vpn.mhi.ca
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 03:4c:22:a2:60:90:ae:6c:13:8e:86:aa:01:78:aa:7c was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=vpn.mhi.ca
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:4c:22:a2:60:90:ae:6c:13:8e:86:aa:01:78:aa:7cSerial Number (int): 4383001015377715932396067538301659772
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: a7:89:31:c1:b9:b9:8a:0e:13:94:c8:6b:1a:11:fd:b9:28:72:ec:2d
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): a0:57:f8:14:a9:e5:66:4f:6f:f1:0b:e2:7f:86:e8:34:5b:6b:0d:4d
Fingerprint (sha256): 25:f1:21:36:74:9e:fa:b9:c7:0a:c3:d1:41:18:d0:41:88:1f:ba:30:1c:e6:63:cd:aa:bb:c8:9c:11:4b:ac:fb
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate vpn.mhi.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpn.mhi.ca
Public Key Algorithm
RSA
Key Size
3072
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
vpn.mhi.ca
Other certificates including the domain name mhi.ca
(limited to 100 certificates)
ftps.mhi.ca
mhi.ca
inportal.mhi.ca
mhi.ca
mhi.ca
vpn.mhi.ca
mhi.ca
time.mhi.ca
mhi.ca
vpn.mhi.ca
mhi.ca
mhi.ca
mhi.ca
ess.mhi.ca
spam.mhi.ca
ess.mhi.ca
mhi.ca
ess.mhi.ca
spam.mhi.ca
vpn.mhi.ca
mhi.ca
portal.mhi.ca
mhi.ca
mhi.ca
portal.mhi.ca
spam.mhi.ca
hrms.mhi.ca
ftps.mhi.ca
inportal.mhi.ca
ess.mhi.ca
mhi.ca
mhi.ca
mhi.ca
spam.mhi.ca
vpn.mhi.ca
spam.mhi.ca
*.mhi.ca
training.mhi.ca
hvdc.ca
hvdc.ca
hrms.mhi.ca
vpn.mhi.ca
*.mhi.ca
mhi.ca
spam.mhi.ca
ftps.mhi.ca
mhi.ca
mhi.ca
mhi.ca
spam.mhi.ca
hrms.mhi.ca
mhi.ca
mhi.ca
mhi.ca
mhi.ca
training.mhi.ca
hrms.mhi.ca
vpn.mhi.ca
mhi.ca
mhi.ca
portal.mhi.ca
mhi.ca
mhi.ca
time.mhi.ca
mhi.ca
mhi.ca
mhi.ca
inportal.mhi.ca
mhi.ca
mhi.ca
vpn.mhi.ca
mhi.ca
time.mhi.ca
mhi.ca
vpn.mhi.ca
mhi.ca
mhi.ca
mhi.ca
ess.mhi.ca
spam.mhi.ca
ess.mhi.ca
mhi.ca
ess.mhi.ca
spam.mhi.ca
vpn.mhi.ca
mhi.ca
portal.mhi.ca
mhi.ca
mhi.ca
portal.mhi.ca
spam.mhi.ca
hrms.mhi.ca
ftps.mhi.ca
inportal.mhi.ca
ess.mhi.ca
mhi.ca
mhi.ca
mhi.ca
spam.mhi.ca
vpn.mhi.ca
spam.mhi.ca
*.mhi.ca
training.mhi.ca
hvdc.ca
hvdc.ca
hrms.mhi.ca
vpn.mhi.ca
*.mhi.ca
mhi.ca
spam.mhi.ca
ftps.mhi.ca
mhi.ca
mhi.ca
mhi.ca
spam.mhi.ca
hrms.mhi.ca
mhi.ca
mhi.ca
mhi.ca
mhi.ca
training.mhi.ca
hrms.mhi.ca
vpn.mhi.ca
mhi.ca
mhi.ca
portal.mhi.ca
mhi.ca
mhi.ca
time.mhi.ca
mhi.ca
mhi.ca
Certificate
The complete raw certificate details for vpn.mhi.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgIQA0wiomCQrmwTjoaqAXiqfDANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0xODA1MTYwMDAwMDBaFw0xODEwMDkxMjAwMDBaMBUxEzARBgNVBAMTCnZwbi5t aGkuY2EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCg/GGn7an0mAhb luyVIoLmI9qJ8mv7vglBvDd83sLvapE9YK2FGEe+d2e68qNp5PKjxjev+62FCVVa W5LTnDV4fwPVT3Dsh0RLvhf/SN6gF10hOZeXyZkUsoJHglYHnAx/q/AsQFp0eoUS QMZqCLxuql/6ROJevioq4tA+382fotYhlmY5gKN27gY6nxh7CUyCCSWV5L4Dgi0n 5/DMhhaFnKV9LqhZekpdPHDfswHZAy4HbayR//UfeTxeBiVST7j500rphnWiG7iN qPaVygSx3UWvpMZnVwKaAPFf08Iz4VxyN2hDGaWbCLLNG1JHCZ5eHr/dRwkuR+jV GhjbLKeLfzzfcqdBRDoIJbfEExjipZRToUT00RPsiIB6p76CYWpSuQvtWsFkm79E Txpjgjsnz88ATis+S7xxFI1LX3Yd+YKMkfCIirFHsIhoHgSzxNWocSGS+RmMrUiu ErunC87nd/qcTdw4Pi6kjuSm9zx6bQCZ3X3qKr8V561roY7LFtMCAwEAAaOCAa8w ggGrMB8GA1UdIwQYMBaAFJBY/7CcdahRVHex7fKjQxY4nmzFMB0GA1UdDgQWBBSn iTHBubmKDhOUyGsaEf25KHLsLTAVBgNVHREEDjAMggp2cG4ubWhpLmNhMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0f BDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FD QTIwMTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAECMCowKAYIKwYBBQUHAgEW HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIBMHUGCCsGAQUF BwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20w PQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVz dFJTQUNBMjAxOC5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEAIRxy604OHhBNFUa6zK1IxhXZVtNmNmOtPVDZXui0 2wmE4zvw+kINzwNGZut3TlwzNHQ7ttTvOGVlGMsWqwZhV9odB8Bxb2pJ2N6Daykw 0i5z/Y405M7MQ9dO1eRvAKZwmdTshTzPiFCOjlwMcH9d41kTz+XWIt05EOx7vLoY pgtZSL5VIoacMwP6Snq3Fxmng5WIRDjWbgFL+JZeil9Wf2jsKx49lGS8pf7CTmvv 2woNOhaaG7/d9+c0xWZCMMq39XTOmVV6viwdmZU00eBmX7B7qNGXKKKFZw28uO9w Y2tXxcWWtABft4FVbZ0y/a8AJQZqYJdjWQ9xAZ8RInxHkw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAoPxhp+2p9JgIW5bslSKC 5iPaifJr+74JQbw3fN7C72qRPWCthRhHvndnuvKjaeTyo8Y3r/uthQlVWluS05w1 eH8D1U9w7IdES74X/0jeoBddITmXl8mZFLKCR4JWB5wMf6vwLEBadHqFEkDGagi8 bqpf+kTiXr4qKuLQPt/Nn6LWIZZmOYCjdu4GOp8YewlMggklleS+A4ItJ+fwzIYW hZylfS6oWXpKXTxw37MB2QMuB22skf/1H3k8XgYlUk+4+dNK6YZ1ohu4jaj2lcoE sd1Fr6TGZ1cCmgDxX9PCM+FccjdoQxmlmwiyzRtSRwmeXh6/3UcJLkfo1RoY2yyn i38833KnQUQ6CCW3xBMY4qWUU6FE9NET7IiAeqe+gmFqUrkL7VrBZJu/RE8aY4I7 J8/PAE4rPku8cRSNS192HfmCjJHwiIqxR7CIaB4Es8TVqHEhkvkZjK1IrhK7pwvO 53f6nE3cOD4upI7kpvc8em0Amd196iq/Feeta6GOyxbTAgMBAAE= -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4383001015377715932396067538301659772 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-09 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vpn.mhi.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 3653376746576656826138126128964063752284988039324280541974711414533774583354224358254023581029088101100513594274029983980476857462745373907925939307035122160199781738893009093248904063708331463982361069637619915096956626255857769618413800140202460002923417633233582205234256907083832770087106375608907401969795374459865525669418176614348841056442367118095968528655143660721071881165269522804904393083709357280094193410174216416614193067403422012947091251913310146182222000593770468824440800888396719669398268780298373996879736631152479493326275615068910491190742147202458230739175942986580634778831361040935877533283143745479971523189397778287391604109645285576476386152961963543985559999105090872206789234499024003963774628250184804188966521880831493596242715283240119418248511528512571386938944691211029363165140348717304759940453400475977124704688054078715489433807493342022986697059861734322201751929435725163932997588691 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a78931c1b9b98a0e1394c86b1a11fdb92872ec2d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.mhi.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00211c72eb4e0e1e104d1546baccad48c615d956d3663663ad3d50d95ee8b4db0984e33bf0fa420dcf034666eb774e5c3334743bb6d4ef38656518cb16ab066157da1d07c0716f6a49d8de836b2930d22e73fd8e34e4cecc43d74ed5e46f00a67099d4ec853ccf88508e8e5c0c707f5de35913cfe5d622dd3910ec7bbcba18a60b5948be5522869c3303fa4a7ab71719a78395884438d66e014bf8965e8a5f567f68ec2b1e3d9464bca5fec24e6befdb0a0d3a169a1bbfddf7e734c5664230cab7f574ce99557abe2c1d999534d1e0665fb07ba8d19728a285670dbcb8ef70636b57c5c596b4005fb781556d9d32fdaf0025066a609763590f71019f11227c4793