riegler.shop
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0c:7d:06:93:f3:63:e4:f1:23:ea:cd:73:5d:95:bc:76 was issued on by Amazon.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=riegler.shop
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:7d:06:93:f3:63:e4:f1:23:ea:cd:73:5d:95:bc:76Serial Number (int): 16599906473058977625832389561766231158
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 28:7e:d7:06:5b:e0:c4:e6:bf:ce:af:4e:7d:e0:cf:65:18:e8:9b:59
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): dd:e3:e0:a6:ee:84:66:55:4f:33:2a:b6:da:87:49:77:f5:71:db:19
Fingerprint (sha256): 20:d6:da:ba:02:13:49:75:3b:55:93:47:da:da:e6:df:98:7f:8a:ee:16:96:a4:6d:bf:46:30:2c:38:2b:f2:0a
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate riegler.shop
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for riegler.shop
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
riegler.shop
production.riegler.sales.diarz.net
riegler.solutions
*.riegler.solutions
*.riegler.shop
*.production.riegler.sales.diarz.net
production.riegler.sales.diarz.net
riegler.solutions
*.riegler.solutions
*.riegler.shop
*.production.riegler.sales.diarz.net
Other certificates including the domain name riegler.shop
(limited to 100 certificates)
www.riegler.shop
riegler.shop
www.riegler.shop
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
riegler.shop
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
riegler.shop
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
riegler.shop
www.riegler.shop
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
riegler.shop
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
riegler.shop
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
live.riegler.responsive.dia.ovh
Certificate
The complete raw certificate details for riegler.shop in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSjCCBTKgAwIBAgIQDH0Gk/Nj5PEj6s1zXZW8djANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTAxMDAwMDAwMFoXDTI0MTEwODIzNTk1OVowFzEV MBMGA1UEAxMMcmllZ2xlci5zaG9wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAntfzjYA7iesPrqeGV0j49sg0ZSetC2hVdoYow15RD3UntVktfCQXY7cj EygpRAFXKZ5whI5FFBPd8x4GVOdGE1IJ16sNOgnagLdDemYiua2WW40URCR+d05b R4Wp47OsuembQzI602ODVOC6s93Ql1L4y3PiXxbbM+OwcyVbYl7AIzV1oV7oaQCf 809j5hPWRxU2027w9mky/Qnsb3kmxrWBY0LXQUEjbADlyj/6tKe46iaJFSZ/Tr3L LKF9Ov56NooBOEbnmmslZ47dDbuEBNa6ivxDiY1zZwxbil1PzPvDOQDUyBs3xS1h XvKm+lhd7/KpElxDZcbQfXFY1gfbzQIDAQABo4IDazCCA2cwHwYDVR0jBBgwFoAU wDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFCh+1wZb4MTmv86vTn3gz2UY 6JtZMIGbBgNVHREEgZMwgZCCDHJpZWdsZXIuc2hvcIIicHJvZHVjdGlvbi5yaWVn bGVyLnNhbGVzLmRpYXJ6Lm5ldIIRcmllZ2xlci5zb2x1dGlvbnOCEyoucmllZ2xl ci5zb2x1dGlvbnOCDioucmllZ2xlci5zaG9wgiQqLnByb2R1Y3Rpb24ucmllZ2xl ci5zYWxlcy5kaWFyei5uZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy MDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5j cmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0w Mi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIu YW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYB BAHWeQIEAgSCAW8EggFrAWkAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAYsW+idHAAAEAwBIMEYCIQCbV81KsBkkRstDlyTMI4Ty8fadO+yowqJg 1HNe4qozMwIhAOdiMU12UlIa+iBZJieOOhpplK99EyAyg3aGQzVZyCMvAHUASLDj a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGLFvonPgAABAMARjBEAiA/ 97OcTW+DrEOZySlFHz6jwaviP5Y1Qxj0Y/uyBwSOlAIgdRdpDEB9MdwbDkPIOhy6 XLFJRG3/GrWta64iZ4ZCU4IAdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0w