*.sand4cast.com
Issued by Actalis Domain Validation Server CA G3
About this certificate
This digital certificate with serial number 10:dc:94:8b:2d:21:47:cb:24:c6:65:6c:44:78:88:df was issued on by Actalis S.p.A..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.sand4cast.com
Actalis S.p.A.
Organization:
Actalis S.p.A.
State / Province:
Bergamo
Locality: Ponte San Pietro
Country: IT
Locality: Ponte San Pietro
Country: IT
This certificate will expire on
Certificate Details
Serial Number (hex): 10:dc:94:8b:2d:21:47:cb:24:c6:65:6c:44:78:88:dfSerial Number (int): 22412966064739305004070350362376702175
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: f4:3e:77:cb:53:ec:71:cb:e6:45:66:95:9d:ec:fd:f8:98:a9:09:58
AuthorityKeyId: 42:83:6d:80:7c:09:84:67:fd:80:57:ab:f1:26:f5:77:c8:22:82:71
Fingerprint (sha1): 64:ed:e7:8e:1f:22:4f:fd:3a:e2:5d:ac:e2:93:e9:5c:d1:e5:20:92
Fingerprint (sha256): 1f:ab:98:71:4c:fc:ea:80:f1:53:3e:6a:34:2c:79:b5:b7:2c:cb:42:71:47:17:c9:32:65:3d:bc:18:43:e0:82
Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-autdvg3
Revocation information
OCSP Server: http://ocsp06.actalis.it/VA/AUTHDV-G3CRL Distribution Point: http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL
Check the revocation status for certificate *.sand4cast.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.sand4cast.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sand4cast.com
sand4cast.com
sand4cast.com
Other certificates including the domain name sand4cast.com
(limited to 100 certificates)
beta7.app
plannor.app
*.sand4cast.com
app.sand4cast.com
*.sand4cast.com
r.helplightning.net
app.kgnot-app.com
qr.respublikapark.com.ua
link.altrgo.com
app.o-plati.by
celcom-bot.chitchax.com
demo.diversly.ai
admin.doleconnection.com
homedoctor.todaynewspost.net
app.shazzymilktea.com
www.ht2pimoveis.com.br
riverbanknews.column.us
oreo.kgplife.com
*.sand4cast.com
www.app.scaffinspect.se
*.sand4cast.com
app.sand4cast.com
sub.horavalle.com
plannor.app
*.sand4cast.com
app.sand4cast.com
*.sand4cast.com
r.helplightning.net
app.kgnot-app.com
qr.respublikapark.com.ua
link.altrgo.com
app.o-plati.by
celcom-bot.chitchax.com
demo.diversly.ai
admin.doleconnection.com
homedoctor.todaynewspost.net
app.shazzymilktea.com
www.ht2pimoveis.com.br
riverbanknews.column.us
oreo.kgplife.com
*.sand4cast.com
www.app.scaffinspect.se
*.sand4cast.com
app.sand4cast.com
sub.horavalle.com
Certificate
The complete raw certificate details for *.sand4cast.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHdjCCBV6gAwIBAgIQENyUiy0hR8skxmVsRHiI3zANBgkqhkiG9w0BAQsFADCB hDELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMS8wLQYDVQQDDCZB Y3RhbGlzIERvbWFpbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBHMzAeFw0yNDAyMTYw NDMzMTZaFw0yNTAzMTgwNDMzMTVaMBoxGDAWBgNVBAMMDyouc2FuZDRjYXN0LmNv bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmAzBMBhdAjEXZqMOWr 7fnLsK8O4szrf3CJtEUch+SHSnh60yly1v87XuVJ3znf/PAE/NIawIWDpCGoRMtW