wavingback.org
Issued by R3
About this certificate
This digital certificate with serial number 03:45:ea:25:e6:b0:80:73:2f:91:c6:9e:56:c7:2b:84:48:ee was issued on by Let's Encrypt.
With 21 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=wavingback.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:45:ea:25:e6:b0:80:73:2f:91:c6:9e:56:c7:2b:84:48:eeSerial Number (int): 285127577257761048796487716233983637604590
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 1e:fb:05:b4:c6:bd:7f:70:cd:f2:58:53:1c:46:2c:b5:56:c1:c2:b8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ea:1a:b2:47:22:e5:4a:e3:80:5c:ad:2c:cb:4c:2f:fe:8a:0c:f0:1b
Fingerprint (sha256): 1d:1b:0f:c1:47:83:bd:6d:cb:6c:bd:f3:a0:b0:38:dd:51:49:9b:e2:f3:66:86:08:e9:6e:e5:9e:b7:4a:94:6a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate wavingback.org
21
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for wavingback.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.theworldwaves.co
*.theworldwaves.net
*.waveschool.com
*.wavescool.com
*.wavingback.com
*.wavingback.net
*.wavingback.org
theworldwaves.co
theworldwaves.net
waveschool.com
wavescool.com
wavingback.com
wavingback.net
wavingback.org
www.mg.wavescool.com
www.theworldwavesco.wavescool.com
www.theworldwavesnet.wavescool.com
www.waveschool.wavescool.com
www.wavingback.wavescool.com
www.wavingbackcom.wavescool.com
www.wavingbacknet.wavescool.com
*.theworldwaves.net
*.waveschool.com
*.wavescool.com
*.wavingback.com
*.wavingback.net
*.wavingback.org
theworldwaves.co
theworldwaves.net
waveschool.com
wavescool.com
wavingback.com
wavingback.net
wavingback.org
www.mg.wavescool.com
www.theworldwavesco.wavescool.com
www.theworldwavesnet.wavescool.com
www.waveschool.wavescool.com
www.wavingback.wavescool.com
www.wavingbackcom.wavescool.com
www.wavingbacknet.wavescool.com
Other certificates including the domain name wavingback.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for wavingback.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGrjCCBZagAwIBAgISA0XqJeawgHMvkcaeVscrhEjuMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTkwMjI1MDNaFw0yNDA0MTgwMjI1MDJaMBkxFzAVBgNVBAMT DndhdmluZ2JhY2sub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 2JqD50Xz2w2oDSDaqoyZIuPvzO2VnGqRWnrNsAbTb2mwURZIMVncl3qRO7bSSzh7 bBQqOZnUajSwaJ6BZCaRDU4C18grU7KISh5gmZC+B+NcWeYvAh2eDIUcKtcXd3kv vBqzdthiF8FmJ99y9y4uYqS6eIXk2bd0mo4DB/pFlMpp/albSX3CnPJ7IJFC8o8n Om0O8pRY8EtwO1zVQv7UQCX0lRpxji8PzrRd/Tnao4g8ePXpWywBtxGg8e1m0poU A4DOO4dGs3dZaZnVPU6/Glnqy4i1PiWe/jJYXO3e3OUWDhIELn+3nJlpCOscEMTA S0sNQ6SwZhX/BU/g9SZLBwIDAQABo4ID1TCCA9EwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBQe+wW0xr1/cM3yWFMcRiy1VsHCuDAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzCCAd4GA1UdEQSCAdUwggHRghIqLnRoZXdvcmxkd2F2ZXMuY2+CEyoudGhld29y bGR3YXZlcy5uZXSCECoud2F2ZXNjaG9vbC5jb22CDyoud2F2ZXNjb29sLmNvbYIQ Ki53YXZpbmdiYWNrLmNvbYIQKi53YXZpbmdiYWNrLm5ldIIQKi53YXZpbmdiYWNr Lm9yZ4IQdGhld29ybGR3YXZlcy5jb4IRdGhld29ybGR3YXZlcy5uZXSCDndhdmVz Y2hvb2wuY29tgg13YXZlc2Nvb2wuY29tgg53YXZpbmdiYWNrLmNvbYIOd2F2aW5n YmFjay5uZXSCDndhdmluZ2JhY2sub3JnghR3d3cubWcud2F2ZXNjb29sLmNvbYIh d3d3LnRoZXdvcmxkd2F2ZXNjby53YXZlc2Nvb2wuY29tgiJ3d3cudGhld29ybGR3 YXZlc25ldC53YXZlc2Nvb2wuY29tghx3d3cud2F2ZXNjaG9vbC53YXZlc2Nvb2wu Y29tghx3d3cud2F2aW5nYmFjay53YXZlc2Nvb2wuY29tgh93d3cud2F2aW5nYmFj a2NvbS53YXZlc2Nvb2wuY29tgh93d3cud2F2aW5nYmFja25ldC53YXZlc2Nvb2wu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADu AHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGNH8ApagAABAMA RjBEAiAfC5ZQ2AZDcmJpCynw37SIOxmlpWeUFjh6KiN/n20x0AIgSTYyXTEXkeOa DHZ42aTWMpURsnDL/ByO5M3nbBEah78AdQCi4r/WHt4vLweg1k5tN6fcZUOwxrUu otq3iviabfUX2AAAAY0fwClsAAAEAwBGMEQCICuWZ9BwQUnpYSFLvB6PXNeOapP7 hT364DJEmYRkOVLuAiAdcHeGGYDatUWTGceD41yUANTz33YrjSe89nKHs9SCfzAN BgkqhkiG9w0BAQsFAAOCAQEADwmu1MDAYldzfIaQlSGM0iZgqOAij3WQ0azX/zWS VRhrdEmR/lXYZCv8mAU3oNrFepnZNbriwf+Zaa4Qq01WW2uj/0eZ5Wk5NKUQ6s0N vT3IfvLsYs442KK1vaU7CZkmgisItNd3pfpdtZ18NGK86BbalciFUx8ZC+HCSukO