www.iaretirement.inalco.com
Issued by R3
About this certificate
This digital certificate with serial number 03:11:3c:a0:57:ba:d3:b0:1f:ba:6a:eb:e0:06:4b:24:11:94 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.iaretirement.inalco.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:11:3c:a0:57:ba:d3:b0:1f:ba:6a:eb:e0:06:4b:24:11:94Serial Number (int): 267202244259552742346741069661587416289684
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 05:38:89:df:4f:72:79:81:0e:26:fc:a4:2c:02:14:6b:74:ee:ee:9b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 53:71:22:97:ce:4e:06:65:d0:a6:a3:a3:23:28:b0:db:71:56:e3:92
Fingerprint (sha256): 18:c8:3b:8e:3a:58:79:5a:56:e9:e7:63:2f:3d:87:b8:8f:bb:eb:28:11:f3:88:a1:8d:81:24:a3:3e:66:96:9b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.iaretirement.inalco.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.iaretirement.inalco.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.iaretirement.inalco.com
Other certificates including the domain name inalco.com
(limited to 100 certificates)
poupon.inalco.com
www.inalco.com
securefonc.inalco.com
webmail.inalco.com
rave01.inalco.com
poupon.inalco.com
ei.secureweb.inalco.com
intg.api.inalco.com
imageserver.secureweb.inalco.com
inalco.com
iamobile.inalco.com
fr.wiki-crm.kronos-web.com
www.inalco.com
gestionclients.intg.inalco.com
inalco.com
poupon.inalco.com
www.inalco.com
inalco.com
we.secureweb.inalco.com
inalco.com
www.iaretirement.inalco.com
imageserver.secureweb.accp.ia.iafg.net
we.intg.secureweb.inalco.com
imageserver.secureweb.inalco.com
bambin.inalco.com
poupon.inalco.com
*.intg.secureweb.ia.ca
api.ia.ca
ia-cem.accp.secureweb.inalco.com
www.inalco.com
fs41.inalco.com
*.inalco.com
webmail.ia.ca
fs41.inalco.com
poupon.inalco.com
accp.api.ia.ca
secure2.inalco.com
imageserver.secureweb.inalco.com
imageserver.secureweb.inalco.com
iagtools.inalco.com
*.secureweb.inalco.com
*.intg.secureweb.ia.ca
imageserver.secureweb.inalco.com
fs01.inalco.com
secure.inalco.com
poupon.inalco.com
*.external.inalco.com
secure2.inalco.com
fr.wiki-crm.kronos-web.com
login.service.dealers.inalco.com
AWSSOIA.inalco.com
webadmin.inalco.com
imageserver.secureweb.inalco.com
rave01.inalco.com
www.inalco.com
accp.api.inalco.com
www.inalco.com
ia-cem.secureweb.inalco.com
fs01.inalco.com
stmartin.inalco.com
inalco.com
poupon.inalco.com
webmail.ia.ca
statss.inalco.com
secure.inalco.com
inalco.com
fs01.inalco.com
fr.wiki-crm.kronos-web.com
we.secureweb.inalco.com
iagtools.inalco.com
extranet.inalco.com
www.inalco.com
inalco.com
inalco.com
www.inalco.com
fnct.api.inalco.com
novus.inalco.com
bambin.inalco.com
test.domaine2.secureweb.inalco.com
proxy.accp.secureweb.inalco.com
www.inalco.com
www.inalco.com
poupon.inalco.com
ia-cem.accp.secureweb.inalco.com
imageserver.secureweb.inalco.com
*.secureweb.inalco.com
bambin.inalco.com
inalco.com
fs41.inalco.com
proxy.secureweb.inalco.com
fr.wiki-crm.kronos-web.com
imageserver.secureweb.accp.ia.iafg.net
*.accp.webrequests.inalco.com
*.webrequests.inalco.com
IAGTOOLS.inalco.com
imageserver.secureweb.inalco.com
*.inalco.com
webmail.ia.ca
proxy.intg.secureweb.inalco.com
