server1.maker.co.nz

Issued by thawte DV SSL CA - G2

About this certificate

This digital certificate with serial number 68:00:77:8e:b3:ce:63:06:bb:12:5f:b2:42:a3:71:42 was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=server1.maker.co.nz

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 68:00:77:8e:b3:ce:63:06:bb:12:5f:b2:42:a3:71:42
Serial Number (int): 138242136474420485471615913578058707266
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 9f:b8:c1:a9:6c:f2:f5:c0:22:2a:94:ed:5c:99:ac:d4:ec:d7:c6:07

Fingerprint (sha1): a9:04:cd:63:6a:11:43:2a:e8:80:67:75:7b:8b:60:41:39:87:56:82
Fingerprint (sha256): 20:d9:54:82:12:a7:85:0a:44:41:bb:8f:57:60:19:00:5c:f4:30:b2:58:6f:77:3e:48:c8:d6:e9:b5:82:7a:3c

Issuing Certificate URL: http://tn.symcb.com/tn.crt

Revocation information

OCSP Server: http://tn.symcd.com
CRL Distribution Point: http://tn.symcb.com/tn.crl

Check the revocation status for certificate server1.maker.co.nz

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for server1.maker.co.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

server1.maker.co.nz

Other certificates including the domain name maker.co.nz

(limited to 100 certificates)
voice.maker.co.nz
sydney.kimisearch.com
cab.maker.co.nz
oi.nz.maker.co.nz
voice.maker.co.nz
walkerarchitecture.co.nz
reside.maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
voice.maker.co.nz
walkerarchitecture.co.nz
test.maker.co.nz
redirect.maker.co.nz
server1.maker.co.nz
voice.maker.co.nz
cab.maker.co.nz
voice.maker.co.nz
oi-craftyourbrand-au.maker.co.nz
oi.nz.maker.co.nz
oi-craftyourbrand-au.maker.co.nz
redirect.maker.co.nz
maker.co.nz
maker.co.nz
reside.maker.co.nz
search2.maker.co.nz
reside.maker.co.nz
walkerarchitecture.co.nz
maker.co.nz
sydney.kimisearch.com
admin.search.maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
zend.co.nz
server1.maker.co.nz
cab.maker.co.nz
reside.maker.co.nz
maker.co.nz
voice.maker.co.nz
oi.nz.maker.co.nz
reside.maker.co.nz
reside.maker.co.nz
fp2admin.freightways.maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
server1.maker.co.nz
admin.search.maker.co.nz
reside.maker.co.nz
reside.maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
maker.co.nz
cab.maker.co.nz
maker.co.nz
voice.maker.co.nz
cab.maker.co.nz
maker.co.nz
maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
walkerarchitecture.co.nz
cab.maker.co.nz
maker.co.nz
admin.search.maker.co.nz
maker.co.nz
voice.maker.co.nz
oi-craftyourbrand-au.maker.co.nz
admin.search.maker.co.nz
oi-craftyourbrand-au.maker.co.nz
admin-dev.search.maker.co.nz
voice.maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
oi-craftyourbrand-au.maker.co.nz
maker.co.nz
maker.co.nz
maker.co.nz
oi-craftyourbrand-nz.maker.co.nz
maker.co.nz
oi-craftyourbrand-au.maker.co.nz
maker.co.nz
reside.maker.co.nz
walkerarchitecture.co.nz
oi.nz.maker.co.nz
zend.co.nz
zend.co.nz
walkerarchitecture.co.nz
cab.maker.co.nz
redirect.maker.co.nz
voice.maker.co.nz
maker.co.nz
voice.maker.co.nz
redirect.maker.co.nz
cab.maker.co.nz
oi.nz.maker.co.nz
cab.maker.co.nz
admin.search.maker.co.nz
reside.maker.co.nz
oi.nz.maker.co.nz
cab.maker.co.nz
walkerarchitecture.co.nz
walkerarchitecture.co.nz
oi-craftyourbrand-au.maker.co.nz
reside.maker.co.nz
walkerarchitecture.co.nz
maker.co.nz

