matthew-andersen.com
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 90:b5:e9:7e:74:28:05:6c was issued on by GoDaddy.com, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=matthew-andersen.com
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 90:b5:e9:7e:74:28:05:6cSerial Number (int): 10427497241570182508
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 38:36:1b:01:7e:01:f7:20:10:ef:40:72:b4:71:c9:df:95:d3:01:01
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): 52:b7:1f:2f:ba:d6:7a:3f:7d:22:45:60:3b:21:f7:57:af:83:66:8a
Fingerprint (sha256): 25:78:c2:f6:4e:72:97:c9:7d:3e:04:0e:1a:f8:29:df:92:84:cf:6b:f5:0f:40:ad:89:fa:f7:dd:17:78:60:e4
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-17701.crl
Check the revocation status for certificate matthew-andersen.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for matthew-andersen.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
matthew-andersen.com
Other certificates including the domain name matthew-andersen.com
(limited to 100 certificates)
matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
www.matthew-andersen.com
*.arkofthecovenantchurch.com
www.matthew-andersen.com
*.matthew-andersen.com
web07.tigertechnologies.net
*.windsorcarpetcleaners.co.uk
www.matthew-andersen.com
matthew-andersen.com
*.timetocareny.org
*.homeswish.com
www.matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
*.kalisspa.com
matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
www.matthew-andersen.com
*.arkofthecovenantchurch.com
www.matthew-andersen.com
*.matthew-andersen.com
web07.tigertechnologies.net
*.windsorcarpetcleaners.co.uk
www.matthew-andersen.com
matthew-andersen.com
*.timetocareny.org
*.homeswish.com
www.matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
*.kalisspa.com
matthew-andersen.com
matthew-andersen.com
matthew-andersen.com
www.matthew-andersen.com
Certificate
The complete raw certificate details for matthew-andersen.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGkjCCBXqgAwIBAgIJAJC16X50KAVsMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MDIyNDA5NDQzM1oX DTI1MDIyNDA5NDQzM1owHzEdMBsGA1UEAxMUbWF0dGhldy1hbmRlcnNlbi5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgiqrOf0wn1Cc74yJfzQJC /K1LLR+rtGDAYiJ93mTsVxd2q+Ja+z9s9eE8sCga/S0W7DxO3f98EunvHgsqMact Xb9vxnXwyDHx3IFN+4lxhY/jaxVN1OaEB8dEJvtm/8UxXdy80TKiTzmc2L+iIrEM TqaQeCe46uIz8LaNEv9RLVQcnIKH5yzY8DTVQWSCer8EgSiYPGm/yVFraRyejsFu AB7zI03vetpPgrgv1HdvREuzqcervZpQmZn8/xqelV4CNiBsGcZ0Oe6MR/pX9BMj unHnwL2jk/XDjalM0MOwsvtPKao1X+vHxm1sts0EyRUtevdxHVqGx9BWnFalUJJR AgMBAAGjggM5MIIDNTAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwOQYDVR0fBDIwMDAuoCygKoYoaHR0 cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMxLTE3NzAxLmNybDBdBgNVHSAEVjBU MEgGC2CGSAGG/W0BBxcBMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0 ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMHYGCCsGAQUFBwEB BGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMEAGCCsG AQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRv cnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0LIDOMB8G A1UdEQQYMBaCFG1hdHRoZXctYW5kZXJzZW4uY29tMB0GA1UdDgQWBBQ4NhsBfgH3 IBDvQHK0ccnfldMBATCCAYEGCisGAQQB1nkCBAIEggFxBIIBbQFrAHcATnWjJ1ya EMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGN2oCL5QAABAMASDBGAiEAwww9 3DTfqW8KT2xpS1m2pdTUY4A+dmOLdXdWeWaC7rcCIQChaNfJ0DYhaZBa5uHgpgqG UXt8aB0UeqPBOq6QER5PjwB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6M Lnm4AAABjdqAjH0AAAQDAEgwRgIhAP+n7NlYXv8C0ysYIg/Yn7NCD1jFlYvx10Vg