1iota.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 03:7f:b4:83:59:cf:cb:46:e8:85:5c:50:f1:57:33:0e was issued on by Amazon.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=1iota.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:7f:b4:83:59:cf:cb:46:e8:85:5c:50:f1:57:33:0e
Serial Number (int): 4650766928801990864022276018875609870
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: ea:97:ba:cf:90:77:4f:1e:eb:52:5e:37:53:63:a2:df:3f:2e:fc:b3
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): f3:5b:3c:80:ea:80:1d:b0:01:06:b0:7c:24:fd:b4:01:d4:f6:17:f7
Fingerprint (sha256): 16:5c:38:04:fc:3a:95:6b:b1:0d:14:60:88:42:3b:78:0f:6a:56:6d:d0:e6:0d:3e:cc:e3:64:00:1e:71:a2:cb

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate 1iota.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for 1iota.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

1iota.com
admin.1iota.com
draftedfans.1iota.com
conan.1iota.com
fallon.1iota.com
colbert.1iota.com

Other certificates including the domain name 1iota.com

(limited to 100 certificates)
*.1iota.com
support.snapshot.travel
1iota.com
lateshowhelp.1iota.com
3737.inextenso.fr
*.1iota.com
support.snapshot.travel
support.snapshot.travel
*.1iota.com
fdus-21.freshdesk.com
fdus-21.freshdesk.com
fdus-21.freshdesk.com
fdus-11.freshdesk.com
fdus-31.freshdesk.com
3737.inextenso.fr
support.snapshot.travel
help.oac.cdlib.org
3737.inextenso.fr
blog.1iota.com
1iota.com
3737.inextenso.fr
fdus-21.freshdesk.com
lateshowhelp.1iota.com
support.snapshot.travel
help.oac.cdlib.org
help.oac.cdlib.org
3737.inextenso.fr
lateshowhelp.1iota.com
fdus-21.freshdesk.com
support.snapshot.travel
fdus-21.freshdesk.com
help.oac.cdlib.org
3737.inextenso.fr
1iota.com
3737.inextenso.fr
lateshowhelp.1iota.com
1iota.com
support.snapshot.travel
support.snapshot.travel
fdus-21.freshdesk.com
fdus-11.freshdesk.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
fdus-21.freshdesk.com
fdus-21.freshdesk.com
support.snapshot.travel
fdus-11.freshdesk.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
1iota.com
3737.inextenso.fr
blog.1iota.com
lateshowhelp.1iota.com
help.oac.cdlib.org
lateshowhelp.1iota.com
*.1iota.com
3737.inextenso.fr
support.snapshot.travel
3737.inextenso.fr
fdus-11.freshdesk.com
lateshowhelp.1iota.com
fdus-11.freshdesk.com
blog.1iota.com
3737.inextenso.fr
1iota.com
lateshowhelp.1iota.com
*.1iota.com
fdus-21.freshdesk.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
3737.inextenso.fr
support.snapshot.travel
fdus-21.freshdesk.com
fdus-11.freshdesk.com
3737.inextenso.fr
lateshowhelp.1iota.com
fdus-21.freshdesk.com
*.1iota.com
support.snapshot.travel
1iota.com
fdus-11.freshdesk.com
*.1iota.com
lateshowhelp.1iota.com
3737.inextenso.fr
help.oac.cdlib.org
3737.inextenso.fr
1iota.com
fdus-11.freshdesk.com
3737.inextenso.fr
affiliate-help.1iota.com
3737.inextenso.fr
fdus-21.freshdesk.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
lateshowhelp.1iota.com
fdus-21.freshdesk.com

