ljfo.vermont.gov
Issued by R3
About this certificate
This digital certificate with serial number 03:e9:af:c8:0e:b7:33:c3:7d:5f:7a:e3:7a:69:1c:b9:00:49 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ljfo.vermont.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e9:af:c8:0e:b7:33:c3:7d:5f:7a:e3:7a:69:1c:b9:00:49Serial Number (int): 340856302944961977429448433641681248125001
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e2:2b:30:df:24:67:c9:43:68:51:a3:34:ad:0d:04:09:ad:24:c4:b4
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 21:ad:7f:d6:5e:64:50:7a:3f:66:bb:d6:75:ad:e2:6d:d6:92:79:b7
Fingerprint (sha256): 15:e3:0d:e3:97:1f:48:4a:78:2c:7e:27:86:97:72:6b:ed:a5:7c:7c:1c:2a:b2:a6:bb:23:ec:67:90:6c:cd:d4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ljfo.vermont.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ljfo.vermont.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ljfo.vermont.gov
Other certificates including the domain name vermont.gov
(limited to 100 certificates)
dhriu.vermont.gov
www.myvtax.vermont.gov
inside.vermont.gov
www.vermont.gov
ssl7.revizesites.com
anrmaps.vermont.gov
ismstg.apps.vermont.gov
*.healthconnect.vermont.gov
list.vermont.gov
ljfo.vermont.gov
e911ags.vermont.gov
usaherds.vermont.gov
matsdev.vtrans.vermont.gov
maps.vcgi.vermont.gov
1moreconversation.com
inside.vermont.gov
dev.maps.vcgi.vermont.gov
employerreporting.vermont.gov
gpnh.ngesi.vermont.gov
selfserve.education.state.vt.us
cloud.agriculture.vermont.gov
railtrails.vermont.gov
gs.tax.vermont.gov
*.professionals.vermont.gov
anrgeodata.vermont.gov
secure.vermont.gov
eoc.vermont.gov
1moreconversation.com
bedboard.vermont.gov
slds.education.vermont.gov
staging.mydmv.vermont.gov
geodata.vermont.gov
rms.vermont.gov
cloud.agriculture.vermont.gov
*.hsep.vermont.gov
ssl7.revizesites.com
anrgeodata.vermont.gov
legislature.vermont.gov
apps.health.vermont.gov
uipublic01.labor.vermont.gov
ACCDMaps.Vermont.gov
anrmaps.vermont.gov
list.vermont.gov
www.vermont.gov
Inside.Vermont.Gov
*.id.vermont.gov
peacham.vermont.gov
grants.vermont.gov
www.staging.vtpics.vermont.gov
edwa.vermont.gov
cloud.agriculture.vermont.gov
agriculturegrants.vermont.gov
maps.vermont.gov
secure.accd.vermont.gov
WebDBMS.ngesi.vermont.gov
preprod.slds.vermont.gov
anrmaps.vermont.gov
gs.vtrans.vermont.gov
*.healthconnect.vermont.gov
vtlottery.com
my.vermont.gov
retire.vermont.gov
ljfo.vermont.gov
apps.health.vermont.gov
bedboard.vermont.gov
dev.maps.vcgi.vermont.gov
legislature.vermont.gov
ssl7.revizesites.com
uipublic.labor.vermont.gov
maps.vermont.gov
1moreconversation.com
*.id.vermont.gov
sos.vermont.gov
*.hsep.vermont.gov
ssl7.revizesites.com
roadsidemarkers.vermont.gov
design.education.vermont.gov
*.ngesi.vermont.gov
childcareproviders.vermont.gov
160.166.tmcapital.com
*.apps.vermont.gov
vitws.labor.vermont.gov
www.usaplants.vermont.gov
test.slds.vermont.gov
www.rms.vermont.gov
cloud.agriculture.vermont.gov
ssl7.revizesites.com
*.professionals.vermont.gov
*.hsep.in.vermont.gov
maps.vcgi.vermont.gov
infotest.my.vermont.gov
www.vermont.gov
uipublic.labor.vermont.gov
apps.health.vermont.gov
dualenrollment.vermont.gov
ljfo.vermont.gov
lobbying.vermont.gov
orc.vermont.gov
