karriere.heel.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:1f:b9:f2:71:f1:3c:06:2b:ae:17:4e:e9:87:09:9a:e7:d8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=karriere.heel.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:1f:b9:f2:71:f1:3c:06:2b:ae:17:4e:e9:87:09:9a:e7:d8Serial Number (int): 272132777195914656111003453450925811361752
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c6:f5:40:a8:4e:6a:df:a9:6a:8b:62:6e:a5:2c:97:26:6c:41:51:25
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 50:dd:45:a4:e2:2d:d2:db:eb:1e:16:9f:d7:03:02:76:f3:25:0d:64
Fingerprint (sha256): 20:24:5a:f1:40:d7:fa:78:e3:0d:ef:cf:f4:3f:5c:1b:d1:64:7c:cf:fb:68:be:92:6f:f3:1a:31:2f:4e:e5:49
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate karriere.heel.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for karriere.heel.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
karriere.heel.de
www.karriere.heel.de
www.karriere.heel.de
Other certificates including the domain name heel.de
(limited to 100 certificates)
lauf.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
Certificate
The complete raw certificate details for karriere.heel.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbjCCBVagAwIBAgISAx+58nHxPAYrrhdO6YcJmufYMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMzEwMTQ2NTdaFw0x OTA2MjkwMTQ2NTdaMBsxGTAXBgNVBAMTEGthcnJpZXJlLmhlZWwuZGUwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxd5Ef1mTtgzotgkDAsm/AKAP0DwRh O3ugh3mqfwlyXkjN0bY59cXbwXLwaRnbonz8wUQad8p7Dx2So2QmTbYakr7p+bGz 8Srkslop/ez7BwrMIWYsM/YW/Kbr4GXFq2DbZg2hG9cX4Whj1TshAkVlkRlgfn28 cjS3PFaKAtY2aZ1jxMR8FJ67tQjc0Xrxrr5n9kwNNoQCBnsTP6OezvY5wjBBKdsz x9w+qgwLzlqymXmyP3L9tcGtOEHdFPT7x8EziD4sllMqpBDgA9wueLPZg1rQyM0b OyFBI5HSbF6N/TXitzH18r1iXxGmqhpIfVKHx61iD/CvDDtfRw+afmK+/+tDv4/f KrB02QQSTcmF9yW7jEIX6BaRZBL6RwQWHnnS3MlasT8GKREParkXQ9S6i2KM5SA1 GLr0cXwP1JirDycMuWhh0NGVbQDFPcGGrUzfCoxidJIDYY++rTugXH5w0Hk9Ip5V UaMiT1KPklnbsz82YHcQ0BBHG33v9htX4IOi1F29FjKEoJcdKyc/O6Ih0eKS8O1h XUVrptezjDsVj9Et7HTMliCsleeejRhhg1x5aziUB7VuvKDqaJQ4jeZ10LYRFFnU 3+/y4CU/xz9ghDaE/UvoHZMk92XwTBgzwDG63kWNRMtvmTmSfOXfrhmd2od0KIqZ A+KsYnP+Xf3UIwIDAQABo4ICezCCAncwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTG 9UCoTmrfqWqLYm6lLJcmbEFRJTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMDEGA1UdEQQqMCiCEGthcnJpZXJlLmhlZWwu ZGWCFHd3dy5rYXJyaWVyZS5oZWVsLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAdH7agzGtMxCRIZzOJU9C cMK//V5CIAjGNzV55hB7zFYAAAFp0aSV+wAABAMARzBFAiB5fYrWYJawXo+HMiFq mzA7qwRoJn/u1EB8AwIk2qZI/wIhANcFhC4QaOZurmgz4+FVIyV0/G1doIVBwlhg vJPPmR+8AHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFp0aSU gwAABAMARzBFAiEAspWmaay3QwfO8CpW1DFXPUEYShxW2NRrumL3bw/UKK0CIHQ9 QpKS3ZT+Xk9dtjN6trqrIw/kK8CsZkdRODRbtgtNMA0GCSqGSIb3DQEBCwUAA4IB AQA9KMQNKJ3k2+nrLfqUvCzD3jgnIF6rVM2CnvGia1ra8OiatAajXLSz0FTRHlNZ SRU7UTdrwQL/MpPngEbUJj8aQAF7RAYMRly3pYZYXkog4ZpKVYF5tVennfOboCqP c8hW57UKJuDi+/ddsRttwrkzFhKgF59N8jZic+0Fs9jp7TnZgXM1YD23Ccam/TZ6 ExLOvqPePc0hEPNIr4554OeaLoTd3GTkXB8uH/fI8ImOVRW179xq5B0cuwsNIJ3F 8YjYpdjOdG0mh3h/K3Py3IClkzdRirJ2OzKNuOyREp5HQGl+kcSfNl7qJSAAGm4d 43DkePzFRLNxKFCpgNNPJit9 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsXeRH9Zk7YM6LYJAwLJv wCgD9A8EYTt7oId5qn8Jcl5IzdG2OfXF28Fy8GkZ26J8/MFEGnfKew8dkqNkJk22 GpK+6fmxs/Eq5LJaKf3s+wcKzCFmLDP2Fvym6+Blxatg22YNoRvXF+FoY9U7IQJF