cmt.builder.ai

Issued by R3

About this certificate

This digital certificate with serial number 04:f8:6f:23:85:78:0f:f0:d0:97:76:f9:0c:da:d5:07:47:a0 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=cmt.builder.ai

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:f8:6f:23:85:78:0f:f0:d0:97:76:f9:0c:da:d5:07:47:a0
Serial Number (int): 432986899468428690096045996077030341822368
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: d0:c5:20:63:c9:43:ff:dd:b7:b4:bb:70:83:7b:87:00:cb:55:d9:ce
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 51:12:c3:63:74:be:53:f5:b5:35:c3:68:19:8a:31:db:42:63:57:61
Fingerprint (sha256): 15:77:fc:cc:6c:ce:18:01:8f:5d:2e:9c:ad:2a:46:fe:46:d7:2c:80:c0:c9:8b:f0:6f:e2:e3:c8:9d:53:b3:01

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate cmt.builder.ai

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cmt.builder.ai

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cmt.builder.ai
cmt.prod.uaenorth.az.svc.builder.ai

Other certificates including the domain name builder.ai

(limited to 100 certificates)
dashboard.b171873.dev.centralindia.az.svc.builder.ai
scheduler.builder.ai
accounts.builder.ai
minio.b391595.stage.eastus.az.svc.builder.ai
b411215.prod.eastus.az.svc.builder.ai
b313291.prod.eastus.az.svc.builder.ai
b380909.prod.eastus.az.svc.builder.ai
thegoodboy-350606-react.b350606.prod.eastus.az.svc.builder.ai
b355473.prod.eastus.az.svc.builder.ai
minio.b430327.prod.eastus.az.svc.builder.ai
www.freemium-routing.prod.centralindia.az.svc.builder.ai
b130455.prod.eastus.az.svc.builder.ai
events.builder.ai
builder.ai
b308176.prod.eastus.az.svc.builder.ai
grafana.autocodegen.dev.eastus.az.svc.builder.ai
minio.b51700.stage.eastus.az.svc.builder.ai
prometheus.s205850.prod.eastus.az.svc.builder.ai
minio.b213151.stage.eastus.az.svc.builder.ai
grafana.b586145.prod.eastus.az.svc.builder.ai
stg-studio-asset.builder.ai
b142552.dev.centralindia.az.svc.builder.ai
dashboard.b74903.dev.centralindia.az.svc.builder.ai
grafana.ide.prod.ap-southeast-1.aws.svc.builder.ai
cloud.builder.ai
b235926.dev.centralindia.az.svc.builder.ai
dashboard.cat.prod.centralindia.az.svc.builder.ai
b37196.stage.us-east-1.aws.svc.builder.ai
grafana.35789.dev.ap-southeast-1.aws.svc.builder.ai
sni1e4begl.wpc.edgecastcdn.net
ecommwebsite-387815-ruby.b387815.prod.eastus.az.svc.builder.ai
b397416.prod.eastus.az.svc.builder.ai
b425607.prod.eastus.az.svc.builder.ai
staging-scheduler.builder.ai
grafana.b31778.uat.eastus.az.svc.builder.ai
guacamole.bxidecp8.prod.centralindia.az.svc.builder.ai
b320029.prod.eastus.az.svc.builder.ai
