nila.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:10:0a:17:4f:db:7b:07:2f:83:2b:91:4e:1e:3a:2b:e8:4e was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nila.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:10:0a:17:4f:db:7b:07:2f:83:2b:91:4e:1e:3a:2b:e8:4eSerial Number (int): 266794788988500752437215690214037263214670
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 19:96:43:b2:9f:68:58:5e:b1:17:13:a0:dd:8f:db:60:d5:be:b0:4a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 66:1b:54:fa:6f:12:c4:33:b1:56:b0:8a:dd:9a:f9:40:10:df:27:17
Fingerprint (sha256): 36:35:5c:72:65:3d:df:19:d3:5e:3b:f1:81:17:3e:46:a7:fa:5d:05:63:96:9c:5d:cd:1a:15:3c:40:58:aa:92
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate nila.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nila.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nila.cz
www.nila.cz
www.nila.cz
Other certificates including the domain name nila.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for nila.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHBTCCBe2gAwIBAgISAxAKF0/bewcvgyuRTh46K+hOMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA2MDgwNTUyNTFaFw0x ODA5MDYwNTUyNTFaMBIxEDAOBgNVBAMTB25pbGEuY3owggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQCxCj+L4DLjZ7VQtPgMNiSFU+l0SDEiTxGy+NPlFmYK 5TFgUQDBYx2QrnPsUB0eJ+iztTrN03BIAl8Xs8Y2oKW8vXJoLbNNsIBcB4h4wf2K HoL+x9eGZPBt4dIq+A/anHFXp1GU+jTrrtGrJhEqZrTyUQ/66xSUVA7o5pWSIgAk JMr/Mjk790+1h4uoZgTEkngHthJIzo3qlBwoGgh2cpTqETkeTMrvXBd2ISL+7ghX gUG43SEA7XwbFtPhChVADhobqunYHLNg1YP8WBBw74NYxrj/YXdx7vADov0T/QTN CdUFmPXCzlrUvvp9UKCM9xoupcjHtvjgkYvvvr95NDHiQZrQ6jG0Q1hYL6Pu0SIM dJj0rPODkGAfs6zLA6ZjYTYz0o3bkgAt9WbCJGGw/W/z0TKmUpwd0a5ly3pMRZ9L kviEnL+myNr9HBkbFcSry9pHfnH4eKDVCfH3r64hEHncLOBC1l2giFmn/uA0yt4J TI3HI8JpDlUxxJoPEokFqdVgEC23JUdQvnMMmsqHhu3/1Xwhu3z/8i04IJI2qrO+ nse7yQSnSYRlUBdZu4r9xuLRCE+2WotdUrC9jBUSNl5SrxOcUFvZ0wNj1ALzQStI HQdNc7Lt9UdrywC/nQ+KPkXKcNnCbJXMVWUL8UwHq1Y2G7oWm4iRZ5QfrE68vFSN JQIDAQABo4IDGzCCAxcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQZlkOyn2hYXrEX E6Ddj9tg1b6wSjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggr BgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRz ZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz ZW5jcnlwdC5vcmcvMB8GA1UdEQQYMBaCB25pbGEuY3qCC3d3dy5uaWxhLmN6MIH+ BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGe DIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBS ZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBD ZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5v cmcvcmVwb3NpdG9yeS8wggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgDbdK/uyyns sf7KPnFtLOW5qrs294Rxg8ddnU83th+/ZAAAAWPeK1S3AAAEAwBHMEUCIDZtlHWl rrDx8q4m5eT/yOkjlRTpFzkU/Gn8bAr+nL3aAiEA+X5NujBtz2TrRlPZ0ODtL20+ 4hOzIOT73RmgkdihOewAdQApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0 eAAAAWPeK1THAAAEAwBGMEQCICNhpgjaPcWyNahVeGVGU9zPYioTV1nKjuMU1PKi wjxgAiATcw8D83kC70xuy/zjQ0uk0w01ZLtfdAwVJFay1vti7DANBgkqhkiG9w0B AQsFAAOCAQEAjrki3MCuh5ZS6HioiilTGLY9UUtajexG0FWMV6CLJB9gwzAMHdeD r6YezZhe/FxmkcTlcGuTqYutL9awnkAYfD3NGlfhI4A9GEWhIrOE8Bo9OXX4Edrk f2pL0+5oDwPYKHj8+pO3PWfi4orDHPStco1fNruTGXG5F9UsUDoDg3jndvu/qGA5 DCx4FOBJxcNXl/81fy8EoWfJBU1jKjjqE61lMfuKCz1rTJQHVIAHYl87fNHGyVrx y9cqpyPk/Jgppsz25daTeptDFPfeV6dtzCcQQ7uNB8ZkXrYxdwYbxPQyDSBPQ0np 8QxhgNl1pARmoVB4rV6OyEoEGWmZ4DkduA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsQo/i+Ay42e1ULT4DDYk hVPpdEgxIk8RsvjT5RZmCuUxYFEAwWMdkK5z7FAdHifos7U6zdNwSAJfF7PGNqCl