*.investis.com
Issued by Amazon
About this certificate
This digital certificate with serial number 05:3d:64:fd:e7:f4:44:5d:91:ef:59:3d:41:7f:8b:89 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.investis.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 05:3d:64:fd:e7:f4:44:5d:91:ef:59:3d:41:7f:8b:89Serial Number (int): 6964918444767023141479637628707900297
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: a8:23:8e:64:a4:9e:7b:fb:3e:2d:41:f9:cc:7f:3c:98:ba:fb:3b:b6
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 59:06:7f:ce:fd:9c:82:0f:68:ad:ea:31:36:53:df:0b:dc:8d:6a:5d
Fingerprint (sha256): 12:82:80:ba:aa:ba:de:f1:0a:69:fb:6a:46:3f:ec:41:14:c8:f5:9b:1f:48:4b:e2:79:7b:8c:0a:72:01:ce:a0
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate *.investis.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.investis.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.investis.com
blog.investis.com
*.blog.investis.com
blog.investis.com
*.blog.investis.com
Other certificates including the domain name investis.com
(limited to 100 certificates)
incapsula.com
incapsula.com
*.stage-mid-euw3.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
production.investis.com
phoenix.investis.com
incapsula.com
press.investis.com
dr.production.phoenix.investis.com
incapsula.com
incapsula.com
incapsula.com
investisdigital.com
incapsula.com
incapsula.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.tools.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
investis.com
incapsula.com
incapsula.com
tools.investis.com
prod-mid-euw3.investis.com
incapsula.com
*.dp-staging.investis.com
*.investis.com
incapsula.com
staging.myinvestis.com
incapsula.com
prod-use1.investis.com
*.investis.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
investis.com
prod-use1.investis.com
incapsula.com
deloitte-backoffice.solutions.staging.investis.com
visualisation.investis.com
incapsula.com
incapsula.com
calculator.rollsroyce.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
incapsula.com
incapsula.com
staging.myinvestis.com
incapsula.com
tools.investis.com
*.cm.invdcloud-is.co.uk
incapsula.com
incapsula.com
incapsula.com
*.tf.investis.com
insurance.angloamerican.investis.com
incapsula.com
cvs.tools.investis.com
incapsula.com
*.stage-use1.investis.com
www.futurology.investis.com
incapsula.com
incapsula.com
production.investis.com
incapsula.com
*.prod-euw1.investis.com
investis.com
*.dib1-u1.investis.com
incapsula.com
*.investis.com
incapsula.com
investis.mx
research.investis.com
esi-test.html.investis.com
www.futurology.investis.com
*.tools.investis.com
tools.investis.com
incapsula.com
incapsula.com
prod-mid-euw3.investis.com
incapsula.com
incapsula.com
blog.investis.com
incapsula.com
incapsula.com
*.stage-mid-euw3.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
production.investis.com
phoenix.investis.com
incapsula.com
press.investis.com
dr.production.phoenix.investis.com
incapsula.com
incapsula.com
incapsula.com
investisdigital.com
incapsula.com
incapsula.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
*.tools.investis.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
investis.com
incapsula.com
incapsula.com
tools.investis.com
prod-mid-euw3.investis.com
incapsula.com
*.dp-staging.investis.com
*.investis.com
incapsula.com
staging.myinvestis.com
incapsula.com
prod-use1.investis.com
*.investis.com
millicom.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
investis.com
prod-use1.investis.com
incapsula.com
deloitte-backoffice.solutions.staging.investis.com
visualisation.investis.com
incapsula.com
incapsula.com
calculator.rollsroyce.solutions.investis.com
incapsula.com
incapsula.com
incapsula.com
*.investis.com
incapsula.com
incapsula.com
staging.myinvestis.com
incapsula.com
tools.investis.com
*.cm.invdcloud-is.co.uk
incapsula.com
incapsula.com
incapsula.com
*.tf.investis.com
insurance.angloamerican.investis.com
incapsula.com
cvs.tools.investis.com
incapsula.com
*.stage-use1.investis.com
www.futurology.investis.com
incapsula.com