*.secureweb.inalco.com
www.inalco.com
securefonc.inalco.com
webmail.inalco.com
rave01.inalco.com
poupon.inalco.com
ei.secureweb.inalco.com
intg.api.inalco.com
imageserver.secureweb.inalco.com
inalco.com
iamobile.inalco.com
fr.wiki-crm.kronos-web.com
www.inalco.com
gestionclients.intg.inalco.com
inalco.com
poupon.inalco.com
www.inalco.com
inalco.com
we.secureweb.inalco.com
inalco.com
www.iaretirement.inalco.com
imageserver.secureweb.accp.ia.iafg.net
we.intg.secureweb.inalco.com
imageserver.secureweb.inalco.com
bambin.inalco.com
poupon.inalco.com
*.intg.secureweb.ia.ca
api.ia.ca
ia-cem.accp.secureweb.inalco.com
www.inalco.com
fs41.inalco.com
*.inalco.com
webmail.ia.ca
fs41.inalco.com
poupon.inalco.com
accp.api.ia.ca
secure2.inalco.com
imageserver.secureweb.inalco.com
imageserver.secureweb.inalco.com
iagtools.inalco.com
*.secureweb.inalco.com
*.intg.secureweb.ia.ca
imageserver.secureweb.inalco.com
fs01.inalco.com
secure.inalco.com
poupon.inalco.com
*.external.inalco.com
secure2.inalco.com
fr.wiki-crm.kronos-web.com
login.service.dealers.inalco.com
AWSSOIA.inalco.com
webadmin.inalco.com
imageserver.secureweb.inalco.com
rave01.inalco.com
www.inalco.com
accp.api.inalco.com
www.inalco.com
ia-cem.secureweb.inalco.com
fs01.inalco.com
stmartin.inalco.com
inalco.com
poupon.inalco.com
webmail.ia.ca
statss.inalco.com
secure.inalco.com
inalco.com
fs01.inalco.com
fr.wiki-crm.kronos-web.com
we.secureweb.inalco.com
iagtools.inalco.com
extranet.inalco.com
www.inalco.com
inalco.com
inalco.com
www.inalco.com
fnct.api.inalco.com
novus.inalco.com
bambin.inalco.com
test.domaine2.secureweb.inalco.com
proxy.accp.secureweb.inalco.com
www.inalco.com
www.inalco.com
poupon.inalco.com
ia-cem.accp.secureweb.inalco.com
imageserver.secureweb.inalco.com
*.secureweb.inalco.com
bambin.inalco.com
inalco.com
fs41.inalco.com
proxy.secureweb.inalco.com
fr.wiki-crm.kronos-web.com
imageserver.secureweb.accp.ia.iafg.net
*.accp.webrequests.inalco.com
*.webrequests.inalco.com
IAGTOOLS.inalco.com
imageserver.secureweb.inalco.com
*.inalco.com
webmail.ia.ca
proxy.intg.secureweb.inalco.com
*.secureweb.inalco.com
Certificate
The complete raw certificate details for www.iaretirement.inalco.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAxE8oFe607Afumrr4AZLJBGUMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MTIxMzIwMDlaFw0yMzEyMTExMzIwMDhaMCYxJDAiBgNVBAMT G3d3dy5pYXJldGlyZW1lbnQuaW5hbGNvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBANmva/wsuTuq7e2IQco+2HsWUrnla44QzRFRFGVo0flg8/TG TORidDpsLXbGfvG/EktItEAPtcaRUtkdqg4f5/V/9lUx3weyc/ZNmXi68/K1VRA9 kwA7io74OXSoV79UpqG/Q3hXTShYg9fRqJx9Q54e7ResGfyX902+L1d3g4JHR1Vq LT9CY7HWiTvAyemsN6Lomn2FgqonXwJDP5dQ2gR/4S4tl0Q4Ssgq0VNtsVimtQs2 HMcm34WLlumKFNkePIuPLDCQThzN/IShu1kNtWBVbh8MEqE3oBTnZXqQ52CKCCVp 2sI1cYiARn1TTTlNqhqo1zyOoKCmhtYqpzW2JhECAwEAAaOCAhwwggIYMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUBTiJ309yeYEOJvykLAIUa3Tu7pswHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wJgYDVR0RBB8wHYIbd3d3LmlhcmV0aXJlbWVudC5pbmFs Y28uY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB 8QDvAHUAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGKicOOLAAA