karriere.heel.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:60:14:4b:0d:6a:2f:ba:f6:48:b3:bc:cf:cb:5a:95:d1:9c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=karriere.heel.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:60:14:4b:0d:6a:2f:ba:f6:48:b3:bc:cf:cb:5a:95:d1:9cSerial Number (int): 294030939273955202754576935399305044677020
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 11:72:17:eb:56:73:23:e2:8e:52:d3:bc:fd:76:5b:aa:87:8f:9c:d8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7c:2a:24:c2:06:a2:93:1b:36:d4:48:69:b3:06:0e:1d:8a:32:1a:c4
Fingerprint (sha256): 20:f5:47:94:0c:fb:fa:f7:b9:77:b9:c5:70:19:e9:5d:c5:92:cc:7b:49:a9:59:13:c9:8f:f6:95:24:26:8c:70
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate karriere.heel.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for karriere.heel.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
karriere.heel.de
www.karriere.heel.de
www.karriere.heel.de
Other certificates including the domain name heel.de
(limited to 100 certificates)
lauf.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
Certificate
The complete raw certificate details for karriere.heel.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbTCCBVWgAwIBAgISA2AUSw1qL7r2SLO8z8taldGcMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MDQwMTQ2MjFaFw0x OTExMDIwMTQ2MjFaMBsxGTAXBgNVBAMTEGthcnJpZXJlLmhlZWwuZGUwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDqS066fPvOkjpDc/4c/GyK1A0J4BVr NG3srB5sbuF2j0/B5v+dPRGWraEMDO/NhUZUJhQf64KIbjVa9NKctOGywIc7P4pO Qqp4TN7wZYMJTA8uKguDW+ONteD9jRl5ewc/DYz6F+9hQCrVcPWVnZyQrUBG/9il /OI9Evnhwf10TMxk+VdUw0kt52k1VVKgF7hV8JBY5P2eH7p/SXZLY/C5/rC//N+4 yb8Kt7pPfatCAhEMrKk5mJ67NwThHy7HsHzueLVfto9ig4IvhzLzQTo+FXwfnIoc zRDc1bHl4JZP+T4rjABZpxpuZLyWBBdIu5a9pqC/cXYTUe01Lu+RlR9JSL/ihXH6 hZk2vS/VRg5isfndzxLCYfK3o8RGxUxFUwq6fdK5vHsBtPcTdYBPLv9x4uGOEQWY fGiIcz/KMsjaiv5NVUhc8atGXymDXIA800WOr1Sw+8Ta1PAbarxUU5NFkSGrLr4k sTX8DwlimWp7cIZmYUD67LZC3LIY0Zy3OT1Zq6Uc/6U3OshZFbRjL2PG7sh8EQT3 x5nqG2zRnsJThf60aXrdDDLkiuYPtd+KR8cCmf/By5JDhuXwU9OXSCgP7rv3nrcB L7HQCmVlZdo2jUyZcuVhEcs8lCyTtU+BzSvMOvLHXBwNQ+YyUMVip6Lb4la7lCUp TCBdPRD8cnPdFwIDAQABo4ICejCCAnYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQR chfrVnMj4o5S07z9dluqh4+c2DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMDEGA1UdEQQqMCiCEGthcnJpZXJlLmhlZWwu ZGWCFHd3dy5rYXJyaWVyZS5oZWVsLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUA4mlLribo6UAJ6IYbtjuD 1D7n/nSI+6SPKJMBnd3x2/4AAAFsWoVOUwAABAMARjBEAiASLrrBcM6LjKNK/xil maCqMfnBjgmk6gw6V9ZK8VpDxQIgQ/sq3wNK6C58+hRxZPktfsoir3aV6fYJDsoK pR2dokgAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWxahU51 AAAEAwBHMEUCIQC/q4SfdH5UUvdUGVF3IV2aocWLwE4d0ELH8yxae7H8AwIgFQBk 0oegFsqg/ld+onEps/VPa41DsPQOMYCWOF7uWFowDQYJKoZIhvcNAQELBQADggEB ABIJdyA3lI6sDLwued1ZZU3Mlv2rmaSWhFOncWl7sUI1LGlS4aLKx2q3lLL4d8fB FH91mmGxE10z7ogqO5AE93GcAdXC6vrCueYLAYSQcPOdDemt1Q7z1TKnzxYVaV+m frezIoyp4wug6kyhKHz4kEZJgMe3ejTRVGyHQefb4i78epYhjAoo/dLDlsOgsrsT bupUoRlYENusd90BnK52VZHWbTJtDTCfgQ/T99AkacKWL0t9H68qE9J5avBblm7N Q1eu07264URVa8aOeaKUvglA2/eyN9ST89FTbCsMqt5AF8ZBCyv76ECiFlJp6F8w xFcoTTVZuH/G9JSlt6R7ob0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ktOunz7zpI6Q3P+HPxs itQNCeAVazRt7KwebG7hdo9Pweb/nT0Rlq2hDAzvzYVGVCYUH+uCiG41WvTSnLTh ssCHOz+KTkKqeEze8GWDCUwPLioLg1vjjbXg/Y0ZeXsHPw2M+hfvYUAq1XD1lZ2c