*.worm.leafo.net

Issued by R3

About this certificate

This digital certificate with serial number 03:78:c9:12:1b:df:2e:1a:0c:39:6d:a4:eb:eb:53:a2:9b:0c was issued on by Let's Encrypt.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.worm.leafo.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:78:c9:12:1b:df:2e:1a:0c:39:6d:a4:eb:eb:53:a2:9b:0c
Serial Number (int): 302438010679596784612354533656595869637388
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 3b:74:89:ff:21:7e:6f:ce:81:0f:a6:3a:60:d0:ea:b3:56:ce:d0:8d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): a3:60:de:01:09:b3:b0:d9:82:65:72:fa:3c:4e:51:50:2f:b8:e6:ea
Fingerprint (sha256): 1c:70:fc:48:7e:16:9e:91:f2:6e:47:56:e5:e8:7d:14:c0:23:12:91:59:3f:ab:c5:21:f5:09:0d:65:88:7b:6a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate *.worm.leafo.net

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.worm.leafo.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.aws.leafo.net
*.cool.leafo.net
*.cool2.leafo.net
*.hamlet.leafo.net
*.leafo.net
*.linode.leafo.net
*.moonrocks.leafo.net
*.ovh.leafo.net
*.pokemon.leafo.net
*.rit.leafo.net
*.scratch.leafo.net
*.worm.leafo.net
leafo.net

Other certificates including the domain name leafo.net

(limited to 100 certificates)
pp.leafo.net
leafo.net
leafo.net
qm.leafo.net
frankiesmileshow.leafo.net
qm.leafo.net
medieve.leafo.net
corel.leafo.net
www.ase.leafo.net
zack.leafo.net
leafo.net
leafo.net
qm.leafo.net
www.compohub.leafo.net
wyrm.leafo.net
cedar-woods-com.leafo.net
worm.leafo.net
*.hamlet.leafo.net
*.worm.leafo.net
papersonata.leafo.net
gz.leafo.net
hamlet.leafo.net
corel.leafo.net
tyr.leafo.net
tay.leafo.net
www.tswiki.leafo.net
zack.leafo.net
*.aws.leafo.net
ase.leafo.net
qm.leafo.net
compohub.leafo.net
compohub.net
ravey.leafo.net
leafo.net
pokemon.leafo.net
ase.leafo.net
www.tay.leafo.net
gz.leafo.net
corel.leafo.net
mail.vermis.leafo.net
ase.leafo.net
scite.leafo.net
leafo.net
qm.leafo.net
archeia.leafo.net
blog2.leafo.net
gr.apedick.com
leafo.net
zack.leafo.net
pp.leafo.net
www.medieve.leafo.net
leafo.net
leafo.net
pp.leafo.net
medieve.leafo.net
zack.leafo.net
raziel.leafo.net
compohub.net
qm.leafo.net
mail.drule.leafo.net
qm.leafo.net
compohub.net
corel.leafo.net
mail.tay.leafo.net
soap.leafo.net
www.drule.leafo.net
ase.leafo.net
qm.leafo.net
www.worm.leafo.net
medieve.leafo.net
zack.leafo.net
compohub.net
blog2.leafo.net
leafo.net
www.scite.leafo.net
pp.leafo.net
gz.leafo.net
corel.leafo.net
gz.leafo.net
medieve.leafo.net
*.moonrocks.leafo.net
leafo.net
wyrm.leafo.net
www.vb.leafo.net
leafo.net
www.corel.leafo.net
zack.leafo.net
leafo.net
mail.leafo.net
corel.leafo.net
www.moonscript.org
zack.leafo.net
corel.leafo.net
leafo.net
mail.tri.leafo.net
corel.leafo.net
zack.leafo.net
www.papersonata.leafo.net
pp.leafo.net
compohub.net