BAMARjBEAiBfREV3bEsxeTX1Vcacb2+O5gjLVCw6Wi9M8/RzscmRBgIgKYqlziWN jwy9CGMcUw0khPz5Yi2fJssTOh7iIbmuD4MAdgDoPtDaPvUGNTLnVyi8iWvJA9PL 0RFr7Otp4Xd9bQa9bgAAAYqJw44cAAAEAwBHMEUCIGwwGZg7Mc3vTUK7LT2r7aUi WE8uQmjFHbg0aK4Ed53hAiEAqEyibggc4cS7v4GT/ErKqjnT94sYVEYp38sJF99w 1VMwDQYJKoZIhvcNAQELBQADggEBADDLn9AI6HKy95ScFG69ejNUV0b5+6YDLxGQ D+j9T61D2hEzvzjwqtEIgNuE6+rmSE5HU8midHZDGndMb3gKlcbP96IW+mbLUHvL D09AOQGzcxypVvLnOd4p8NllOqaYJre+LusITisbYUwYA0ERc9q6e7jR/6M45zw8 b8uOo3htzysbEv8cLdb5jo+zDnmYhJa1+4nzyAxYJ4g+Z4hp+zjoBOiOXKfcylKN Gk4yh/ILUB+8GeqKfOooTYNxovIkndw+dB/n/JcFNmLw0iK8vHBzXF+QKhJw+hzR Rz08GyIg2n49ktqv0dgQUG7lPsybK7Jbmz0TlMKMVc+am+EuzC0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a9r/Cy5O6rt7YhByj7Y exZSueVrjhDNEVEUZWjR+WDz9MZM5GJ0OmwtdsZ+8b8SS0i0QA+1xpFS2R2qDh/n 9X/2VTHfB7Jz9k2ZeLrz8rVVED2TADuKjvg5dKhXv1Smob9DeFdNKFiD19GonH1D nh7tF6wZ/Jf3Tb4vV3eDgkdHVWotP0JjsdaJO8DJ6aw3ouiafYWCqidfAkM/l1Da BH/hLi2XRDhKyCrRU22xWKa1CzYcxybfhYuW6YoU2R48i48sMJBOHM38hKG7WQ21 YFVuHwwSoTegFOdlepDnYIoIJWnawjVxiIBGfVNNOU2qGqjXPI6goKaG1iqnNbYm EQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 267202244259552742346741069661587416289684 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-12 13:20:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 13:20:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.iaretirement.inalco.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27480215899453122104214086794207457259849933485234016973389403487759734600108776879831703559886787612780894441257025928941570931162876760144004090145783328751156675727970590880961101354825947053893921347223987965683592535770859277651927246944155545610133380854579909674328198997319315907827051919734457734359539204766635518268309923564726477258714302548373143521959612735157487144355524693522304608351362972652955795290735010639356747279228476894978205264980163043929514200526782957991231812492913980794688744042204317021344550854486297062988793856541065311076564451361969175964495171852819521513244365941893773010449 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 053889df4f7279810e26fca42c02146b74eeee9b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iaretirement.inalco.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a89c38e2c000004030046304402205f4445776c4b317935f555c69c6f6f8ee608cb542c3a5a2f4cf3f473b1c991060220298aa5ce258d8f0cbd08631c530d2484fcf9622d9f26cb133a1ee221b9ae0f83007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018a89c38e1c000004030047304502206c3019983b31cdef4d42bb2d3dabeda522584f2e4268c51db83468ae04779de1022100a84ca26e081ce1c4bbbf8193fc4acaaa39d3f78b18544629dfcb0917df70d553 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0030cb9fd008e872b2f7949c146ebd7a33545746f9fba6032f11900fe8fd4fad43da1133bf38f0aad10880db84ebeae6484e4753c9a27476431a774c6f780a95c6cff7a216fa66cb507bcb0f4f403901b3731ca956f2e739de29f0d9653aa69826b7be2eeb084e2b1b614c1803411173daba7bb8d1ffa338e73c3c6fcb8ea3786dcf2b1b12ff1c2dd6f98e8fb30e79988496b5fb89f3c80c5827883e678869fb38e804e88e5ca7dcca528d1a4e3287f20b501fbc19ea8a7cea284d8371a2f2249ddc3e741fe7fc97053662f0d222bcbc70735c5f902a1270fa1cd1473d3c1b2220da7e3d92daafd1d810506ee53ecc9b2bb25b9b3d1394c28c55cf9a9be12ecc2d