services.chess.com

Issued by GTS CA 1D4

About this certificate

This digital certificate with serial number 21:d0:a9:e8:47:c3:65:de:09:22:cd:35:25:9f:34:cf was issued on by Google Trust Services LLC.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=services.chess.com

Google Trust Services LLC

Organization: Google Trust Services LLC
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 21:d0:a9:e8:47:c3:65:de:09:22:cd:35:25:9f:34:cf
Serial Number (int): 44947967737843845681178565903304832207
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 0a:cd:e1:77:11:a8:9d:b3:2c:54:1f:5f:2a:12:b4:a5:3e:e9:0c:f6
AuthorityKeyId: 25:e2:18:0e:b2:57:91:94:2a:e5:d4:5d:86:90:83:de:53:b3:b8:92

Fingerprint (sha1): af:6c:62:cd:d1:dd:8b:91:d2:fe:2a:f5:89:b8:87:34:f5:37:16:9e
Fingerprint (sha256): 19:98:76:bd:2b:3d:de:6b:f9:ec:ed:9a:13:2f:f2:46:3a:6d:3a:24:6a:81:b3:4c:24:29:76:dc:93:fb:51:71

Issuing Certificate URL: http://pki.goog/repo/certs/gts1d4.der

Revocation information

OCSP Server: http://ocsp.pki.goog/s/gts1d4/Rh99R78beLg
CRL Distribution Point: http://crls.pki.goog/gts1d4/v3-DQmlb-YY.crl

Check the revocation status for certificate services.chess.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for services.chess.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

services.chess.com
production.chess-platform.com
prod.chess-platform.com
pubsub.chess-platform.com

Other certificates including the domain name chess.com

(limited to 100 certificates)
destek.chess.com
www.ridareadymades.com
support13.cdnetworks.net
support5.cdnetworks.net
vault.gcp-staging.chess.com
ssl001.insnw.net
4player.chess.com
suporte.chess.com
ccccms-beta.chess.com
hilfe.chess.com
live.chess.com
grafana.aws.chess.com
ccccms-beta.chess.com
sni.cloudflaressl.com
sni.cloudflaressl.com
links.chess.com
masterbooker.com
support13.cdnetworks.net
support13.cdnetworks.net
sni.cloudflaressl.com
assistance.chess.com
chess.com
support5.cdnetworks.net
oauth.chess.com
sni.cloudflaressl.com
support5.cdnetworks.net
support5.cdnetworks.net
services.chess.com
sni.cloudflaressl.com
cccc.chess.com
ssl001.insnw.net
pomoc.chess.com
daxmareba.chess.com
ssl001.insnw.net
www.chess.com
status.chess.com
variants.gcp-prod.chess.com
www.nate-fleming.com
report.koledasolus.bycopilot.com
live.chess.com
support5.cdnetworks.net
support5.cdnetworks.net
support5.cdnetworks.net
ssl001.insnw.net
ssl001.insnw.net
support13.cdnetworks.net
services.chess.com
status.chess.com
support13.cdnetworks.net
support5.cdnetworks.net
newman.chess.com
support13.cdnetworks.net
chess.com
sni.cloudflaressl.com
verify.chess.com
spravka.chess.com
static.chess.com
support.chess.com
ssl001.insnw.net
ayuda.chess.com
gradle-cache-eu-central-1-a1-prod.aws.chess.com
ssl001.insnw.net
report.koledasolus.bycopilot.com
ssl001.insnw.net
support5.cdnetworks.net
support5.cdnetworks.net
support5.cdnetworks.net
dovidka.chess.com
support13.cdnetworks.net
chess.com
treasure.chess.com
destek.chess.com
treasure.chess.com
support5.cdnetworks.net
analysis.chess.com
pomoc.chess.com
support13.cdnetworks.net
assistance.chess.com
support5.cdnetworks.net
support13.cdnetworks.net
go.chess.com
ccccms-beta.chess.com
infosec2020.2vanx.com
www.resque-prod-k8s.chess.com
app.4di2.ch
ksupport.chess.com
services.chess.com
www.wheelofnames.info
ssl001.insnw.net
ccccms-beta.chess.com
register.fishfacts.com
status.chess.com
links.mustwants.com
chess.com
variants.gcp-prod.chess.com
support13.cdnetworks.net
support13.cdnetworks.net
www.autorebalance.co
dex.aws.chess.com
*.chess.com

