blog.contentcal.io

Issued by Amazon

About this certificate

This digital certificate with serial number 05:69:2d:30:92:d0:71:f7:f6:f1:98:07:9e:43:fa:4c was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=blog.contentcal.io

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:69:2d:30:92:d0:71:f7:f6:f1:98:07:9e:43:fa:4c
Serial Number (int): 7192247705891507481320763671917623884
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: bd:69:1e:e3:e2:38:5a:49:5e:9f:d6:61:99:83:f8:4e:9b:a1:74:50
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 09:9c:f9:bf:ac:53:c6:64:6e:43:7d:d5:7d:3f:b5:49:06:e6:e7:4c
Fingerprint (sha256): 24:f3:85:8d:5d:8f:0e:d8:2f:d8:1b:8b:3d:a2:cf:4b:bb:b5:67:30:f6:2d:d8:8d:d3:0f:70:39:21:d4:76:a0

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate blog.contentcal.io

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for blog.contentcal.io

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

blog.contentcal.io
*.blog.contentcal.io

Other certificates including the domain name contentcal.io

(limited to 100 certificates)
contentcal.io
ac.awesomedrives.com
j2.shared.global.fastly.net
j2.shared.global.fastly.net
status.contentcal.io
status.contentcal.io
ac.awesomedrives.com
ac.awesomedrives.com
j2.shared.global.fastly.net
j2.shared.global.fastly.net
j2.shared.global.fastly.net
ac.awesomedrives.com
j2.shared.global.fastly.net
ac.awesomedrives.com
ac.awesomedrives.com
ac.awesomedrives.com
j2.shared.global.fastly.net
j2.shared.global.fastly.net
ac.awesomedrives.com
status.contentcal.io
j2.shared.global.fastly.net
ac.awesomedrives.com
j2.shared.global.fastly.net
*.contentcal.io
j2.shared.global.fastly.net
ac.awesomedrives.com
ac.awesomedrives.com
j2.shared.global.fastly.net
ac.awesomedrives.com
*.mockups.contentcal.io
j2.shared.global.fastly.net
ac.awesomedrives.com
ac.awesomedrives.com
auth.contentcal.io
blog.contentcal.io
ac.awesomedrives.com
j2.shared.global.fastly.net
j2.shared.global.fastly.net
j2.shared.global.fastly.net
j2.shared.global.fastly.net
blog.contentcal.io
j2.shared.global.fastly.net
j2.shared.global.fastly.net
ac.awesomedrives.com
*.contentcal.io
ac.awesomedrives.com
status-beta.plaid.com
ac.awesomedrives.com
j2.shared.global.fastly.net
*.oldstage.contentcal.io
auth.contentcal.io
contentcal.io
j2.shared.global.fastly.net
*.contentcal.io
*.contentcal.io
j2.shared.global.fastly.net
j2.shared.global.fastly.net
contentcal.io
status.contentcal.io
ac.awesomedrives.com
*.contentcal.io
j2.shared.global.fastly.net
status.contentcal.io
ac.awesomedrives.com
j2.shared.global.fastly.net
ac.awesomedrives.com
j2.shared.global.fastly.net
*.preview.contentcal.io
j2.shared.global.fastly.net
*.stage.contentcal.io
blog.contentcal.io
j2.shared.global.fastly.net
info.contentcal.io
info.contentcal.io
j2.shared.global.fastly.net
ac.awesomedrives.com
auth.contentcal.io
ac.awesomedrives.com
j2.shared.global.fastly.net
j2.shared.global.fastly.net
www.contentcal.io
j2.shared.global.fastly.net
ac.awesomedrives.com
*.dev.contentcal.io
info.contentcal.io
ac.awesomedrives.com
ac.awesomedrives.com
j2.shared.global.fastly.net
ac.awesomedrives.com
status-beta.plaid.com
j2.shared.global.fastly.net
stage.contentcal.io
j2.shared.global.fastly.net
www.contentcal.io
*.stage.contentcal.io
stage.contentcal.io
status.contentcal.io
j2.shared.global.fastly.net
j2.shared.global.fastly.net
j2.shared.global.fastly.net

