*.canopytax.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 07:c2:7d:dc:4c:50:06:56:1a:9e:e9:01:bf:46:39:f0 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.canopytax.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:c2:7d:dc:4c:50:06:56:1a:9e:e9:01:bf:46:39:f0
Serial Number (int): 10314454316063982001747339494883211760
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 7b:8d:39:e6:d1:e0:66:ab:ff:5d:c5:92:93:3a:00:c3:45:55:a3:d4
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 7d:23:55:bd:38:32:a4:2e:bb:fb:a3:c1:29:1c:14:a6:52:98:76:e3
Fingerprint (sha256): 19:6d:77:39:18:dc:1b:94:a1:a1:8f:3c:f6:2e:12:43:f1:c5:06:63:4d:90:58:38:f4:c7:84:1d:f1:4f:11:f3

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate *.canopytax.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.canopytax.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.canopytax.com
*.clientportal.com

Other certificates including the domain name canopytax.com

(limited to 100 certificates)
analytics.canopytax.com
nagrady.by
us.canopytax.com
sentry.canopytax.com
nagrady.by
tezaaa.com
learnmore.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
us.canopytax.com
lifeskills.ai
secure0065.hubspot.com
*.canopytax.com
us.canopytax.com
secure0065.hubspot.com
us.canopytax.com
sentry.canopytax.com
*.canopytax.com
secure0065.hubspot.com
*.canopytax.com
learnmore.canopytax.com
giftdibs.com
secure0065.hubspot.com
sentry.canopytax.com
secure0065.hubspot.com
www.canopytax.com
sentry.canopytax.com
*.canopytax.com
nithyananda.cc
*.canopytax.com
*.canopytax.com
community.canopytax.com
dev.arcs.app
www.lisbellanoivas.com.br
vanilla.canopytax.com
opencourse.canopytax.com
www.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
opencourse.canopytax.com
insights.canopytax.com
secure0065.hubspot.com
postrobcore.net
ttone.thic.cf
*.canopytax.com
*.canopytax.com
academy.canopytax.com
www.abitwiser.app
secure0065.hubspot.com
opencourse.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
www.spoice.app
vicevi.app
mobileapp.canopytax.com
kartsyapp.com
*.canopytax.com
willhackforgood.org
secure0065.hubspot.com
sentry.canopytax.com
secure0065.hubspot.com
auth.somewear.co
sentry.canopytax.com
sentry.canopytax.com
community.canopytax.com
sentry.canopytax.com
sentry.canopytax.com
canopytax.com
secure0065.hubspot.com
sportytrip.com
sso.canopytax.com
sme.canopytax.com
manage.wrappo.com.au
community.canopytax.com
learnmore.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
veedvault.com
canopytax.com
atela.net
forms.coreograph.app
us.canopytax.com
postmortemstories.tk
opencourse.canopytax.com
govops.canopytax.com
www.canopytax.com
secure0065.hubspot.com
secure0065.hubspot.com
animetrending.org
*.canopytax.com
community.canopytax.com
sentry.canopytax.com
web.seremy.it
academy.canopytax.com
sentry.canopytax.com
academy.canopytax.com
sentry.canopytax.com
invite.tsu.social
sentry.canopytax.com
academy.canopytax.com