b385859.prod.eastus.az.svc.builder.ai
api-schedular.builder.ai
b425607.prod.eastus.az.svc.builder.ai
davos.builder.ai
grafana.b138857.uat.eastus.az.svc.builder.ai
b360167.prod.eastus.az.svc.builder.ai
grafana.b334882.stage.eastus.az.svc.builder.ai
grafana.37416.prod.us-east-2.aws.svc.builder.ai
grafana.b298503.stage.eastus.az.svc.builder.ai
dashboard.cat.stage.centralindia.az.svc.builder.ai
grafana.freemium-routing.prod.centralindia.az.svc.builder.ai
api-now-uiw.builder.ai
prometheus.b266629.dev.centralindia.az.svc.builder.ai
automation-test-2.uat.centralus.az.svc.builder.ai
cloud.builder.ai
gitlab.builder.ai
grafana.s132666.prod.eastus.az.svc.builder.ai
fuchs11-500387-react.b500387.prod.eastus.az.svc.builder.ai
mycity-177662-ruby.b177662.uat.eastus.az.svc.builder.ai
gitlab.builder.ai
prometheus.37416.prod.us-east-2.aws.svc.builder.ai
dashboard.b70867.dev.centralindia.az.svc.builder.ai
brock-276470-react.b276470.stage.eastus.az.svc.builder.ai
minio.ars.dev.eastus.az.svc.builder.ai
b179393.stage.eastus.az.svc.builder.ai
prometheus.ide.prod.us-east-1.aws.svc.builder.ai
builder.ai
b70913.dev.centralindia.az.svc.builder.ai
esskaysystems-86449-ruby.b86449.prod.eastus.az.svc.builder.ai
silver-app.silver-kube.prod.eu-west-1.aws.svc.builder.ai
*.accenture.builder.ai
b414453.prod.eastus.az.svc.builder.ai
b223656.uat.eastus.az.svc.builder.ai
romeo-430863-react.b430863.prod.eastus.az.svc.builder.ai
ecommerce-360028-ruby.b360028.prod.eastus.az.svc.builder.ai
prometheus.b244474.stage.eastus.az.svc.builder.ai
staging.rsvp.builder.ai
cmt.builder.ai
uiw-rails.uiw.stage.eastus.az.svc.builder.ai
grafana.b86449.prod.eastus.az.svc.builder.ai
*.builder.ai
b410067.prod.eastus.az.svc.builder.ai
grafana.b85959.prod.eastus.az.svc.builder.ai
grafana.b330680.stage.eastus.az.svc.builder.ai
roscoperlini-234007-ruby.b234007.uat.eastus.az.svc.builder.ai
grafana.b450522.prod.southindia.az.svc.builder.ai
grafana.b68443.stage.us-east-1.aws.svc.builder.ai
33331.dev.ap-southeast-1.aws.svc.builder.ai
prometheus.b202250.uat.eastus.az.svc.builder.ai
grafana.rapid.prod.westeurope.az.svc.builder.ai
*.accenture.builder.ai
staging2-scheduler.builder.ai
sadiesstore-142652-ruby.b142652.dev.uksouth.az.svc.builder.ai
builder.ai
dashboard.b74903.dev.centralindia.az.svc.builder.ai
*.accenture.builder.ai
windeverest-225652-ruby.b225652.uat.eastus.az.svc.builder.ai
33331.dev.ap-southeast-1.aws.svc.builder.ai
b330938.prod.eastus.az.svc.builder.ai
*.builder.ai
b335413.uat.eastus.az.svc.builder.ai
grafana.b356545.uat.eastus.az.svc.builder.ai
astxio-331239-react.b331239.stage.eastus.az.svc.builder.ai

