liveby.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0b:c4:91:46:cf:9e:25:ec:8d:f4:67:c4:52:a8:d0:e6 was issued on by Amazon.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=liveby.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:c4:91:46:cf:9e:25:ec:8d:f4:67:c4:52:a8:d0:e6Serial Number (int): 15642144697525392711586881797647552742
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: a5:6a:0c:a7:03:48:00:f4:d5:9d:f4:26:60:87:10:63:10:80:2a:31
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): d7:42:b1:68:73:1b:c8:50:67:12:15:3c:23:5c:fc:6f:04:ee:1c:03
Fingerprint (sha256): 14:a3:64:79:ee:9c:4e:69:5f:ef:85:5d:84:a0:44:68:87:ee:37:9d:70:b3:58:90:3a:42:9f:54:79:f1:fa:29
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate liveby.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for liveby.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
liveby.com
*.liveby.co
liveby.co
*.liveby.com
*.liveby.co
liveby.co
*.liveby.com
Other certificates including the domain name liveby.com
(limited to 100 certificates)
admin.liveby.com
status.liveby.com
dev.api.liveby.com
dv.liveby.com
dev.api.liveby.com
api.liveby.com
*.liveby.com
*.liveby.com
dev.jupyter.liveby.com
*.liveby.com
liveby.com
liveby.com
dev.liveby.com
console.liveby.com
dv.liveby.com
dev.jupyter.liveby.com
*.demo.liveby.com
qa.liveby.com
*.portal-beta.liveby.com
dv.liveby.com
console.liveby.com
liveby.com
developer.liveby.com
api.liveby.com
*.liveby.com
*.liveby.com
dev.liveby.com
liveby.com
dv.liveby.com
api.liveby.com
api.liveby.com
metrobrokers.reports-guides.liveby.com
liveby.com
api.liveby.com
*.liveby.com
qa.liveby.com
developer.liveby.com
liveby.com
liveby.com
api.liveby.com
dev.api.liveby.com
status.liveby.com
*.dv.liveby.com
dev.api.liveby.com
*.console.liveby.com
liveby.com
dv.liveby.com
dev.api.liveby.com
*.liveby.com
*.liveby.com
qa.liveby.com
developer.liveby.com
api.liveby.com
qa.liveby.com
dev.admin.liveby.com
reliancecache.liveby.com
api.liveby.com
dv.liveby.com
*.liveby.com
*.demo.liveby.com
*.portal-beta.liveby.com
portal-beta.liveby.com
dev.api.liveby.com
api.liveby.com
*.liveby.com
status.liveby.com
status.liveby.com
reliancecache.liveby.com
liveby.com
admin.liveby.com
developer.liveby.com
*.liveby.com
api.liveby.com
console.liveby.com
liveby.com
*.portal-beta.liveby.com
dev.api.liveby.com
seo.liveby.com
dev.liveby.com
dev.liveby.com
console.liveby.com
qa.liveby.com
dev.liveby.com
api.liveby.com
liveby.com
api.liveby.com
*.liveby.com
liveby.com
dev.api.liveby.com
dev.api.liveby.com
*.portal-beta.liveby.com
status.liveby.com
dev.api.liveby.com
dv.liveby.com
dev.api.liveby.com
api.liveby.com
*.liveby.com
*.liveby.com
dev.jupyter.liveby.com
*.liveby.com
liveby.com
liveby.com
dev.liveby.com
console.liveby.com
dv.liveby.com
dev.jupyter.liveby.com
*.demo.liveby.com
qa.liveby.com
*.portal-beta.liveby.com
dv.liveby.com
console.liveby.com
liveby.com
developer.liveby.com
api.liveby.com
*.liveby.com
*.liveby.com
dev.liveby.com
liveby.com
dv.liveby.com
