*.canaryhealth.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0b:ae:5e:48:86:71:43:3e:19:81:c8:05:15:96:86:98 was issued on by Amazon.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.canaryhealth.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:ae:5e:48:86:71:43:3e:19:81:c8:05:15:96:86:98Serial Number (int): 15526879899557496371125488990343825048
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f3:e5:08:18:9d:83:6a:99:7b:d8:f1:8c:22:bc:1c:2a:b2:ed:ed:9f
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): b3:76:74:f7:b3:95:44:09:b0:ee:12:b5:17:7c:ef:1f:cc:f3:10:7b
Fingerprint (sha256): 2c:85:d8:e4:b9:54:d4:ba:2e:01:3f:90:39:06:c3:59:0a:a0:b6:4e:48:ba:98:4a:7a:a3:c0:8d:bd:a3:76:b8
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate *.canaryhealth.com
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.canaryhealth.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.canaryhealth.com
*.vlmservice.com
*.selfmanage.org
*.enroll.selfmanage.org
*.yesfor.life
yesfor.life
*.betterchoicesbetterhealth.org
*.buildingbettercaregivers.org
*.canaryhealthconnect.com
*.dmp.selfmanage.org
*.bcbh.selfmanage.org
*.vlmservice.com
*.selfmanage.org
*.enroll.selfmanage.org
*.yesfor.life
yesfor.life
*.betterchoicesbetterhealth.org
*.buildingbettercaregivers.org
*.canaryhealthconnect.com
*.dmp.selfmanage.org
*.bcbh.selfmanage.org
Other certificates including the domain name canaryhealth.com
(limited to 100 certificates)
*.canaryhealth.com
canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
canaryhealth.com
*.canaryhealth.com
canaryhealth.com
*.canaryhealth.com
canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
*.canaryhealth.com
canaryhealth.com
*.canaryhealth.com
canaryhealth.com
*.canaryhealth.com
Certificate
The complete raw certificate details for *.canaryhealth.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgIQC65eSIZxQz4ZgcgFFZaGmDANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTEwMTQwMDAwMDBaFw0yMDExMTQx MjAwMDBaMB0xGzAZBgNVBAMMEiouY2FuYXJ5aGVhbHRoLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBALOHCX+R17TW/uWSGG/5kq6usJDd5zrwfmvX VyG59tl+lP3cD8ATmBy5taZkoqsxf+PsAz0eYeqZWjCdeT9JUH4flHguAa0EKFPQ Q+dnbS54FEO6XjwFfCX+fnxwWTd21Gz+mQyEiraYSoeDaM+Z0B+/0rXtU+C4aC0t gJZlZ6fyWljMWiCvXIDcSis/SsV3PBFtBRld8U2N5xZVoUq4/C3Qi+0XefnKiPsO rFUf6mtuWmZZHLs0NbfAg1Y/FUy9ft8frJNZdjTX72HmDtesksV2n1IOoIjigYKl +7EfqUsne5p97Uyn/GbcYSuVhJonqliHmqcoiA3jrMl1IRxMuIUCAwEAAaOCA2Qw ggNgMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBTz 5QgYnYNqmXvY8YwivBwqsu3tnzCCAQEGA1UdEQSB+TCB9oISKi5jYW5hcnloZWFs dGguY29tghAqLnZsbXNlcnZpY2UuY29tghAqLnNlbGZtYW5hZ2Uub3JnghcqLmVu cm9sbC5zZWxmbWFuYWdlLm9yZ4INKi55ZXNmb3IubGlmZYILeWVzZm9yLmxpZmWC HyouYmV0dGVyY2hvaWNlc2JldHRlcmhlYWx0aC5vcmeCHiouYnVpbGRpbmdiZXR0 ZXJjYXJlZ2l2ZXJzLm9yZ4IZKi5jYW5hcnloZWFsdGhjb25uZWN0LmNvbYIUKi5k bXAuc2VsZm1hbmFnZS5vcmeCFSouYmNiaC5zZWxmbWFuYWdlLm9yZzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0 MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFi LmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUH AQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVz dC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3Qu Y29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB 8gDwAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFty2bDTwAA BAMARzBFAiEAiG5iZhPh+R93MfTjnIgOevvDwBJHuFYpKMTXaY8Z3FkCICvFMpGr 52f33207ExAQ4vnZ4tWC8bmgt8GJaZSpV8mVAHYAh3W/51l8+IxDmV+9827/Vo1H Vjb/SrVgwbTq/16ggw8AAAFty2bDpgAABAMARzBFAiAkjyo9N+24EmgrrZQyySBH OctqD6qBb5Mehh8FLmmRvAIhAIT49rJa6RgUa3ONaJa+DCZGnfbRbNgsty3QkMsD