news.warwickshire.gov.uk

Issued by Amazon

About this certificate

This digital certificate with serial number 04:7e:69:eb:bb:53:14:d7:ff:c3:d6:f3:46:8f:b0:54 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=news.warwickshire.gov.uk

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:7e:69:eb:bb:53:14:d7:ff:c3:d6:f3:46:8f:b0:54
Serial Number (int): 5973289716915762161752905476788432980
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: c5:ad:48:84:61:62:ea:69:27:e6:b9:99:71:2e:88:78:5e:5c:2c:63
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 5d:1b:58:1c:1c:42:80:d2:82:32:17:f3:38:a4:70:39:08:38:2d:14
Fingerprint (sha256): 1b:22:b9:01:e5:fe:b1:5c:db:d2:7b:d1:1e:46:72:98:ce:83:1a:a5:e8:46:63:9d:07:6f:77:e4:90:da:eb:6e

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate news.warwickshire.gov.uk

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for news.warwickshire.gov.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

news.warwickshire.gov.uk

Other certificates including the domain name warwickshire.gov.uk

(limited to 100 certificates)
planning.warwickshire.gov.uk
maps.warwickshire.gov.uk
ask.warwickshire.gov.uk
quit4good.warwickshire.gov.uk
rowreporting.warwickshire.gov.uk
i.warwickshire.gov.uk
planning.warwickshire.gov.uk
directory.warwickshire.gov.uk
ucc.warwickshire.gov.uk
sni.cloudflaressl.com
ask.warwickshire.gov.uk
uat.warwickshire.gov.uk
ask.warwickshire.gov.uk
admissions.warwickshire.gov.uk
lms.warwickshire.gov.uk
apps.warwickshire.gov.uk
customer.warwickshire.gov.uk
sls.warwickshire.gov.uk
ask.warwickshire.gov.uk
ask.warwickshire.gov.uk
timetrail.warwickshire.gov.uk
cbsdc101.warwickshire.gov.uk
ipeople.warwickshire.gov.uk
meeting.warwickshire.gov.uk
timetrail.warwickshire.gov.uk
uat.warwickshire.gov.uk
api-test.warwickshire.gov.uk
mplus.warwickshire.gov.uk
discuss.warwickshire.gov.uk
careraware.warwickshire.gov.uk
i.warwickshire.gov.uk
vpn.warwickshire.gov.uk
guestwifi.warwickshire.gov.uk
news.warwickshire.gov.uk
timetrail.warwickshire.gov.uk
democratic.warwickshire.gov.uk
directory.warwickshire.gov.uk
www.warwickshire.gov.uk
onething.warwickshire.gov.uk
ask.warwickshire.gov.uk
admissions.warwickshire.gov.uk
limtest.warwickshire.gov.uk
dementia.warwickshire.gov.uk
www.warwickshire.gov.uk
forms.warwickshire.gov.uk
onething.warwickshire.gov.uk
timetrail.warwickshire.gov.uk
mplus.warwickshire.gov.uk
static.warwickshire.gov.uk
ask.warwickshire.gov.uk
onething.warwickshire.gov.uk
wcfp.warwickshire.gov.uk
mplus.warwickshire.gov.uk
tww.warwickshire.gov.uk
timetrail.warwickshire.gov.uk
tls.automattic.com
maps.warwickshire.gov.uk
api.warwickshire.gov.uk
timetrail.warwickshire.gov.uk
atlasweb.warwickshire.gov.uk
dementia.warwickshire.gov.uk
quit4good.warwickshire.gov.uk
testeis.warwickshire.gov.uk
tmatest.warwickshire.gov.uk
tls.automattic.com
roadsafetycourse.warwickshire.gov.uk
warwickshire.gov.uk
connect.warwickshire.gov.uk
learningcatalogue.warwickshire.gov.uk
lms.warwickshire.gov.uk
news.warwickshire.gov.uk
tls.automattic.com
api.warwickshire.gov.uk
customer.warwickshire.gov.uk
admissions.warwickshire.gov.uk
business.warwickshire.gov.uk
democratic.warwickshire.gov.uk
tls.automattic.com
notice-attachments.warwickshire.gov.uk
dementia.warwickshire.gov.uk
wccag.warwickshire.gov.uk
roadsafetycourse.warwickshire.gov.uk
sni.cloudflaressl.com
library3.warwickshire.gov.uk
admissions.warwickshire.gov.uk
ask.warwickshire.gov.uk
sni.cloudflaressl.com
intranet.warwickshire.gov.uk
library.warwickshire.gov.uk
w4w.warwickshire.gov.uk
ask.warwickshire.gov.uk
sls.warwickshire.gov.uk
quit4good.warwickshire.gov.uk
rgt.warwickshire.gov.uk
registrations.warwickshire.gov.uk
sls.warwickshire.gov.uk
snaponline.warwickshire.gov.uk
apps.warwickshire.gov.uk
directory.warwickshire.gov.uk
rowreporting.warwickshire.gov.uk