Certificate

The complete raw certificate details for server1.maker.co.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIQaAB3jrPOYwa7El+yQqNxQjANBgkqhkiG9w0BAQsFADBj
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEeMBwGA1UEAxMVdGhhd3RlIERWIFNTTCBDQSAt
IEcyMB4XDTE2MDUxMDAwMDAwMFoXDTE3MDcwOTIzNTk1OVowHjEcMBoGA1UEAwwT
c2VydmVyMS5tYWtlci5jby5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyUx9vSU7chWEDLuhkafBu2NL5QVYyY+ggVLV6xcHzHK1lx2vtCe2hLmL4J
p4qkarAuSDgQVUq0aeBvCm0cOJGSnGa82EZz2A+gySG1Sf1jIcocD+fDhWYlSEQi
8UhQUcs2lEBrkh63xvjSzTAvI5eMdDGo+dZ2TTIf1jLTnfvRYKVwxDfB8Dv2zdsX
BGNA2PMOi9j2C8YKjyYXAGFygCj7Yvg+tm8KOb8f36BBvN6AhrCFSBT3XFyRx6I/
3jpt+n/OSA2JUkBsWHf/xnpIdq7pt67KI1mmcR0W3fdhxqwRqKaGd6j1nICgYTnB
QGVL6ZHaRKrsicPPoKVZid55yT8CAwEAAaOCAn4wggJ6MB4GA1UdEQQXMBWCE3Nl
cnZlcjEubWFrZXIuY28ubnowCQYDVR0TBAIwADArBgNVHR8EJDAiMCCgHqAchhpo
dHRwOi8vdG4uc3ltY2IuY29tL3RuLmNybDBuBgNVHSAEZzBlMGMGBmeBDAECATBZ
MCYGCCsGAQUFBwIBFhpodHRwczovL3d3dy50aGF3dGUuY29tL2NwczAvBggrBgEF
BQcCAjAjDCFodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkwHwYDVR0j
BBgwFoAUn7jBqWzy9cAiKpTtXJms1OzXxgcwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggrBgEFBQcBAQRLMEkwHwYIKwYB
BQUHMAGGE2h0dHA6Ly90bi5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly90
bi5zeW1jYi5jb20vdG4uY3J0MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA3esd
K3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFUnLXwIAAABAMARzBFAiEA
kbqzaoDFoVk8/wrB4qJ0ehmMITxKBbW0V/DT+1dGjQsCIFdPsnq27Ba3AXBhh6RY
esivc4U9cO/XwevMY55463tfAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fN
DsgN3BAAAAFUnLXwWAAABAMASDBGAiEAudLjKcA5ZW0K09L5M9O9M1u/TQuY5G/9
oqHbJvJyzpUCIQCTwHMRC1Cs4vHLG7dsEc3LhFvdMGOsKKHI0z0MMCvXPTANBgkq
hkiG9w0BAQsFAAOCAQEAJBIqQwKxN26qbEeOY1g2Bbyxr6OXdZs+489zDgRfe2zV
g7nl+h3rX9vLhChZklT6ZRUXl5ZSX5QehGVkwXf/LGpGX0TJUzni39R09G93n2fW
9IsUD0loD0KxhYQPb3my/1cE1IUwRVy0PX4+7UIfYj4obxKcY6qTG6jmB0eKRVXU
hd5yMXAvGE7zRF7S08Gp6AilXcSRg0++Rc7Fm6rUIw5JyVdX0LRbJU88f3XFnDaD
Pn00c4PwI+4eFuZ3ziiP3vzTgR/YdpZ0yCwZ/CuBnYVZuNHSRWf3c0WAbP1AwD0x
4l12yNdfbmkFQXCH7j7wX1DwKWI/T2zDhyrJ8ASCrQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJTH29JTtyFYQMu6GRp8
G7Y0vlBVjJj6CBUtXrFwfMcrWXHa+0J7aEuYvgmniqRqsC5IOBBVSrRp4G8KbRw4
kZKcZrzYRnPYD6DJIbVJ/WMhyhwP58OFZiVIRCLxSFBRyzaUQGuSHrfG+NLNMC8j
l4x0Maj51nZNMh/WMtOd+9FgpXDEN8HwO/bN2xcEY0DY8w6L2PYLxgqPJhcAYXKA
KPti+D62bwo5vx/foEG83oCGsIVIFPdcXJHHoj/eOm36f85IDYlSQGxYd//Gekh2
rum3rsojWaZxHRbd92HGrBGopoZ3qPWcgKBhOcFAZUvpkdpEquyJw8+gpVmJ3nnJ
PwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 138242136474420485471615913578058707266
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte DV SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'server1.maker.co.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23806167830190497780470409189510098306407446412368332036833680079069402630491552848600156082363798752419219434362395738872196448457352694798394715223134720358731356070250511937460812435252963937492177036406388414588943754403043730395040665509968988292949035434227790397511580458015923467332434157362976101634485493038338118964770915018166643556113487780044524546210263077730532759281027422490881940736692151367992125061267527133919394634254108242454698504114970441182145960949237958057591332839376051488261948170621495858276909348244682005129019339402750630782154349090879587557285511493089971619746240533223328827711
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'server1.maker.co.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcb.com/tn.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9fb8c1a96cf2f5c0222a94ed5c99acd4ecd7c607
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcb.com/tn.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc000001549cb5f020000004030047304502210091bab36a80c5a1593cff0ac1e2a2747a198c213c4a05b5b457f0d3fb57468d0b0220574fb27ab6ec16b701706187a4587ac8af73853d70efd7c1ebcc639e78eb7b5f007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001549cb5f0580000040300483046022100b9d2e329c039656d0ad3d2f933d3bd335bbf4d0b98e46ffda2a1db26f272ce9502210093c073110b50ace2f1cb1bb76c11cdcb845bdd3063ac28a1c8d33d0c302bd73d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0024122a4302b1376eaa6c478e63583605bcb1afa397759b3ee3cf730e045f7b6cd583b9e5fa1deb5fdbcb8428599254fa6515179796525f941e846564c177ff2c6a465f44c95339e2dfd474f46f779f67d6f48b140f49680f42b185840f6f79b2ff5704d48530455cb43d7e3eed421f623e286f129c63aa931ba8e607478a4555d485de7231702f184ef3445ed2d3c1a9e808a55dc491834fbe45cec59baad4230e49c95757d0b45b254f3c7f75c59c36833e7d347383f023ee1e16e677ce288fdefcd3811fd8769674c82c19fc2b819d8559b8d1d24567f77345806cfd40c03d31e25d76c8d75f6e6905417087ee3ef05f50f029623f4f6cc3872ac9f00482ad