kK1ARv/YpfziPRL54cH9dEzMZPlXVMNJLedpNVVSoBe4VfCQWOT9nh+6f0l2S2Pw uf6wv/zfuMm/Cre6T32rQgIRDKypOZieuzcE4R8ux7B87ni1X7aPYoOCL4cy80E6 PhV8H5yKHM0Q3NWx5eCWT/k+K4wAWacabmS8lgQXSLuWvaagv3F2E1HtNS7vkZUf SUi/4oVx+oWZNr0v1UYOYrH53c8SwmHyt6PERsVMRVMKun3Subx7AbT3E3WATy7/ ceLhjhEFmHxoiHM/yjLI2or+TVVIXPGrRl8pg1yAPNNFjq9UsPvE2tTwG2q8VFOT RZEhqy6+JLE1/A8JYplqe3CGZmFA+uy2QtyyGNGctzk9WaulHP+lNzrIWRW0Yy9j xu7IfBEE98eZ6hts0Z7CU4X+tGl63Qwy5IrmD7XfikfHApn/wcuSQ4bl8FPTl0go D+679563AS+x0AplZWXaNo1MmXLlYRHLPJQsk7VPgc0rzDryx1wcDUPmMlDFYqei 2+JWu5QlKUwgXT0Q/HJz3RcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294030939273955202754576935399305044677020 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-04 01:46:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-02 01:46:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'karriere.heel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 955836821020713147910426229787055754175563411855952700377276573166829601864533145322412458125517086687068063279323122255391278613356801177930363320154253619050575844479779754693426447945225711901163882609170795077447243740433256727401804633288756470876852463920274982494433882845077509624400746437870334045727143958551253451839611481572846015470580252382525355461774452631973705158169444224339623725917595379359868929795697814494737364449130735006737013824888627412224471998529070070408790812019293232116707419539278637172060635177398533144488343624316778892586604482059388422989078016082866176605074730874344108088610256265775351366159038150773966035886391376863589601748766550894508027409726291888565476594151137248642142864968689468149990012165994507540356961074598298733300245915300086468122382808525366465423011298546916847341701084706984292428152368169120433610255265448529375284798759828306965499682501569688840077990379652831542188056032281444412887263025643443624147097431343981130253944089670810580869924962536287560933648505021363505340851876138867179474486749232859290936772275901582454524069958609260843246301636185792409334628790423776642536657579661971570399042639728559974013783881041773368627940099512232682592656663 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 117217eb567323e28e52d3bcfd765baa878f9cd8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karriere.heel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.karriere.heel.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016c5a854e5300000403004630440220122ebac170ce8b8ca34aff18a599a0aa31f9c18e09a4ea0c3a57d64af15a43c5022043fb2adf034ae82e7cfa147164f92d7eca22af7695e9f6090eca0aa51d9da24800760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016c5a854e750000040300473045022100bfab849f747e5452f754195177215d9aa1c58bc04e1dd042c7f32c5a7bb1fc030220150064d287a016caa0fe577ea27129b3f54f6b8d43b0f40e318096385eee585a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001209772037948eac0cbc2e79dd59654dcc96fdab99a4968453a771697bb142352c6952e1a2cac76ab794b2f877c7c1147f759a61b1135d33ee882a3b9004f7719c01d5c2eafac2b9e60b01849070f39d0de9add50ef3d532a7cf1615695fa67eb7b3228ca9e30ba0ea4ca1287cf890464980c7b77a34d1546c8741e7dbe22efc7a96218c0a28fdd2c396c3a0b2bb136eea54a1195810dbac77dd019cae765591d66d326d0d309f810fd3f7d02469c2962f4b7d1faf2a13d2796af05b966ecd4357aed3bdbae144556bc68e79a294be0940dbf7b237d493f3d1536c2b0caade4017c6410b2bfbe840a2165269e85f30c457284d3559b87fc6f494a5b7a47ba1bd