livingwater.bible

Issued by R3

About this certificate

This digital certificate with serial number 04:83:85:71:41:c4:d0:f2:a5:5c:ba:88:df:db:7e:e5:e5:ac was issued on by Let's Encrypt.

With 19 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=livingwater.bible

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:83:85:71:41:c4:d0:f2:a5:5c:ba:88:df:db:7e:e5:e5:ac
Serial Number (int): 393203509180618343859962487475750199223724
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 97:56:98:89:7e:ea:02:0d:01:0a:50:32:40:15:79:ec:62:09:fc:b0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): fd:ba:ee:ea:37:ae:d3:08:70:cd:6f:79:e3:2f:fc:ba:86:03:6b:a0
Fingerprint (sha256): 20:eb:32:10:2f:ea:a7:ae:59:e6:f9:91:75:fb:0d:ce:b8:16:4b:b6:31:a0:da:be:e0:24:28:0c:b9:27:44:4d

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate livingwater.bible

19

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for livingwater.bible

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

97f.net
actualiteamericaine.com
arbitrageur.com.mx
bestpornhq.com
credit4vip.com
distressedpropertiesforsale.com.awc420.com
doha4vip.com.keycommunicationsllc.com
jonhaventownhomes.com
lgbtqpayments.com
livingwater.bible
mcleodparalegal.com
mpksoftware.net.tubaexcerpts.com
odellgear.com
realestatedinosaurs.com
t-j.in
takebacktheculture.net
thekidscollege.com.arbitragecon.com
twittwe.com
uncanceledpatriots.com

Other certificates including the domain name livingwater.bible

(limited to 100 certificates)
sanh.co.za
livingwater.bible
suricate.ca
livingwater.bible
livingwater.bible
xbone.co.za
livingwater.bible
xza.co.za
livingwater.bible
livingwater.bible
samuelharrison.com.livingwater.bible
livingwater.bible
impossible.ca