Certificate

The complete raw certificate details for cmt.builder.ai in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEGzCCAwOgAwIBAgISBPhvI4V4D/DQl3b5DNrVB0egMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MDMxMDQyNDFaFw0yNDA3MDIxMDQyNDBaMBkxFzAVBgNVBAMT
DmNtdC5idWlsZGVyLmFpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
maM7z5yMJGRWKlSisTZVb2D2FUBC9sKRqauDekkVul222Dswg5NmkraIyoD/WZpD
KjzTuSOTgoromM2G9ZRFzqalmR5YVw/Qhox9YHFIgs1ZwPZP6J/R8hi3bBX63VQN
OW3VGwtKhgXyTfTBLkPe1IDRz85EAC3L/EJMsp+d+8FjtkmVAjQx4/WCQT2AaoqW
oidfKUTvupZBBCAsn4ybxQBOPHlqmV6ft2f4V4iNBKdouPOdUOCo9Q2WOZcG6yyM
95e4gdHDeFNSrKx9bYaapSxy2aQcpPG1W3qxvaTipejUp26vDTBSaDmEDz59eKtJ
s4+bfL6cPFrV55nNeARLhwIDAQABo4IBQjCCAT4wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBTQxSBjyUP/3be0u3CDe4cAy1XZzjAfBgNVHSMEGDAWgBQULrMXt1hWy65Q
CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y
My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn
LzA+BgNVHREENzA1gg5jbXQuYnVpbGRlci5haYIjY210LnByb2QudWFlbm9ydGgu
YXouc3ZjLmJ1aWxkZXIuYWkwEwYDVR0gBAwwCjAIBgZngQwBAgEwEwYKKwYBBAHW
eQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBACpd4UozFzhr1ren9el/FeOb
c9mcXin1wtI6ovT5XYJ5njzGGK3wvWJ5nxN9H4cpMMYQsjLv04ZkJ3y0WAcH/Xp8
CfHUigh7Syq+A1eRX6iwslYNX2gR0CUPt2+byaEi449+eZEgz8JyekJQVGvia1//
m3RJu/ZIDCmrSocV3E7VzdlYJ83by1xljj35XkpG4g1AdHwdHRmtD0Fxsf5adjNI
zFIaq57xU9XjAKAocif0LsUDq6V6b/JoVdGgkAaoqxFEUo6qlfv5OCgtz6kaDd6A
dPt5WYm22+ssxskV8hD4mZDp3557KLoo2Aeu5svGcoKt2KdvjcWRwPCeSbHtPbI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaM7z5yMJGRWKlSisTZV
b2D2FUBC9sKRqauDekkVul222Dswg5NmkraIyoD/WZpDKjzTuSOTgoromM2G9ZRF
zqalmR5YVw/Qhox9YHFIgs1ZwPZP6J/R8hi3bBX63VQNOW3VGwtKhgXyTfTBLkPe
1IDRz85EAC3L/EJMsp+d+8FjtkmVAjQx4/WCQT2AaoqWoidfKUTvupZBBCAsn4yb
xQBOPHlqmV6ft2f4V4iNBKdouPOdUOCo9Q2WOZcG6yyM95e4gdHDeFNSrKx9bYaa
pSxy2aQcpPG1W3qxvaTipejUp26vDTBSaDmEDz59eKtJs4+bfL6cPFrV55nNeARL
hwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 432986899468428690096045996077030341822368
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 10:42:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-02 10:42:40 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cmt.builder.ai'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19394954166073289916380837598462380899553007235835233065500765741867151849013026045214341109423819593814817818071435305435351558526518948008322961747534957358300791674468382628561594196930000008865055993465889770543353352954932086297463546078784352726275742185435030705888861020183000273495349973533856699679480625841963073487055832927124238636622650716695159323425633000899414012764469219822771166555386280355969520245777937957244817417490513851997348991618576759129185520170059304042182855358879905147316328675422067323831845352202779769310753699987738714777796740383237774001701586778096188421576896600854233369479
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d0c52063c943ffddb7b4bb70837b8700cb55d9ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmt.builder.ai'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmt.prod.uaenorth.az.svc.builder.ai'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002a5de14a3317386bd6b7a7f5e97f15e39b73d99c5e29f5c2d23aa2f4f95d82799e3cc618adf0bd62799f137d1f872930c610b232efd38664277cb4580707fd7a7c09f1d48a087b4b2abe0357915fa8b0b2560d5f6811d0250fb76f9bc9a122e38f7e799120cfc2727a4250546be26b5fff9b7449bbf6480c29ab4a8715dc4ed5cdd95827cddbcb5c658e3df95e4a46e20d40747c1d1d19ad0f4171b1fe5a763348cc521aab9ef153d5e300a0287227f42ec503aba57a6ff26855d1a09006a8ab1144528eaa95fbf938282dcfa91a0dde8074fb795989b6dbeb2cc6c915f210f89990e9df9e7b28ba28d807aee6cbc67282add8a76f8dc591c0f09e49b1ed3db2