app.rover.io

Issued by RapidSSL SHA256 CA

About this certificate

This digital certificate with serial number 6a:ff:06:2e:6b:9a:f1:a7:90:20:89:5e:03:8e:db:62 was issued on by GeoTrust Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=app.rover.io

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 6a:ff:06:2e:6b:9a:f1:a7:90:20:89:5e:03:8e:db:62
Serial Number (int): 142222328624382772947679556858241014626
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 97:c2:27:50:9e:c2:c9:ec:0c:88:32:c8:7c:ad:e2:a6:01:4f:da:6f

Fingerprint (sha1): bc:9c:d1:c5:31:19:94:2b:37:c6:86:45:1b:1a:f0:04:e6:f6:f6:e4
Fingerprint (sha256): 3a:de:99:85:d5:73:97:b5:9b:82:9e:cf:28:8b:22:94:75:e1:4e:a1:23:92:4d:be:82:80:23:ab:ea:fb:a0:98

Issuing Certificate URL: http://gp.symcb.com/gp.crt

Revocation information

OCSP Server: http://gp.symcd.com
CRL Distribution Point: http://gp.symcb.com/gp.crl

Check the revocation status for certificate app.rover.io

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for app.rover.io

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

app.rover.io

Other certificates including the domain name rover.io

(limited to 100 certificates)
imgix4.map.fastly.net
app.rover.io
imgix4.map.fastly.net
admin.staging.rover.io
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
dns-vetting1l.map.fastly.net
dns-vetting1l.map.fastly.net
rover.io
portal.bneural.io
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
*.nowpurchase.com
sendsms.cc
*.images.blucommerce.com
*.rover.io
nziswano.agency
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
flowlearn.app
imgix4.map.fastly.net
imgix4.map.fastly.net
www.leadlizard.io
*.images.blucommerce.com
imgix4.map.fastly.net
imgix4.map.fastly.net
*.rover.io
app.rover.io
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
dns-vetting1l.map.fastly.net
m.rover.io
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
*.rover.io
dns-vetting1l.map.fastly.net
dns-vetting1l.map.fastly.net
third-images.apd.net
rover.io
www.abzyne.com
www.coopearsa.com
m.rover.io
rover.io
dns-vetting1l.map.fastly.net
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
app.rover.io
imgix4.map.fastly.net
imgix4.map.fastly.net
app.rover.io
imgix4.map.fastly.net
qav4.wallit.app
*.rover.io
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
architect.divshot.com
rover.io
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
app.rover.io
imgix4.map.fastly.net
*.images.blucommerce.com
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
*.nowpurchase.com
dns-vetting1l.map.fastly.net
www.snaphost.eu
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
app.rover.io
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
imgix4.map.fastly.net
assets.rover.io
analytics.rover.io
app.rover.io
app.rover.io
imgix4.map.fastly.net
imgix4.map.fastly.net
dns-vetting1l.map.fastly.net
app.rover.io

