apfusurvey.natick.army.mil

Issued by DOD CA-28

About this certificate


This digital certificate with serial number e0:51 was issued on by U.S. Government .

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • ERROR: Certificate contains a key usage different from ServerAuth, ClientAuth or ServerGatedCrypto
  • ERROR: Certificate contains a CRL with an non-preferred scheme ([ldap])
  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: USA
Country: US

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): e0:51
Serial Number (int): 57425
Serial Number lenght: 16 bits, 2 octets

SubjectKeyId: 20:24:a1:df:10:3f:04:8c:59:ac:11:e2:0c:4e:72:8e:6f:a1:56:d8
AuthorityKeyId: 26:b4:ae:aa:2d:8e:e9:8d:8a:6f:b6:b5:5b:9d:ea:4e:ae:b1:9c:69

Fingerprint (sha1): ce:6c:96:1a:cc:f8:89:e1:a0:45:34:9c:19:9a:ed:b5:22:69:05:e8
Fingerprint (sha256): f4:98:92:69:5b:40:ab:92:c4:d0:34:94:4e:a2:ec:77:6b:21:8d:29:6e:44:32:68:2a:82:fb:b0:f3:67:23:04

Issuing Certificate URL: http://crl.disa.mil/sign/DODCA_28.cer

Revocation information

OCSP Server: http://ocsp.disa.mil
CRL Distribution Point: http://crl.disa.mil/crl/DODCA_28.crl
CRL Distribution Point: ldap://crl.gds.disa.mil/cn%3dDOD%20CA-28%2cou%3dPKI%2cou%3dDoD%2co%3dU.S.%20Government%2cc%3dUS?certificaterevocationlist;binary

Check the revocation status for the current certificate on apfusurvey.natick.army.mil
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication
Any

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

apfusurvey.natick.army.mil
apfusurvey.natick.army.mil
ipfusurvey.natick.army.mil
usafsurveys.natick.army.mil

