sporty.co.nz

Issued by R3

About this certificate

This digital certificate with serial number 04:25:3b:94:c4:90:b5:3d:df:71:1a:cd:1c:2c:8e:c5:f6:a8 was issued on by Let's Encrypt.

With 25 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=sporty.co.nz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:25:3b:94:c4:90:b5:3d:df:71:1a:cd:1c:2c:8e:c5:f6:a8
Serial Number (int): 361118788201619312229839072263122733889192
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 51:b8:0c:6d:b3:ad:b1:0c:bd:82:8e:f3:20:35:97:27:c3:47:13:01
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ed:b6:af:63:33:e0:2c:bc:3c:72:10:1d:ab:3e:ae:b1:7f:cb:17:35
Fingerprint (sha256): 13:55:2c:7c:f5:22:13:14:17:75:9c:ac:57:b8:57:47:58:2a:94:15:b2:10:53:1e:1f:01:6f:bd:95:6f:0d:98

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate sporty.co.nz

25

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sporty.co.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

belfastnetball.co.nz
belmontparkbowlingclub.co.nz
bophockey.co.nz
darfieldrugby.co.nz
eastcoastexpo.co.nz
frasertechcricket.nz
hereworth.school.nz
hni.school.nz
hockeysouthland.co.nz
maristalbion.co.nz
mpcricket.org.nz
northgolf.nz
ourplace.school.nz
purc.co.nz
rugby-foundation.org.nz
rugbyfoundation.co.nz
rugbyfoundation.com
rugbyfoundation.nz
sporthb.co.nz
sporthb.net.nz
sporty.co.nz
squashauckland.org.nz
stmatthewsprimary.school.nz
westshore.school.nz
whangareinetball.co.nz

Other certificates including the domain name sporty.co.nz

(limited to 100 certificates)

