*.staging.bnn.de

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0d:d0:d7:82:ca:de:90:09:71:7d:92:0c:98:53:46:d9 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.staging.bnn.de

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:d0:d7:82:ca:de:90:09:71:7d:92:0c:98:53:46:d9
Serial Number (int): 18364332772290096168827105372517123801
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ee:7a:88:e6:1c:aa:31:e2:7b:2d:43:31:3e:a3:0a:c8:73:12:7f:93
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): c7:c4:d3:81:1b:b3:b2:5f:df:db:da:52:86:6d:c9:e8:cf:8a:0f:9b
Fingerprint (sha256): 1c:b7:af:dd:a1:19:a4:aa:c3:ac:bd:12:f1:54:b2:b3:07:3c:36:8c:a0:2e:9e:47:7c:d6:ed:b5:bb:43:8a:a3

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.staging.bnn.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.staging.bnn.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.staging.bnn.de
*.bnn.de

Other certificates including the domain name bnn.de

(limited to 100 certificates)
selbsteingabe.jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
pageflow.bnn.de
bnn.de
appapi-elb.bnn.de
jobs.bnn.de
test.dev.bnn.de
printportal.bnn.de
www.ingedenken.de
*.staging.bnn.de
pageflow.bnn.de
sandbox.service.bnn.de
jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
kino.bnn.de
a.westfalen-blatt.de
pageflow.bnn.de
veranstaltungen.bnn.de
bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
selbsteingabe.jobs.bnn.de
pageflow.bnn.de
pageflow.bnn.de
printportal.bnn.de
appapi.bnn.de
a.westfalen-blatt.de
selbsteingabe.jobs.bnn.de
api.geo-real.it
leserreisen.bnn.de
sandbox.service.bnn.de
stage.service.bnn.de
a.westfalen-blatt.de
pageflow.bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
api.geo-real.it
jobs.bnn.de
pageflow.bnn.de
selbsteingabe.jobs.bnn.de
veranstaltungen.bnn.de
bnn.de
dev.bnn.de
jobs.bnn.de
printportal.bnn.de
pageflow.bnn.de
www.bnn.de
www.bnn.de
api.geo-real.it
jobs.bnn.de
jobs.bnn.de
sandbox.service.bnn.de
jobs.bnn.de
api.geo-real.it
appapi-qa-elb.bnn.de
appapi-elb.bnn.de
pageflow.bnn.de
staging.bnn.de
jobs.bnn.de
*.bnn.de
pageflow.bnn.de
api.geo-real.it
veranstaltungen.bnn.de
*.bnn.de
pageflow.bnn.de
kino.bnn.de
pageflow.bnn.de
leserreisen.bnn.de
kino.bnn.de
jobs.bnn.de
stage.service.bnn.de
veranstaltungen.bnn.de
pageflow.bnn.de
jobs.bnn.de
pageflow.bnn.de
appapi-elb.bnn.de
sandbox.service.bnn.de
pageflow.bnn.de
appapi-qa-elb.bnn.de
selbsteingabe.jobs.bnn.de
leserreisen.bnn.de
pageflow.bnn.de
jobs.bnn.de
*.bnn.de
kino.bnn.de
*.bnn.de
api.geo-real.it
*.bnn.de
pageflow.bnn.de
jobs.bnn.de
veranstaltungen.bnn.de
veranstaltungen.bnn.de
www.ingedenken.de
kino.bnn.de
jobs.bnn.de
selbsteingabe.jobs.bnn.de