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIDAOBRMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAlVT MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE CxMDUEtJMRIwEAYDVQQDEwlET0QgQ0EtMjgwHhcNMTQwMTI0MTkxMzA4WhcNMTcw MTI0MTkxMzA4WjB2MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5t ZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEMMAoGA1UECxMDVVNBMSMw IQYDVQQDExphcGZ1c3VydmV5Lm5hdGljay5hcm15Lm1pbDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAIg77XFknbag56a0nc306zRBMyca8nEimrf8uoYW oChMgdzryOJDjFuUlpZ0JdYdTGneG0DKEwuDX9eW7qZpksTiZK60FVNaOafyiPDp BTxN/jIlcOH98NNtzNDZDi448jkW9MLrCqujI711UKZ0H8qGcW1wnH2VfvLBuFbm fPACJQYYpszebliO7ht7DQqDc+DzdVNjuDaeGNJgt74YvRYeY7nuDEOfd4Z8pPn2 33ijVR7xH4fZjYx4Yelh7+DmNo8J19/i9UnNGWkBEJg35MTB0iVk/sHloxQV65so vKcT7c90Br9C1IjHCJwwYcG4u27ZDYx+dDoiYScp4VwkyhsCAwEAAaOCAk8wggJL MB8GA1UdIwQYMBaAFCa0rqotjumNim+2tVud6k6usZxpMB0GA1UdDgQWBBQgJKHf ED8EjFmsEeIMTnKOb6FW2DBjBggrBgEFBQcBAQRXMFUwMQYIKwYBBQUHMAKGJWh0 dHA6Ly9jcmwuZGlzYS5taWwvc2lnbi9ET0RDQV8yOC5jZXIwIAYIKwYBBQUHMAGG FGh0dHA6Ly9vY3NwLmRpc2EubWlsMA4GA1UdDwEB/wQEAwIFoDCBwwYDVR0fBIG7 MIG4MCqgKKAmhiRodHRwOi8vY3JsLmRpc2EubWlsL2NybC9ET0RDQV8yOC5jcmww gYmggYaggYOGgYBsZGFwOi8vY3JsLmdkcy5kaXNhLm1pbC9jbiUzZERPRCUyMENB LTI4JTJjb3UlM2RQS0klMmNvdSUzZERvRCUyY28lM2RVLlMuJTIwR292ZXJubWVu dCUyY2MlM2RVUz9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0O2JpbmFyeTB6BgNV HREEczBxghphcGZ1c3VydmV5Lm5hdGljay5hcm15Lm1pbIIaYXBmdXN1cnZleS5u YXRpY2suYXJteS5taWyCGmlwZnVzdXJ2ZXkubmF0aWNrLmFybXkubWlsght1c2Fm c3VydmV5cy5uYXRpY2suYXJteS5taWwwIwYDVR0gBBwwGjALBglghkgBZQIBCwUw CwYJYIZIAWUCAQsSMC0GA1UdJQQmMCQGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB BQUIAgIGBFUdJQAwDQYJKoZIhvcNAQEFBQADggEBAEDtELxrO1wMKVS3PvSQfdXY UUX879qbVzt/9RC+FewEAfruPYrL0HduBB3cW/gkQ4l0prZc5RcKtvDNTLQMWgIZ SoTf7zVTCC/1u9JdtVK50hFBvsKaS8yxc9BjO8HtLRU6Nzf3f3kLHOUwtohrqG1p Dl+YbLYkDcoPWEivG6MBK293D3EQwndgK4De0eiDIpfqO0pYqz6gzLgMTNOhwo8a NpcqGm/8R/CIe9TwvkBsiuSRcZYuRgwROCZhRiWehQdhMcKxkTBC5Pk2smj5IaU+ Gzc8MCEkbheYiHAFywpZ1YK8kDmndSp0PT7wykD40SI6fwSXJuBpZtDaf1AueD4= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDvtcWSdtqDnprSdzfTr NEEzJxrycSKat/y6hhagKEyB3OvI4kOMW5SWlnQl1h1Mad4bQMoTC4Nf15bupmmS xOJkrrQVU1o5p/KI8OkFPE3+MiVw4f3w023M0NkOLjjyORb0wusKq6MjvXVQpnQf yoZxbXCcfZV+8sG4VuZ88AIlBhimzN5uWI7uG3sNCoNz4PN1U2O4Np4Y0mC3vhi9 Fh5jue4MQ593hnyk+fbfeKNVHvEfh9mNjHhh6WHv4OY2jwnX3+L1Sc0ZaQEQmDfk xMHSJWT+weWjFBXrmyi8pxPtz3QGv0LUiMcInDBhwbi7btkNjH50OiJhJynhXCTK GwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 57425 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DOD CA-28' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-01-24 19:13:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-24 19:13:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'apfusurvey.natick.army.mil' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17197960832694033822741086615380489426061378609279821357159489654456419373134264189572254293174391151148677607429955103987482380035907444166689855142465024428269074695133038330489963834017706316278677308123476565818201108688788190334465111096864712788414688324430196746640809439582280615194530129476031318186033692590842896523309675656584316973447230220665093445024262887739360297454352833183230905876623710883753874127412261025960593467305490825303785248521455241055824069126987104240439147724502907081560905143305739834947056709580875193771481057033279825864021058444887423578710720554000027452404554206094261799451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26b4aeaa2d8ee98d8a6fb6b55b9dea4eaeb19c69 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2024a1df103f048c59ac11e20c4e728e6fa156d8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/sign/DODCA_28.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.disa.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (187 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/crl/DODCA_28.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://crl.gds.disa.mil/cn%3dDOD%20CA-28%2cou%3dPKI%2cou%3dDoD%2co%3dU.S.%20Government%2cc%3dUS?certificaterevocationlist;binary' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apfusurvey.natick.army.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apfusurvey.natick.army.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipfusurvey.natick.army.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usafsurveys.natick.army.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.5 (usDODClass3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.8.2.2 (iKEIntermediate) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37.0 (anyExtendedKeyUsage) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0040ed10bc6b3b5c0c2954b73ef4907dd5d85145fcefda9b573b7ff510be15ec0401faee3d8acbd0776e041ddc5bf824438974a6b65ce5170ab6f0cd4cb40c5a02194a84dfef3553082ff5bbd25db552b9d21141bec29a4bccb173d0633bc1ed2d153a3737f77f790b1ce530b6886ba86d690e5f986cb6240dca0f5848af1ba3012b6f770f7110c277602b80ded1e8832297ea3b4a58ab3ea0ccb80c4cd3a1c28f1a36972a1a6ffc47f0887bd4f0be406c8ae49171962e460c1138266146259e85076131c2b1913042e4f936b268f921a53e1b373c3021246e1798887005cb0a59d582bc9039a7752a743d3ef0ca40f8d1223a7f049726e06966d0da7f502e783e