Certificate

The complete raw certificate details for sporty.co.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgISBCU7lMSQtT3fcRrNHCyOxfaoMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMTIxODU0NDlaFw0yNDAyMTAxODU0NDhaMBcxFTATBgNVBAMT
DHNwb3J0eS5jby5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmz
LdcLiU8C5c/4Jq6tEZUz59MU2Ffk+P80dYA19kYMeYl6fqiEyg7muuCvhl2NnxYQ
mJ3tIJfVS6rO37GLYxLJCTyM64d1fY8LljADPo/wCOn9Gx3ttxBZm5iHV4qlrqk4
tQd3CB+i/a0/EXqLmBbYIi9IFf58l1EfdftUp+bNAbQ+5Z+XrwOjQbrASpdHyl1S
9snVD7tT1L853MifE1yP/7XcZY0L1VGw4SATm/eg6lyK42UyHTRpc+gN47COPVL1
KuAEXhjlB5RO8PgDtvo3C0U4+J+1gsYympXZuvXyyZI/xao0967VzEmPkyOCzLYf
p1WBzhQaBlfxD7gJJGkCAwEAAaOCA/8wggP7MA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUUbgMbbOtsQy9go7zIDWXJ8NHEwEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA
5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu
by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w
ggIIBgNVHREEggH/MIIB+4IUYmVsZmFzdG5ldGJhbGwuY28ubnqCHGJlbG1vbnRw
YXJrYm93bGluZ2NsdWIuY28ubnqCD2JvcGhvY2tleS5jby5ueoITZGFyZmllbGRy
dWdieS5jby5ueoITZWFzdGNvYXN0ZXhwby5jby5ueoIUZnJhc2VydGVjaGNyaWNr
ZXQubnqCE2hlcmV3b3J0aC5zY2hvb2wubnqCDWhuaS5zY2hvb2wubnqCFWhvY2tl
eXNvdXRobGFuZC5jby5ueoISbWFyaXN0YWxiaW9uLmNvLm56ghBtcGNyaWNrZXQu
b3JnLm56ggxub3J0aGdvbGYubnqCEm91cnBsYWNlLnNjaG9vbC5ueoIKcHVyYy5j
by5ueoIXcnVnYnktZm91bmRhdGlvbi5vcmcubnqCFXJ1Z2J5Zm91bmRhdGlvbi5j
by5ueoITcnVnYnlmb3VuZGF0aW9uLmNvbYIScnVnYnlmb3VuZGF0aW9uLm56gg1z
cG9ydGhiLmNvLm56gg5zcG9ydGhiLm5ldC5ueoIMc3BvcnR5LmNvLm56ghVzcXVh
c2hhdWNrbGFuZC5vcmcubnqCG3N0bWF0dGhld3NwcmltYXJ5LnNjaG9vbC5ueoIT
d2VzdHNob3JlLnNjaG9vbC5ueoIWd2hhbmdhcmVpbmV0YmFsbC5jby5uejATBgNV
HSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AEiw42va
pkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi8UZ44QAAAQDAEYwRAIgd52P
ll3J0IHWI53T0cRz7YQZ6tz4OJAxrGvlOTMuvOQCID8J23ikyQCx37jNCUbAJKDz
TCSXDbo3ecrH1fiRkFXFAHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H6
1BcAAAGLxRnjmgAABAMARjBEAiBcxTCwCh0H59nCKZklXh1u+FR7q6MdifUiaTxr
5d0EWAIgPnNKtKejiVBjPUBzsCPRAp6pPprgvQY9LFLBW5xafx4wDQYJKoZIhvcN
AQELBQADggEBAIJvYhxKnDeMT/TRnqJkmD5HU/7AFyzlZyTLf+sw/YbE6fMyHWdN
d/FiuI5VvupgJr8ApkHAV+P+LgTXPvOO+ZmUlsYBTRGyWw53/zqfP3qhf/oQUdTt
0CvLy8nXP5JAj49PjM5BtEwBE8pAuPMITtCXlrv8OfxHKFvCb+G2P/9dqQ3LRzsZ
kMAAmck1yAgaClKKPp8c/PQC+Ju3bPdlT9Kl/qLvmD/TRToFQwAJi5DwXZYAKD0/
7JxQF2uBvEPPPlPFeKOTsbL8xcp59IndXSihvyrB3qVANof/mggZcPx6PkGJawad
vhhOq++kQH6J/3lSyM5FfkKwyQLYG0VomGo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybMt1wuJTwLlz/gmrq0R
lTPn0xTYV+T4/zR1gDX2Rgx5iXp+qITKDua64K+GXY2fFhCYne0gl9VLqs7fsYtj
EskJPIzrh3V9jwuWMAM+j/AI6f0bHe23EFmbmIdXiqWuqTi1B3cIH6L9rT8ReouY
FtgiL0gV/nyXUR91+1Sn5s0BtD7ln5evA6NBusBKl0fKXVL2ydUPu1PUvzncyJ8T
XI//tdxljQvVUbDhIBOb96DqXIrjZTIdNGlz6A3jsI49UvUq4AReGOUHlE7w+AO2
+jcLRTj4n7WCxjKaldm69fLJkj/FqjT3rtXMSY+TI4LMth+nVYHOFBoGV/EPuAkk
aQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 361118788201619312229839072263122733889192
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-12 18:54:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-10 18:54:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sporty.co.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25462255787026071394902305749245202387312704055959358552909858074554473834104302796807049970690759931725886883658258322949473627885223226996089374851389202155857082363846802038735478238371755857979297110323778618826719422075134979283883193356463375239374959850403579366482468617295583840875981348278454233141600426062311183106718202399674063312867912551060424601551385813282331530353859445920484524493725744466233327782588077246884023915715207293913516490999780426998432126133959695918841455172601471927574972343988236319087186679991330019037730017600408984963561474542855363311760806046746519239854660261351751492713
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							51b80c6db3adb10cbd828ef320359727c3471301
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (511 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'belfastnetball.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'belmontparkbowlingclub.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bophockey.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'darfieldrugby.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eastcoastexpo.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'frasertechcricket.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hereworth.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hni.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hockeysouthland.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maristalbion.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mpcricket.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northgolf.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ourplace.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rugby-foundation.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rugbyfoundation.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rugbyfoundation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rugbyfoundation.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporthb.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporthb.net.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporty.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'squashauckland.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stmatthewsprimary.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'westshore.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whangareinetball.co.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bc519e38400000403004630440220779d8f965dc9d081d6239dd3d1c473ed8419eadcf8389031ac6be539332ebce402203f09db78a4c900b1dfb8cd0946c024a0f34c24970dba3779cac7d5f8919055c50075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bc519e39a000004030046304402205cc530b00a1d07e7d9c22999255e1d6ef8547baba31d89f522693c6be5dd045802203e734ab4a7a38950633d4073b023d1029ea93e9ae0bd063d2c52c15b9c5a7f1e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00826f621c4a9c378c4ff4d19ea264983e4753fec0172ce56724cb7feb30fd86c4e9f3321d674d77f162b88e55beea6026bf00a641c057e3fe2e04d73ef38ef9999496c6014d11b25b0e77ff3a9f3f7aa17ffa1051d4edd02bcbcbc9d73f92408f8f4f8cce41b44c0113ca40b8f3084ed09796bbfc39fc47285bc26fe1b63fff5da90dcb473b1990c00099c935c8081a0a528a3e9f1cfcf402f89bb76cf7654fd2a5fea2ef983fd3453a054300098b90f05d9600283d3fec9c50176b81bc43cf3e53c578a393b1b2fcc5ca79f489dd5d28a1bf2ac1dea5403687ff9a081970fc7a3e41896b069dbe184eabefa4407e89ff7952c8ce457e42b0c902d81b4568986a