imito-test.stgag.ch

- thurmed AG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 43:20:32:64:15:d1:ab:6c:39:13:b1:b2:be:cd:24:62:3c:7a:e7:74 was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

thurmed AG

Organization: thurmed AG
State / Province: TG
Locality: Frauenfeld
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 43:20:32:64:15:d1:ab:6c:39:13:b1:b2:be:cd:24:62:3c:7a:e7:74
Serial Number (int): 383220395163085962991593702917685036171013056372
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 36:04:16:8f:bc:73:de:db:27:69:fd:b1:ba:13:89:06:3b:2a:02:db
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 17:7a:ba:75:6e:9b:b2:96:cb:21:4e:ec:e9:e9:e5:11:18:64:96:cb
Fingerprint (sha256): 1e:0e:2f:7e:19:36:2a:8d:6a:df:7a:92:12:68:fb:61:23:f7:17:6d:d3:e5:8a:40:9c:d9:1d:4e:d1:c1:02:c1

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate imito-test.stgag.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for imito-test.stgag.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

imito-test.stgag.ch

Other certificates including the domain name stgag.ch

(limited to 100 certificates)

Certificate

The complete raw certificate details for imito-test.stgag.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYzCCBEugAwIBAgIUQyAyZBXRq2w5E7Gyvs0kYjx653QwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTIzMDgwOTA5
MTg1NFoXDTI0MDgwOTA5MTg1NFowYjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlRH
MRMwEQYDVQQHDApGcmF1ZW5mZWxkMRMwEQYDVQQKDAp0aHVybWVkIEFHMRwwGgYD
VQQDExNpbWl0by10ZXN0LnN0Z2FnLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAuLr0nmYnx1h6txYUp4f7XcLRIr4pkEhcrn5VNzzaud1DuqSy/fQe
PLWoZgCIVMSj4kRoltLEVngjLzRhHrcD2Bxcv6YRkEgvbE5dFQCunQyQ/zkKV6XY
bNleaCMuKn4oVif6UOllKTmennX4RlBlipWZywsZEjY17NVuCdmZGsbeHyBXPT02
BWgYFk7bNL9MVa3FXbNkizaKboZyLqY+FbtUfPJSpq2bZr/mi08tGIeTacfNA6ls
DCTWCXKedhenSmtpUJvtL4TeQNqeOOGVzZ9gNc/hBvsqaixIPCaZYE/V6HTgO9q4
C6uy1+1p+173StIauyhzFVF+IgYTJShM6wIDAQABo4ICITCCAh0wgbIGCCsGAQUF
BwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9h
aXItMGYyYmY5YTUtZGQzNy00OGM5LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUF
BzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUt
NjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQIC
MAgGBgQAj3oBBzBQBghghXQBWQIBAjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3Jl
cG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYD
VR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYy
ZjVhLTZiNzMtNGRhNC04N2Y3LWNlNDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMB4GA1UdEQQXMBWCE2ltaXRv
LXRlc3Quc3RnYWcuY2gwHQYDVR0OBBYEFDYEFo+8c97bJ2n9sboTiQY7KgLbMB8G
A1UdIwQYMBaAFHxvCm8TD9mMJG8mNPNca0NttyO2MBMGCisGAQQB1nkCBAMBAf8E
AgUAMA0GCSqGSIb3DQEBCwUAA4ICAQC9FGmLSLMxZgMjX+vvAHCFuQjqe4596irU
aJAc3XjuVGQvXFBgExsbFM06yeSzKVCOduCu/C7RrQZRLnLrOuYwRv5CE0N/snST
5V8bOzFZr34PpNQXbMSMsf7olIQhhunujGPmNRpukPo4GeSresCke6NJwCurdRj8
0CEroiItPwMsZnFH9MPHgkrLBGf1CjDnhmSrRgqeWWFOz5NC6YjL/3YD2rdfscsC
dIO8JuKLJuCgK2Oq2N6gwedm5/J/ArNut7BsnZEJUl3PTV3u/oLhyXQLX+A8ME5e
Kd43cf3+op43O5JVsOfOQYm2PoU1WczHotQXpXjcj6edFmDLoAspecnrTv9m+dsA
