ewr.dls.eol.mass.gov

Issued by Amazon

About this certificate

This digital certificate with serial number 04:1d:06:e6:0a:39:bf:4f:22:fb:01:e8:f4:10:db:af was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=ewr.dls.eol.mass.gov

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:1d:06:e6:0a:39:bf:4f:22:fb:01:e8:f4:10:db:af
Serial Number (int): 5467628512136835985405907825264221103
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: bb:0d:33:3c:5f:d8:65:e8:87:0f:fd:be:d3:a1:02:06:e0:08:7a:6d
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): a4:9e:8a:66:d0:77:a5:f2:67:90:9d:68:ef:4b:8d:c0:bf:e7:01:6d
Fingerprint (sha256): 37:2b:5d:a1:4e:59:ee:92:46:d5:b5:3b:03:12:89:1e:8b:13:1c:d8:d5:9f:f0:c8:d0:53:ea:38:d8:98:79:8a

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate ewr.dls.eol.mass.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ewr.dls.eol.mass.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ewr.dls.eol.mass.gov

Other certificates including the domain name mass.gov

(limited to 100 certificates)
support.tss.mass.gov
www.mass.gov
lmi-preview.dua.eol.mass.gov
trainingpro.dcs.eol.mass.gov
tnc.mass.gov
securebackup.wsgwalt.mass.gov
elicensing.mass.gov
eDEP.DEP.MASS.GOV
paidleave-devint.dfml.eol.mass.gov
taarrneg.dcs.eol.mass.gov
mass.gov
eDEP.DEP.MASS.GOV
hrcms-tst.mass.gov
cue.eol.mass.gov
acc-test.elicensing.mass.gov
agis-test.elicensing.mass.gov
dta-path-dev.ehs.mass.gov
mft.mass.gov
oarsadmin.hed.mass.gov
intercept-qa.ctr.mass.gov
massachusettsgatewayservice.us
search.mass.gov
paidleave-breakfix.eol.mass.gov
mobile-test.elicensing.mass.gov
*.sites.digital.mass.gov
qe5-qa.eohhs.mass.gov
mayflower.digital.mass.gov
transfer2-qa-mft.mass.gov
*.dev.digital.mass.gov
lmi.dua.eol.mass.gov
HCSIS-QAAPP2.EOHHS.MASS.GOV
ics.mass.gov
learn-to-earn.secure.digital.mass.gov
email.state.ma.us
transfer2-mft.mass.gov
dev.maps.digital.mass.gov
orp2020.eoe.mass.gov
trainingpro.dcs.eol.mass.gov
etl.digital.mass.gov
search-poc.digital.mass.gov
dev.maps.digital.mass.gov
wsgw.mass.gov
stage.dashboards.digital.mass.gov
eDEP.DEP.MASS.GOV
mayflower-react.digital.mass.gov
jira.mass.gov
hrcms-spt.mass.gov
opendata.digital.mass.gov
wotc.dcs.eol.mass.gov
db-mft.mass.gov
services.oca.mass.gov
myvaxrecords-internal.mass.gov
hrcms-sptcore.mass.gov
commoncalc.mass.gov
ics.mass.gov
acc.elicensing.mass.gov
hcsis-wrp1.ehs.mass.gov
paidleave-breakfix.eol.mass.gov
arcgisserver.digital.mass.gov
gateway-ts-mft.mass.gov
myservices-test.ehs.mass.gov
search.mass.gov
immrecordsqa-internal.dph.mass.gov
dta-finderapi.ehs.mass.gov
eec.masstexts.mass.gov
immrecordsqa-internal.dph.mass.gov
ehealth.ehs.mass.gov
transfer-mft.mass.gov
mmars-bd.mass.gov
paidleave-admin-devint.dfml.eol.mass.gov
economicrecovery.hed.mass.gov
hcsis-qa.eohhs.mass.gov
search.mass.gov
opendata.digital.mass.gov
brcprogramportal.mass.gov
hcsis-util.eohhs.mass.gov
dhcdecc.hed.mass.gov
ua-lms.eoe.mass.gov
edm-rightfax-prod1.eohhs.mass.gov
wsgwalt.mass.gov
elicensing-test.elicensing.mass.gov
qe5-qawrp1.ehs.mass.gov
hrcms-tek.mass.gov
db-ts-mft.mass.gov
*.dev.maps.digital.mass.gov
edm-rightfax-prod2.eohhs.mass.gov
cms.dia.lwd.mass.gov
doctorcomplaints.mass.gov
auth.digital.mass.gov
wsgwtest.mass.gov
massachusettsgatewayservice.us
search-poc.digital.mass.gov
masshire-wc.dcs.eol.mass.gov
brcprogramportal.mass.gov
qa-dtaconnect.eohhs.mass.gov
gis-prod.digital.mass.gov
mass.gov
hrcms-dev.mass.gov
wshp.dls.eol.mass.gov
iee-qa.ehs.mass.gov

