ba.aflier.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:9c:53:a0:3f:be:48:b0:9a:f1:6f:49:e8:82:49:ff:8e:79 was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ba.aflier.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:9c:53:a0:3f:be:48:b0:9a:f1:6f:49:e8:82:49:ff:8e:79Serial Number (int): 314532065018962306161144690883450044911225
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ab:61:a1:66:c5:b0:f2:3f:68:dc:64:44:2a:4b:3b:48:33:fd:d3:6b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): cb:ad:09:79:2b:b6:7f:44:92:a5:22:4d:28:12:02:af:7a:3a:af:96
Fingerprint (sha256): 19:14:3c:3c:a1:fe:51:df:7d:83:90:27:62:bf:e0:8b:70:d7:66:86:9e:73:40:27:55:e4:30:37:26:9a:56:f4
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ba.aflier.com
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ba.aflier.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ba.aflier.com
dayone-b4.aflier.com
freelands.aflier.com
help.broadnet.systems
robert.aflier.com
route-one.aflier.com
super.aflier.com
surrey.aflier.com
www.aflier.com
www.caterooms.co.uk
www.hughespenney.uk
www.luxelec.co.uk
www.surreyambulance.co.uk
dayone-b4.aflier.com
freelands.aflier.com
help.broadnet.systems
robert.aflier.com
route-one.aflier.com
super.aflier.com
surrey.aflier.com
www.aflier.com
www.caterooms.co.uk
www.hughespenney.uk
www.luxelec.co.uk
www.surreyambulance.co.uk
Other certificates including the domain name aflier.com
(limited to 100 certificates)
ba.aflier.com
ba.aflier.com
ba.aflier.com
ba.aflier.com
ba.aflier.com
ba.aflier.com
aflier.com
www.luxelec.co.uk
ba.aflier.com
ba.aflier.com
super.aflier.com
aflier.com
ba.aflier.com
www.aflier.com
www.luxelec.co.uk
ba.aflier.com
ba.aflier.com
cat.aflier.com
ba.aflier.com
robert.aflier.com
aflier.com
ba.aflier.com
ba.aflier.com
aflier.com
ba.aflier.com
ba.aflier.com
aflier.com
cat.aflier.com
dayone-b4.aflier.com
aflier.com
ba.aflier.com
ba.aflier.com
ba.aflier.com
ba.aflier.com
ba.aflier.com
aflier.com
www.luxelec.co.uk
ba.aflier.com
ba.aflier.com
super.aflier.com
aflier.com
ba.aflier.com
www.aflier.com
www.luxelec.co.uk
ba.aflier.com
ba.aflier.com
cat.aflier.com
ba.aflier.com
robert.aflier.com
aflier.com
ba.aflier.com
ba.aflier.com
aflier.com
ba.aflier.com
ba.aflier.com
aflier.com
cat.aflier.com
dayone-b4.aflier.com
aflier.com
Certificate
The complete raw certificate details for ba.aflier.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgISA5xToD++SLCa8W9J6IJJ/455MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MDMxMjU1MzVaFw0x OTA4MDExMjU1MzVaMBgxFjAUBgNVBAMTDWJhLmFmbGllci5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoc38XWsfeWbgo/1YQNt71DeVYeLA4Y7G1 D8Y1zsVkHp/mueVT/rBw3esqM7imwiF5Wn9gsCf9tJq33y+ZtelFrQv0H2kgZYOR fvu4RhAnd/iGGAPDQk3sFyL49Xci6wE7dubd1cxxexLPM4yohzsq3tGR+UPm1G/g 7gLl7ff0qWRpS2HMn666hpTXijNaWLcNR3dJxR2GSmt98OLTvd0HTOGC28xWTnlM SXbcx9tjO2m3b9i+TWSylayEn4Xqs/XSqKek4z6awtCYt6QANkJfKhwh+UkHOSGa JX9k0g4avwDtwS/QB2oY2nC0/PNd9ncGmmF+1J63TA6AIpV7P4KTAgMBAAGjggNh MIIDXTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKthoWbFsPI/aNxkRCpLO0gz/dNr MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y Zy8wggEVBgNVHREEggEMMIIBCIINYmEuYWZsaWVyLmNvbYIUZGF5b25lLWI0LmFm bGllci5jb22CFGZyZWVsYW5kcy5hZmxpZXIuY29tghVoZWxwLmJyb2FkbmV0LnN5 c3RlbXOCEXJvYmVydC5hZmxpZXIuY29tghRyb3V0ZS1vbmUuYWZsaWVyLmNvbYIQ c3VwZXIuYWZsaWVyLmNvbYIRc3VycmV5LmFmbGllci5jb22CDnd3dy5hZmxpZXIu Y29tghN3d3cuY2F0ZXJvb21zLmNvLnVrghN3d3cuaHVnaGVzcGVubmV5LnVrghF3 d3cubHV4ZWxlYy5jby51a4IZd3d3LnN1cnJleWFtYnVsYW5jZS5jby51azBMBgNV HSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpo dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA 8AB2AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABan36mTAAAAQD AEcwRQIhALmN3B5q+3/Xl3VsT/CIA4QP2c5bhYeMhmUafdwqTDLHAiBmHCdPNMNW XJ941313TRs4zISQs5qzXnYLoRi7NcHgvAB2AGPy283oO8wszwtyhCdXazOkjWF3 