Certificate

The complete raw certificate details for 1iota.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIQA3+0g1nPy0bohVxQ8VczDjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTAwOTAwMDAwMFoXDTI0MTEwNDIzNTk1OVowFDES
MBAGA1UEAxMJMWlvdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxjZXdFzE7i6J3R+U6pHzE7RJeiWqwupGcI+AqPCfVsXRlv0x9wpETPPIfiLM
Vz622xsaVYUlvBGwhT5pqokbwCaAMAc9WanL+ctDSiI1PaGUkjpYU69fUiBj/Tmm
dkvUbOtRofOJ6zlMtvaNOaHhn7gSeXLR5TggqrVdndWxjx6BFQwIxLMHjGA7Ue4a
w/sh6y3F8xVkHib9B3UTqe+i0yZ0XXKwZGgXu/hMvSLQswxswLD4a6Lj6baeN+8p
dOFnt27XhRkUscF8pqm5W7rCKWHwNmaMfOR44ek+3OPJcWv9jL8oVfjfnfC4FhFi
nmnabFyXNJNLZvGBXCGqgxdtHwIDAQABo4IDQzCCAz8wHwYDVR0jBBgwFoAUwDFS
zVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFOqXus+Qd08e61JeN1Njot8/Lvyz
MHIGA1UdEQRrMGmCCTFpb3RhLmNvbYIPYWRtaW4uMWlvdGEuY29tghVkcmFmdGVk
ZmFucy4xaW90YS5jb22CD2NvbmFuLjFpb3RhLmNvbYIQZmFsbG9uLjFpb3RhLmNv
bYIRY29sYmVydC4xaW90YS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8E
NDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0w
Mi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5y
Mm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJt
MDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBgQYK
KwYBBAHWeQIEAgSCAXEEggFtAWsAdwDuzdBk1dsazsVct520zROiModGfLzs3sNR
SFlGcR+1mwAAAYsUEzGXAAAEAwBIMEYCIQCwtuO2HBxio9fb8ozsa0Pf5d53gA90
zx7ulSPWi1qLDAIhAKUaztWbk7z2OlQcPI+pp2H1Oi9LQrHUcCyRzwf0ukOjAHcA
SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGLFBMxZgAABAMASDBG
AiEA6FCDXOBfZKkTlzGD27XvwlRa1WDA9ySuDcJiz3a01YECIQDBQ2gm0CQ9uhYs
+J9ZrOgpnaD4TIIDmGVCRSOU3nnaBAB3ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSF
NL2kPTBI1/urAAABixQTMU4AAAQDAEgwRgIhAP9aqnvFfFQd8iTy5RFCFyPqcp7V
gub0sdcO+wxCIgBUAiEAvnPxwEnSBUgLgCNYf6Xmin6hx+9O4h6OeEjBTp2FUaUw
DQYJKoZIhvcNAQELBQADggEBABSSL60jrjZdaSWepbCuxgGtssF7F7nNysQoJtry
xcExLyRbnhgkXXh59vfHhw0P04BPS7SWZztiCt9YMXImlAvpc0agjKBFw9RYqktH
zRQlgcmcJR52Lw7tIO5G3KAmdY4SCckja1dXg5huoWj46ql3uH/7vD5yLpisvHPH
aq9KB8bXUNh1MVoxNL4LbMiHbGBF99+bi6pGqj287FFCe0jRLOcjCgugIdGxtGyT
mG0LuKtpJhBq5QY/fQKwfRJ0UpFLHrV0T+VZZfrfHgSBVX1YrjrNc35itY96AZu4
yTYy0WJeS2zZKpDCIH6DaxQoW2kerg4hCPC4t8/wRiOANHY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjZXdFzE7i6J3R+U6pHz
E7RJeiWqwupGcI+AqPCfVsXRlv0x9wpETPPIfiLMVz622xsaVYUlvBGwhT5pqokb
wCaAMAc9WanL+ctDSiI1PaGUkjpYU69fUiBj/TmmdkvUbOtRofOJ6zlMtvaNOaHh
n7gSeXLR5TggqrVdndWxjx6BFQwIxLMHjGA7Ue4aw/sh6y3F8xVkHib9B3UTqe+i
0yZ0XXKwZGgXu/hMvSLQswxswLD4a6Lj6baeN+8pdOFnt27XhRkUscF8pqm5W7rC
KWHwNmaMfOR44ek+3OPJcWv9jL8oVfjfnfC4FhFinmnabFyXNJNLZvGBXCGqgxdt
HwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4650766928801990864022276018875609870
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-04 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1iota.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25021981234488270807672952193859109214021579263071463404210915309538278929065627685763501129706793061048566869588282920348429736740094873383089885612126746120823788645705563878053370272175448669457226195690013888389870978101561180842453242892212339329076303917857135718222280481790321184676378945481332506686738733596701039698277142378485375985883924552202080157290062552198779264267744309531305571035700612067493183759219755397647222771156199909156820281176663370945569696081375649821653539165203729931761890826995873738240273154943295718971511185206838582517156408522240539210297217536892809966796180718745392999711
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ea97bacf90774f1eeb525e375363a2df3f2efcb3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1iota.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.1iota.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'draftedfans.1iota.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'conan.1iota.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fallon.1iota.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colbert.1iota.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
							016b007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b141331970000040300483046022100b0b6e3b61c1c62a3d7dbf28cec6b43dfe5de77800f74cf1eee9523d68b5a8b0c022100a51aced59b93bcf63a541c3c8fa9a761f53a2f4b42b1d4702c91cf07f4ba43a300770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b141331660000040300483046022100e850835ce05f64a913973183dbb5efc2545ad560c0f724ae0dc262cf76b4d581022100c1436826d0243dba162cf89f59ace8299da0f84c8203986542452394de79da04007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b1413314e0000040300483046022100ff5aaa7bc57c541df224f2e511421723ea729ed582e6f4b1d70efb0c42220054022100be73f1c049d205480b8023587fa5e68a7ea1c7ef4ee21e8e7848c14e9d8551a5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0014922fad23ae365d69259ea5b0aec601adb2c17b17b9cdcac42826daf2c5c1312f245b9e18245d7879f6f7c7870d0fd3804f4bb496673b620adf58317226940be97346a08ca045c3d458aa4b47cd142581c99c251e762f0eed20ee46dca026758e1209c9236b575783986ea168f8eaa977b87ffbbc3e722e98acbc73c76aaf4a07c6d750d875315a3134be0b6cc8876c6045f7df9b8baa46aa3dbcec51427b48d12ce7230a0ba021d1b1b46c93986d0bb8ab6926106ae5063f7d02b07d127452914b1eb5744fe55965fadf1e0481557d58ae3acd737e62b58f7a019bb8c93632d1625e4b6cd92a90c2207e836b14285b691eae0e2108f0b8b7cff04623803476