Certificate

The complete raw certificate details for *.staging.bnn.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIQDdDXgsrekAlxfZIMmFNG2TANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDQxNjAwMDAwMFoXDTI0MDUxNDIzNTk1OVowGzEZ
MBcGA1UEAwwQKi5zdGFnaW5nLmJubi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALWCMTEOLvhOepwAhI4+h9kE66vopRj/1HcZ0NK+4SAHQZsarpi+
64PMdrZX5d3efJDaD/CEYGMOKMW9T5nZzspLZ8rudtLTlQo+OaBtX4p0DNgTnbrF
AfLfR/CXXuIuZyYl+f26AO+Bf7YdnXZv4DJDetQjrZwVTRh/u/EfexFomNdUbTwW
orLCRL867Vm8ntIBj8wYavF1CC8AsOPfB2IzyNwo7ArKCI33U7tPQucdGTSe7LS0
s19nj9iite85kMlAHNsY+UYytC8EOQTmfM2cCLSA3ZJcUZUBMp5qZ2GGcshVrsY5
01+hjII9gp7xaocclTH5O4tl9D48z6bjv70CAwEAAaOCAvMwggLvMB8GA1UdIwQY
MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTueojmHKox4nstQzE+
owrIcxJ/kzAlBgNVHREEHjAcghAqLnN0YWdpbmcuYm5uLmRlgggqLmJubi5kZTAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG
A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29t
L3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcw
LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2
BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJt
MDIuY2VyMAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1
AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABh4d13F8AAAQDAEYw
RAIgGc0Ecm4yBKKUoUtsFLkgcbnC4hpAZGV94wSWbeTAFVsCIGPgKGmocJ9tO9Wf
jTfUNpGrZGwWQsvyzhBmqn+ttUK1AHYAc9meiRtMlnigIH1HneayxhzQUV5xGSqM
a4AQesF3crUAAAGHh3XckQAABAMARzBFAiAd+fvhI08Q0/Tl0U9fSVQ9UTR4pCPb
XG4PfEErROyYGwIhAOEOyvghQo8KwcfPSYdWz/6Ot+ZBdipbA+0c7yrlELWyAHcA
SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGHh3XcXQAABAMASDBG
AiEAyo2y7tlY9gC0M7ud8yQzZMczsA2V3wt++/nWoVqoWzECIQCCFpAZyJMlZK+g
Ts0Dtt72mNKL2Sh2AfaJGItgP8WCXDANBgkqhkiG9w0BAQsFAAOCAQEAljID9UAw
bk4K7L2qcmTCsUuPm6vcZqc1wxrKz98QSQcsKYUkkkEIrl2dMpgLVZkn34sZvEci
EyeYe9ot3dAm9tefQlKXkssd9hzdEQkMKpvUd5rlaTCm/+9JuXj30FCtr3jhKCK2
lpj8rSLnKrNNXyOIQmjGhXYTgT84Ste+yKgln76Fu2mBCvDlH03N9+npNUK7M4nb
07WiY2AwWf8xUpGWJVgfVt9XZSYqAl+rRwctRzxWNegqMUeogkX8ud9DVKSigvVI
U5+sZqX0WNrolihI4dd/aoV1mRPR4oFQlXUvEIjtTG+DLDlGyJ462rg+O2uUwEXK
W2sjt3zLIZkWSg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYIxMQ4u+E56nACEjj6H
2QTrq+ilGP/UdxnQ0r7hIAdBmxqumL7rg8x2tlfl3d58kNoP8IRgYw4oxb1PmdnO
yktnyu520tOVCj45oG1finQM2BOdusUB8t9H8Jde4i5nJiX5/boA74F/th2ddm/g
MkN61COtnBVNGH+78R97EWiY11RtPBaissJEvzrtWbye0gGPzBhq8XUILwCw498H
YjPI3CjsCsoIjfdTu09C5x0ZNJ7stLSzX2eP2KK17zmQyUAc2xj5RjK0LwQ5BOZ8
zZwItIDdklxRlQEynmpnYYZyyFWuxjnTX6GMgj2CnvFqhxyVMfk7i2X0PjzPpuO/
vQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18364332772290096168827105372517123801
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.staging.bnn.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22913333343148834129758414046001757770191319169138424754105873583384986783992147739065837610108977104702322366081522954998934580322198542057450474446605421088366856194296576588222558750051870772928236180498760966923380419241372841459533870805559988884003789780746046106047326377805868204375920691046247010324213378212014440993380045289537254626795648259213876720369982140415230357264561233353558907606191883388452086479660223152403340948022736737762378574145232063694889605898063056230355964284428732924298886687903279285962107687720346882153518753304708729169911379361557675943862930785733028000552897876633825034173
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ee7a88e61caa31e27b2d43313ea30ac873127f93
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.bnn.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bnn.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001878775dc5f0000040300463044022019cd04726e3204a294a14b6c14b92071b9c2e21a4064657de304966de4c0155b022063e02869a8709f6d3bd59f8d37d43691ab646c1642cbf2ce1066aa7fadb542b500760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001878775dc91000004030047304502201df9fbe1234f10d3f4e5d14f5f49543d513478a423db5c6e0f7c412b44ec981b022100e10ecaf821428f0ac1c7cf498756cffe8eb7e641762a5b03ed1cef2ae510b5b200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001878775dc5d0000040300483046022100ca8db2eed958f600b433bb9df3243364c733b00d95df0b7efbf9d6a15aa85b3102210082169019c8932564afa04ecd03b6def698d28bd9287601f689188b603fc5825c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00963203f540306e4e0aecbdaa7264c2b14b8f9babdc66a735c31acacfdf1049072c298524924108ae5d9d32980b559927df8b19bc47221327987bda2dddd026f6d79f42529792cb1df61cdd11090c2a9bd4779ae56930a6ffef49b978f7d050adaf78e12822b69698fcad22e72ab34d5f23884268c6857613813f384ad7bec8a8259fbe85bb69810af0e51f4dcdf7e9e93542bb3389dbd3b5a263603059ff3152919625581f56df5765262a025fab47072d473c5635e82a3147a88245fcb9df4354a4a282f548539fac66a5f458dae8962848e1d77f6a85759913d1e2815095752f1088ed4c6f832c3946c89e3adab83e3b6b94c045ca5b6b23b77ccb2199164a