portal.shenandoah.k12.va.us

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 08:b7:55:eb:b3:b6:6d:6f:df:67:aa:bc:18:4e:8f:03 was issued on by Amazon.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=portal.shenandoah.k12.va.us

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 08:b7:55:eb:b3:b6:6d:6f:df:67:aa:bc:18:4e:8f:03
Serial Number (int): 11585756970444059742180785212196032259
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 69:62:b1:26:af:f0:f2:8d:5b:00:dd:03:62:d7:4f:50:29:18:34:56
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): c6:75:05:f8:df:fb:d2:9b:6b:3e:a2:2c:af:5b:32:a2:1a:1e:c8:fb
Fingerprint (sha256): 24:12:88:58:a8:a8:25:13:65:54:4b:7c:d1:d5:5a:f1:8d:3e:9b:1d:70:e1:12:85:1f:cd:43:de:32:6a:5c:e4

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate portal.shenandoah.k12.va.us

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for portal.shenandoah.k12.va.us

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

portal.shenandoah.k12.va.us
ia9941763832a44026baecf856e2f0f44f.us003.ia.us003-rapididentity.com
ia9941763832a44026baecf856e2f0f44f.us003-rapididentity.com
shenandoahk12.us003-rapididentity.com
shenandoahk12.us003.ia.us003-rapididentity.com

Other certificates including the domain name shenandoah.k12.va.us

(limited to 100 certificates)
moodle.shenandoah.k12.va.us
forti-ems.shenandoah.k12.va.us
powerschool.shenandoah.k12.va.us
moodle.shenandoah.k12.va.us
portal.shenandoah.k12.va.us
*.shenandoah.k12.va.us
vpn.shenandoah.k12.va.us
vanity.shenandoahk12.us003-rapididentity.com
moodle.shenandoah.k12.va.us
forti-ems.shenandoah.k12.va.us
www.shenandoah.k12.va.us
powerschool.shenandoah.k12.va.us
www.shenandoah.k12.va.us
www.shenandoah.k12.va.us
www.shenandoah.k12.va.us
www.shenandoah.k12.va.us
www.shenandoah.k12.va.us
www.shenandoah.k12.va.us
www.shenandoah.k12.va.us
moodle.shenandoah.k12.va.us
powerschool.shenandoah.k12.va.us
portal.shenandoah.k12.va.us