j711pjixx2hUS9iNAAABan36l2AAAAQDAEcwRQIgZ5HNBmBhjofbOvmifi+Nhozn DPzLO4ted6nEHtcJpzgCIQDPJYdRZEFpXVFs35nbPdWMIvjo2ium6ixPxS4IFxPV DzANBgkqhkiG9w0BAQsFAAOCAQEAhl2OR64W3yRf96hV3J1CKOdsNnO4GAYiEGtP LDwfTuKXwq1JKPQEKKrgn/RLaQb3WT8qNFzcF7kgVE4M3dR/sDkOXWWkOOgXrRcO Yy9F3I1/9OKgYbjb/hbRqnSSvdk/Q4qR/GFYkVlc9IlyYLvH4qBa3RNRjuCwcZvZ I1Hhv70dOoxAosBHHRQ7WsduO2mTA+Y0CjPJ+cEtH33jT/Jj9k5Zt4rDtVx6WDwy 7zKo58BkKnYqRXgzWGvCnubPr13EhzZRqopXtuMsRKB9P8ysQqoJKB8FdcoOfck5 OcXlNrOJ8OHYbaw5tzTJ/HM+q+6NQGUE8m4H13cSoa1Ah9q/aQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HN/F1rH3lm4KP9WEDbe 9Q3lWHiwOGOxtQ/GNc7FZB6f5rnlU/6wcN3rKjO4psIheVp/YLAn/bSat98vmbXp Ra0L9B9pIGWDkX77uEYQJ3f4hhgDw0JN7Bci+PV3IusBO3bm3dXMcXsSzzOMqIc7 Kt7RkflD5tRv4O4C5e339KlkaUthzJ+uuoaU14ozWli3DUd3ScUdhkprffDi073d B0zhgtvMVk55TEl23MfbYztpt2/Yvk1kspWshJ+F6rP10qinpOM+msLQmLekADZC XyocIflJBzkhmiV/ZNIOGr8A7cEv0AdqGNpwtPzzXfZ3BpphftSet0wOgCKVez+C kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 314532065018962306161144690883450044911225 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-03 12:55:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-01 12:55:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ba.aflier.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29344240174359486870628728281167112400236722163176748266702832753727698137065018230760334622654958115971532327195163704555477862261220250379766143934871845344754461351499255918799322381639195842429882186862186297858866940952412390290173157789796439306717293899089649253463084425561018028339659818427847170812620786771207778043054360039867653441188666173103791988641289383174306336141406250544974777164711230591732208333816988382687662543136839378161835098015381654125237387991788773417138681590892977384006895749921580826719209152706176633621541592873800711882941658393109461863218671261677933559909910294835398410899 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ab61a166c5b0f23f68dc64442a4b3b4833fdd36b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (268 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ba.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dayone-b4.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'freelands.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.broadnet.systems' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'robert.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'route-one.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'super.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surrey.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aflier.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.caterooms.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hughespenney.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.luxelec.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.surreyambulance.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016a7dfa99300000040300473045022100b98ddc1e6afb7fd797756c4ff08803840fd9ce5b85878c86651a7ddc2a4c32c70220661c274f34c3565c9f78d77d774d1b38cc8490b39ab35e760ba118bb35c1e0bc00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016a7dfa9760000004030047304502206791cd0660618e87db3af9a27e2f8d868ce70cfccb3b8b5e77a9c41ed709a738022100cf2587516441695d516cdf99db3dd58c22f8e8da2ba6ea2c4fc52e081713d50f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00865d8e47ae16df245ff7a855dc9d4228e76c3673b8180622106b4f2c3c1f4ee297c2ad4928f40428aae09ff44b6906f7593f2a345cdc17b920544e0cddd47fb0390e5d65a438e817ad170e632f45dc8d7ff4e2a061b8dbfe16d1aa7492bdd93f438a91fc615891595cf4897260bbc7e2a05add13518ee0b0719bd92351e1bfbd1d3a8c40a2c0471d143b5ac76e3b699303e6340a33c9f9c12d1f7de34ff263f64e59b78ac3b55c7a583c32ef32a8e7c0642a762a457833586bc29ee6cfaf5dc4873651aa8a57b6e32c44a07d3fccac42aa09281f0575ca0e7dc93939c5e536b389f0e1d86dac39b734c9fc733eabee8d406504f26e07d77712a1ad4087dabf69