hempmd.org
Issued by R3
About this certificate
This digital certificate with serial number 04:51:af:2f:82:a1:68:0e:21:e5:15:2c:6d:ad:8b:8e:31:9b was issued on by Let's Encrypt.
With 29 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=hempmd.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:51:af:2f:82:a1:68:0e:21:e5:15:2c:6d:ad:8b:8e:31:9bSerial Number (int): 376244877034352899707246180381183162855835
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0d:48:d4:1c:29:8d:88:16:17:67:95:f9:44:35:e8:bf:27:aa:9a:82
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): dd:82:3a:55:cd:0b:69:93:13:6e:fa:bf:17:ac:78:00:be:fc:a4:0f
Fingerprint (sha256): 1e:19:b5:08:f7:d8:3f:54:b2:7b:28:26:3f:87:a0:5f:63:33:cc:90:0f:19:d5:c2:a8:06:48:0f:5e:0a:76:63
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate hempmd.org
29
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hempmd.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
canibuild.top
corpuschristicommercialappraiser.com
dolorescounty.com
ftdodge.com
gastro4vip.com
hashtagmylife.net
hempmd.org
letsgobuffalollc.com
mechanics-tools.com
mygeorgiadirectlender.com
patentarbitrage.com
pistachiery.com
privacyhelper.com
puertoricodivorce.com
registerawebaddress.com
retail4vip.com
saintflanagan.net
seaweedfair.com
showassessments.com
showimporter.com
stnazianz.com
surgery4vip.com
suspicionnation.com
test3.lastsoft.net
thegrayduck.com
wellnessblogs.com
wwwwiktionary.org
xcrose.com
zirpola.com
corpuschristicommercialappraiser.com
dolorescounty.com
ftdodge.com
gastro4vip.com
hashtagmylife.net
hempmd.org
letsgobuffalollc.com
mechanics-tools.com
mygeorgiadirectlender.com
patentarbitrage.com
pistachiery.com
privacyhelper.com
puertoricodivorce.com
registerawebaddress.com
retail4vip.com
saintflanagan.net
seaweedfair.com
showassessments.com
showimporter.com
stnazianz.com
surgery4vip.com
suspicionnation.com
test3.lastsoft.net
thegrayduck.com
wellnessblogs.com
wwwwiktionary.org
xcrose.com
zirpola.com
Other certificates including the domain name hempmd.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for hempmd.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDzCCBPegAwIBAgISBFGvL4KhaA4h5RUsba2LjjGbMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDQxNTM2MjBaFw0yNDA3MDMxNTM2MTlaMBUxEzARBgNVBAMT CmhlbXBtZC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTw02o 49vYgk4guXy8UyD0iEMXaJuhL8urRgHG7nAti/UQ/JotVWfJdagzlu4J/VE0K2QI lx2CfWe+w7uOrA+/LszjMaFYUewja5i9cRUYVWFSzti75iJekST6mdCJQbmC2yMU rUuyo8g1r4i7v7q2s0mv4mymOnaH1XlzCguDeLMqr+WyQFawFGOZjWNNBKKzjUo7 6E/+JYpLYs8d7ehedQ+8piAN44tjOJ/tcVb18XMO96YbOj0XiBTaM1RjuKQ9Lwfw Ey2ciO6ksfJXZ9r6TIZziAnPCpaR2sgkz75bVZ8Uv2gm2581u2fMG0vOKKXBASZH i4MfnI2MlLH38nBXAgMBAAGjggM6MIIDNjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FA1I1BwpjYgWF2eV+UQ16L8nqpqCMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIC NAYDVR0RBIICKzCCAieCDWNhbmlidWlsZC50b3CCJGNvcnB1c2NocmlzdGljb21t ZXJjaWFsYXBwcmFpc2VyLmNvbYIRZG9sb3Jlc2NvdW50eS5jb22CC2Z0ZG9kZ2Uu Y29tgg5nYXN0cm80dmlwLmNvbYIRaGFzaHRhZ215bGlmZS5uZXSCCmhlbXBtZC5v cmeCFGxldHNnb2J1ZmZhbG9sbGMuY29tghNtZWNoYW5pY3MtdG9vbHMuY29tghlt eWdlb3JnaWFkaXJlY3RsZW5kZXIuY29tghNwYXRlbnRhcmJpdHJhZ2UuY29tgg9w aXN0YWNoaWVyeS5jb22CEXByaXZhY3loZWxwZXIuY29tghVwdWVydG9yaWNvZGl2 b3JjZS5jb22CF3JlZ2lzdGVyYXdlYmFkZHJlc3MuY29tgg5yZXRhaWw0dmlwLmNv bYIRc2FpbnRmbGFuYWdhbi5uZXSCD3NlYXdlZWRmYWlyLmNvbYITc2hvd2Fzc2Vz c21lbnRzLmNvbYIQc2hvd2ltcG9ydGVyLmNvbYINc3RuYXppYW56LmNvbYIPc3Vy Z2VyeTR2aXAuY29tghNzdXNwaWNpb25uYXRpb24uY29tghJ0ZXN0My5sYXN0c29m dC5uZXSCD3RoZWdyYXlkdWNrLmNvbYIRd2VsbG5lc3NibG9ncy5jb22CEXd3d3dp a3Rpb25hcnkub3Jnggp4Y3Jvc2UuY29tggt6aXJwb2xhLmNvbTATBgNVHSAEDDAK MAgGBmeBDAECATATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC AQEAHglXs0b2/6SlxjQHJ8LuE7iy/yNDWLCHB7XQGB3AHcCnubcAf0K8auMeS7UV J7q1VzdZXdnsSgWSMspJxdOcZxc5oXD4ggc6GbvemtSRoxbxRcNkG4zL/fbu8BOm lWeXaFbUMNqyShtaGia+mqIlXHll+OlRROXhEMLESQqvuwCr+TZ+Jc3KfHocQCXe 5h5nJrFHVea1AzvpEuQZYoChZETKDzw6DHRL9B1+Xk1XTBAAMwbBf0T6BLGtTOed vjJtzmMUw69g7CHq9LVsKox0ux8FtY1Xu/jSHBRjDHbeM+Pe2NliRS5SOvcztm13 