Certificate

The complete raw certificate details for news.warwickshire.gov.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgIQBH5p67tTFNf/w9bzRo+wVDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA1MzEwMDAwMDBaFw0yMzA2Mjky
MzU5NTlaMCMxITAfBgNVBAMTGG5ld3Mud2Fyd2lja3NoaXJlLmdvdi51azCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALoPyPRFxCohwzl4TdWp4eyK7YXI
npRWvfRzMmoadD8VmcfDx4O+jZLrBpDlBt0y/mJoio5kQnqlU2+kxzuREatt2sZ8
M+doN1sTCiTpmU6f5EBzrACUt4rL7HBzfNif81AvyvIiUOUS6nsRi20IDHmGkdvH
WDt2qMVJL430ej51l3KUw5Cjo6KJX7UqVBQJLwZSvlKUpKYHXWqMyHc3lKZULs3f
PUjI8NZCR+Ayl0AHPZossXMu1Iw7hPNIRBHWPx0mLtVr8tJ2ukMp/XNUiNCyJxs3
m1SXpkfU2sMI+t08d5czB98EXrpglVwJi1Pzza+X93fEcW0F5JEIX0Sd4FUCAwEA
AaOCAvIwggLuMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1Ud
DgQWBBTFrUiEYWLqaSfmuZlxLoh4XlwsYzAjBgNVHREEHDAaghhuZXdzLndhcndp
Y2tzaGlyZS5nb3YudWswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnNjYTFi
LmFtYXpvbnRydXN0LmNvbS9zY2ExYi0xLmNybDATBgNVHSAEDDAKMAgGBmeBDAEC
ATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFi
LmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5h
bWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEE
AdZ5AgQCBIIBbQSCAWkBZwB1AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31t
Br1uAAABgRd/4FkAAAQDAEYwRAIgIQn+Kq8wFe8dXIQ5vdEqBaagmEe2qPbAAUP2
eBA8XlwCIFHGUnTGlglAOMWZD1DSU/8tu4+RtI770YZ/91w9C935AHcANc8ZG7+x
bFe/D61MbULLu7YnICZR6j/hKu+oA8M71kwAAAGBF3/gcQAABAMASDBGAiEA8D9C
66I9HDCftInn3oebe5N7MsnzjfPIPbAncOTA4XkCIQCqKtGibWwAx9F15LxYY9De
jiDx9JxB3ma5qNGY5J0rwwB1ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl
7bSZAAABgRd/4GUAAAQDAEYwRAIgcSjLL2B+ZA0HCZcZD/FaYqrF3valr9aNLwxO
f0bAyJwCICnzFxz8fmrM1bLFVWB7lenOxTIohFVJ/5XeVuHKBEqlMA0GCSqGSIb3
DQEBCwUAA4IBAQAyHgtQLI6lRDN0DaU2anMMLzW2jr/yDsmGY06oRaM6rt8fvFS6
xnRsLQM1M4IsaUuiy8LhJl6/1t6Lk6dAaklcAicBkNgXYK/Cm1trcDp45wrrl04h
TKOOUNcbNKgUXg9u0moYJP0AmnyLKFYuBzvzMrAXToj2V3wYSQxXR+FneGSzCoSh
JTq/np3tYPspVLRZJW5eGMHfbC8eJCHWMfIw5W00V2nqc6QQS03ikiSjznqbiISc
rEFJqGjhzmzbmZXjgj3Qz9Y1Q+1TFcMIbLGA4HZUFbeCcli2LsotQMx6SEsZIX6b
nWhYs85cMDfLQvI3/MGY4oUyax1C/EgGqHSb
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug/I9EXEKiHDOXhN1anh
7IrthcielFa99HMyahp0PxWZx8PHg76NkusGkOUG3TL+YmiKjmRCeqVTb6THO5ER
q23axnwz52g3WxMKJOmZTp/kQHOsAJS3isvscHN82J/zUC/K8iJQ5RLqexGLbQgM
eYaR28dYO3aoxUkvjfR6PnWXcpTDkKOjoolftSpUFAkvBlK+UpSkpgddaozIdzeU
plQuzd89SMjw1kJH4DKXQAc9miyxcy7UjDuE80hEEdY/HSYu1Wvy0na6Qyn9c1SI
