it.tektonik.ca
Issued by R10
About this certificate
This digital certificate with serial number 04:00:ab:98:be:14:0e:77:de:cb:6c:8d:43:bd:0e:67:ba:6b was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=it.tektonik.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:00:ab:98:be:14:0e:77:de:cb:6c:8d:43:bd:0e:67:ba:6bSerial Number (int): 348677234798689570143092256153194547624555
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 0f:a8:c3:58:f3:7a:3c:d9:8f:d2:bb:c9:45:68:9a:5f:9f:bb:66:14
AuthorityKeyId: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8
Fingerprint (sha1): 8d:74:ea:33:79:aa:bb:dc:55:e4:91:9a:63:2d:09:55:13:31:a0:a9
Fingerprint (sha256): 2c:b7:a9:83:34:d4:36:d9:6c:66:8f:45:09:a4:9a:c9:d7:4a:9e:d0:97:cc:6d:41:16:e0:4f:f8:a2:09:14:ff
Issuing Certificate URL: http://r10.i.lencr.org/
Revocation information
OCSP Server: http://r10.o.lencr.orgCheck the revocation status for certificate it.tektonik.ca
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for it.tektonik.ca
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
it.tektonik.ca
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
Other certificates including the domain name tektonik.ca
(limited to 100 certificates)
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
Certificate
The complete raw certificate details for it.tektonik.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGwTCCBamgAwIBAgISBACrmL4UDnfey2yNQ70OZ7prMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTAwHhcNMjQwNjEzMTg1MTM2WhcNMjQwOTExMTg1MTM1WjAZMRcwFQYDVQQD Ew5pdC50ZWt0b25pay5jYTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB ALj2PEj00SKC+AMxMEtCINHTBdj8WFV0pjKgicanDIxtGxhyL8n2GNg3tt5gpRKD gREwFNN9RTYG5oqIcU9r7y7qzkhtdxNzQ6rVyw6ifVHt/XafHHBNwT6XiJWt8bLs w9EwJmhLxojDWlGrGiDp4bWvPk43uWA9CeRD0bYx/6GPsxt9zbIZtAzMIMMbmN0y C4m/JJ+ecE696LXkz6Y+1O1ZwbXF82LRp8UXS73akz5Yy5oK6V5dHDnzrbPwHZ6v +vd57CGqK0hiqZirj3hIW2ux4eKNuB3hKWUkOP3dlQT6jq5Q9+oyZBQ1DFG30Tb+ PbJrgIgR/eyEBDK2Syh2PRRV/qSBylYwE0RTGvJdSfTQcT/wxXPNQkbHR3/spTeq lu2hR7ueB1/MOZVwIqzUc0qo9eM2f/gkaAlI8GKFCiTBNjEpdqE/GwZhse7un+W6 suYPp1BwbI+aDYuNzomJvon6rzpLUlMSCTsF+zSJGf/I92J5YgYbQbfDfMbajf+X tvLqn+oHssqr8EbPL8Fm/ZMaNEYnd0CqIMMmGJdHXQTJM6YF3Urzge5ncNuD3NAd nDc4HKOi8+QE9fGfmaUwocD9vBpl4r3Xxj2ArXhJFd+Kqs2NEeEKK5KoU/QkcZ7P ZnxcLQaHvIGukqLCFb4ZsMyA4uobLDqhFafOsN2V7JzzAgMBAAGjggLnMIIC4zAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFA+ow1jzejzZj9K7yUVoml+fu2YUMB8GA1Ud IwQYMBaAFLu8w0el5LypxsOkcgwQjaI14cjoMFcGCCsGAQUFBwEBBEswSTAiBggr BgEFBQcwAYYWaHR0cDovL3IxMC5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0 cDovL3IxMC5pLmxlbmNyLm9yZy8wge8GA1UdEQSB5zCB5IIOaXQudGVrdG9uaWsu Y2GCD2l0LnRla3RvbmlrLmNvbYIQbWFpbC50ZWt0b25pay5jYYIRbWFpbC50ZWt0 b25pay5jb22CGG1lZGlib3RpcXVlLnRla3RvbmlrLmNvbYIQcG9wLnRla3Rvbmlr LmNvbYIRc210cC50ZWt0b25pay5jb22CC3Rla3RvbmlrLmNhggx0ZWt0b25pay5j b22CDnRpLnRla3RvbmlrLmNhgg90aS50ZWt0b25pay5jb22CD3d3dy50ZWt0b25p ay5jYYIQd3d3LnRla3RvbmlrLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIG CisGAQQB1nkCBAIEgfMEgfAA7gB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf 5mdMWjp0AAABkBMn104AAAQDAEYwRAIgH0sxK4zwPkMMBrXO6ww1qw0iIQ3hVUdE DHx28SYSEIYCIHFVW2UR2EH9ARoumNngJJ17cRnqnsm81SW67kDHpSzsAHUA3+FW 66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGQEyfXzQAABAMARjBEAiAT T4v5T59Mx5yKgMsoOPemNU7rPUULuH0yzUuJ8HrXBgIgWfRkvacVc/vj0G01Xnnw Gz7VbL8RA9+Lc1aF7p8chd0wDQYJKoZIhvcNAQELBQADggEBACfJ0WzIxyg6CIrI jD+puX2M7ptFl8SrB/Sx0f3v2r3qc81ANtdPFUIG0CMzhLR8ZNqtsqExhaEbL2Ff 3zBkalp1l+u284Px3g/EXJxXtQCAnoAbDXHJndj3HiKszwsf/npGY8X3kOlvmfks RbC6HK0PZ3dDBxBkl8YuBwxD5HmMYh62eenl2IEW5bi+sd1bXc6iX2ip9Xx4mIJ1 2B6SejCtNgHxmBqNButn4+Yb+YuqJZnP629FOfzXWsVh01WJkqcklspS0hFaEklC 3aSuxdv6jEEn8yNFnRIf5eGzrcT27TaDjo+HBLNcIvtx8JUC44ibNHsGuS3Xo2DM