Ieuo3inrqMcbu5Q43q5KEEz5+UQb+34N2nKoP2AYl2OyOcxRvEq2pCxDNcQ1/pCY 7+y/08QXbbo9/D0g8c2RQQRr9awFNVlgaVP8fErHKi31j0FjtHkzSCTljvNqhANi +cCrgTw25Qf46kJ2mZj2CLh7X2dG5FIRwpFC/MpkmufKnW5b/jbPNMQ39IjwuqTw eT4BVQEfd3Ug0dioiGDxoOf7Rz3MaSiMDZqIMwuTl+qJ58qqIq1jWapLW1NIQh3a 2gMCAwEAAaOCA0swggNHMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUQoNtgHwJ hGf9gFer8Sb1d8gignEwfQYIKwYBBQUHAQEEcTBvMDoGCCsGAQUFBzAChi5odHRw Oi8vY2FjZXJ0LmFjdGFsaXMuaXQvY2VydHMvYWN0YWxpcy1hdXRkdmczMDEGCCsG AQUFBzABhiVodHRwOi8vb2NzcDA2LmFjdGFsaXMuaXQvVkEvQVVUSERWLUczMCkG A1UdEQQiMCCCDyouc2FuZDRjYXN0LmNvbYINc2FuZDRjYXN0LmNvbTBRBgNVHSAE SjBIMDwGBiuBHwEXATAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlz Lml0L2FyZWEtZG93bmxvYWQwCAYGZ4EMAQIBMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDATBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDYuYWN0YWxp cy5pdC9SZXBvc2l0b3J5L0FVVEhEVi1HMy9nZXRMYXN0Q1JMMB0GA1UdDgQWBBT0 PnfLU+xxy+ZFZpWd7P34mKkJWDAOBgNVHQ8BAf8EBAMCBaAwggF/BgorBgEEAdZ5 AgQCBIIBbwSCAWsBaQB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsI AAABjbA52BIAAAQDAEcwRQIhAJAEin+dbRzqDRBC1IDBTWzqgd8KmDRPUgkfqmvv N1gdAiAVO882utdUOc6B9gOa+m5s/MQfQ3dZgRsdiXPJbswemQB2ACjigTj9gyFF 6anWqnU3bYN3qIUSs8B/ckFIIdy96YxmAAABjbA52JIAAAQDAEcwRQIgH10614W0 Qryz34pE1IR05LVhXNIMuRZm++5pf4weekICIQCrCnJd/S5d6jCVVfx4AZQoGz0x R9qf62OZ0IjN78OhpQB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4 AAABjbA52GIAAAQDAEgwRgIhAPnjZD1Bpz1Kl4gYwucaFDT1+eYjI8GyY2Ca4F5u C87lAiEAhZ8mibyG3b9IgwjWOhcLD3RI7rqwV9UUawyYXmpr4dkwDQYJKoZIhvcN AQELBQADggIBAFcckfXdA2VbqB3dvkjrHes+YIjhrt+w3UuKt8Ol1zwkuF4nh4UO z8YJ7a97+r4sqmsw6cR33Y1TCiF0YwHybhHeMCUXon4f6oNNm+96c1EQbhOcWT/f M8zGb3sf2bneqjZ4rkrx4plPOj0IsSVqGEtqnvUD8KuLlyvbZCQiWinfXmitORu7 gzEKvc6UQ0XO1L7pJ7x3xvAlkwM6FmJjfXycpiYccFKXAq4AB7/wPtDaJzBMry36 +UHEo7RYqQJj/Q2Op/+1rH7WE4TAQa3DqkQ0cY20nQCgWByxreLk0+k8jZSj+yX0 8yqsdxpeB2JT7V6hT+nkmMleqfHSOOuEXdj6jG2D+Bu21mBpEM9otaVM/Fz6s3ez 4QijKRZPLrYSqByaTdT72xh/8c8LrjruL1AR4S03Fhz7PV3mXGGJ+kBx3YODRFPt qlVJw0n9+V3eR1CIBB12iV/q57oUqmlkPb/w9TVt8df9MA7/2PH88mn/ik7OVtjk TVcXqhY1HWfEam5N7UnKPgSP2+dQmlYFcfuhTD9FDD7u58of5r7tvAsyAaTzTg8z oMIf6B800tZVpRffGWkuK03VZ1NY8mHCKRdM545lA4OlQPzDBYprhhh0JaS+04L+ bISFRjM1mxhQ3S3L1843Y2SyJkUfcxyVclNZNZ3VrdOr9oopfXvnh6+2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYDMEwGF0CMRdmow5avt +cuwrw7izOt/cIm0RRyH5IdKeHrTKXLW/zte5UnfOd/88AT80hrAhYOkIahEy1Yh 66jeKeuoxxu7lDjerkoQTPn5RBv7fg3acqg/YBiXY7I5zFG8SrakLEM1xDX+kJjv 7L/TxBdtuj38PSDxzZFBBGv1rAU1WWBpU/x8SscqLfWPQWO0eTNIJOWO82qEA2L5 wKuBPDblB/jqQnaZmPYIuHtfZ0bkUhHCkUL8ymSa58qdblv+Ns80xDf0iPC6pPB5 PgFVAR93dSDR2KiIYPGg5/tHPcxpKIwNmogzC5OX6onnyqoirWNZqktbU0hCHdra AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 22412966064739305004070350362376702175 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Domain Validation Server CA G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-16 04:33:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-18 04:33:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sand4cast.