DV SSL/TLS Certificate for buckthornproject.org

Certificate is witin its validity period

Issued by GoDaddy.com, Inc. (Go Daddy Secure Certificate Authority - G2)

About the buckthornproject.org DV SSL/TLS Certificate

This certificate with serial number c4:6c:a7:c2:0d:67:0a:ff for buckthornproject.org was issued on by GoDaddy.com, Inc..

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for buckthornproject.org provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

GoDaddy.com, Inc.

Organization: GoDaddy.com, Inc.
Organizational unit: http://certs.godaddy.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): c4:6c:a7:c2:0d:67:0a:ff
Serial Number (int): 14153872180808977151
Serial Number Length: 64 bits, 8 octets

Subject Key Identifier: a4:34:ae:f3:1b:86:7f:21:ab:58:9d:15:1b:24:b8:ea:6e:b9:8f:84
Authority Key Identifier: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce

Fingerprint (SHA-1): 70:64:e4:99:1e:b8:8f:01:d9:cd:3b:3f:85:da:0d:0f:34:fd:10:3a
Fingerprint (SHA-256): 52:57:3b:85:a7:7e:b1:f4:16:5e:c3:77:2b:d2:43:f9:37:2c:8e:18:fe:c3:eb:f3:db:36:ce:5c:32:84:3f:f9

Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt

Revocation Information

OCSP Server: http://ocsp.godaddy.com/
CRL Distribution Point: http://crl.godaddy.com/gdig2s1-31965.crl

Check the revocation status for certificate buckthornproject.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for buckthornproject.org

