*.rfklive.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 02:fb:0b:92:5c:ac:3a:46:79:68:75:69:4f:78:2c:ac was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.rfklive.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 02:fb:0b:92:5c:ac:3a:46:79:68:75:69:4f:78:2c:acSerial Number (int): 3961957205560272073350646287528635564
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: c4:d3:5e:a1:40:77:d4:30:2a:35:f1:62:eb:2b:75:51:9c:9b:e8:f7
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 63:be:96:11:e7:a2:cc:93:e6:7c:4e:0e:e8:14:49:ca:00:b0:9e:f2
Fingerprint (sha256): 14:00:2c:cb:89:ec:2e:a3:9f:c8:42:ba:90:02:eb:0e:94:24:54:76:19:d4:49:89:d2:b3:aa:b9:a5:38:41:00
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.rfklive.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rfklive.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rfklive.com
*.rfk.revzilla.com
*.rfk.revzilla.com
Other certificates including the domain name rfklive.com
(limited to 100 certificates)
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.uat.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.uat.rfklive.com
*.rfklive.com
Certificate
The complete raw certificate details for *.rfklive.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2TCCBMGgAwIBAgIQAvsLklysOkZ5aHVpT3gsrDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMDkyNTAwMDAwMFoXDTI0MTAyNDIzNTk1OVowGDEW MBQGA1UEAwwNKi5yZmtsaXZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOceQbGTK3pGyO4hXErdnJ0Be5Ohg33lq1HzI19GF7hKNhNt0wmqyKJy MWPmef+90IX7Dp5gGFt6i0F8zvZpsMx35of6HCZEtIaCGP4OdWsrookaKh2x8Oee Od9op2E5YFeP1N8fNSrUioEJCMtIKGefmeSvTQWr1txPA4mB2pKmiAXpSgIw1I58 3ZorA2ZTKOSBgf0jfHEOvq6oo/oNKCn/FEYnmQSRIl38NpcrOuTuNNqHSp5/ngX+ idIQ6SpbfOwzCxFMU26XKKOD+rct2zHr+B15zwuM2XInZRHqL+ZGh2OZ4/Hrh/YV 3/Y5lUUtRtmU8gDSwCaExmPD8GiZftMCAwEAAaOCAvkwggL1MB8GA1UdIwQYMBaA FFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBTE016hQHfUMCo18WLrK3VR nJvo9zAsBgNVHREEJTAjgg0qLnJma2xpdmUuY29tghIqLnJmay5yZXZ6aWxsYS5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v Y3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29t L3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFp AWcAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYrKiw/qAAAE AwBHMEUCIHnsIWtjPnLgrwK1l8nv+OIslwXyuMOWRiCa/Ek8dIX+AiEAu1dQC1fw HKvU8sOGVg9+TCpio0E2p6F6I7CVWnUANdIAdgBIsONr2qZHNA/lagL6nTDrHFIB y1bdLIHZu7+rOdiEcwAAAYrKixAuAAAEAwBHMEUCIEat1q1wJ9Vl3SaZdkoq34IP pGuOwvGGXHqu2/aEtVwGAiEAvWuAcysYqsk3nGqt5gXlxZcyXjSuD4Yy1o5UYvqQ PWkAdQDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYrKixAKAAAE AwBGMEQCIB/HpGNEPMyuTKF0fnrIrO8BMSDBIA88ZK67Ba73YCHWAiBxFBauQISH HMnjdYGEnmPgUjMwhHOyYUicO6VTiogbjTANBgkqhkiG9w0BAQsFAAOCAQEAZKW5 jz8CPJCkMr114xq+xfnW+DWzgevgXgwiB2djuffHhulFb1OozEM3shszjqUrf8cs 3RzlSBm0Spu/8dTYflrr8J7cBXnXxc891KWB9V3/NpCUZtakjKDxiIB7k1vmEKNd BYIkm7wpWzUXOwbquuhstkTmYzRewWNXTzgsOf7ui3PKeFasj8xP0DhLkyaI54uE 2ysEZky07rxUdEB0KANVKjFPTOCbMYlH1HgMMSX01O/B4lJ4NQEOZ8t4DkTe6qg8 I7AaHc4rMhU/RGd0IoPAX1NDOFY3fHNo7BIBnhVlynD/CF2Q/Ex1oYNbQuQMdLB9 QLutkZKl3klAqXk+PQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5x5BsZMrekbI7iFcSt2c nQF7k6GDfeWrUfMjX0YXuEo2E23TCarIonIxY+Z5/73QhfsOnmAYW3qLQXzO9mmw zHfmh/ocJkS0hoIY/g51ayuiiRoqHbHw554532inYTlgV4/U3x81KtSKgQkIy0go Z5+Z5K9NBavW3E8DiYHakqaIBelKAjDUjnzdmisDZlMo5IGB/SN8cQ6+rqij+g0o Kf8URieZBJEiXfw2lys65O402odKnn+eBf6J0hDpKlt87DMLEUxTbpcoo4P6ty3b Mev4HXnPC4zZcidlEeov5kaHY5nj8euH9hXf9jmVRS1G2ZTyANLAJoTGY8PwaJl+ 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3961957205560272073350646287528635564 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rfklive.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29175968540503659919353138939150006911658265436248257324467656696464787893373581465626356599940214219798899270848671810905260029787072465113641807623016226639485361274798147228083360977675137085669540973702608732732254495901181651113623354622362456096824645456672888054367333491868040338905100999663359960617664950125174517823008693481199880211312665918763419621419419251903539105983644499561580022290286290002832740313293982411488048940096283742201326722077556873838311025789990768217820426421479831009055734599365509645832246060592404993223998564256441089816231071946837448716950189201316861232672895604946447728339 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c4d35ea14077d4302a35f162eb2b75519c9be8f7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rfklive.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rfk.revzilla.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018aca8b0fea0000040300473045022079ec216b633e72e0af02b597c9eff8e22c9705f2b8c39646209afc493c7485fe022100bb57500b57f01cabd4f2c386560f7e4c2a62a34136a7a17a23b0955a750035d200760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018aca8b102e0000040300473045022046add6ad7027d565dd2699764a2adf820fa46b8ec2f1865c7aaedbf684b55c06022100bd6b80732b18aac9379c6aade605e5c597325e34ae0f8632d68e5462fa903d69007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018aca8b100a000004030046304402201fc7a463443cccae4ca1747e7ac8acef013120c1200f3c64aebb05aef76021d60220711416ae4084871cc9e37581849e63e05233308473b261489c3ba5538a881b8d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0064a5b98f3f023c90a432bd75e31abec5f9d6f835b381ebe05e0c22076763b9f7c786e9456f53a8cc4337b21b338ea52b7fc72cdd1ce54819b44a9bbff1d4d87e5aebf09edc0579d7c5cf3dd4a581f55dff36909466d6a48ca0f188807b935be610a35d0582249bbc295b35173b06eabae86cb644e663345ec163574f382c39feee8b73ca7856ac8fcc4fd0384b932688e78b84db2b04664cb4eebc547440742803552a314f4ce09b318947d4780c3125f4d4efc1e2527835010e67cb780e44deeaa83c23b01a1dce2b32153f4467742283c05f53433856377c7368ec12019e1565ca70ff085d90fc4c75a1835b42e40c74b07d40bbad9192a5de4940a9793e3d