Certificate

The complete raw certificate details for app.rover.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIQav8GLmua8aeQIIleA47bYjANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE3MDIxMzAwMDAwMFoXDTE4MDMxNTIzNTk1
OVowFzEVMBMGA1UEAwwMYXBwLnJvdmVyLmlvMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA048hncOcfXfZUqp8xQH4xJFSI32HG223a8++jxLuj4R3NczH
ziDj4ZXejJG1+nzttoeSSW/RL26KMZkBYlbERpor9WBjMAz1bwkK9EmQQK1jo+Ow
hHcEyfYomKyqexBsDtcQl8Cmm334FpNkqG2HQ03BLbMk8rZj39QvP6S13ZvNmARx
r6/Yn2q5u0vwW21lY1nfoAvXDkS/1laalA9HQuk6tqjMwqJHX/ea1AENFQYoJeL8
ESkj0UmUT6awo3/I8NN+bfYQsqzkgDKZzAQhj1Y1uv63EJv1ybmIIP2nj9QrU8lU
v+4oGSADeFvmg1UoCndS9fPA5mnJPstlw7b54QIDAQABo4ICdzCCAnMwFwYDVR0R
BBAwDoIMYXBwLnJvdmVyLmlvMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAgoB6gHIYa
aHR0cDovL2dwLnN5bWNiLmNvbS9ncC5jcmwwbwYDVR0gBGgwZjBkBgZngQwBAgEw
WjAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29tL2xlZ2FsMCwG
CCsGAQUFBwICMCAMHmh0dHBzOi8vd3d3LnJhcGlkc3NsLmNvbS9sZWdhbDAfBgNV
HSMEGDAWgBSXwidQnsLJ7AyIMsh8reKmAU/abzAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggr
BgEFBQcwAYYTaHR0cDovL2dwLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDov
L2dwLnN5bWNiLmNvbS9ncC5jcnQwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDd
6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVo30Wx2AAAEAwBHMEUC
IQDjtYRONAaX4a6zVlckApAtZje7H6j6HFxRMWRv75D1twIgbIIX20Ze/X/Nrdup
u2YRtaWn9yhdO8CueZ5CUQSqrB8AdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jj
d80OyA3cEAAAAVo30WyjAAAEAwBHMEUCIAgnTJv5jq35lmYhQL8HOB9OMua74FBb
MKPZO7c9Ww07AiEAzP3ZcIHkVGANOppfXVOwW/x0Yuqkdi3EbX8Z9o044OEwDQYJ
KoZIhvcNAQELBQADggEBAKXH9+dk4ldiRGqLabaXtntffNr/fZf+ZLl+vlF1Ln2e
nxSbkIZ1wlszViTvP1mq/NMTG2wUTVgxNPGNRFJEmLF7kkCh0PoUIIr/TDD7h7CX
k3BVcB+PN4YvZ9rMnE+zsM9E82wmgcoYsd0fAiYi59bkqMDDdYfdW8A9l63H3WoY
MaRw5m+iz/bKUwTC0lH1R7WuY0rH3fztxWZ3UQ54A6uS11JSSXtjiCDSGkt/2Ey+
R6NfUOoPYhpdXkqJPMDMAbDmqo6+Gjp6QGR61YtihCdgDTJDzMJp/z7Df5zVNfn7
9vu1ge1171w6Tyo3KumR6oVhmTMo8hkAwhcPZSRHol4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA048hncOcfXfZUqp8xQH4
xJFSI32HG223a8++jxLuj4R3NczHziDj4ZXejJG1+nzttoeSSW/RL26KMZkBYlbE
Rpor9WBjMAz1bwkK9EmQQK1jo+OwhHcEyfYomKyqexBsDtcQl8Cmm334FpNkqG2H
Q03BLbMk8rZj39QvP6S13ZvNmARxr6/Yn2q5u0vwW21lY1nfoAvXDkS/1laalA9H
Quk6tqjMwqJHX/ea1AENFQYoJeL8ESkj0UmUT6awo3/I8NN+bfYQsqzkgDKZzAQh
j1Y1uv63EJv1ybmIIP2nj9QrU8lUv+4oGSADeFvmg1UoCndS9fPA5mnJPstlw7b5
4QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 142222328624382772947679556858241014626
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'app.rover.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26706863029122576895052669775341646955745967385786215240811593637209505555716047116610143971730373723752326018623434496535063771325560069659092285183358603129680687549365910283971116444313694048619960431133415593557163769090283778941748994957815947389684739832431404334892703619620890357983322682451304773558823565267612474000865489914487150726339396546139325107758705933707249735645247485335601804191459459915156482666455217688237373974242870387220674469572100715707148669403546333035616542950403258491453879050299844530306112668855189844038261999150901833119542035433993121984995148746895936340808048332570564688353
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.rover.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcb.com/gp.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.rapidssl.com/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 97c227509ec2c9ec0c8832c87cade2a6014fda6f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcb.com/gp.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015a37d16c760000040300473045022100e3b5844e340697e1aeb356572402902d6637bb1fa8fa1c5c5131646fef90f5b702206c8217db465efd7fcdaddba9bb6611b5a5a7f7285d3bc0ae799e425104aaac1f007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015a37d16ca30000040300473045022008274c9bf98eadf996662140bf07381f4e32e6bbe0505b30a3d93bb73d5b0d3b022100ccfdd97081e454600d3a9a5f5d53b05bfc7462eaa4762dc46d7f19f68d38e0e1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a5c7f7e764e25762446a8b69b697b67b5f7cdaff7d97fe64b97ebe51752e7d9e9f149b908675c25b335624ef3f59aafcd3131b6c144d583134f18d44524498b17b9240a1d0fa14208aff4c30fb87b097937055701f8f37862f67dacc9c4fb3b0cf44f36c2681ca18b1dd1f022622e7d6e4a8c0c37587dd5bc03d97adc7dd6a1831a470e66fa2cff6ca5304c2d251f547b5ae634ac7ddfcedc56677510e7803ab92d75252497b638820d21a4b7fd84cbe47a35f50ea0f621a5d5e4a893cc0cc01b0e6aa8ebe1a3a7a40647ad58b628427600d3243ccc269ff3ec37f9cd535f9fbf6fbb581ed75ef5c3a4f2a372ae991ea8561993328f21900c2170f652447a25e