YqoSMgY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuPY8SPTRIoL4AzEwS0Ig 0dMF2PxYVXSmMqCJxqcMjG0bGHIvyfYY2De23mClEoOBETAU031FNgbmiohxT2vv LurOSG13E3NDqtXLDqJ9Ue39dp8ccE3BPpeIla3xsuzD0TAmaEvGiMNaUasaIOnh ta8+Tje5YD0J5EPRtjH/oY+zG33Nshm0DMwgwxuY3TILib8kn55wTr3oteTPpj7U 7VnBtcXzYtGnxRdLvdqTPljLmgrpXl0cOfOts/Adnq/693nsIaorSGKpmKuPeEhb a7Hh4o24HeEpZSQ4/d2VBPqOrlD36jJkFDUMUbfRNv49smuAiBH97IQEMrZLKHY9 FFX+pIHKVjATRFMa8l1J9NBxP/DFc81CRsdHf+ylN6qW7aFHu54HX8w5lXAirNRz Sqj14zZ/+CRoCUjwYoUKJME2MSl2oT8bBmGx7u6f5bqy5g+nUHBsj5oNi43OiYm+ ifqvOktSUxIJOwX7NIkZ/8j3YnliBhtBt8N8xtqN/5e28uqf6geyyqvwRs8vwWb9 kxo0Rid3QKogwyYYl0ddBMkzpgXdSvOB7mdw24Pc0B2cNzgco6Lz5AT18Z+ZpTCh wP28GmXivdfGPYCteEkV34qqzY0R4QorkqhT9CRxns9mfFwtBoe8ga6SosIVvhmw zIDi6hssOqEVp86w3ZXsnPMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 348677234798689570143092256153194547624555 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-13 18:51:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-11 18:51:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'it.tektonik.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 754578544253489768242548019324429245595119619011369968486805334183835083486011111087548017577995431315652861679058479550943676747431725635017415436412501767399114890596094154459371494238958996547703475011027855792921178172106334932262675998158291567928210479347237584742218212653141628740467391184646837430530725392655468511101777963003489091739892233927155695358363326794581270857907104751830576050858076167961226151807354770686706629930676068381081878692783152134449350657578189499177638353919510487019733972591910998720663214393994393396917800296620804914463770666668799878987665814762940804272879287407888522466422510864002786986207020111189846635018731679157961405947390876924470771165687549821256357194601176807066800391813149274131967278861261875027443555531856760320108680081699460866456959412951659850939384553567093165162598019060737474926712467984326703338514481547867672263021222952034934566864063761266466409967996896284162137663019963294309982401545529391870829067375734667780392156011939589357283048063394086406882240791349267255846992994169864648047884365114690541615008004191545737911316371039656723722114204503940372743603236797128875991818431979829103942325211694857815357265743994773223160689661456007914459012339 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0fa8c358f37a3cd98fd2bbc945689a5f9fbb6614 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (231 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medibotique.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pop.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smtp.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001901327d74e000004030046304402201f4b312b8cf03e430c06b5ceeb0c35ab0d22210de15547440c7c76f126121086022071555b6511d841fd011a2e98d9e0249d7b7119ea9ec9bcd525baee40c7a52cec007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c000001901327d7cd00000403004630440220134f8bf94f9f4cc79c8a80cb2838f7a6354eeb3d450bb87d32cd4b89f07ad706022059f464bda71573fbe3d06d355e79f01b3ed56cbf1103df8b735685ee9f1c85dd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0027c9d16cc8c7283a088ac88c3fa9b97d8cee9b4597c4ab07f4b1d1fdefdabdea73cd4036d74f154206d0233384b47c64daadb2a13185a11b2f615fdf30646a5a7597ebb6f383f1de0fc45c9c57b500809e801b0d71c99dd8f71e22accf0b1ffe7a4663c5f790e96f99f92c45b0ba1cad0f67774307106497c62e070c43e4798c621eb679e9e5d88116e5b8beb1dd5b5dcea25f68a9f57c78988275d81e927a30ad3601f1981a8d06eb67e3e61bf98baa2599cfeb6f4539fcd75ac561d3558992a72496ca52d2115a124942dda4aec5dbfa8c4127f323459d121fe5e1b3adc4f6ed36838e8f8704b35c22fb71f09502e3889b347b06b92dd7a360cc62aa123206