x1VuMA0GCSqGSIb3DQEBCwUAA4IBAQAqhUErn43Pd08k46bJJAzENJHekYAZttQJ 7PVtVM9aMbA38ndhABRbEd2CDf4/AegAJS5fkeygpS9OUTJz4NxpwFrtJ09VNV7j JECgELBHXAH8UnaFw3tD13gwOpEaOszbWa2YGF3rX82aSYL9B28YWtEfoY/K8dZz QdGyZgrMoG/3AyHSIm8oGsvNRCt4I5mGGUnmyv+CG//5zj/JO2oEfELmEVtihbpm aFBkQqMhkamIugIBIhS8iIERj3OdK4L60dI/Jp/EgyIGepCJOqCRuoBMbzkVcj2l w4SO5NHLN0M/MepSAtvQH4PrmVpl5q1IRy3j1kp37biOkd0lyhrG -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4cJf5HXtNb+5ZIYb/mS rq6wkN3nOvB+a9dXIbn22X6U/dwPwBOYHLm1pmSiqzF/4+wDPR5h6plaMJ15P0lQ fh+UeC4BrQQoU9BD52dtLngUQ7pePAV8Jf5+fHBZN3bUbP6ZDISKtphKh4Noz5nQ H7/Ste1T4LhoLS2AlmVnp/JaWMxaIK9cgNxKKz9KxXc8EW0FGV3xTY3nFlWhSrj8 LdCL7Rd5+cqI+w6sVR/qa25aZlkcuzQ1t8CDVj8VTL1+3x+sk1l2NNfvYeYO16yS xXafUg6giOKBgqX7sR+pSyd7mn3tTKf8ZtxhK5WEmieqWIeapyiIDeOsyXUhHEy4 hQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15526879899557496371125488990343825048 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-14 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.canaryhealth.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22663245866136013397512957835782761876785205925391207600350148199411323003972357081239134038678743481182276112814213717506133581857019944786346230446568905999231257133487396836003544772912095243283082562319418389234110077495109389408645946634639582131348246061555006821293354656639289439767543651011216140674334470023596241674554679735644779184996514492927461071870735914846845666423025335895350608366617246093221254341605289627663663402647926495416289183254582272500832255040957420709688694333920785800771852941860082841881029658985463110477503044956021514668976113851207853487344598588712606005305400857655591614597 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f3e508189d836a997bd8f18c22bc1c2ab2eded9f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (249 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.canaryhealth.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vlmservice.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.selfmanage.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.enroll.selfmanage.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yesfor.life' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yesfor.life' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.betterchoicesbetterhealth.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.buildingbettercaregivers.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.canaryhealthconnect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dmp.selfmanage.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bcbh.selfmanage.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016dcb66c34f0000040300473045022100886e626613e1f91f7731f4e39c880e7afbc3c01247b8562928c4d7698f19dc5902202bc53291abe767f7df6d3b131010e2f9d9e2d582f1b9a0b7c1896994a957c9950076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016dcb66c3a600000403004730450220248f2a3d37edb812682bad9432c9204739cb6a0faa816f931e861f052e6991bc02210084f8f6b25ae918146b738d6896be0c26469df6d16cd82cb72dd090cb03c7556e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002a85412b9f8dcf774f24e3a6c9240cc43491de918019b6d409ecf56d54cf5a31b037f2776100145b11dd820dfe3f01e800252e5f91eca0a52f4e513273e0dc69c05aed274f55355ee32440a010b0475c01fc527685c37b43d778303a911a3accdb59ad98185deb5fcd9a4982fd076f185ad11fa18fcaf1d67341d1b2660acca06ff70321d2226f281acbcd442b782399861949e6caff821bfff9ce3fc93b6a047c42e6115b6285ba6668506442a32191a988ba02012214bc8881118f739d2b82fad1d23f269fc48322067a90893aa091ba804c6f3915723da5c3848ee4d1cb37433f31ea5202dbd01f83eb995a65e6ad48472de3d64a77edb88e91dd25ca1ac6