*.aws.leafo.net

Issued by R3

About this certificate

This digital certificate with serial number 04:66:7f:b0:4b:3c:f7:ae:cc:68:f2:8f:38:7c:3e:3f:99:b9 was issued on by Let's Encrypt.

With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.aws.leafo.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:66:7f:b0:4b:3c:f7:ae:cc:68:f2:8f:38:7c:3e:3f:99:b9
Serial Number (int): 383327672478699560445829542201146992466361
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: b7:71:8a:35:02:8b:10:35:0e:f7:cf:57:c0:3b:ae:b8:9a:b0:f6:3a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3d:6b:81:eb:00:50:a6:35:f8:3f:fb:60:da:64:0c:14:4e:6d:0c:f3
Fingerprint (sha256): 2d:f5:25:4e:09:b9:6b:86:91:40:80:78:48:2f:86:7d:9d:69:1f:b2:fb:7c:f7:eb:3f:00:ff:99:96:a8:fc:5a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate *.aws.leafo.net

14

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.aws.leafo.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.aws.leafo.net
*.cool.leafo.net
*.cool2.leafo.net
*.hamlet.leafo.net
*.leafo.net
*.linode.leafo.net
*.moonrocks.leafo.net
*.ovh.leafo.net
*.pokemon.leafo.net
*.rit.leafo.net
*.scratch.leafo.net
*.worm.leafo.net
leafo.net
www.tswiki.leafo.net

Other certificates including the domain name leafo.net

(limited to 100 certificates)
pp.leafo.net
leafo.net
leafo.net
qm.leafo.net
frankiesmileshow.leafo.net
qm.leafo.net
medieve.leafo.net
corel.leafo.net
www.ase.leafo.net
zack.leafo.net
leafo.net
leafo.net
qm.leafo.net
www.compohub.leafo.net
wyrm.leafo.net
cedar-woods-com.leafo.net
worm.leafo.net
*.hamlet.leafo.net
*.worm.leafo.net
papersonata.leafo.net
gz.leafo.net
hamlet.leafo.net
corel.leafo.net
tyr.leafo.net
tay.leafo.net
www.tswiki.leafo.net
zack.leafo.net
*.aws.leafo.net
ase.leafo.net
qm.leafo.net
compohub.leafo.net
compohub.net
ravey.leafo.net
leafo.net
pokemon.leafo.net
ase.leafo.net
www.tay.leafo.net
gz.leafo.net
corel.leafo.net
mail.vermis.leafo.net
ase.leafo.net
scite.leafo.net
leafo.net
qm.leafo.net
archeia.leafo.net
blog2.leafo.net
gr.apedick.com
leafo.net
zack.leafo.net
pp.leafo.net
www.medieve.leafo.net
leafo.net
leafo.net
pp.leafo.net
medieve.leafo.net
zack.leafo.net
raziel.leafo.net
compohub.net
qm.leafo.net
mail.drule.leafo.net
qm.leafo.net
compohub.net
corel.leafo.net
mail.tay.leafo.net
soap.leafo.net
www.drule.leafo.net
ase.leafo.net
qm.leafo.net
www.worm.leafo.net
medieve.leafo.net
zack.leafo.net
compohub.net
blog2.leafo.net
leafo.net
www.scite.leafo.net
pp.leafo.net
gz.leafo.net
corel.leafo.net
gz.leafo.net
medieve.leafo.net
*.moonrocks.leafo.net
leafo.net
wyrm.leafo.net
www.vb.leafo.net
leafo.net
www.corel.leafo.net
zack.leafo.net
leafo.net
mail.leafo.net
corel.leafo.net
www.moonscript.org
zack.leafo.net
corel.leafo.net
leafo.net
mail.tri.leafo.net
corel.leafo.net
zack.leafo.net
www.papersonata.leafo.net
pp.leafo.net
compohub.net

