picturedesk-new.stern.de
Issued by R3
About this certificate
This digital certificate with serial number 03:00:c7:18:2c:15:d2:83:64:ce:4a:af:3b:19:c0:aa:4a:67 was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=picturedesk-new.stern.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:00:c7:18:2c:15:d2:83:64:ce:4a:af:3b:19:c0:aa:4a:67Serial Number (int): 261601499675721507705302601719713458965095
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: bf:a6:7d:81:1b:16:73:c2:25:02:51:e8:e7:1a:ba:d8:0d:2b:bb:85
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 98:d2:96:f1:a0:28:f3:68:42:cf:a2:7f:7b:ad:71:da:66:e3:98:87
Fingerprint (sha256): 23:48:d6:3f:c5:0b:40:96:10:52:5a:9d:d2:61:67:15:93:47:06:96:1b:53:fe:de:5b:04:b3:66:74:64:67:00
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate picturedesk-new.stern.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for picturedesk-new.stern.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
picturedesk-new.stern.de
Other certificates including the domain name stern.de
(limited to 100 certificates)
abo.stern.de
commsvc.stern.de
static.stern.de
secure.stern.de
static.stern.de
static.stern.de
www.guj.digital
secure.stern.de
getsomelorem.com
wefind.stern.de
ssl.1.damoh.aws.stern.de
andreyneto.com.br
static.stern.de
serviceportal.dpv.de
quizbattle.stern.de
www.stern.de
stern.de
gutscheine.stern.de
www.stage.stern.de
mobile.stern.de
commsvc.stern.de
wap.stern.de
blog.stern.de
static.stern.de
*.stage.mobile-toolkit.guj.digital
tausendreporter.stern.de
neon.stern.de
www.guj.digital
www.view.stern.de
ssgtm.stern.de
view-s3.stern.de
www.stage.stern.de
*.gws.stern.de
ssl.1.damoh.aws.stern.de
*.aws.stern.de
static.stern.de
blogs.stern.de
krankenkassenvergleich.stern.de
serviceportal.dpv.de
aktion.art-magazin.de
serviceportal.dpv.de
www.guj.digital
serviceportal.dpv.de
*.brigitte.de
jungefotografie.stern.de
static.stern.de
static.stern.de
hheezd.stern.de
lbm.stern.de
newsletter.stern.de
www.guj.digital
www.stage.stern.de
*.coremedia-dev.guj.digital
*.aws.stern.de
insider.stern.de
www.guj.digital
www.stage.stern.de
augenzeuge.stern.de
static.stern.de
view-s3.stern.de
baeume.stern.de
www.guj.digital
secure.stern.de
stern.de
neon.stern.de
*.stern.de
commsvc.stern.de
oc.stern.de
static.stern.de
*.stern.de
www.guj.digital
tausendreporter.stern.de
static.stern.de
abo.stern.de
static.stern.de
static.stern.de
static.stern.de
*.coremedia.guj.digital
gewinnspiele.stern.de
neon.stern.de
stage.serviceportal.dpv.de
ssl.1.damoh.aws.stern.de
commsvc.stern.de
quizbattle.stern.de
secure.stern.de
dev.serviceportal.dpv.de
serviceportal.dpv.de
dev.serviceportal.dpv.de
reisewelten.stern.de
commsvc.stern.de
picturedesk-new.stern.de
commsvc.stern.de
form.ipstar.app
static.stern.de
serviceportal.dpv.de
wetter.stern.de
view.stern.de
*.stern.de
static.stern.de
stern.de
commsvc.stern.de
static.stern.de
secure.stern.de
static.stern.de