SNf7qwAAAYsW+icaAAAEAwBIMEYCIQCwshli9BbkY60zJnFuKbhprieE6iwf1YGG ApAwlqUiiwIhAJwmO8fOnx7S42LOTche/Lb8gvioyqJUvgPZIUB04IGaMA0GCSqG SIb3DQEBCwUAA4IBAQCGB6Xn9GG+b7FRj4k4rpBB9fQVpBDYGRV6h9C6M3ENJ8zg DcW7K/yu8QylGa9GorSqlSb65yGh8fmCTCzDLGXnZ4WOyYymfy/opgWr/wuUlQiH w+1TjQBbWxeYzbp5UO3apszc0XW7KCB8Ovt1VBWlleCDft+SyL9riFdhyEJH17Wb uhlwk7FU5M7Cu+7YqR89IgVClyOxA4gK8QjHIdKRwxd7CBg/iLadI8hY7IBSb9vb oWHB9v8TK6fw0MbCdFunOZna/lPT0RicKyvfaYzKIyA/yEwyu8QaIheXLIXmSykY sX3tl25wCXeAtCHEEdUMaDOIoPRIROvMUY9nPoj1 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntfzjYA7iesPrqeGV0j4 9sg0ZSetC2hVdoYow15RD3UntVktfCQXY7cjEygpRAFXKZ5whI5FFBPd8x4GVOdG E1IJ16sNOgnagLdDemYiua2WW40URCR+d05bR4Wp47OsuembQzI602ODVOC6s93Q l1L4y3PiXxbbM+OwcyVbYl7AIzV1oV7oaQCf809j5hPWRxU2027w9mky/Qnsb3km xrWBY0LXQUEjbADlyj/6tKe46iaJFSZ/Tr3LLKF9Ov56NooBOEbnmmslZ47dDbuE BNa6ivxDiY1zZwxbil1PzPvDOQDUyBs3xS1hXvKm+lhd7/KpElxDZcbQfXFY1gfb zQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16599906473058977625832389561766231158 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'riegler.shop' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20052141777992627430270638620790872691380764053421682912438977945579167439627992767298056631580049286615608623641199184975869281002881584805944937715026058670692722158703947068939078383817060650845477274875050992727835810840032590783911329336567175432821644072536819271490471799807839236077633049698662828806126956743624351784388976585382363454579775435169963290544080191817409544293780970173830176454158142909174067211193957617542590367640894787483864444431745269671570255847670197544799231017281371902276461603397545107140908809023119661172206596525006596072476532441291587160723674654086783938359365409695127296973 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 287ed7065be0c4e6bfceaf4e7de0cf6518e89b59 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riegler.shop' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'production.riegler.sales.diarz.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riegler.solutions' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.riegler.solutions' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.riegler.shop' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.production.riegler.sales.diarz.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b16fa274700000403004830460221009b57cd4ab0192446cb439724cc2384f2f1f69d3beca8c2a260d4735ee2aa3333022100e762314d7652521afa205926278e3a1a6994af7d132032837686433559c8232f00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b16fa273e000004030046304402203ff7b39c4d6f83ac4399c929451f3ea3c1abe23f96354318f463fbb207048e9402207517690c407d31dc1b0e43c83a1cba5cb149446dff1ab5ad6bae226786425382007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b16fa271a0000040300483046022100b0b21962f416e463ad3326716e29b869ae2784ea2c1fd5818602903096a5228b0221009c263bc7ce9f1ed2e362ce4dc85efcb6fc82f8a8caa254be03d9214074e0819a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008607a5e7f461be6fb1518f8938ae9041f5f415a410d819157a87d0ba33710d27cce00dc5bb2bfcaef10ca519af46a2b4aa9526fae721a1f1f9824c2cc32c65e767858ec98ca67f2fe8a605abff0b94950887c3ed538d005b5b1798cdba7950eddaa6ccdcd175bb28207c3afb755415a595e0837edf92c8bf6b885761c84247d7b59bba197093b154e4cec2bbeed8a91f3d2205429723b103880af108c721d291c3177b08183f88b69d23c858ec80526fdbdba161c1f6ff132ba7f0d0c6c2745ba73999dafe53d3d1189c2b2bdf698cca23203fc84c32bbc41a2217972c85e64b2918b17ded976e70097780b421c411d50c683388a0f44844ebcc518f673e88f5