JvZ4oKfIz5sN79ePxBbOh2WU+fDyc9U2BqI+xgzZxkXSkU3JIYSSz7xca5d/JOr3
mL7Nbt8DHxyHX4jlbQV2TC80wx0obojStYHQRULRQV3c89TMhNg0FMbww3xuEgG+
sAZCiubmvEWWf5ApiunaGGlDxvB+vJ3yylviwcN62SRbZQ2/IskVhYlHmighNTZ/
LTm6M3wWDf3B1u9Ex/U/+HPfyL+1p3HPhoAELVeWHNEaV3eOz6Z+N+WwQtj+T7kJ
cW+ieM4Zd9rj88K4GXKMQ19dN8GHS3Odzyu2jKsr1e0woBSow+nddCs3b4QBpTzG
SxIfD6iE2g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLr0nmYnx1h6txYUp4f7
XcLRIr4pkEhcrn5VNzzaud1DuqSy/fQePLWoZgCIVMSj4kRoltLEVngjLzRhHrcD
2Bxcv6YRkEgvbE5dFQCunQyQ/zkKV6XYbNleaCMuKn4oVif6UOllKTmennX4RlBl
ipWZywsZEjY17NVuCdmZGsbeHyBXPT02BWgYFk7bNL9MVa3FXbNkizaKboZyLqY+
FbtUfPJSpq2bZr/mi08tGIeTacfNA6lsDCTWCXKedhenSmtpUJvtL4TeQNqeOOGV
zZ9gNc/hBvsqaixIPCaZYE/V6HTgO9q4C6uy1+1p+173StIauyhzFVF+IgYTJShM
6wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 383220395163085962991593702917685036171013056372
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-09 09:18:54 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-09 09:18:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Frauenfeld'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'thurmed AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'imito-test.stgag.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23320039327517536380246529988911364648178295490431875817513387651116442877638078682490963722281351948668070523400605703834763173590891782589447719228006994606752183594200150400487128726038855479858566851307001609838707227146465941974021748008012683006799396809574396536028164126383607980285451965800684249535382071690543103452708530162014517859924027520555851959210168937905565847699614236408258174321755810923417184406295083963869745974726783353059434466037419454356015167183080720851759844254452055652423853619103215560508615358684775564039961825888402589623518938673960448918481628258926735739442345247155975376107
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imito-test.stgag.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3604168fbc73dedb2769fdb1ba1389063b2a02db
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00bd14698b48b3316603235febef007085b908ea7b8e7dea2ad468901cdd78ee54642f5c5060131b1b14cd3ac9e4b329508e76e0aefc2ed1ad06512e72eb3ae63046fe4213437fb27493e55f1b3b3159af7e0fa4d4176cc48cb1fee894842186e9ee8c63e6351a6e90fa3819e4ab7ac0a47ba349c02bab7518fcd0212ba2222d3f032c667147f4c3c7824acb0467f50a30e78664ab460a9e59614ecf9342e988cbff7603dab75fb1cb027483bc26e28b26e0a02b63aad8dea0c1e766e7f27f02b36eb7b06c9d9109525dcf4d5deefe82e1c9740b5fe03c304e5e29de3771fdfea29e373b9255b0e7ce4189b63e853559ccc7a2d417a578dc8fa79d1660cba00b2979c9eb4eff66f9db0026f678a0a7c8cf9b0defd78fc416ce876594f9f0f273d53606a23ec60cd9c645d2914dc9218492cfbc5c6b977f24eaf798becd6edf031f1c875f88e56d05764c2f34c31d286e88d2b581d04542d1415ddcf3d4cc84d83414c6f0c37c6e1201beb006428ae6e6bc45967f90298ae9da186943c6f07ebc9df2ca5be2c1c37ad9245b650dbf22c9158589479a282135367f2d39ba337c160dfdc1d6ef44c7f53ff873dfc8bfb5a771cf8680042d57961cd11a57778ecfa67e37e5b042d8fe4fb909716fa278ce1977dae3f3c2b819728c435f5d37c1874b739dcf2bb68cab2bd5ed30a014a8c3e9dd742b376f8401a53cc64b121f0fa884da