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for buckthornproject.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGqjCCBZKgAwIBAgIJAMRsp8INZwr/MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa
MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0
cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj
dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MTAzMTEzMTY0OVoX
DTI1MTIwMjEzMTY0OVowHzEdMBsGA1UEAxMUYnVja3Rob3JucHJvamVjdC5vcmcw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDcYu8wLyA2r+sD95m7MKt
i7hkaSgFMarQDDt3L3ge2+I94/hKov+fOszIgx+g+0Obn9ei7ziKrovRLn5zrPF7
jar0HAf/qbQShfvPPcf9vJFozk68gfitIBVwVK3VJpBaLDHTj2QlLjVuTj/WS9pm
PKgpgnfsZP3T/CBUzMnLycba6I8xSw4NC598wuTC2VEMwAnfyhCGin4C0P22jrS0
bXEWlYChRRQ77YFeuE81lL2EGACadRgM9dLdS9qNPqk/cChytvEEPTP9Igf1w4xQ
KuN3ZH8mMASbyHTwQKETe06s4W+lox/fNdhNEqjmouWPtRCerfzZ7LM4cWCwIsrX
AgMBAAGjggNRMIIDTTAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwOQYDVR0fBDIwMDAuoCygKoYoaHR0
cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMxLTMxOTY1LmNybDBdBgNVHSAEVjBU
MEgGC2CGSAGG/W0BBxcBMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0
ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMHYGCCsGAQUFBwEB
BGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMEAGCCsG
AQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRv
cnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0LIDOMDkG
A1UdEQQyMDCCFGJ1Y2t0aG9ybnByb2plY3Qub3Jnghh3d3cuYnVja3Rob3JucHJv
amVjdC5vcmcwHQYDVR0OBBYEFKQ0rvMbhn8hq1idFRskuOpuuY+EMIIBfwYKKwYB
BAHWeQIEAgSCAW8EggFrAWkAdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr
5YYmOgAAAZLiuLoCAAAEAwBHMEUCIFD8vAFGu5fvDQl7Os5fpugHlOu5D8kqzm4I
ZxIqH69tAiEAyjVmgPClfORm5T1+CZ+i3o4DfocJBw6H0iweiM5LEq8AdwDM+w9q
hXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAZLiuM60AAAEAwBIMEYCIQDW
K75/R0O4mF21FYR/9wWrWf70QDX1Qsg1rJFLVXopJAIhAJ0ktsg6F/lyosHRs9S3
1SoVd347HvjDTNJiTUfaQsGcAHYA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId
/R43jlAAAAGS4rjPgQAABAMARzBFAiEAnNQMlnlAsCFhEzuBuTU3ZshYgobe8kYz
yerVJzU4SYoCIFPYZXFpW0CymMSNGT8DHC8okmAEgIMWwGaNfIigC8vOMA0GCSqG
SIb3DQEBCwUAA4IBAQCKEodTouQEZVAgt8itlDZW4sVGbP56HLWF2TP6fiOpZ7NW
ejki4y7hTi+EUoLfwFlJjb1izqPowEuL5dL0zPpZJr9vb2DWVC6+N4tyuiETHTKZ
JZ+fuArgZsw0MRC+RKLDPAzpzIN35YCqp2Hzx87LU2nLDOa5ypdKTH4lfj1PK/IE
E0SkXBa6MehvCgtxJ/04bV+h2UnnS5YSyAt3cCAPZE8pmhhTJjGXT6MUzGzT7EgT
W/Hg2hUYRy/PNRhdsnO6I+Lofs6DMwNHErZI8GcyE9OJ8CxdFrZ+SpVoAR+6tkUe
z1dcsS5/MfB0Q9hpOjyjbuxkP0DYyELx2EaYDCmB
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3GLvMC8gNq/rA/eZuzC
rYu4ZGkoBTGq0Aw7dy94HtviPeP4SqL/nzrMyIMfoPtDm5/Xou84iq6L0S5+c6zx
e42q9BwH/6m0EoX7zz3H/byRaM5OvIH4rSAVcFSt1SaQWiwx049kJS41bk4/1kva
ZjyoKYJ37GT90/wgVMzJy8nG2uiPMUsODQuffMLkwtlRDMAJ38oQhop+AtD9to60
tG1xFpWAoUUUO+2BXrhPNZS9hBgAmnUYDPXS3UvajT6pP3AocrbxBD0z/SIH9cOM
UCrjd2R/JjAEm8h08EChE3tOrOFvpaMf3zXYTRKo5qLlj7UQnq382eyzOHFgsCLK
1wIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14153872180808977151
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-31 13:16:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-12-02 13:16:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'buckthornproject.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24672461013302708075830120764448566680732296123608279336442713606727302094152925386400110675910791913647685752599300460044641205013644325138756695634880110477251711117964139176521138260495276196551499916910298191392592940508887568301207620611026172353702262954980004615211195607318170665113856235725381511941612254361408665701640972710335081093798957877925107168545971448763446959393585095219010846089814674814893671072682987112331390323404537905133688783224207009873290111221353408876873470497518768509426184120506805460920662241057605960678598668616734266990238505338574065814408950155103293645150059769071266876119
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-31965.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buckthornproject.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.buckthornproject.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a434aef31b867f21ab589d151b24b8ea6eb98f84
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000192e2b8ba020000040300473045022050fcbc0146bb97ef0d097b3ace5fa6e80794ebb90fc92ace6e0867122a1faf6d022100ca356680f0a57ce466e53d7e099fa2de8e037e8709070e87d22c1e88ce4b12af007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000192e2b8ceb40000040300483046022100d62bbe7f4743b8985db515847ff705ab59fef44035f542c835ac914b557a29240221009d24b6c83a17f972a2c1d1b3d4b7d52a15777e3b1ef8c34cd2624d47da42c19c007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e5000000192e2b8cf8100000403004730450221009cd40c967940b02161133b81b9353766c8588286def24633c9ead5273538498a022053d86571695b40b298c48d193f031c2f28926004808316c0668d7c88a00bcbce
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008a128753a2e404655020b7c8ad943656e2c5466cfe7a1cb585d933fa7e23a967b3567a3922e32ee14e2f845282dfc059498dbd62cea3e8c04b8be5d2f4ccfa5926bf6f6f60d6542ebe378b72ba21131d3299259f9fb80ae066cc343110be44a2c33c0ce9cc8377e580aaa761f3c7cecb5369cb0ce6b9ca974a4c7e257e3d4f2bf2041344a45c16ba31e86f0a0b7127fd386d5fa1d949e74b9612c80b7770200f644f299a18532631974fa314cc6cd3ec48135bf1e0da1518472fcf35185db273ba23e2e87ece8333034712b648f0673213d389f02c5d16b67e4a9568011fbab6451ecf575cb12e7f31f07443d8693a3ca36eec643f40d8c842f1d846980c2981