Certificate

The complete raw certificate details for services.chess.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIQIdCp6EfDZd4JIs01JZ80zzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
QzETMBEGA1UEAxMKR1RTIENBIDFENDAeFw0yNDA0MjEwODE3MTlaFw0yNDA3MjAw
OTEwMTJaMB0xGzAZBgNVBAMTEnNlcnZpY2VzLmNoZXNzLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAJaL+AB7hqUcGn58hJ3yGgGv0lWvPO+TTw8a
wSujBKAt8fjImCmpUwnDM39CSmI16r9+n5bG95uwwoX+VjwIRRHXohPaT3GPkBXM
Qas3HNOindMZmkhO0Qc+kg+DGQFvmvR+K6T+K0O1CANolLzs5WDy11oVwgkDPWSv
9BNA9NgQyUlzdkNi58afTNURONsOrEVhctytKYeWpwqkFIR6GJgb3iyaa+yERUvA
8aCEYDSIgnl+MbaWIyKZ2MdJmSbXce4+WK8l/FLg2OS+RVFAKhf1oZvSekRa+Deq
K4fZ/8C2H1lYOIscIQ7yHCsJeSFtYihqok2XD9fU+ct1C96YS2UCAwEAAaOCAsww
ggLIMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBQKzeF3EaidsyxUH18qErSlPukM9jAfBgNVHSMEGDAW
gBQl4hgOsleRlCrl1F2GkIPeU7O4kjB4BggrBgEFBQcBAQRsMGowNQYIKwYBBQUH
MAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMWQ0L1JoOTlSNzhiZUxnMDEG
CCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMxZDQuZGVy
MHAGA1UdEQRpMGeCEnNlcnZpY2VzLmNoZXNzLmNvbYIdcHJvZHVjdGlvbi5jaGVz
cy1wbGF0Zm9ybS5jb22CF3Byb2QuY2hlc3MtcGxhdGZvcm0uY29tghlwdWJzdWIu
Y2hlc3MtcGxhdGZvcm0uY29tMCEGA1UdIAQaMBgwCAYGZ4EMAQIBMAwGCisGAQQB
1nkCBQMwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybHMucGtpLmdvb2cvZ3Rz
MWQ0L3YzLURRbWxiLVlZLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AHb/
iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjv/yGsMAAAQDAEcwRQIh
AIXYjjIxpw/yoAWNywffIc1jD66rk3yoop9zKs8c3QDvAiAEDTp/BaxlLzO3jfF0
tb23QGcGD7EN1tDZrqN2aVgLxgB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k
PTBI1/urAAABjv/yGrcAAAQDAEcwRQIhAPEDAYG/twD4yjUuWq8lgDQCEpJfBSPM
gPsd+bHuMOyOAiA7l1bMYnPm9Ng3hr2ek9r/DpUBrxqvxMETlCfM7s35QzANBgkq
hkiG9w0BAQsFAAOCAQEAl1ABWBndTfflI/unven5Ivn8GMhAuF/6mKJMpyNFcTDq
afbpXsJCPhaP9j+QftDQQQFN1JWsGqYeGzLviO7CGFhaZhFgwcz9Y915O53v9GPs
yuCBzvBWAIg3ObHHz4GMavXLgy+3qSNgrorFBg9ZGMIYgD5Y1p8CNMQ1aFxnDmQK
6ofvsUYxefcG4jlyx5igbHjMEGeeyJUPBmxgNFPeMgjG75Znxl+ShSl2rV330NyC
V1zPrECr3LxKKUwv7pma/btFXTbtCNFK12r0EK3WSaAfukl4WKgYs2onuDSyaONI
tIE5hCapvpucFKA/2Rvs+X6evxo995d6K8ure9NsVA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlov4AHuGpRwafnyEnfIa
Aa/SVa8875NPDxrBK6MEoC3x+MiYKalTCcMzf0JKYjXqv36flsb3m7DChf5WPAhF
EdeiE9pPcY+QFcxBqzcc06Kd0xmaSE7RBz6SD4MZAW+a9H4rpP4rQ7UIA2iUvOzl
YPLXWhXCCQM9ZK/0E0D02BDJSXN2Q2Lnxp9M1RE42w6sRWFy3K0ph5anCqQUhHoY
mBveLJpr7IRFS8DxoIRgNIiCeX4xtpYjIpnYx0mZJtdx7j5YryX8UuDY5L5FUUAq
F/Whm9J6RFr4N6orh9n/wLYfWVg4ixwhDvIcKwl5IW1iKGqiTZcP19T5y3UL3phL
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 44947967737843845681178565903304832207
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1D4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-21 08:17:19 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-20 09:10:12 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'services.chess.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19004766911618462906679961652190995296155182132260595646053799847659247156594850204140248507892038210115165014709319535591924809057896471452227750051296411343063165140111887902136065435500456788084941856334116484694962019256822338707229330981121949475189096966914081414665974314698971357102512427241357208487728767795294394202001717039874175256908998231971340642981902024719642700452917154584272681342751478693630581712280457908996292336615516761298435649644697294643506479247639157939181177503942751238014609538405466288757139050447661397581720304254381865393508967856256178690017039270350416698847760489396712262501
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0acde17711a89db32c541f5f2a12b4a53ee90cf6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 25e2180eb25791942ae5d45d869083de53b3b892
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1d4/Rh99R78beLg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1d4.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.chess.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'production.chess-platform.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.chess-platform.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pubsub.chess-platform.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1d4/v3-DQmlb-YY.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018efff21ac3000004030047304502210085d88e3231a70ff2a0058dcb07df21cd630faeab937ca8a29f732acf1cdd00ef0220040d3a7f05ac652f33b78df174b5bdb74067060fb10dd6d0d9aea37669580bc6007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018efff21ab70000040300473045022100f1030181bfb700f8ca352e5aaf2580340212925f0523cc80fb1df9b1ee30ec8e02203b9756cc6273e6f4d83786bd9e93daff0e9501af1aafc4c1139427cceecdf943
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009750015819dd4df7e523fba7bde9f922f9fc18c840b85ffa98a24ca723457130ea69f6e95ec2423e168ff63f907ed0d041014dd495ac1aa61e1b32ef88eec218585a661160c1ccfd63dd793b9deff463eccae081cef05600883739b1c7cf818c6af5cb832fb7a92360ae8ac5060f5918c218803e58d69f0234c435685c670e640aea87efb1463179f706e23972c798a06c78cc10679ec8950f066c603453de3208c6ef9667c65f92852976ad5df7d0dc82575ccfac40abdcbc4a294c2fee999afdbb455d36ed08d14ad76af410add649a01fba497858a818b36a27b834b268e348b481398426a9be9b9c14a03fd91becf97e9ebf1a3df7977a2bcbab7bd36c54