vL1yaC2zTbCAXAeIeMH9ih6C/sfXhmTwbeHSKvgP2pxxV6dRlPo0667RqyYRKma0 8lEP+usUlFQO6OaVkiIAJCTK/zI5O/dPtYeLqGYExJJ4B7YSSM6N6pQcKBoIdnKU 6hE5HkzK71wXdiEi/u4IV4FBuN0hAO18GxbT4QoVQA4aG6rp2ByzYNWD/FgQcO+D WMa4/2F3ce7wA6L9E/0EzQnVBZj1ws5a1L76fVCgjPcaLqXIx7b44JGL776/eTQx 4kGa0OoxtENYWC+j7tEiDHSY9Kzzg5BgH7OsywOmY2E2M9KN25IALfVmwiRhsP1v 89EyplKcHdGuZct6TEWfS5L4hJy/psja/RwZGxXEq8vaR35x+Hig1Qnx96+uIRB5 3CzgQtZdoIhZp/7gNMreCUyNxyPCaQ5VMcSaDxKJBanVYBAttyVHUL5zDJrKh4bt /9V8Ibt8//ItOCCSNqqzvp7Hu8kEp0mEZVAXWbuK/cbi0QhPtlqLXVKwvYwVEjZe Uq8TnFBb2dMDY9QC80ErSB0HTXOy7fVHa8sAv50Pij5FynDZwmyVzFVlC/FMB6tW Nhu6FpuIkWeUH6xOvLxUjSUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266794788988500752437215690214037263214670 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-08 05:52:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-06 05:52:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nila.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 722260316925947471021945009279942233710061869646761259395259167429180836364706411787609691262465693898745346936568824035629975113779883037410505240256199140160320300762936042034602138593572975424201532587042899203740616036523513613348938703771352420442663657266379886148251239608162478005821656362639131302708468055084858572544553591525474899384889233973545226094079938025030939898631738636222700140578541302676655242188268785482675749267701416331458258539679984617437957949591074437589126691844465024244291092280458230627179220167451387519131031063840181500910748285681915599591631704297122517158763092897369225083533003704669604724969460704946735458343944066351911251428332671469719768174894349482729408037942807480507694983244310590347847110679386185381028473089791560036477804994987951583821335536893543242051287552481132025134311845140507214331297969650720137012501807870566512247512119627164533203454438753770609688936830242083976679449809441829272937355766820664228511222437419060478307514803272904806807703820351894844181759784268089923334646299346437434147400486113721412205620319151511859547444695076472420906556134124932470458979304295867763436327686087266314963409636453558227575603459127816574658611871395820964190391589 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 199643b29f68585eb11713a0dd8fdb60d5beb04a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nila.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nila.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000163de2b54b700000403004730450220366d9475a5aeb0f1f2ae26e5e4ffc8e9239514e9173914fc69fc6c0afe9cbdda022100f97e4dba306dcf64eb4653d9d0e0ed2f6d3ee213b320e4fbdd19a091d8a139ec007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000163de2b54c7000004030046304402202361a608da3dc5b235a85578654653dccf622a135759ca8ee314d4f2a2c23c60022013730f03f37902ef4c6ecbfce3434ba4d30d3564bb5f740c152456b2d6fb62ec . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008eb922dcc0ae879652e878a88a295318b63d514b5a8dec46d0558c57a08b241f60c3300c1dd783afa61ecd985efc5c6691c4e5706b93a98bad2fd6b09e40187c3dcd1a57e123803d1845a122b384f01a3d3975f811dae47f6a4bd3ee680f03d82878fcfa93b73d67e2e28ac31cf4ad728d5f36bb931971b917d52c503a038378e776fbbfa860390c2c7814e049c5c35797ff357f2f04a167c9054d632a38ea13ad6531fb8a0b3d6b4c9407548007625f3b7cd1c6c95af1cbd72aa723e4fc9829a6ccf6e5d6937a9b4314f7de57a76dcc271043bb8d07c6645eb63177061bc4f4320d204f4349e9f10c6180d975a40466a15078ad5e8ec84a04196999e0391db8