Certificate

The complete raw certificate details for blog.contentcal.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIQBWktMJLQcff28ZgHnkP6TDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIx
MjAwMDBaMB0xGzAZBgNVBAMTEmJsb2cuY29udGVudGNhbC5pbzCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAO0YkeMMRme5eaH0h1vJIcY9WrMEUoQGNT9A
XUgDm7Q2vlkuumsetOP6SCu9DofeVhmWgsxrtC3XCtWZOLalMkerxqCyw/XwmKML
a1/JWO726hcTftsMxskENmkdRaCx3mJBEh2wmZwiRrSStp5lfNMxiBVlWHsDTO89
6G113mGaK6kqS6BCURubCQoUG1LV4s2XzrAc9j1U2cyiJSRqNYCQ/odGoZiu+Wel
ivLEgRR3Xv048/daP1B+Tgwdl2r5fZMN/h4rwS9y/8ZjEiQmwdsqQAVpUr5cxcrR
Cgm6JH3CQPZkfkHnxmVvJoMSrzCdlhO2HIkobSFTdG3oeurUT88CAwEAAaOCApIw
ggKOMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBS9
aR7j4jhaSV6f1mGZg/hOm6F0UDAzBgNVHREELDAqghJibG9nLmNvbnRlbnRjYWwu
aW+CFCouYmxvZy5jb250ZW50Y2FsLmlvMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov
L2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcw
CwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUH
MAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcw
AoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwG
A1UdEwEB/wQCMAAwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdQCkuQmQtBhYFIe7
E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWux+mIfAAAEAwBGMEQCIBr5RmWYgUmD
qD07z92dzRRScBbqLKbu9jUKRnGqqcGvAiB7tC2Ag3q1yG4z6WLsU/Qq6aOS+cJX
np2vu2TTz0BQMgB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAAB
a7H6Yn0AAAQDAEYwRAIgTvjR6W9VZp/RdsIbyC3kRmEnfVXMF1B52PANn4NfnTwC
IHqDUDY/AMdntc14S5D5qFbLAOrr71/G1jifUAJs7eJRMA0GCSqGSIb3DQEBCwUA
A4IBAQBChh7vCOJtfj/5MiRpdpOhpyM1RT8wPBxh2C7Tnqfep4IAiuUCl0IujnYy
87KonNEg5FHiKnzt4Yr+u5swED1pZxV7dU9l8LPvOpB8hW7XtDN5jiNIer2Yybcx
FioAWrJ12+h/OqMGILl71btc0HqgQLiBa4jXEDhZVa2AWqkzBcgtvKtEo29vtCg4
5POm8061Xk+h80tA7SKUuhMCUXOpsQAyp+Bu8rbnp1nBZQGu9eLZjLNoZ10coF8g
9urSoqws1dQeCeBSvzI0B0zIKwlVHAEGapRE48kxUr7Mr4a9AZL3+fL2Ch8qjxpi
pmf0wG3pYW7DEOdW0iFjoom3oYKo
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RiR4wxGZ7l5ofSHW8kh
xj1aswRShAY1P0BdSAObtDa+WS66ax604/pIK70Oh95WGZaCzGu0LdcK1Zk4tqUy
R6vGoLLD9fCYowtrX8lY7vbqFxN+2wzGyQQ2aR1FoLHeYkESHbCZnCJGtJK2nmV8
0zGIFWVYewNM7z3obXXeYZorqSpLoEJRG5sJChQbUtXizZfOsBz2PVTZzKIlJGo1
gJD+h0ahmK75Z6WK8sSBFHde/Tjz91o/UH5ODB2Xavl9kw3+HivBL3L/xmMSJCbB
2ypABWlSvlzFytEKCbokfcJA9mR+QefGZW8mgxKvMJ2WE7YciShtIVN0beh66tRP
zwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7192247705891507481320763671917623884
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-02 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blog.contentcal.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29930594131775354601904802239506474893555500239710505326814846053958260343846388029944115628262700797950212881138321604748423082569276111464557276944492576537156912409334119547334952817699934163027339296688494593762222180402289147339615925328423939930483584100905106293918338595839218886822865109578372913881859790250232904670016924709067988861281055188123603949383327626622975073165372979430960233496855419316979216136195421331523198669881855375089149915408760253260046366208505360854553454844993741422639235910514443695442079766812434646012630801248460700605523910921560971398286821382466914599898238514348156014543
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bd691ee3e2385a495e9fd6619983f84e9ba17450
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.contentcal.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.blog.contentcal.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016bb1fa621f000004030046304402201af9466598814983a83d3bcfdd9dcd14527016ea2ca6eef6350a4671aaa9c1af02207bb42d80837ab5c86e33e962ec53f42ae9a392f9c2579e9dafbb64d3cf4050320075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016bb1fa627d000004030046304402204ef8d1e96f55669fd176c21bc82de44661277d55cc175079d8f00d9f835f9d3c02207a8350363f00c767b5cd784b90f9a856cb00eaebef5fc6d6389f50026cede251
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0042861eef08e26d7e3ff93224697693a1a72335453f303c1c61d82ed39ea7dea782008ae50297422e8e7632f3b2a89cd120e451e22a7cede18afebb9b30103d6967157b754f65f0b3ef3a907c856ed7b433798e23487abd98c9b731162a005ab275dbe87f3aa30620b97bd5bb5cd07aa040b8816b88d710385955ad805aa93305c82dbcab44a36f6fb42838e4f3a6f34eb55e4fa1f34b40ed2294ba13025173a9b10032a7e06ef2b6e7a759c16501aef5e2d98cb368675d1ca05f20f6ead2a2ac2cd5d41e09e052bf3234074cc82b09551c01066a9444e3c93152beccaf86bd0192f7f9f2f60a1f2a8f1a62a667f4c06de9616ec310e756d22163a289b7a182a8