Certificate

The complete raw certificate details for livingwater.bible in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgISBIOFcUHE0PKlXLqI39t+5eWsMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjQxMzMwMTBaFw0yNDAzMjMxMzMwMDlaMBwxGjAYBgNVBAMT
EWxpdmluZ3dhdGVyLmJpYmxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsQ4OYKqHYl3lT4ljTec1BmqZ46Ti8IIT1h0jt24qfO/YKmKPf80wvH2j2oeL
Z/jWQMdMaLDYa+xu9zw+dYZylap8u6YLn4yx0I5mhQYdQsFbGYdi1x3syBsWIYMv
Vci85fcva4UrHdIcxRIWHCYgKOl2yZdtfAFdSZ9eqQ4K6rCh+e5UU57vXb7Ftsk2
33DaIAK9aZJLl+9QtwMKyMsKseCaki4kYbXwKEPehKDeFjLsZKZHJWvVQVM5ESx8
c2dOvhvKewZNMWdLfJPMeTaAldzLSoDXKQCLd3+eZUiVRcLTa2x7WypDKXSUWUND
uEmhTMofsEvfNifoKXjsRPLkKQIDAQABo4IDtzCCA7MwDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G
A1UdDgQWBBSXVpiJfuoCDQEKUDJAFXnsYgn8sDAfBgNVHSMEGDAWgBQULrMXt1hW
y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6
Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu
b3JnLzCCAbwGA1UdEQSCAbMwggGvggc5N2YubmV0ghdhY3R1YWxpdGVhbWVyaWNh
aW5lLmNvbYISYXJiaXRyYWdldXIuY29tLm14gg5iZXN0cG9ybmhxLmNvbYIOY3Jl
ZGl0NHZpcC5jb22CKmRpc3RyZXNzZWRwcm9wZXJ0aWVzZm9yc2FsZS5jb20uYXdj
NDIwLmNvbYIlZG9oYTR2aXAuY29tLmtleWNvbW11bmljYXRpb25zbGxjLmNvbYIV
am9uaGF2ZW50b3duaG9tZXMuY29tghFsZ2J0cXBheW1lbnRzLmNvbYIRbGl2aW5n
d2F0ZXIuYmlibGWCE21jbGVvZHBhcmFsZWdhbC5jb22CIG1wa3NvZnR3YXJlLm5l
dC50dWJhZXhjZXJwdHMuY29tgg1vZGVsbGdlYXIuY29tghdyZWFsZXN0YXRlZGlu
b3NhdXJzLmNvbYIGdC1qLmlughZ0YWtlYmFja3RoZWN1bHR1cmUubmV0giN0aGVr
aWRzY29sbGVnZS5jb20uYXJiaXRyYWdlY29uLmNvbYILdHdpdHR3ZS5jb22CFnVu
Y2FuY2VsZWRwYXRyaW90cy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEGBgor
BgEEAdZ5AgQCBIH3BIH0APIAdwA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv
4frUFwAAAYycO8HMAAAEAwBIMEYCIQCo969ROEg5XVjZA6j6sE2gUq/Eh40I99J8
QXQytI53RAIhAPWIud+y7/Drv3A5RLjPAXIrCcRm9s4IS9KHe6wan0nJAHcAouK/
1h7eLy8HoNZObTen3GVDsMa1LqLat4r4mm31F9gAAAGMnDvB2QAABAMASDBGAiEA
y86zYQDoRFkvLPWJyHvzRxUn48gF8pnhmiBX9nWEWkcCIQDG0o38ltRBwBw/MhFn
A9D3Cw8IlgUYt++SnPkdUlHhzTANBgkqhkiG9w0BAQsFAAOCAQEAohgy5M/nbiIa
s9L47ApM0MlqeTIUPOe2u4mDEWibO4nT1/T8nn/N9ZysLgtAi+tDCeiKcrIn4XCa
drZNgdC644w7qvU+wTvcVkE3l2Tsq534U6OOs1q0gI2bHFhc9EMrjzuPrDMG2eIm
2m5vhyInvmA4JstxOS6WgVAq03lB0dIoV5Ppt7FJGU0SQl241HgNOyGLMvsQQm3j
LzdxdwcQkjv5Ula1rvYizmfD8TeqOG/6ER12Y2QNlSv2Vniep/vcoavH2lCmHbVt
9qac3gHfBzy7i/h+oI9uK43mPxD9Xmj+IxvnkU7K7FVSyxIVCZKoSsAyolwXyo6B
K9QKvxTsJw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ4OYKqHYl3lT4ljTec1
BmqZ46Ti8IIT1h0jt24qfO/YKmKPf80wvH2j2oeLZ/jWQMdMaLDYa+xu9zw+dYZy
lap8u6YLn4yx0I5mhQYdQsFbGYdi1x3syBsWIYMvVci85fcva4UrHdIcxRIWHCYg
KOl2yZdtfAFdSZ9eqQ4K6rCh+e5UU57vXb7Ftsk233DaIAK9aZJLl+9QtwMKyMsK
seCaki4kYbXwKEPehKDeFjLsZKZHJWvVQVM5ESx8c2dOvhvKewZNMWdLfJPMeTaA
ldzLSoDXKQCLd3+eZUiVRcLTa2x7WypDKXSUWUNDuEmhTMofsEvfNifoKXjsRPLk
KQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 393203509180618343859962487475750199223724
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-24 13:30:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-23 13:30:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'livingwater.bible'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22351111331060130480634257010986800325382563564508594068938628266202230409987289233959125304154269579122092986882801423464219814102782508897823517850557200265230543556852030288959052552080116257422345306835988631013014171929230462141044598623551123384953741045276001483724136406864521735243836788268653716623723181753565681267547866713915539110169202256321733831587757523401037863328465971370227422748625480809621310449114082767389055595784427050546648292156574234592883288972645455452255630300900575557868393588802610004944933383742825207270387361181326622664421380798797677011314691996087074873540616826369403446313
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							975698897eea020d010a5032401579ec6209fcb0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (435 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '97f.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'actualiteamericaine.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitrageur.com.mx'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bestpornhq.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'credit4vip.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'distressedpropertiesforsale.com.awc420.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'doha4vip.com.keycommunicationsllc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jonhaventownhomes.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lgbtqpayments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'livingwater.bible'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mcleodparalegal.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mpksoftware.net.tubaexcerpts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'odellgear.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'realestatedinosaurs.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 't-j.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'takebacktheculture.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thekidscollege.com.arbitragecon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twittwe.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uncanceledpatriots.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f20077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c9c3bc1cc0000040300483046022100a8f7af513848395d58d903a8fab04da052afc4878d08f7d27c417432b48e7744022100f588b9dfb2eff0ebbf703944b8cf01722b09c466f6ce084bd2877bac1a9f49c9007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c9c3bc1d90000040300483046022100cbceb36100e844592f2cf589c87bf3471527e3c805f299e19a2057f675845a47022100c6d28dfc96d441c01c3f32116703d0f70b0f08960518b7ef929cf91d5251e1cd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a21832e4cfe76e221ab3d2f8ec0a4cd0c96a7932143ce7b6bb898311689b3b89d3d7f4fc9e7fcdf59cac2e0b408beb4309e88a72b227e1709a76b64d81d0bae38c3baaf53ec13bdc5641379764ecab9df853a38eb35ab4808d9b1c585cf4432b8f3b8fac3306d9e226da6e6f872227be603826cb71392e9681502ad37941d1d2285793e9b7b149194d12425db8d4780d3b218b32fb10426de32f3771770710923bf95256b5aef622ce67c3f137aa386ffa111d7663640d952bf656789ea7fbdca1abc7da50a61db56df6a69cde01df073cbb8bf87ea08f6e2b8de63f10fd5e68fe231be7914ecaec5552cb12150992a84ac032a25c17ca8e812bd40abf14ec27