Certificate

The complete raw certificate details for portal.shenandoah.k12.va.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGvzCCBaegAwIBAgIQCLdV67O2bW/fZ6q8GE6PAzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI0MDIyMjAwMDAwMFoXDTI1MDMyMjIzNTk1OVowJjEk
MCIGA1UEAxMbcG9ydGFsLnNoZW5hbmRvYWguazEyLnZhLnVzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop8aG+b26uyO8P+FMT0Z2PW0yQs+IihAQcYW
AdQAQAG4DelTk787y2inYV1QaFBvsamym2PuBH3xN6tmIzxH2egPw3l/seKaknGe
eWf+FA0e+D4vTzfz3MZpZ431KhcFlyMiAXW7HPkAJXQiktWjO4velUrxwoy4foJS
VpQ4S9LPsQxJikZney8+A3EHZQyY8XG+q5j+9+VCeibNX4yLPc+t3IdSgDOghUyY
BXh0Zlb473d55v/a+8eCLrxPEHoZcGjx0u3Ef0j/TfLWP5uXZQRPtpBV2QzI6vb4
RJF/iP7liUSufsLh6pHbLBWr2sOAUov2VAB129e7HQHAhg0TbwIDAQABo4ID0TCC
A80wHwYDVR0jBBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFGli
sSav8PKNWwDdA2LXT1ApGDRWMIIBAAYDVR0RBIH4MIH1ghtwb3J0YWwuc2hlbmFu
ZG9haC5rMTIudmEudXOCQ2lhOTk0MTc2MzgzMmE0NDAyNmJhZWNmODU2ZTJmMGY0
NGYudXMwMDMuaWEudXMwMDMtcmFwaWRpZGVudGl0eS5jb22COmlhOTk0MTc2Mzgz
MmE0NDAyNmJhZWNmODU2ZTJmMGY0NGYudXMwMDMtcmFwaWRpZGVudGl0eS5jb22C
JXNoZW5hbmRvYWhrMTIudXMwMDMtcmFwaWRpZGVudGl0eS5jb22CLnNoZW5hbmRv
YWhrMTIudXMwMDMuaWEudXMwMDMtcmFwaWRpZGVudGl0eS5jb20wEwYDVR0gBAww
CjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFt
YXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUF
BzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUH
MAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAM
BgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgBOdaMnXJoQ
wzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY3PwAWyAAAEAwBHMEUCIQCmLZo0
h/a7wjU2lK8V9ZDUp8VhoMSC8gF/pCecDd8SBwIgUhaww93BXL8H3EMn6BwBMubL
9qUnGf1sL2sEIUAF4uUAdwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55
uAAAAY3PwAYiAAAEAwBIMEYCIQDin1pSH5Dihlpz3KRL3RsFLC2WuxQwXTPGWD1u
h2Do0AIhAP9mMpXijsl3G0zF+Ch/0+fTx4Cf8He1OeINfaCYHY/PAHYA5tIxY0B3
jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGNz8AF+gAABAMARzBFAiATDeaC
MDtvuB23RTgzcb+0gxDYzteZ2qVDvfnmgqOKIgIhAIa6TCj2k4UHbCLV9YB+QZm8
yNwTaTeLEcC/MJUjUMucMA0GCSqGSIb3DQEBCwUAA4IBAQArcT4OAoX3kh4NDPDm
dfMCBd2+OUhz5hWd+KxTawhYTl4zULQ8F0GiOvZofpQzJOPe0wOA5HwOPj44GPCe
JiVK46S2k8X8Lpxqlj8zIjZ0Nh4eKRjG2jqvQMMFxhHXPbFO/ra8wk9au0S2eiw2
zXTfvPrTqfn0MJ+/IXpHWoWnrNidOkHb7AMXE9SGlM14NguUFxwMsq7ulprk4KOw
RIHbTwH6tsxjG66iK5LHEVHEmMnvaGCG5t7veVQ27hBIqzBCDOrjLTFQW0j9nxYO
foKIssg2jRVKEeaCtU5QkEbTOdeh9MBQqtBSVLBh4L+qtNi4RO+nkw7QQL3/jq1l
fe/Y
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop8aG+b26uyO8P+FMT0Z
2PW0yQs+IihAQcYWAdQAQAG4DelTk787y2inYV1QaFBvsamym2PuBH3xN6tmIzxH
2egPw3l/seKaknGeeWf+FA0e+D4vTzfz3MZpZ431KhcFlyMiAXW7HPkAJXQiktWj
O4velUrxwoy4foJSVpQ4S9LPsQxJikZney8+A3EHZQyY8XG+q5j+9+VCeibNX4yL
Pc+t3IdSgDOghUyYBXh0Zlb473d55v/a+8eCLrxPEHoZcGjx0u3Ef0j/TfLWP5uX
ZQRPtpBV2QzI6vb4RJF/iP7liUSufsLh6pHbLBWr2sOAUov2VAB129e7HQHAhg0T
bwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11585756970444059742180785212196032259
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'portal.shenandoah.k12.va.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20529061519008908652872458181431164142505501536486303503013270803608365814756601438950790589379151490549104455075937558441444597477075710569210802308577503114228235576637609583155907469964804728633823743845571161661682926917118382382856669663864498404634099613559504746044977485179490622699954154368167929377720006278872917783924631902016193328056877208114747503808035619731789696368233174183678432007186843954130045984958639881572466920224345117870779497517921537396569937838359453796101025104576282069420279855589273991733734768637853733712683691401632657514149307367629626936943810186149064415849757945646421971823
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6962b126aff0f28d5b00dd0362d74f5029183456
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (248 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.shenandoah.k12.va.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ia9941763832a44026baecf856e2f0f44f.us003.ia.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ia9941763832a44026baecf856e2f0f44f.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shenandoahk12.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shenandoahk12.us003.ia.us003-rapididentity.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dcfc005b20000040300473045022100a62d9a3487f6bbc2353694af15f590d4a7c561a0c482f2017fa4279c0ddf120702205216b0c3ddc15cbf07dc4327e81c0132e6cbf6a52719fd6c2f6b04214005e2e50077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dcfc006220000040300483046022100e29f5a521f90e2865a73dca44bdd1b052c2d96bb14305d33c6583d6e8760e8d0022100ff663295e28ec9771b4cc5f8287fd3e7d3c7809ff077b539e20d7da0981d8fcf007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dcfc005fa00000403004730450220130de682303b6fb81db745383371bfb48310d8ced799daa543bdf9e682a38a2202210086ba4c28f69385076c22d5f5807e4199bcc8dc1369378b11c0bf30952350cb9c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002b713e0e0285f7921e0d0cf0e675f30205ddbe394873e6159df8ac536b08584e5e3350b43c1741a23af6687e943324e3ded30380e47c0e3e3e3818f09e26254ae3a4b693c5fc2e9c6a963f33223674361e1e2918c6da3aaf40c305c611d73db14efeb6bcc24f5abb44b67a2c36cd74dfbcfad3a9f9f4309fbf217a475a85a7acd89d3a41dbec031713d48694cd78360b94171c0cb2aeee969ae4e0a3b04481db4f01fab6cc631baea22b92c71151c498c9ef686086e6deef795436ee1048ab30420ceae32d31505b48fd9f160e7e8288b2c8368d154a11e682b54e509046d339d7a1f4c050aad05254b061e0bfaab4d8b844efa7930ed040bdff8ead657defd8