*.hsep.vermont.gov
dev-dfr.gs.vermont.gov
www.myvtax.vermont.gov
inside.vermont.gov
www.vermont.gov
ssl7.revizesites.com
anrmaps.vermont.gov
ismstg.apps.vermont.gov
*.healthconnect.vermont.gov
list.vermont.gov
ljfo.vermont.gov
e911ags.vermont.gov
usaherds.vermont.gov
matsdev.vtrans.vermont.gov
maps.vcgi.vermont.gov
1moreconversation.com
inside.vermont.gov
dev.maps.vcgi.vermont.gov
employerreporting.vermont.gov
gpnh.ngesi.vermont.gov
selfserve.education.state.vt.us
cloud.agriculture.vermont.gov
railtrails.vermont.gov
gs.tax.vermont.gov
*.professionals.vermont.gov
anrgeodata.vermont.gov
secure.vermont.gov
eoc.vermont.gov
1moreconversation.com
bedboard.vermont.gov
slds.education.vermont.gov
staging.mydmv.vermont.gov
geodata.vermont.gov
rms.vermont.gov
cloud.agriculture.vermont.gov
*.hsep.vermont.gov
ssl7.revizesites.com
anrgeodata.vermont.gov
legislature.vermont.gov
apps.health.vermont.gov
uipublic01.labor.vermont.gov
ACCDMaps.Vermont.gov
anrmaps.vermont.gov
list.vermont.gov
www.vermont.gov
Inside.Vermont.Gov
*.id.vermont.gov
peacham.vermont.gov
grants.vermont.gov
www.staging.vtpics.vermont.gov
edwa.vermont.gov
cloud.agriculture.vermont.gov
agriculturegrants.vermont.gov
maps.vermont.gov
secure.accd.vermont.gov
WebDBMS.ngesi.vermont.gov
preprod.slds.vermont.gov
anrmaps.vermont.gov
gs.vtrans.vermont.gov
*.healthconnect.vermont.gov
vtlottery.com
my.vermont.gov
retire.vermont.gov
ljfo.vermont.gov
apps.health.vermont.gov
bedboard.vermont.gov
dev.maps.vcgi.vermont.gov
legislature.vermont.gov
ssl7.revizesites.com
uipublic.labor.vermont.gov
maps.vermont.gov
1moreconversation.com
*.id.vermont.gov
sos.vermont.gov
*.hsep.vermont.gov
ssl7.revizesites.com
roadsidemarkers.vermont.gov
design.education.vermont.gov
*.ngesi.vermont.gov
childcareproviders.vermont.gov
160.166.tmcapital.com
*.apps.vermont.gov
vitws.labor.vermont.gov
www.usaplants.vermont.gov
test.slds.vermont.gov
www.rms.vermont.gov
cloud.agriculture.vermont.gov
ssl7.revizesites.com
*.professionals.vermont.gov
*.hsep.in.vermont.gov
maps.vcgi.vermont.gov
infotest.my.vermont.gov
www.vermont.gov
uipublic.labor.vermont.gov
apps.health.vermont.gov
dualenrollment.vermont.gov
ljfo.vermont.gov
lobbying.vermont.gov
orc.vermont.gov
*.hsep.vermont.gov
dev-dfr.gs.vermont.gov
Certificate
The complete raw certificate details for ljfo.vermont.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgISA+mvyA63M8N9X3rjemkcuQBJMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjMxOTUxMDhaFw0yNDA0MjIxOTUxMDdaMBsxGTAXBgNVBAMT EGxqZm8udmVybW9udC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDNlP89vLTcxPWgCKVW622OphlZxYrTpsWKKT0shDfYtlKJFIPRQVZMl4++x+FI XI9dtpMkTU9QI6ELj0CK7lhpvv6Al1twUPTEA+nlR/KgViHIL1zPQPldrYNEggP+ lM/f5Y8R/Z4umVSXqaYzcX5mVlvajGO5JaFhrSlx/EgUYxXrnjLO8yQeUQ9jKjZ1 8LzcoMvX6hx+iSTCs7vRBoVpU7ueWQ1LugB+NMXdAyOx7Mpj+rJZEg2wvYBnircM D6Y0s4UaMRNh0ttfJigxpkU5hRiEyiuKPR5zuQmfuO6/t68jacoUr+3SAw8M4vOC RRvz2/sIz3MlA41SJsHvLitjAgMBAAGjggISMIICDjAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFOIrMN8kZ8lDaFGjNK0NBAmtJMS0MB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMBsGA1UdEQQUMBKCEGxqZm8udmVybW9udC5nb3YwEwYDVR0gBAwwCjAIBgZn gQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgA7U3d1Pi25gE6LMFsG/kA7 