Certificate

The complete raw certificate details for ewr.dls.eol.mass.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEczCCA1ugAwIBAgIQBB0G5go5v08i+wHo9BDbrzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTEyMDYwMDAwMDBaFw0yMzAxMDMy
MzU5NTlaMB8xHTAbBgNVBAMTFGV3ci5kbHMuZW9sLm1hc3MuZ292MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXbWXBBW2C+RuaTkXA6OXYqVs28DxZry
irtWJVbGMPBoUzyG5zhT6YH9HNeCgjEvGL2nJZ0Zx2OWbyaN1ry0dnTFvjEKNXeI
88Vgm51KmFLH4ZvFlsJwA9lQdJdFhFNL4VLSfzGWq2TNQu4XqI0SQB56/5FdZlOn
DGeh7DGbO+RzV9wTBbIA6DsNHo7qIsZjHxHkAgHgBAEpKaPChQo+Xjw4bKIq0hmQ
mvOsThn2zxBYZAXL4+vHDtQhSqF6p2+DPq+IEjAJ87XDBS+7gF0yW8I2TrU3API+
uS7kdUxvB9NJXFnlWBC0BnVwxJ0eoi9rEyX+7jy/kELLwSQuzZwHPwIDAQABo4IB
gjCCAX4wHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYE
FLsNMzxf2GXohw/9vtOhAgbgCHptMB8GA1UdEQQYMBaCFGV3ci5kbHMuZW9sLm1h
c3MuZ292MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zY2ExYi5hbWF6b250
cnVzdC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYB
BQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250
cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1
c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8E
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBWrOgPkljQF+hkev6BSSLunm6W8q0HW+jv
SUHTiwKxYXxzoxaqRVVDzfEyombCnuEyVuFAVEUnGCiRJbY7Gn9pNxBXnyh87nTm
V8QppgSJa/pILboSBANQ6BH6LtKRbl3UBFIuQgklLkW1CFc8OFwh/ZPAKquLpWUY
PTY2EqJ4sgRxIlrQyqVoVOkFwpSni3+HQg2P6IUIZ6jZ+G+YGcoF+D/khaMHvrgU
GOGuq9u4losUzLrjCdOGm4j+6yjAi2EokN7yxbbX6kN2xkJrN+0nEoAcXnNTtD5V
zAhVUU0GYR188CjxNPl84anGPw8LvPd7H+krrni8LHFm86A+BKCN
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXbWXBBW2C+RuaTkXA6O
XYqVs28DxZryirtWJVbGMPBoUzyG5zhT6YH9HNeCgjEvGL2nJZ0Zx2OWbyaN1ry0
dnTFvjEKNXeI88Vgm51KmFLH4ZvFlsJwA9lQdJdFhFNL4VLSfzGWq2TNQu4XqI0S
QB56/5FdZlOnDGeh7DGbO+RzV9wTBbIA6DsNHo7qIsZjHxHkAgHgBAEpKaPChQo+
Xjw4bKIq0hmQmvOsThn2zxBYZAXL4+vHDtQhSqF6p2+DPq+IEjAJ87XDBS+7gF0y
W8I2TrU3API+uS7kdUxvB9NJXFnlWBC0BnVwxJ0eoi9rEyX+7jy/kELLwSQuzZwH
PwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5467628512136835985405907825264221103
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ewr.dls.eol.mass.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25937453395606129395230289175122220865583862326516385899510223450136391383568310171220022950373386896267636915914444065088366370271045290282308582914168666038442948366452131100913546447920881960778694713254970886032962086374643747934234979256185421615999507224645798080863263813321056974153926297442773268352575528456981275934629328427508918016860009685382656402277287656130977019959860566765583356655964312350935020036312478695176542993199850743814241649137003339952500417564669628356711909606703974689249093545864245603210172747898148769096945668356111387944017426873361290801388420382014345629644634548825858246463
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bb0d333c5fd865e8870ffdbed3a10206e0087a6d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ewr.dls.eol.mass.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0056ace80f9258d017e8647afe814922ee9e6e96f2ad075be8ef4941d38b02b1617c73a316aa455543cdf132a266c29ee13256e14054452718289125b63b1a7f693710579f287cee74e657c429a604896bfa482dba12040350e811fa2ed2916e5dd404522e4209252e45b508573c385c21fd93c02aab8ba565183d363612a278b20471225ad0caa56854e905c294a78b7f87420d8fe8850867a8d9f86f9819ca05f83fe485a307beb81418e1aeabdbb8968b14ccbae309d3869b88feeb28c08b612890def2c5b6d7ea4376c6426b37ed2712801c5e7353b43e55cc0855514d06611d7cf028f134f97ce1a9c63f0f0bbcf77b1fe92bae78bc2c7166f3a03e04a08d