static.stern.de
www.guj.digital
secure.stern.de
getsomelorem.com
wefind.stern.de
ssl.1.damoh.aws.stern.de
andreyneto.com.br
static.stern.de
serviceportal.dpv.de
quizbattle.stern.de
www.stern.de
stern.de
gutscheine.stern.de
www.stage.stern.de
mobile.stern.de
commsvc.stern.de
wap.stern.de
blog.stern.de
static.stern.de
*.stage.mobile-toolkit.guj.digital
tausendreporter.stern.de
neon.stern.de
www.guj.digital
www.view.stern.de
ssgtm.stern.de
view-s3.stern.de
www.stage.stern.de
*.gws.stern.de
ssl.1.damoh.aws.stern.de
*.aws.stern.de
static.stern.de
blogs.stern.de
krankenkassenvergleich.stern.de
serviceportal.dpv.de
aktion.art-magazin.de
serviceportal.dpv.de
www.guj.digital
serviceportal.dpv.de
*.brigitte.de
jungefotografie.stern.de
static.stern.de
static.stern.de
hheezd.stern.de
lbm.stern.de
newsletter.stern.de
www.guj.digital
www.stage.stern.de
*.coremedia-dev.guj.digital
*.aws.stern.de
insider.stern.de
www.guj.digital
www.stage.stern.de
augenzeuge.stern.de
static.stern.de
view-s3.stern.de
baeume.stern.de
www.guj.digital
secure.stern.de
stern.de
neon.stern.de
*.stern.de
commsvc.stern.de
oc.stern.de
static.stern.de
*.stern.de
www.guj.digital
tausendreporter.stern.de
static.stern.de
abo.stern.de
static.stern.de
static.stern.de
static.stern.de
*.coremedia.guj.digital
gewinnspiele.stern.de
neon.stern.de
stage.serviceportal.dpv.de
ssl.1.damoh.aws.stern.de
commsvc.stern.de
quizbattle.stern.de
secure.stern.de
dev.serviceportal.dpv.de
serviceportal.dpv.de
dev.serviceportal.dpv.de
reisewelten.stern.de
commsvc.stern.de
picturedesk-new.stern.de
commsvc.stern.de
form.ipstar.app
static.stern.de
serviceportal.dpv.de
wetter.stern.de
view.stern.de
*.stern.de
static.stern.de
stern.de
Certificate
The complete raw certificate details for picturedesk-new.stern.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAwDHGCwV0oNkzkqvOxnAqkpnMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTgyMzMyMjFaFw0yNDA3MTcyMzMyMjBaMCMxITAfBgNVBAMT GHBpY3R1cmVkZXNrLW5ldy5zdGVybi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALwLaR4GV2ZTnip4mi60CZL7OCAkLHRI4I/Zt0omMUmKYDZcdIR0 gdRQlwIvgPXWWoE7Ih9keyOuC28B7LC+TL1/H+sC3ZF8dZUZUpBbnuuXXiK8XVAO xcSwRhUU1jQ5taEthdOJL6FngOWHZGnG/xlEWsXkg81yJVcBE6S4Mx4/hT267nKJ X3Szd3hFwjDawu/H9iTkr3CLqWttW5XQM6+UMG2yQV4dy7Vu/c1ntwxDXNmUYskG H/IUzlcy/hcfKAXRLNqwlV60G/jw4k78pm85MMupv0NbZDf0vnsR7Kf79zyxVDwh TvHOlvfMZZmVEekKwGmPjwL8yIAQ9otP91ECAwEAAaOCAhowggIWMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUv6Z9gRsWc8IlAlHo5xq62A0ru4UwHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYcGljdHVyZWRlc2stbmV3LnN0ZXJuLmRl MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGO88TBfQAABAMARzBF AiEAl1Shs1K4kBsSYJsAlyMLmuC9PK7zMI21QPVd0Wr+e5kCIFM0tmuA3HVWfYIK JzUJOBSDgzIJ0x7UXZd4cIUD2Z5DAHYA3+FW66oFr7WcD4ZxjajAMk6uVtlup/Wl agHRwTu+UlwAAAGO88TB8QAABAMARzBFAiAKpNmW1Nc9ezTwYO9Akpz9RYwWPWjh YfoV18yVjzFVOgIhAK4cttt8n5sZ967s/2BeXVOOoZUHvywKV8LANgqRMzHyMA0G