Certificate

The complete raw certificate details for *.worm.leafo.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISA3jJEhvfLhoMOW2k6+tTopsMMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMjAxNzMyMzRaFw0yNDA2MTgxNzMyMzNaMBsxGTAXBgNVBAMM
ECoud29ybS5sZWFmby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpskURlAwGret7wlpZDxRz5Y1TTPOXmtBLccrfAZkQIyZN64IyLdyKOURIASeh
ai6To5UOPtYdj4fsAIQcJlyODMW89mpwRmJ21Ney9GdQuimisERRCU6ZmCSxjX65
SSrH9SEXqi2S4aNANs1xk3o6OS/gHt9kxwvdZciSnwjOvRxGqmb6EbBLaaRL4sMe
IpS9IekgA7bMJ/5PNaPL6UZS45CWC+BN1WxxvAk0zs4fAvPikLpxJQNNRyE71ivR
cYBTNy8EdHVIRY9NWBAUKUwvVPf1wareWafMwL8roybLDbLDIo6qdyUS7tXGg0vd
OgpO7bDkJkHe0x+mLdZ7Rf2xAgMBAAGjggLvMIIC6zAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFDt0if8hfm/OgQ+mOmDQ6rNWztCNMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMIH2BgNVHREEge4wgeuCDyouYXdzLmxlYWZvLm5ldIIQKi5jb29sLmxlYWZv
Lm5ldIIRKi5jb29sMi5sZWFmby5uZXSCEiouaGFtbGV0LmxlYWZvLm5ldIILKi5s
ZWFmby5uZXSCEioubGlub2RlLmxlYWZvLm5ldIIVKi5tb29ucm9ja3MubGVhZm8u
bmV0gg8qLm92aC5sZWFmby5uZXSCEyoucG9rZW1vbi5sZWFmby5uZXSCDyoucml0
LmxlYWZvLm5ldIITKi5zY3JhdGNoLmxlYWZvLm5ldIIQKi53b3JtLmxlYWZvLm5l
dIIJbGVhZm8ubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE
AgSB9gSB8wDxAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO
XSLwDQAABAMASDBGAiEAuDkB4QMFzo/qzQgjsYktS2kZ0ILKmITZhTEE0ym95pkC
IQClsE4WoP830K5IjygnPu2Qaa+typngs+bjAcn0QQZgWwB2ADtTd3U+LbmATosw
Wwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjl0i8BUAAAQDAEcwRQIhAOyST+MZVKL5
sZvEfO6D8Ip99IN5vVittU6Gvau2HtiGAiBVsQ8LKjYU7XDchzA02Qb6gYy/Cfau
PO6/eH12ovEP4TANBgkqhkiG9w0BAQsFAAOCAQEALuzxC1DPrTOA/+1SpIcWiF/v
N3IqBEgdT02CFmh6eo2yU70Rs9YX7hZGfq5PRw/3zFT01Vh4Cewp3ymUezK6sgT0
XnYcK6lJOjuvvKcbEpfaYnupNDzfx5zzooJq1RuFJNzDQlVv2UtM7WNXVvodneVX
CMxN1hidkvKX8cOYFXCUPlz69c5O36vTro8wgLvgsPMsHSs40ql3dbEpIfajGAUD
yC4ZA02oETKgDEeZdkmn2FFzxQi4dvX6jtilaQJIPB8bkaDBPAd4cewnQaV9qdx1
x45kwdcLgIz5ecW5r/XI6Y/DYfDlA1iyHVkrFWmvc/B5q42Jm9n0m6XwnOpIhg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bJFEZQMBq3re8JaWQ8U
c+WNU0zzl5rQS3HK3wGZECMmTeuCMi3cijlESAEnoWouk6OVDj7WHY+H7ACEHCZc
jgzFvPZqcEZidtTXsvRnULoporBEUQlOmZgksY1+uUkqx/UhF6otkuGjQDbNcZN6
Ojkv4B7fZMcL3WXIkp8Izr0cRqpm+hGwS2mkS+LDHiKUvSHpIAO2zCf+TzWjy+lG
UuOQlgvgTdVscbwJNM7OHwLz4pC6cSUDTUchO9Yr0XGAUzcvBHR1SEWPTVgQFClM
L1T39cGq3lmnzMC/K6Mmyw2ywyKOqnclEu7VxoNL3ToKTu2w5CZB3tMfpi3We0X9
sQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 302438010679596784612354533656595869637388
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-20 17:32:34 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-18 17:32:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.worm.leafo.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29501433171592437312185716236969562785720503324764659274403476753268963155357009687071443716536190313483320231693402050982890749962665487626770524190408513879247965694049422566970917787844145953298990932032626705743079688376721823240756535895123755427513241907285961278991105042931881839551370846500314986608703672833223233615251578661708322778464582747735197623176657682096853707416368583836686004817062216489277888700282860684416678746080484963845466666442160851265619980853929655177321947428457983071627797236047173596891021476896065788856908083696266003483810888041351256896871004719284817785413791045632752221617
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3b7489ff217e6fce810fa63a60d0eab356ced08d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (238 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aws.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cool.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cool2.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hamlet.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.linode.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.moonrocks.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ovh.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pokemon.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rit.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.scratch.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worm.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leafo.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e5d22f00d0000040300483046022100b83901e10305ce8feacd0823b1892d4b6919d082ca9884d9853104d329bde699022100a5b04e16a0ff37d0ae488f28273eed9069afadca99e0b3e6e301c9f44106605b0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e5d22f0150000040300473045022100ec924fe31954a2f9b19bc47cee83f08a7df48379bd58adb54e86bdabb61ed886022055b10f0b2a3614ed70dc873034d906fa818cbf09f6ae3ceebf787d76a2f10fe1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002eecf10b50cfad3380ffed52a48716885fef37722a04481d4f4d8216687a7a8db253bd11b3d617ee16467eae4f470ff7cc54f4d5587809ec29df29947b32bab204f45e761c2ba9493a3bafbca71b1297da627ba9343cdfc79cf3a2826ad51b8524dcc342556fd94b4ced635756fa1d9de55708cc4dd6189d92f297f1c3981570943e5cfaf5ce4edfabd3ae8f3080bbe0b0f32c1d2b38d2a97775b12921f6a3180503c82e19034da81132a00c47997649a7d85173c508b876f5fa8ed8a56902483c1f1b91a0c13c077871ec2741a57da9dc75c78e64c1d70b808cf979c5b9aff5c8e98fc361f0e50358b21d592b1569af73f079ab8d899bd9f49ba5f09cea4886