Z9hPw/THvQANLXJv4frUFwAAAY04F1AFAAAEAwBHMEUCIGtOo+WiyQWFdC+USLmc 7AVTNI8Zrpn1VEXriG0tX/a7AiEA6yNPtsyPII4s0JTIk9mEKFNoa8etGkzkEhkD kdsyhpsAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY04F1BT AAAEAwBHMEUCIDjWdRpJmLJjL5eShy/ZYDuSC16O6KpzXMAFCSLNOMeeAiEAllV5 k+g5M0/d7p7rKuNOArva8c2i3gf7kO0fToSQ1hcwDQYJKoZIhvcNAQELBQADggEB ABeHBlcVxC8+2uTNn3ihKMP/GAQkH0+7F4cWeQVVGwcEx+3nNT0O+qriIMICY/YG CqEVG3nohhmY4ti4okn0l54DcTXmmfEvEMxA9wMVaoJwqDkogJqO7zVbjypkPWfx NxF50+S4JGj2RrtqC/EWKrYOVzSIn9x5+tZcOWgqspx/n8JGS4Ad2VxuwsK8ywIx 82JcgTyc5dstf0RiUXWNU08ypNskl5Cd3eCRVDO6P114M0JAM7+Q1WVKYWyb/NoX lMr08EwGo3QXAfDPMJV//Myv5cuX0dr0h95g8HufB4ESAIN5vAU1StRhDk3KsJ46 NIeE8jaJuGacwmyj26gJZpg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZT/Pby03MT1oAilVutt jqYZWcWK06bFiik9LIQ32LZSiRSD0UFWTJePvsfhSFyPXbaTJE1PUCOhC49Aiu5Y ab7+gJdbcFD0xAPp5UfyoFYhyC9cz0D5Xa2DRIID/pTP3+WPEf2eLplUl6mmM3F+ ZlZb2oxjuSWhYa0pcfxIFGMV654yzvMkHlEPYyo2dfC83KDL1+ocfokkwrO70QaF aVO7nlkNS7oAfjTF3QMjsezKY/qyWRINsL2AZ4q3DA+mNLOFGjETYdLbXyYoMaZF OYUYhMorij0ec7kJn7juv7evI2nKFK/t0gMPDOLzgkUb89v7CM9zJQONUibB7y4r YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 340856302944961977429448433641681248125001 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-23 19:51:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-22 19:51:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ljfo.vermont.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25952325694769864360661083235681616146904250182978887433914797296261702280374968092036911496778285253255173122988330075237885309239433937839089512190955079679246708253537074288053771167868275265410725569113258291058348058189394420137758983631365101438564504766784583411422866880880026340724596831160284391364103814327154135725442554993534868521994161698955141648316779183333702389368184089014939661508838945497843515068600163663294636555792468132069162452579168932879987081942300863456132253819835280014191264264242521712966537166133620881093158009257517619600095006985071950785948560941486688564961779925918986152803 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e22b30df2467c9436851a334ad0d0409ad24c4b4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ljfo.vermont.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d38175005000004030047304502206b4ea3e5a2c90585742f9448b99cec0553348f19ae99f55445eb886d2d5ff6bb022100eb234fb6cc8f208e2cd094c893d9842853686bc7ad1a4ce412190391db32869b00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d381750530000040300473045022038d6751a4998b2632f9792872fd9603b920b5e8ee8aa735cc0050922cd38c79e02210096557993e839334fddee9eeb2ae34e02bbdaf1cda2de07fb90ed1f4e8490d617 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001787065715c42f3edae4cd9f78a128c3ff1804241f4fbb1787167905551b0704c7ede7353d0efaaae220c20263f6060aa1151b79e8861998e2d8b8a249f4979e037135e699f12f10cc40f703156a8270a83928809a8eef355b8f2a643d67f1371179d3e4b82468f646bb6a0bf1162ab60e5734889fdc79fad65c39682ab29c7f9fc2464b801dd95c6ec2c2bccb0231f3625c813c9ce5db2d7f446251758d534f32a4db2497909ddde0915433ba3f5d7833424033bf90d5654a616c9bfcda1794caf4f04c06a3741701f0cf30957ffcccafe5cb97d1daf487de60f07b9f078112008379bc05354ad4610e4dcab09e3a348784f23689b8669cc26ca3dba8096698