ZZEZYH59vHI0tzxWigLWNmmdY8TEfBSeu7UI3NF68a6+Z/ZMDTaEAgZ7Ez+jns72 OcIwQSnbM8fcPqoMC85aspl5sj9y/bXBrThB3RT0+8fBM4g+LJZTKqQQ4APcLniz 2YNa0MjNGzshQSOR0mxejf014rcx9fK9Yl8RpqoaSH1Sh8etYg/wrww7X0cPmn5i vv/rQ7+P3yqwdNkEEk3Jhfclu4xCF+gWkWQS+kcEFh550tzJWrE/BikRD2q5F0PU uotijOUgNRi69HF8D9SYqw8nDLloYdDRlW0AxT3Bhq1M3wqMYnSSA2GPvq07oFx+ cNB5PSKeVVGjIk9Sj5JZ27M/NmB3ENAQRxt97/YbV+CDotRdvRYyhKCXHSsnPzui IdHikvDtYV1Fa6bXs4w7FY/RLex0zJYgrJXnno0YYYNceWs4lAe1bryg6miUOI3m ddC2ERRZ1N/v8uAlP8c/YIQ2hP1L6B2TJPdl8EwYM8Axut5FjUTLb5k5knzl364Z ndqHdCiKmQPirGJz/l391CMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 272132777195914656111003453450925811361752 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-31 01:46:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-29 01:46:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'karriere.heel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 724002431140691026966056436975614574116128683767308817771237239106130598934431507989137769017979349021516127920597418587860761405980289628659400006722253599107143679130944270533701544498927998215653820903120383964370137024742687341940722832916154957878710124306730587430527878916479700904253690662646048766587770009126180218372905103188573390273086990840775584676190169442183886426165055678020826029749141775365674469627217757647176847926010042121118130262820852537110713171015329512049482358315719758298300954513472625238864859883921457716253000412942680347225058613652476157406297020589818451823969773476453840359366274484151016968279737586304413084719427413400465853197425086160816973318225697421933562595697877148610657977369348652826611768743676277092570475981145209785785664082976713985417694962783909608860578278019575971175510661366074111599382910665991723158073979402170828816631654391661470255270701511599880119538823361069213991149426117376435535616988221138981247737046603563993809729723208501341251877169866910982662631494521028960819723413466038344035419728462645466356610835634503732135365503181734769613143933528604244766003626722486542094246339896710252248414801437386275052948315054733998588840948289193206999798819 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c6f540a84e6adfa96a8b626ea52c97266c415125 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karriere.heel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.karriere.heel.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000169d1a495fb00000403004730450220797d8ad66096b05e8f8732216a9b303bab0468267feed4407c030224daa648ff022100d705842e1068e66eae6833e3e155232574fc6d5da08541c25860bc93cf991fbc00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000169d1a494830000040300473045022100b295a669acb74307cef02a56d431573d41184a1c56d8d46bba62f76f0fd428ad0220743d429292dd94fe5e4f5db6337ab6baab230fe42bc0ac66475138345bb60b4d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003d28c40d289de4dbe9eb2dfa94bc2cc3de3827205eab54cd829ef1a26b5adaf0e89ab406a35cb4b3d054d11e535949153b51376bc102ff3293e78046d4263f1a40017b44060c465cb7a586585e4a20e19a4a558179b557a79df39ba02a8f73c856e7b50a26e0e2fbf75db11b6dc2b9331612a0179f4df2366273ed05b3d8e9ed39d9817335603db709c6a6fd367a1312cebea3de3dcd2110f348af8e79e0e79a2e84dddc64e45c1f2e1ff7c8f0898e5515b5efdc6ae41d1cbb0b0d209dc5f188d8a5d8ce746d2687787f2b73f2dc80a59337518ab2763b328db8ec91129e4740697e91c49f365eea2520001a6e1de370e478fcc544b3712850a980d34f262b7d