kGFd567MAiEA1FZGcmPG9W4E1UP42jM4NGO690odIfP+Bu0X+ytzqXAAdwDM+w9q hXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAY3agIzeAAAEAwBIMEYCIQDg Hjcr6SD4YkZaNE/tmxUs8N3di5OLvoxiEaTiC28WpAIhAOo9lyi44Jd+eB8Zask1 8BfQaT4eIc3XSkKhEiESXr7uMA0GCSqGSIb3DQEBCwUAA4IBAQAZcNG9ATAdbLBC dT6812y18uOn+3Mn633W+MunCp1ZnhD1MIytUbKqAyJAQU+GocSRyinLosHhqkrj TqMB/Erl0hFW01kNzKlhJvYtUsDK0+t7ZxTKjO5sP4i6IP/JX8PXb9SHPsKyB7sI qzO8rjiQUUjmg3ErDSOJHL4TnFu05RDYfkee7Ha6V/RXvlOu6suUulfiS3fSAFHa uu4QIuTsOw9B1WPfwQ6Pojsds9NiitHZkWgVRJpVO7VAToVgDhjqnV2JlF9CR2gh RVHQH5H72zdsfEaBNJHkrhVgSqWi3zvlpCIwu7MqslYbc9PvuhoAw4s7H2fO3/v7 I1vYbdOE -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIqqzn9MJ9QnO+MiX80C QvytSy0fq7RgwGIifd5k7FcXdqviWvs/bPXhPLAoGv0tFuw8Tt3/fBLp7x4LKjGn LV2/b8Z18Mgx8dyBTfuJcYWP42sVTdTmhAfHRCb7Zv/FMV3cvNEyok85nNi/oiKx DE6mkHgnuOriM/C2jRL/US1UHJyCh+cs2PA01UFkgnq/BIEomDxpv8lRa2kcno7B bgAe8yNN73raT4K4L9R3b0RLs6nHq72aUJmZ/P8anpVeAjYgbBnGdDnujEf6V/QT I7px58C9o5P1w42pTNDDsLL7TymqNV/rx8ZtbLbNBMkVLXr3cR1ahsfQVpxWpVCS UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10427497241570182508 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-24 09:44:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-24 09:44:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'matthew-andersen.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20266508146029296956572425456448015434890029406510827990999619959679584481095151380511428558682272348306834368911832038271214307355242114733511174772922929584671712660077904773797873945765764845427624912980082099023142834236295624741893531994288759081479324928504880084151288153705600221984959593851815159878765226437973295680193301661988463015907965660141841541972459848132159860026775463915193445695499575858369661827885462355167155506197823737114326039348461676924926663503405779761330898919051800280896809810215999812553372626556736290398538278767333346693684472518886744692325003135262257551635335172901779313233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-17701.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'matthew-andersen.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 38361b017e01f72010ef4072b471c9df95d30101 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) 016b0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dda808be50000040300483046022100c30c3ddc34dfa96f0a4f6c694b59b6a5d4d463803e76638b757756796682eeb7022100a168d7c9d0362169905ae6e1e0a60a86517b7c681d147aa3c13aae90111e4f8f0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dda808c7d0000040300483046022100ffa7ecd9585eff02d32b18220fd89fb3420f58c5958bf1d7456090615de7aecc022100d456467263c6f56e04d543f8da33383463baf74a1d21f3fe06ed17fb2b73a970007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018dda808cde0000040300483046022100e01e372be920f862465a344fed9b152cf0dddd8b938bbe8c6211a4e20b6f16a4022100ea3d9728b8e0977e781f196ac935f017d0693e1e21cdd74a42a11221125ebeee . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001970d1bd01301d6cb042753ebcd76cb5f2e3a7fb7327eb7dd6f8cba70a9d599e10f5308cad51b2aa032240414f86a1c491ca29cba2c1e1aa4ae34ea301fc4ae5d21156d3590dcca96126f62d52c0cad3eb7b6714ca8cee6c3f88ba20ffc95fc3d76fd4873ec2b207bb08ab33bcae38905148e683712b0d23891cbe139c5bb4e510d87e479eec76ba57f457be53aeeacb94ba57e24b77d20051dabaee1022e4ec3b0f41d563dfc10e8fa23b1db3d3628ad1d9916815449a553bb5404e85600e18ea9d5d89945f424768214551d01f91fbdb376c7c46813491e4ae15604aa5a2df3be5a42230bbb32ab2561b73d3efba1a00c38b3b1f67cedffbfb235bd86dd384