api.liveby.com
api.liveby.com
metrobrokers.reports-guides.liveby.com
liveby.com
api.liveby.com
*.liveby.com
qa.liveby.com
developer.liveby.com
liveby.com
liveby.com
api.liveby.com
dev.api.liveby.com
status.liveby.com
*.dv.liveby.com
dev.api.liveby.com
*.console.liveby.com
liveby.com
dv.liveby.com
dev.api.liveby.com
*.liveby.com
*.liveby.com
qa.liveby.com
developer.liveby.com
api.liveby.com
qa.liveby.com
dev.admin.liveby.com
reliancecache.liveby.com
api.liveby.com
dv.liveby.com
*.liveby.com
*.demo.liveby.com
*.portal-beta.liveby.com
portal-beta.liveby.com
dev.api.liveby.com
api.liveby.com
*.liveby.com
status.liveby.com
status.liveby.com
reliancecache.liveby.com
liveby.com
admin.liveby.com
developer.liveby.com
*.liveby.com
api.liveby.com
console.liveby.com
liveby.com
*.portal-beta.liveby.com
dev.api.liveby.com
seo.liveby.com
dev.liveby.com
dev.liveby.com
console.liveby.com
qa.liveby.com
dev.liveby.com
api.liveby.com
liveby.com
api.liveby.com
*.liveby.com
liveby.com
dev.api.liveby.com
dev.api.liveby.com
*.portal-beta.liveby.com
Certificate
The complete raw certificate details for liveby.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6TCCBNGgAwIBAgIQC8SRRs+eJeyN9GfEUqjQ5jANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIxNzAwMDAwMFoXDTI1MDExNDIzNTk1OVowFTET MBEGA1UEAxMKbGl2ZWJ5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKdTL9xDXX1Np4WZkksFJ1bb2jo3UMn7VLSrxY9pvAo4+/BJvJqLAWiyIcS6 igdtCMCEQ8QqsXCy+njujLhtW4wAXYoeuDWZVGK/xzW9kpi8jQf3kLoy8T3K4Hle BQM50DFFnu+F7zZqoruGODRHN6bWtgjUM1L/0ADvE2a85j0rZQJS8yHuFHlcm74Y AdXbUF5nkRfRKOrepzIsEt387t/OCOc9mgTRW9PpZXKzuClMbS8Xbggpv2Jn3Q25 xmh7qGuW5lomSpNFMMv2AKisTCvZpZcdRBb1fskqP/Oesw604G+at5KGAGbGj4GU udPk/37+PHgwZRN3zbLrpfco4LsCAwEAAaOCAwwwggMIMB8GA1UdIwQYMBaAFMAx Us1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSlagynA0gA9NWd9CZghxBjEIAq MTA7BgNVHREENDAyggpsaXZlYnkuY29tggsqLmxpdmVieS5jb4IJbGl2ZWJ5LmNv ggwqLmxpdmVieS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg LqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmww dQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5h bWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1h em9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBgQYKKwYBBAHW eQIEAgSCAXEEggFtAWsAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo5 3wAAAYx16XS0AAAEAwBIMEYCIQDmyhJu2J+M2CmcPJMBFu20QWr988hDz4CMR8e3 9StDHAIhAIzrsPffMeMT1weo3Rb7z8rin0ITtMikbJHdYps8uAr0AHcAPxdLT9ci R1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGMdel0/QAABAMASDBGAiEAqzgW efVW1Ey/GeA545pqN94L/VXvGjb+Fd+q23pOJ0kCIQD5trfOE3PIpgcRdeEID7HI EMIAm4HZYntoz2w0ID17ZwB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6M Lnm4AAABjHXpdOcAAAQDAEgwRgIhAMU0wrlmDCKOaqvInr2DIA11s1RmX3NmXc/O pCqvrVxGAiEAh5PIVbtMsO6C5B7WfN1t0ZshpCGNDP3a7GHl2oLG124wDQYJKoZI hvcNAQELBQADggEBAKai2FI5Z3dcTOVE23bKLY8jOA8b5WMFPzqKC/RgEgqFYWsi ZYoT1Y02bv1MVWdT0/5bY4594RrXwgRey2ig+F0hw5uFyliwG0I/D1Rd3OGeccUK cz/qOQSxp1+mpxcSk6rfdm4xpvd8qLBBA6lEA2g8atoqiAGsUlgrPMB/AHmowJxb 