orcity.org
Issued by R3
About this certificate
This digital certificate with serial number 03:69:e4:ea:c9:9e:0e:b8:cb:76:dc:68:d6:5e:06:f5:ed:58 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=orcity.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:69:e4:ea:c9:9e:0e:b8:cb:76:dc:68:d6:5e:06:f5:ed:58Serial Number (int): 297370789391770072776773998912747309755736
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b0:93:77:19:ff:a9:c3:f4:c9:70:37:d5:25:c6:01:3e:cf:bc:67:98
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 06:86:47:33:d7:c5:4d:5f:c5:90:8d:0b:86:34:7d:16:d2:a5:1d:73
Fingerprint (sha256): 2a:14:a3:6c:8a:60:bd:80:3b:e9:23:1f:f8:5c:b3:61:3b:1b:c3:fd:e4:05:c4:64:28:c6:bc:d6:55:3d:28:6b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate orcity.org
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for orcity.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bids.orcity.org
orcity.org
www.orcity.org
orcity.org
www.orcity.org
Other certificates including the domain name orcity.org
(limited to 100 certificates)
*.orcity.org
CORC-FW.orcity.org
bids.orcity.org
exchange.orcity.org
bids.orcity.org
webmaps.orcity.org
bids.orcity.org
www.orcity.org
maps.orcity.org
*.orcity.org
www.orcity.org
orcity.org
CORC-FW.orcity.org
CORC-FW.orcity.org
*.orcity.org
bids.orcity.org
*.orcity.org
online.orcity.org
orcity.org
www.orcity.org
*.orcity.org
orcity.org
edenweb.orcity.org
maps.orcity.org
edenweb.orcity.org
bids.orcity.org
maps.orcity.org
lucity.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
webmaps.orcity.org
www.orcity.org
edenweb.orcity.org
www.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
exchange.orcity.org
exchange.orcity.org
*.orcity.org
bids.orcity.org
www.orcity.org
parking.orcity.org
edenweb.orcity.org
orcity.org
CORC-FW.orcity.org
maps.orcity.org
maps.orcity.org
bids.orcity.org
permits.orcity.org
*.orcity.org
www.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
*.orcity.org
bids.orcity.org
maps.orcity.org
bids.orcity.org
*.orcity.org
www.orcity.org
*.time.orcity.org
www.orcity.org
www.orcity.org
edenweb.orcity.org
bids.orcity.org
orcity.org
bids.orcity.org
*.orcity.org
bids.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
*.orcity.org
edenweb.orcity.org
www.orcity.org
www.orcity.org
online.orcity.org
CORC-FW.orcity.org
bids.orcity.org
exchange.orcity.org
bids.orcity.org
webmaps.orcity.org
bids.orcity.org
www.orcity.org
maps.orcity.org
*.orcity.org
www.orcity.org
orcity.org
CORC-FW.orcity.org
CORC-FW.orcity.org
*.orcity.org
bids.orcity.org
*.orcity.org
online.orcity.org
orcity.org
www.orcity.org
*.orcity.org
orcity.org
edenweb.orcity.org
maps.orcity.org
edenweb.orcity.org
bids.orcity.org
maps.orcity.org
lucity.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
webmaps.orcity.org
www.orcity.org
edenweb.orcity.org
www.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
exchange.orcity.org
exchange.orcity.org
*.orcity.org
bids.orcity.org
www.orcity.org
parking.orcity.org
edenweb.orcity.org
orcity.org
CORC-FW.orcity.org
maps.orcity.org
maps.orcity.org
bids.orcity.org
permits.orcity.org
*.orcity.org
www.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
bids.orcity.org
orcity.org
www.orcity.org
*.orcity.org
bids.orcity.org
maps.orcity.org
bids.orcity.org
*.orcity.org
www.orcity.org
*.time.orcity.org
www.orcity.org
www.orcity.org
edenweb.orcity.org
bids.orcity.org
orcity.org
bids.orcity.org
*.orcity.org
bids.orcity.org
bids.orcity.org
edenweb.orcity.org
CORC-FW.orcity.org
*.orcity.org
edenweb.orcity.org
www.orcity.org
www.orcity.org
online.orcity.org
Certificate