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23417598667920112493817432843502688102290766949631551386406501243650637473200741497614490641960967464670324053358089011022265180550599114307356089604215992520620514165968099842812058344569560967954968266269518041342907900816946656708596159534253783440594811977259623918857612683306038483855187861938701565761646143474816506861968537469575109199026599100346150642835000621601602684142614689513342238222188430882010342162499739160554546019182788857470482367407421408926307511473739283992469594337153606594609604486454764709831456550988503016499754451779418538737855982447275436753240318201288525483888809667245966547459 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 42836d807c098467fd8057abf126f577c8228271 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-autdvg3' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp06.actalis.it/VA/AUTHDV-G3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sand4cast.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sand4cast.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f43e77cb53ec71cbe64566959decfdf898a90958 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018db039d812000004030047304502210090048a7f9d6d1cea0d1042d480c14d6cea81df0a98344f52091faa6bef37581d0220153bcf36bad75439ce81f6039afa6e6cfcc41f437759811b1d8973c96ecc1e9900760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018db039d892000004030047304502201f5d3ad785b442bcb3df8a44d48474e4b5615cd20cb91666fbee697f8c1e7a42022100ab0a725dfd2e5dea309555fc780194281b3d3147da9feb6399d088cdefc3a1a50077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018db039d8620000040300483046022100f9e3643d41a73d4a978818c2e71a1434f5f9e62323c1b263609ae05e6e0bcee5022100859f2689bc86ddbf488308d63a170b0f7448eebab057d5146b0c985e6a6be1d9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00571c91f5dd03655ba81dddbe48eb1deb3e6088e1aedfb0dd4b8ab7c3a5d73c24b85e2787850ecfc609edaf7bfabe2caa6b30e9c477dd8d530a21746301f26e11de302517a27e1fea834d9bef7a7351106e139c593fdf33ccc66f7b1fd9b9deaa3678ae4af1e2994f3a3d08b1256a184b6a9ef503f0ab8b972bdb6424225a29df5e68ad391bbb83310abdce944345ced4bee927bc77c6f02593033a1662637d7c9ca6261c70529702ae0007bff03ed0da27304caf2dfaf941c4a3b458a90263fd0d8ea7ffb5ac7ed61384c041adc3aa4434718db49d00a0581cb1ade2e4d3e93c8d94a3fb25f4f32aac771a5e076253ed5ea14fe9e498c95ea9f1d238eb845dd8fa8c6d83f81bb6d6606910cf68b5a54cfc5cfab377b3e108a329164f2eb612a81c9a4dd4fbdb187ff1cf0bae3aee2f5011e12d37161cfb3d5de65c6189fa4071dd83834453edaa5549c349fdf95dde475088041d76895feae7ba14aa69643dbff0f5356df1d7fd300effd8f1fcf269ff8a4ece56d8e44d5717aa16351d67c46a6e4ded49ca3e048fdbe7509a560571fba14c3f450c3eeee7ca1fe6beedbc0b3201a4f34e0f33a0c21fe81f34d2d655a517df19692e2b4dd5675358f261c229174ce78e650383a540fcc3058a6b86187425a4bed382fe6c84854633359b1850dd2dcbd7ce376364b226451f731c95725359359dd5add3abf68a297d7be787afb6