VWayujTfQRex4Eg3BLtG8kJzow== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08NNqOPb2IJOILl8vFMg 9IhDF2iboS/Lq0YBxu5wLYv1EPyaLVVnyXWoM5buCf1RNCtkCJcdgn1nvsO7jqwP vy7M4zGhWFHsI2uYvXEVGFVhUs7Yu+YiXpEk+pnQiUG5gtsjFK1LsqPINa+Iu7+6 trNJr+Jspjp2h9V5cwoLg3izKq/lskBWsBRjmY1jTQSis41KO+hP/iWKS2LPHe3o XnUPvKYgDeOLYzif7XFW9fFzDvemGzo9F4gU2jNUY7ikPS8H8BMtnIjupLHyV2fa +kyGc4gJzwqWkdrIJM++W1WfFL9oJtufNbtnzBtLziilwQEmR4uDH5yNjJSx9/Jw VwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 376244877034352899707246180381183162855835 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-04 15:36:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-03 15:36:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hempmd.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26732590023256264566397997604743918427261717574527829608089906187137231257144530796271016156647359274619189173599782943675119798739996265916844462693692537117446895011435230849146342052368478272470600257981200436523339144572624302542602718352446662497827691408920977626523393352593477310714370823371554411798610204792601571198770650700952083071378687239118829555780850584293317585625633325070982638337587821544161303130944896784519421388922697264827424732569288958652949554907266609951029010929796025190240455955011984709013970835107178069884270585470317889687810567334531875854356291121605975261731642410182588395607 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0d48d41c298d8816176795f94435e8bf27aa9a82 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (555 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canibuild.top' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpuschristicommercialappraiser.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dolorescounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ftdodge.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gastro4vip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hashtagmylife.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hempmd.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'letsgobuffalollc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mechanics-tools.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mygeorgiadirectlender.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patentarbitrage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pistachiery.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacyhelper.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'puertoricodivorce.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'registerawebaddress.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retail4vip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saintflanagan.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seaweedfair.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'showassessments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'showimporter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stnazianz.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surgery4vip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'suspicionnation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test3.lastsoft.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thegrayduck.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wellnessblogs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwwiktionary.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xcrose.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zirpola.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001e0957b346f6ffa4a5c6340727c2ee13b8b2ff234358b08707b5d0181dc01dc0a7b9b7007f42bc6ae31e4bb51527bab55737595dd9ec4a059232ca49c5d39c671739a170f882073a19bbde9ad491a316f145c3641b8ccbfdf6eef013a69567976856d430dab24a1b5a1a26be9aa2255c7965f8e95144e5e110c2c4490aafbb00abf9367e25cdca7c7a1c4025dee61e6726b14755e6b5033be912e4196280a16444ca0f3c3a0c744bf41d7e5e4d574c10003306c17f44fa04b1ad4ce79dbe326dce6314c3af60ec21eaf4b56c2a8c74bb1f05b58d57bbf8d21c14630c76de33e3ded8d962452e523af733b66d775566b2ba34df4117b1e0483704bb46f24273a3