0LInGzebVJemR9Tawwj63Tx3lzMH3wReumCVXAmLU/PNr5f3d8RxbQXkkQhfRJ3g
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5973289716915762161752905476788432980
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-31 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'news.warwickshire.gov.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23488108586103501173742532322277408839423724170189666141845984539442475498288396119723072181526523810216120804485548672335184587247945294776474946990590206856740850401898319307605431117585521667008612057775181497766504786927148675737534077090989762006316080709886224994621848635080116364069759851451680138921279317419407435009276898962684718071365920768279275513907013798932963204306963765765512258911706068638122921335433317430896934928732422196957688974928696931815739860360930825659279271348374180118186942132432634960223819134028630610223415986034559378298902939616224009363266825673908509094769012474377999867989
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c5ad48846162ea6927e6b999712e88785e5c2c63
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'news.warwickshire.gov.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000181177fe059000004030046304402202109fe2aaf3015ef1d5c8439bdd12a05a6a09847b6a8f6c00143f678103c5e5c022051c65274c696094038c5990f50d253ff2dbb8f91b48efbd1867ff75c3d0bddf900770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000181177fe0710000040300483046022100f03f42eba23d1c309fb489e7de879b7b937b32c9f38df3c83db02770e4c0e179022100aa2ad1a26d6c00c7d175e4bc5863d0de8e20f1f49c41de66b9a8d198e49d2bc3007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000181177fe065000004030046304402207128cb2f607e640d070997190ff15a62aac5def6a5afd68d2f0c4e7f46c0c89c022029f3171cfc7e6accd5b2c555607b95e9cec53228845549ff95de56e1ca044aa5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00321e0b502c8ea54433740da5366a730c2f35b68ebff20ec986634ea845a33aaedf1fbc54bac6746c2d033533822c694ba2cbc2e1265ebfd6de8b93a7406a495c02270190d81760afc29b5b6b703a78e70aeb974e214ca38e50d71b34a8145e0f6ed26a1824fd009a7c8b28562e073bf332b0174e88f6577c18490c5747e1677864b30a84a1253abf9e9ded60fb2954b459256e5e18c1df6c2f1e2421d631f230e56d345769ea73a4104b4de29224a3ce7a9b88849cac4149a868e1ce6cdb9995e3823dd0cfd63543ed5315c3086cb180e0765415b7827258b62eca2d40cc7a484b19217e9b9d6858b3ce5c3037cb42f237fcc198e285326b1d42fc4806a8749b