Certificate

The complete raw certificate details for *.canopytax.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIQB8J93ExQBlYanukBv0Y58DANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDIxMTAwMDAwMFoXDTI0MDMxMTIzNTk1OVowGjEY
MBYGA1UEAwwPKi5jYW5vcHl0YXguY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0hKCvHuPYZ+VU7egwlZez2VHiZhec8uALC5p2JqNTNquCxpFxWWw
GbIssTblFMtf3eAXegC/V6iWiobHwK3+pgW2bjdtK2mHpchACz5ziXCvUIPaQLuF
3r+vvHOLWiVxXzHjj/KiF0mk1m7lgvEn6q084utWtr/aZE+7QL+3YKvrCxmi9BBb
gMDIcO8KbH+XRhEvqdb68JMpUkXXgnRsPyXVaqLY8pEtWZ37SVHxRaF0Y3TS/EDS
/Paq/qx0vd00piw8gPBTcOPkeIdFZZf6g9ygvdbA6diuRWrkScTuRKmvX02RdeK0
Lh2dH3k6kFR8Zaq53IZVQYJO8X3ad+puxQIDAQABo4IC/TCCAvkwHwYDVR0jBBgw
FoAUgbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFHuNOebR4Gar/13FkpM6
AMNFVaPUMC4GA1UdEQQnMCWCDyouY2Fub3B5dGF4LmNvbYISKi5jbGllbnRwb3J0
YWwuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMS5hbWF6b250
cnVzdC5jb20vcjJtMDEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUF
BwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDEuYW1hem9udHJ1
c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAxLmFtYXpvbnRydXN0
LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFv
BIIBawFpAHcAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGGPjWO
wwAABAMASDBGAiEA1/MriPz2DEY2zlA3Ggci3RNmb/21P1LxwqRsTjBBeToCIQCh
GLqK4MUcaH/TFbGznbWlHGcQojqtCKNPr0wgCXn57wB2AHPZnokbTJZ4oCB9R53m
ssYc0FFecRkqjGuAEHrBd3K1AAABhj41jrYAAAQDAEcwRQIhAPc0d6zuQGVU13DA
yD4PE0n79vAG1xB/wj7f/UnVj6a+AiB0GRF4Ovgxljj8Cwxvptw8/lplLDE28loC
DnB4zEigfAB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABhj41
jo4AAAQDAEcwRQIgHRDAufEIoe/987IPT3VJZif5naBUxUPiADrBDD+eOw0CIQD4
akDzx6x08yH/PRkVj+YsOWXRVuSIN8Uv8Bx3PmcWqzANBgkqhkiG9w0BAQsFAAOC
AQEAMkncfFU5U4r/OoOVF1KSBnz8zn5Z/ylMERLG7774HE6N3y4tQ7nWy++3MtWP
E7Lawxg/9zoizTDpwHphPlYHanjP+eFmEOG+Nb17EFlwRQf1jaqD4O08l3N4awTy
pHtJ04H1+m6ZB1vcgsqdQJ1yPi6ldd4w6mbcr/ZXY7+JprkGHL7NCeP9od2Jrg7c
viTfpZYX28R3/HdMdM0873LHqDj0SQQUlctAIz8BeO+viKrjoJ38oxVYKI7Lsy7U
QyhJ2uZmZ1+k4LztUh0tM/poCjLTBCuy+k7DDZAjYMkNFPYUyFE8U0gwZ6j8JO6H
ipN+gEGQVYUfhdwZ6kO0yPTdwA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hKCvHuPYZ+VU7egwlZe
z2VHiZhec8uALC5p2JqNTNquCxpFxWWwGbIssTblFMtf3eAXegC/V6iWiobHwK3+
pgW2bjdtK2mHpchACz5ziXCvUIPaQLuF3r+vvHOLWiVxXzHjj/KiF0mk1m7lgvEn
6q084utWtr/aZE+7QL+3YKvrCxmi9BBbgMDIcO8KbH+XRhEvqdb68JMpUkXXgnRs
PyXVaqLY8pEtWZ37SVHxRaF0Y3TS/EDS/Paq/qx0vd00piw8gPBTcOPkeIdFZZf6
g9ygvdbA6diuRWrkScTuRKmvX02RdeK0Lh2dH3k6kFR8Zaq53IZVQYJO8X3ad+pu
xQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10314454316063982001747339494883211760
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.canopytax.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26519172003583846676227614000138701053124794417437490599506639061438458341397636435642882523473044123070014709112825241365934509379439932026444536452991337286760355116240404971226395806469882084106601718639895254597571554102077418883723645613426394825331604749095171549752216522927886760410208067622359998103673850836668252011163875046194572234175910930801236278553811017122388803677928157488351964545521428046899505325764563683662069913316446869510295378943407301241897078132735667542847614784442705259149374528751512927346843863569335417509292695322122537402316283104775290950823732877526713021931191454412556627653
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7b8d39e6d1e066abff5dc592933a00c34555a3d4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.canopytax.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.clientportal.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001863e358ec30000040300483046022100d7f32b88fcf60c4636ce50371a0722dd13666ffdb53f52f1c2a46c4e3041793a022100a118ba8ae0c51c687fd315b1b39db5a51c6710a23aad08a34faf4c200979f9ef00760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001863e358eb60000040300473045022100f73477acee406554d770c0c83e0f1349fbf6f006d7107fc23edffd49d58fa6be0220741911783af8319638fc0b0c6fa6dc3cfe5a652c3136f25a020e7078cc48a07c00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001863e358e8e000004030047304502201d10c0b9f108a1effdf3b20f4f75496627f99da054c543e2003ac10c3f9e3b0d022100f86a40f3c7ac74f321ff3d19158fe62c3965d156e48837c52ff01c773e6716ab
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003249dc7c5539538aff3a8395175292067cfcce7e59ff294c1112c6efbef81c4e8ddf2e2d43b9d6cbefb732d58f13b2dac3183ff73a22cd30e9c07a613e56076a78cff9e16610e1be35bd7b1059704507f58daa83e0ed3c9773786b04f2a47b49d381f5fa6e99075bdc82ca9d409d723e2ea575de30ea66dcaff65763bf89a6b9061cbecd09e3fda1dd89ae0edcbe24dfa59617dbc477fc774c74cd3cef72c7a838f449041495cb40233f0178efaf88aae3a09dfca31558288ecbb32ed4432849dae666675fa4e0bced521d2d33fa680a32d3042bb2fa4ec30d902360c90d14f614c8513c53483067a8fc24ee878a937e80419055851f85dc19ea43b4c8f4ddc0