incapsula.com
production.investis.com
incapsula.com
*.prod-euw1.investis.com
investis.com
*.dib1-u1.investis.com
incapsula.com
*.investis.com
incapsula.com
investis.mx
research.investis.com
esi-test.html.investis.com
www.futurology.investis.com
*.tools.investis.com
tools.investis.com
incapsula.com
incapsula.com
prod-mid-euw3.investis.com
incapsula.com
incapsula.com
blog.investis.com
incapsula.com
Certificate
The complete raw certificate details for *.investis.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEmjCCA4KgAwIBAgIQBT1k/ef0RF2R71k9QX+LiTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA4MTIwMDAwMDBaFw0yMDA5MTIx MjAwMDBaMBkxFzAVBgNVBAMMDiouaW52ZXN0aXMuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA4fgBYiVflFkyIFz6dCeeNB2x3ypGKO1UPdHZ+fBG 0g8T2smsM+DrPlp5Kg/FFm11qhZyfixldoB2NcJ5f4sh7Gq9IhsJADUE6H7RB3af Z+Z0DgGUoOglf2NPF9sW9prOS5uFplWMiT+YxE82noYe9OWgofm+7nsxaBTIAhxK q2E65kKi1PhK5izgnLwHx7L4H3kJ+BuXVoRevcdUbKmObnxKNgA4RC6NE6YayuTP QS01hAhyeRXT7d/Qfpu/AxrTu8XoA9fUTTz2/AdxZmLYZLpX6xcz8ZjD30cQe+9q PnbdlLmkG3bMGwB7etedNDN0wjQRIk3vJLlG/o9AYiacQQIDAQABo4IBrzCCAasw HwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFKgjjmSk nnv7Pi1B+cx/PJi6+zu2MEEGA1UdEQQ6MDiCDiouaW52ZXN0aXMuY29tghFibG9n LmludmVzdGlzLmNvbYITKi5ibG9nLmludmVzdGlzLmNvbTAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAu oCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAg BgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3Nj YTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG SIb3DQEBCwUAA4IBAQAt15m2ap62oxb69UK0K11rYh3/cvG2DfW4ZTRiJEAz6edD e9RoN0jSNaMGsoY/5nP6Etp/4TflpRcI7Ed/ja5V2GIlvZrlUQoYGDEN3A0q7QpO rj89plUH5NSy+8xS9a2oZH5pgBNDbHorloLjEau4zuYeUlxx1BmEeWNsm/JYCnR+ 4tiGZABg1gKAnH7BKRSiiiOsbIjYKd9bmG1TB2vL2ofN4wArKvjPP2noWFVa8GFB KxX5LlFbhXPmWEnweO3NJXlr93Yoatr0LBnQpjvAjanib2iL/pqGU5Ws8RADNj+c v/gOS8ksOYBTpFo54uvi3/DKzxqfpeJx05CJQIND -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fgBYiVflFkyIFz6dCee NB2x3ypGKO1UPdHZ+fBG0g8T2smsM+DrPlp5Kg/FFm11qhZyfixldoB2NcJ5f4sh 7Gq9IhsJADUE6H7RB3afZ+Z0DgGUoOglf2NPF9sW9prOS5uFplWMiT+YxE82noYe 9OWgofm+7nsxaBTIAhxKq2E65kKi1PhK5izgnLwHx7L4H3kJ+BuXVoRevcdUbKmO bnxKNgA4RC6NE6YayuTPQS01hAhyeRXT7d/Qfpu/AxrTu8XoA9fUTTz2/AdxZmLY ZLpX6xcz8ZjD30cQe+9qPnbdlLmkG3bMGwB7etedNDN0wjQRIk3vJLlG/o9AYiac QQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6964918444767023141479637628707900297 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-12 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.investis.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28525914640031363359925522373814460627597678935681787826618602157005868475640299471497607846674498011119486380582712543982990491398783445234685574008113841383159509232703891321945402454940295585754497403864614939603558587340177112377889397228843385279617530384518619990084503997983136070841547254474174401995354266766371079629316507753277010987674948722900554638680904549032405921852866011118397641062813542800628543983210600528196859489582610933788827529049681040297475707018596580175265619692092490078825420744501193114170314616078932883504900927273758514036045967801380190792059871972661215546151245975378012314689 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a8238e64a49e7bfb3e2d41f9cc7f3c98bafb3bb6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.investis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.investis.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.blog.investis.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002dd799b66a9eb6a316faf542b42b5d6b621dff72f1b60df5b8653462244033e9e7437bd4683748d235a306b2863fe673fa12da7fe137e5a51708ec477f8dae55d86225bd9ae5510a1818310ddc0d2aed0a4eae3f3da65507e4d4b2fbcc52f5ada8647e698013436c7a2b9682e311abb8cee61e525c71d4198479636c9bf2580a747ee2d886640060d602809c7ec12914a28a23ac6c88d829df5b986d53076bcbda87cde3002b2af8cf3f69e858555af061412b15f92e515b8573e65849f078edcd25796bf776286adaf42c19d0a63bc08da9e26f688bfe9a865395acf11003363f9cbff80e4bc92c398053a45a39e2ebe2dff0cacf1a9fa5e271d39089408343