zE1HGNELnL7JPe2u9sJH2uhlbS258BgdNMkc5N/dPwJRD1ehu3ryLGOQgMuIP99R JEH02FZ9R8LLwsYmSVnE1650CeTUeuEEayEOexdqpBlzvluaWFrO2L6AZOliVE7l Nay4Q4hyMArICTLItMp/Y3csT7UzKBboF7gZoqJ3tLOFuA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JqD50Xz2w2oDSDaqoyZ IuPvzO2VnGqRWnrNsAbTb2mwURZIMVncl3qRO7bSSzh7bBQqOZnUajSwaJ6BZCaR DU4C18grU7KISh5gmZC+B+NcWeYvAh2eDIUcKtcXd3kvvBqzdthiF8FmJ99y9y4u YqS6eIXk2bd0mo4DB/pFlMpp/albSX3CnPJ7IJFC8o8nOm0O8pRY8EtwO1zVQv7U QCX0lRpxji8PzrRd/Tnao4g8ePXpWywBtxGg8e1m0poUA4DOO4dGs3dZaZnVPU6/ Glnqy4i1PiWe/jJYXO3e3OUWDhIELn+3nJlpCOscEMTAS0sNQ6SwZhX/BU/g9SZL BwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 285127577257761048796487716233983637604590 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-19 02:25:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-18 02:25:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'wavingback.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27343668181110184986933765696548390470338317172839851284672929353885149847293648474879061358827867607899982172277673089133089033312817732441725078145573666848971895562537645860443187574099434683698760074589927832880707150710399115588811026352193184973041181670825885307659455342928213710805821918287817856738299913737534560477589438625592399457511369753361914678462205298395933149044403068936101015165364316207532673553553539984629545017216610089611219590547420396279020444144620845191582043079508074283711619639821370358668505119921515719919613895155466537145268077598792732777735158552665372749653339346087694453511 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1efb05b4c6bd7f70cdf258531c462cb556c1c2b8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (469 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.theworldwaves.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.theworldwaves.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.waveschool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wavingback.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wavingback.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wavingback.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theworldwaves.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theworldwaves.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waveschool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wavingback.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wavingback.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wavingback.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mg.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theworldwavesco.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theworldwavesnet.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.waveschool.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wavingback.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wavingbackcom.wavescool.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wavingbacknet.wavescool.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d1fc0296a000004030046304402201f0b9650d806437262690b29f0dfb4883b19a5a5679416387a2a237f9f6d31d002204936325d311791e39a0c7678d9a4d6329511b270cbfc1c8ee4cde76c111a87bf007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d1fc0296c000004030046304402202b9667d0704149e961214bbc1e8f5cd78e6a93fb853dfae032449984643952ee02201d7077861980dab5459319c783e35c9400d4f3df762b8d27bcf67287b3d4827f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000f09aed4c0c06257737c869095218cd22660a8e0228f7590d1acd7ff359255186b744991fe55d8642bfc980537a0dac57a99d935bae2c1ff9969ae10ab4d565b6ba3ff4799e5693934a510eacd0dbd3dc87ef2ec62ce38d8a2b5bda53b099926822b08b4d777a5fa5db59d7c3462bce816da95c885531f190be1c24ae90ecc4d4718d10b9cbec93dedaef6c247dae8656d2db9f0181d34c91ce4dfdd3f02510f57a1bb7af22c639080cb883fdf512441f4d8567d47c2cbc2c6264959c4d7ae7409e4d47ae1046b210e7b176aa41973be5b9a585aced8be8064e962544ee535acb8438872300ac80932c8b4ca7f63772c4fb5332816e817b819a2a277b4b385b8