheonsite.io
demo.canvas.online.berklee.edu
guides.library.berklee.edu
development.moodlerooms.com
development.moodlerooms.com

Certificate

The complete raw certificate details for online.berklee.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgIQBImrR466B6Wn1K+f7vnf0zANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTEyMjAwMDAwMDBaFw0yMzAxMTcy
MzU5NTlaMB0xGzAZBgNVBAMTEm9ubGluZS5iZXJrbGVlLmVkdTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMsyrQ+nktnUVuL8ENdYXXX6DtuJE2CQbrR9
u1mK3ZSzB1C2sAM9YcqHZfNeafllBU1PDHUjpPMPkKtCUbMc8JcVgJYbbJQK1lP0
nd6hn7rp6FAd1VjXNYyrZPdIe2Q7VCOe8gwh9K45PLsJLkQ3fXVsJM8C9PpfrSZ8
97+0dUPqGsOxzC/hGQk3Hh/u43MAxUBjn74R9l274Sf4fmi8g/4f5c5wnMqdYWC3
SVONmYIIy3LPv+bMupCO/7GApkxlF3McMn5X7Nr/HrthaPoenl0iaSGb656mRawm
Z93ECY8pK/DRqyBNbZ4WSTIkZAZ89+T3w0lO+cMKFwtT0pYjYH0CAwEAAaOCAwEw
ggL9MB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBQH
utUMGWIeIFXjfhM4eFH+0hTPvjAzBgNVHREELDAqghJvbmxpbmUuYmVya2xlZS5l
ZHWCFCoub25saW5lLmJlcmtsZWUuZWR1MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDov
L2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAww
CjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v
b2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j
cnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAA
MIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdgDoPtDaPvUGNTLnVyi8iWvJA9PL
0RFr7Otp4Xd9bQa9bgAAAX3WDHjYAAAEAwBHMEUCIQDsuh6yTpESqvfe+3GB0Dgv
HnAoVsr57XCpa/fWqn3tdAIgcwooGDIWHEUlDr/f7SygonbkBRiAQLE+YVveHSYo
JjUAdQA1zxkbv7FsV78PrUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAX3WDHkqAAAE
AwBGMEQCIFVoBzmG8/Us6w31Q9zPHfhDMMtgovBtRNX5olwIAAcPAiAWNWEz/tHV
OFMJ+nwJxlZ0q/W2n83X7S332Ip8PdvprAB1ALNzdwfhhFD4Y4bWBancEQlKeS2x
ZwwLh9zwAw55NqWaAAABfdYMeWEAAAQDAEYwRAIgR8X72QLDoClyFSfNMGeqFdmc
R6/UCkv6uiM0kHnINTYCIGSZ/KNeIBxD10uhU/ZfMzoKraTf+1eCIzbLaT04GZhk
MA0GCSqGSIb3DQEBCwUAA4IBAQAHc415U0a9IhNTe8r2zJsacUJuayRYsDylxkXJ
P5ftuaX3MIKRBYMj3X+v4GkLtmYwejY0nRoh4f254cMpFy0+NiBRRGduvlaYRtIQ
mJvTnGaWYee9izcoB3/oC0MyHNMgl9XxvFpj5ic+8QvuAmir51r8HqckJ/GaCXZJ
LSnOex6k29WVC3VhAm3NmmXbGFl26UZb+FCAgIhKo5en2uj+ojqDZ/rjyi8AYj9K
pzwN+aqhitmRXru01yWc/cfj0z6vFFkAR/ccSKHruTBC0wQSWR/jhBLszC2tdoUr
U2+lowJwmWe5ZK5Fl2Uw3SaZpSTMVum2SC8Lt6xT4Pw2YvOq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzKtD6eS2dRW4vwQ11hd
dfoO24kTYJButH27WYrdlLMHULawAz1hyodl815p+WUFTU8MdSOk8w+Qq0JRsxzw
lxWAlhtslArWU/Sd3qGfuunoUB3VWNc1jKtk90h7ZDtUI57yDCH0rjk8uwkuRDd9
dWwkzwL0+l+tJnz3v7R1Q+oaw7HML+EZCTceH+7jcwDFQGOfvhH2XbvhJ/h+aLyD
/h/lznCcyp1hYLdJU42ZggjLcs+/5sy6kI7/sYCmTGUXcxwyflfs2v8eu2Fo+h6e
XSJpIZvrnqZFrCZn3cQJjykr8NGrIE1tnhZJMiRkBnz35PfDSU75wwoXC1PSliNg
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6031730614172465534585327395662323667
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'online.berklee.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25651365184994177905803395030763300020693708411982688286008890819613030490922490644010923500261774579685675364795486200172269115512162715226926294850416955838900658566467093236361868148390007861749498455614405505314420569305167951200115989997279360036331675802335483278107809769550860477628719309236986544201736678061261931099541988233295851283737646392212398420908937569513936473505232212761847883252032373908003404617462069106509302655873595831642243744544174013491410845539786511684789865362278691093931508326719745650672411942781492878904346525772559208824927040035883431920307450295619778010440768179486054375549
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							07bad50c19621e2055e37e13387851fed214cfbe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.berklee.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.online.berklee.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017dd60c78d80000040300473045022100ecba1eb24e9112aaf7defb7181d0382f1e702856caf9ed70a96bf7d6aa7ded740220730a281832161c45250ebfdfed2ca0a276e405188040b13e615bde1d2628263500750035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017dd60c792a000004030046304402205568073986f3f52ceb0df543dccf1df84330cb60a2f06d44d5f9a25c0800070f022016356133fed1d5385309fa7c09c65674abf5b69fcdd7ed2df7d88a7c3ddbe9ac007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017dd60c79610000040300463044022047c5fbd902c3a029721527cd3067aa15d99c47afd40a4bfaba23349079c8353602206499fca35e201c43d74ba153f65f333a0aada4dffb57822336cb693d38199864
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0007738d795346bd2213537bcaf6cc9b1a71426e6b2458b03ca5c645c93f97edb9a5f7308291058323dd7fafe0690bb666307a36349d1a21e1fdb9e1c329172d3e36205144676ebe569846d210989bd39c669661e7bd8b3728077fe80b43321cd32097d5f1bc5a63e6273ef10bee0268abe75afc1ea72427f19a0976492d29ce7b1ea4dbd5950b7561026dcd9a65db185976e9465bf8508080884aa397a7dae8fea23a8367fae3ca2f00623f4aa73c0df9aaa18ad9915ebbb4d7259cfdc7e3d33eaf14590047f71c48a1ebb93042d30412591fe38412eccc2dad76852b536fa5a302709967b964ae45976530dd2699a524cc56e9b6482f0bb7ac53e0fc3662f3aa