7cc7yGQIQ6cPHbM7p+mL9fVc/Qt6fXJUoaRhqRGE6pgB0qa4kmdIbByLfRnupUa0 hozkI9iRAuUZuj7Q53Ia+MeVhsYE2HsHSpGDa/ZbFlHPbItjDA77PjjSBw0WbNI+ KpYrcyFAMgK7lYThmMvWy3uTfAq6GBSnxyKD+AA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1Mv3ENdfU2nhZmSSwUn VtvaOjdQyftUtKvFj2m8Cjj78Em8mosBaLIhxLqKB20IwIRDxCqxcLL6eO6MuG1b jABdih64NZlUYr/HNb2SmLyNB/eQujLxPcrgeV4FAznQMUWe74XvNmqiu4Y4NEc3 pta2CNQzUv/QAO8TZrzmPStlAlLzIe4UeVybvhgB1dtQXmeRF9Eo6t6nMiwS3fzu 384I5z2aBNFb0+llcrO4KUxtLxduCCm/YmfdDbnGaHuoa5bmWiZKk0Uwy/YAqKxM K9mllx1EFvV+ySo/856zDrTgb5q3koYAZsaPgZS50+T/fv48eDBlE3fNsuul9yjg uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15642144697525392711586881797647552742 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'liveby.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21122817945568016197567952916134078436030355585359533862277301654771340797688875350712940506309212404177685286442663967517612892380368753762288023219684567643880207056627753815239477428608026062311761206066686305301836596446971856133396750470053052389758170351598610879322079427052012911454428469242792287948983959501754508919086128853651039150269891359170209121664103773976121600299417197144608313039883293870397485794083784166643798529726499808006467910629588527015527233765722696635915062550425556956525983176421483499915399045849237080307941734963785278648667518845035353595194541782103031372519473609465810968763 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a56a0ca7034800f4d59df4266087106310802a31 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liveby.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.liveby.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liveby.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.liveby.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) 016b0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c75e974b40000040300483046022100e6ca126ed89f8cd8299c3c930116edb4416afdf3c843cf808c47c7b7f52b431c0221008cebb0f7df31e313d707a8dd16fbcfcae29f4213b4c8a46c91dd629b3cb80af40077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c75e974fd0000040300483046022100ab381679f556d44cbf19e039e39a6a37de0bfd55ef1a36fe15dfaadb7a4e2749022100f9b6b7ce1373c8a6071175e1080fb1c810c2009b81d9627b68cf6c34203d7b670077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c75e974e70000040300483046022100c534c2b9660c228e6aabc89ebd83200d75b354665f73665dcfcea42aafad5c460221008793c855bb4cb0ee82e41ed67cdd6dd19b21a4218d0cfddaec61e5da82c6d76e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a6a2d8523967775c4ce544db76ca2d8f23380f1be563053f3a8a0bf460120a85616b22658a13d58d366efd4c556753d3fe5b638e7de11ad7c2045ecb68a0f85d21c39b85ca58b01b423f0f545ddce19e71c50a733fea3904b1a75fa6a7171293aadf766e31a6f77ca8b04103a94403683c6ada2a8801ac52582b3cc07f0079a8c09c5bedc73bc8640843a70f1db33ba7e98bf5f55cfd0b7a7d7254a1a461a91184ea9801d2a6b89267486c1c8b7d19eea546b4868ce423d89102e519ba3ed0e7721af8c79586c604d87b074a91836bf65b1651cf6c8b630c0efb3e38d2070d166cd23e2a962b7321403202bb9584e198cbd6cb7b937c0aba1814a7c72283f800