The complete raw certificate details for orcity.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgISA2nk6smeDrjLdtxo1l4G9e1YMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzAzMTQyMTQ3MjlaFw0yMzA2MTIyMTQ3MjhaMBUxEzARBgNVBAMT Cm9yY2l0eS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2qxcM b4eA/lbKehp5b7R4VMVqlAFQl//BrXFZrncZzamgqLcnvaOskH3uOb6xpzOGMrH1 EnESeE6AcFZ25FPdMc9QnCl9r/hR54+S+XQwEMsBgWMagAJv3TUgHRLpMSl0pANP niRne8Jidq4Lrm/HlD+jbAG2GuaF9gE+yCu4JTy1917YwIOBdGehCvvB5p6rT7Qh W0tFxykYlgrqMp9lUYJ3MtJGsN6TgUzOVIyH9iYSKvVmel6MEdTn4x1GAHKyDlLg qaOKmjqfWdXaSn0uGQ80sgKM2Q5DCoMc1vCrjghJpnyRL19l/3E5rvuug7LZ8zOy JbecG7+T/IngxFgfAgMBAAGjggJmMIICYjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FLCTdxn/qcP0yXA31SXGAT7PvGeYMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMDYG A1UdEQQvMC2CD2JpZHMub3JjaXR5Lm9yZ4IKb3JjaXR5Lm9yZ4IOd3d3Lm9yY2l0 eS5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggr BgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5 AgQCBIH1BIHyAPAAdwC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAA AYbiTqBDAAAEAwBIMEYCIQD8MatHSIWwghL2cvxsIq53lVlM9QspHAiWlvRt5fXa dwIhAMJXsUFDo9Q4QTZMEvvvZs4IlzNq2wHLla07TcDlJJo2AHUAejKMVNi3LbYg 6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGG4k6gcgAABAMARjBEAiAHtp/cv/HJ aVWNd8QrYxoZwLQJ4KZ0+213l0FkpbFAgQIgM5kuHqlfUsicuHmi2Y8I/5uq3Xyr jTDN0cM7pYrfEikwDQYJKoZIhvcNAQELBQADggEBAIAltFsZ2GRQyHcZ8tfmx9kC VzZgvcqD3//l0OPKhv75ZGMLxSfKjHgt0VMvHugCIEqTiOrNCG3VjYaPDJMn8QkO USSgCWVIEzZLUJUgx3yDr/DMbAB8Y/shErsGV0CrOjQdPha7xKQPXLWK1WdVTz1L 3L/MIeCKHHmfhO11bLGWVLvDfMIVzXqTPt/uFH+8YkPb6cSTpdlGIyNEXd0ZKomN TrOdil0JJP6X9oRH1Yw9af3KY9Jn7taiB7v+/k48nTie3gQCrviA1xWNjaOASjaF IP1yxR9wDHX6gR8NK/c4V2Vx2ZmnhDvOW3oirN43hCI1z+Pm+OFOwQy2HdgH6Co= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqsXDG+HgP5WynoaeW+0 eFTFapQBUJf/wa1xWa53Gc2poKi3J72jrJB97jm+saczhjKx9RJxEnhOgHBWduRT 3THPUJwpfa/4UeePkvl0MBDLAYFjGoACb901IB0S6TEpdKQDT54kZ3vCYnauC65v x5Q/o2wBthrmhfYBPsgruCU8tfde2MCDgXRnoQr7weaeq0+0IVtLRccpGJYK6jKf ZVGCdzLSRrDek4FMzlSMh/YmEir1ZnpejBHU5+MdRgBysg5S4Kmjipo6n1nV2kp9 LhkPNLICjNkOQwqDHNbwq44ISaZ8kS9fZf9xOa77roOy2fMzsiW3nBu/k/yJ4MRY HwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 297370789391770072776773998912747309755736 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-14 21:47:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-12 21:47:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'orcity.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23059739143768066864577562884777773827019732593045104567757329238329753254835754037260049394516299745641466444068729098240027407565853336049567280718573405266995427248095385714630894071136248069390688669572208489102327478748158532127247403521515356473066297663243188776283570131798938929412574984215703082712343820073457561329016077936405612542716639607429583465783727358627380965973064955009455606905190570443756407045070401325575793033788268595207224441150965173643540279049397434395654960972915824415672443736433720287389430889986660662464188299861614199131638646878427928051290926738953378912029021190419156064287 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b0937719ffa9c3f4c97037d525c6013ecfbc6798 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bids.orcity.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orcity.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.orcity.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000186e24ea0430000040300483046022100fc31ab474885b08212f672fc6c22ae7795594cf50b291c089696f46de5f5da77022100c257b14143a3d43841364c12fbef66ce0897336adb01cb95ad3b4dc0e5249a360075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000186e24ea0720000040300463044022007b69fdcbff1c969558d77c42b631a19c0b409e0a674fb6d77974164a5b14081022033992e1ea95f52c89cb879a2d98f08ff9baadd7cab8d30cdd1c33ba58adf1229 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008025b45b19d86450c87719f2d7e6c7d902573660bdca83dfffe5d0e3ca86fef964630bc527ca8c782dd1532f1ee802204a9388eacd086dd58d868f0c9327f1090e5124a009654813364b509520c77c83aff0cc6c007c63fb2112bb065740ab3a341d3e16bbc4a40f5cb58ad567554f3d4bdcbfcc21e08a1c799f84ed756cb19654bbc37cc215cd7a933edfee147fbc6243dbe9c493a5d9462323445ddd192a898d4eb39d8a5d0924fe97f68447d58c3d69fdca63d267eed6a207bbfefe4e3c9d389ede0402aef880d7158d8da3804a368520fd72c51f700c75fa811f0d2bf738576571d999a7843bce5b7a22acde37842235cfe3e6f8e14ec10cb61dd807e82a