Certificate

The complete raw certificate details for *.aws.leafo.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISBGZ/sEs8967MaPKPOHw+P5m5MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MTgxNzQ0MzVaFw0yMzEyMTcxNzQ0MzRaMBoxGDAWBgNVBAMM
DyouYXdzLmxlYWZvLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM546xRDPbXCuth7AZ/Ti9pefUAJobF47VFxrrfMklNxW+dIT5m8mu+bfKJKrwQi
tyltGixZzh0iFjcdvHZtZ3+9iTAotxdtQUzXaLq5xfEbp6SwtKP2k0azihBELNz/
RTe1PzaIKt+36nd5wNNBwDwId8LK1H06ESxtKCXas8k5vXKAs/w2TMNW+gdsNzWN
VEZClf7RL7fQsZxz+P/Ji6dPdw8nTPCwv8GG0RHGCOhMoEFCiHxCRmiXWusOmIq4
Fax2RQt2YXGRUAYlKOvnqidazx7yQZx0lEfNvviDRmLhKurQB76/0r/MAikvXT9X
G1xLJLOenVUaw3lKdPDsDmUCAwEAAaOCAwgwggMEMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUt3GKNQKLEDUO989XwDuuuJqw9jowHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wggEOBgNVHREEggEFMIIBAYIPKi5hd3MubGVhZm8ubmV0ghAqLmNvb2wubGVh
Zm8ubmV0ghEqLmNvb2wyLmxlYWZvLm5ldIISKi5oYW1sZXQubGVhZm8ubmV0ggsq
LmxlYWZvLm5ldIISKi5saW5vZGUubGVhZm8ubmV0ghUqLm1vb25yb2Nrcy5sZWFm
by5uZXSCDyoub3ZoLmxlYWZvLm5ldIITKi5wb2tlbW9uLmxlYWZvLm5ldIIPKi5y
aXQubGVhZm8ubmV0ghMqLnNjcmF0Y2gubGVhZm8ubmV0ghAqLndvcm0ubGVhZm8u
bmV0gglsZWFmby5uZXSCFHd3dy50c3dpa2kubGVhZm8ubmV0MBMGA1UdIAQMMAow
CAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAejKMVNi3LbYg6jjg
Uh7phBZwMhOFTTvSK8E6V6NS61IAAAGKqZvQAwAABAMARzBFAiBadkUR+2cJhirn
cX+aoNOKkCnKmctxhBhjacFcrzCqMAIhAOjRj845yrIAOIWRD3yM2fwy0q67EKgp
9wyQiiqmuup3AHcA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGK
qZvP+AAABAMASDBGAiEAvX8+f3+ZS5ykb/mkPy73mwKYt8I5d3YXQWc4kqwbYZUC
IQD35O1Y03yu8YRA0Tvk7vR/+hLaV3OkqOHr3Xami+zRHzANBgkqhkiG9w0BAQsF
AAOCAQEABTv1+NDQBG1D0Vv6VhoSCrUlk9TbHKfBefDp5+d4iVVFEgcLEgTOo/LJ
ZF76maguO8HlAzXOPQVlU464xVMZ+owcATNB7zOa3WKYUfw8GlyihS8u+bSpG4gY
PZu9ky9zOkQDCqrt/X7/vw28tbtQ9UKaQGFEHmXlJmDIp8pviISPwTMfVkfqmBGJ
JR2SykE/FMxDF9/9KYUeBy9xFOSUiNMDkCBqAA3GfkIGSWslJnxWubhhqhyio5MQ
yamBUyEmlExQ7Qdg7a/whnr49BC7u7SgTivDxw5OcrUwkU1n4aucGL3A+XLulVxM
TULhbZ09pjj5U0GHGdwZ7G2zmVpiww==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznjrFEM9tcK62HsBn9OL
2l59QAmhsXjtUXGut8ySU3Fb50hPmbya75t8okqvBCK3KW0aLFnOHSIWNx28dm1n
f72JMCi3F21BTNdournF8RunpLC0o/aTRrOKEEQs3P9FN7U/Nogq37fqd3nA00HA
PAh3wsrUfToRLG0oJdqzyTm9coCz/DZMw1b6B2w3NY1URkKV/tEvt9CxnHP4/8mL
p093DydM8LC/wYbREcYI6EygQUKIfEJGaJda6w6YirgVrHZFC3ZhcZFQBiUo6+eq
J1rPHvJBnHSUR82++INGYuEq6tAHvr/Sv8wCKS9dP1cbXEsks56dVRrDeUp08OwO
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 383327672478699560445829542201146992466361
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-18 17:44:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 17:44:34 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.aws.leafo.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26064717848186826429985652758269095616254346236530813041493988279806734158282657753942689385870615118482170900374307485986487284795210733788856566417729489963852218305057112678559855003873492179169383359865600385706502827166268701108882819798765064037215734125359796016870138925532158657515100618540672454346786662638640657248376150278030786859889275078772924226304424958789780649982092993686026533943266530004248209930430845947927296582714637168725888758149041121568460197180183530711049198110725950018242131232816147760180709965987092199952344493637996119836853506051316949897507650982773399927925416493235078696549
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b7718a35028b10350ef7cf57c03baeb89ab0f63a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (261 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aws.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cool.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cool2.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hamlet.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.linode.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.moonrocks.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ovh.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pokemon.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rit.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.scratch.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worm.leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leafo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tswiki.leafo.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018aa99bd003000004030047304502205a764511fb6709862ae7717f9aa0d38a9029ca99cb7184186369c15caf30aa30022100e8d18fce39cab2003885910f7c8cd9fc32d2aebb10a829f70c908a2aa6baea77007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018aa99bcff80000040300483046022100bd7f3e7f7f994b9ca46ff9a43f2ef79b0298b7c23977761741673892ac1b6195022100f7e4ed58d37caef18440d13be4eef47ffa12da5773a4a8e1ebdd76a68becd11f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00053bf5f8d0d0046d43d15bfa561a120ab52593d4db1ca7c179f0e9e7e77889554512070b1204cea3f2c9645efa99a82e3bc1e50335ce3d0565538eb8c55319fa8c1c013341ef339add629851fc3c1a5ca2852f2ef9b4a91b88183d9bbd932f733a44030aaaedfd7effbf0dbcb5bb50f5429a4061441e65e52660c8a7ca6f88848fc1331f5647ea981189251d92ca413f14cc4317dffd29851e072f7114e49488d30390206a000dc67e4206496b25267c56b9b861aa1ca2a39310c9a981532126944c50ed0760edaff0867af8f410bbbbb4a04e2bc3c70e4e72b530914d67e1ab9c18bdc0f972ee955c4c4d42e16d9d3da638f953418719dc19ec6db3995a62c3