CSqGSIb3DQEBCwUAA4IBAQAoDt+qXTUz3E2//m/NEYvoVkK+b3SBWKtz1sCjgIIH HoB+jqnhg+Mr/4sV3hMlgM8j5OSj7Ty8Zi8nHb79PXSGVurbbPpdfo7q9PETCjiD 82MxWU92Ajg7htD/0zUpMo9CZJCjT9+fvcweqA9/0UbTWy4biGETx8F2NJri5r1J NRmUIAJ6tO/Wc8Ss9OzSAKrrML/pgTvKQ1i6zr/Jefv7twntt0Jpje1a1fIPVJSS 2REn/Zaq9M1UfdHxDNwUVa2BsFpfz2UxkJ4tx6gDeo9LjM8YAV+5bHSf+jmJcKe/ R2CcDB6cInIXnvJ4hGm0/T9YgMKP1hxzW0WbubAdySZR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAtpHgZXZlOeKniaLrQJ kvs4ICQsdEjgj9m3SiYxSYpgNlx0hHSB1FCXAi+A9dZagTsiH2R7I64LbwHssL5M vX8f6wLdkXx1lRlSkFue65deIrxdUA7FxLBGFRTWNDm1oS2F04kvoWeA5Ydkacb/ GURaxeSDzXIlVwETpLgzHj+FPbrucolfdLN3eEXCMNrC78f2JOSvcIupa21bldAz r5QwbbJBXh3LtW79zWe3DENc2ZRiyQYf8hTOVzL+Fx8oBdEs2rCVXrQb+PDiTvym bzkwy6m/Q1tkN/S+exHsp/v3PLFUPCFO8c6W98xlmZUR6QrAaY+PAvzIgBD2i0/3 UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 261601499675721507705302601719713458965095 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-18 23:32:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-17 23:32:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'picturedesk-new.stern.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23738428117288642445182524106523521559127832482626668227720197481548652068764041906573888610436087320514542043206996256911851691377539318087655424676480276640191322202406132104084156054264134390495866142233301799105852635664164225034305018219088132689023038147041642284493010569360356145348370688935323078244466967789522431040684360535930059570834816068710643038602230044555835699900032365402262613569335077635157058777749210761085416235595099636925226833764851713467410627327665767671508259642571339895997403133171948278997797161629329655151156600807574990837822862834562263292619966117481899147400922166151535916881 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bfa67d811b1673c2250251e8e71abad80d2bbb85 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'picturedesk-new.stern.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018ef3c4c17d00000403004730450221009754a1b352b8901b12609b0097230b9ae0bd3caef3308db540f55dd16afe7b9902205334b66b80dc75567d820a273509381483833209d31ed45d9778708503d99e43007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018ef3c4c1f1000004030047304502200aa4d996d4d73d7b34f060ef40929cfd458c163d68e161fa15d7cc958f31553a022100ae1cb6db7c9f9b19f7aeecff605e5d538ea19507bf2c0a57c2c0360a913331f2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00280edfaa5d3533dc4dbffe6fcd118be85642be6f748158ab73d6c0a38082071e807e8ea9e183e32bff8b15de132580cf23e4e4a3ed3cbc662f271dbefd3d748656eadb6cfa5d7e8eeaf4f1130a3883f36331594f7602383b86d0ffd33529328f426490a34fdf9fbdcc1ea80f7fd146d35b2e1b886113c7c176349ae2e6bd4935199420027ab4efd673c4acf4ecd200aaeb30bfe9813bca4358bacebfc979fbfbb709edb742698ded5ad5f20f549492d91127fd96aaf4cd547dd1f10cdc1455ad81b05a5fcf6531909e2dc7a8037a8f4b8ccf18015fb96c749ffa398970a7bf47609c0c1e9c2272179ef2788469b4fd3f5880c28fd61c735b459bb9b01dc92651