axiompraesidium.org
Issued by R3
About this certificate
This digital certificate with serial number 03:03:a6:a9:4f:cd:c0:85:fd:b7:e0:b5:f4:a5:f6:40:f6:1b was issued on by Let's Encrypt.
With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=axiompraesidium.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:03:a6:a9:4f:cd:c0:85:fd:b7:e0:b5:f4:a5:f6:40:f6:1bSerial Number (int): 262579235860124658862109602101702227457563
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e9:69:81:0a:a3:e6:45:17:ee:b1:c0:26:00:1f:49:62:f9:6f:db:55
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 6f:4c:01:a5:15:f9:71:e2:b5:8a:d0:14:73:98:28:9e:8e:06:81:f7
Fingerprint (sha256): 3b:f5:70:aa:0f:9d:f5:98:0d:21:c9:cc:97:14:a4:76:98:8e:74:21:06:31:da:a0:4b:c6:5e:65:bd:be:36:26
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate axiompraesidium.org
23
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for axiompraesidium.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
axiompraesidium.org
bhopaldentist.in
blueandgreendiamond.com
candywrappercreations.com
diamondring.in
dirtygenes.org
freecavitywallinsulation.uk
ingebridesornaments.com
logicexperts.com
metamooch.com
mokshayoga.in
onefaith.us
queertunes.com
quigleyeyeonthearts.com
rubberprides.com
saucereimagined.com
sawomennetworking.com
seoul4vip.com
snow-flake.com
tanyetta.com
tepintaskmanager.net
urbanfaith.mobi
voiceplug.com
bhopaldentist.in
blueandgreendiamond.com
candywrappercreations.com
diamondring.in
dirtygenes.org
freecavitywallinsulation.uk
ingebridesornaments.com
logicexperts.com
metamooch.com
mokshayoga.in
onefaith.us
queertunes.com
quigleyeyeonthearts.com
rubberprides.com
saucereimagined.com
sawomennetworking.com
seoul4vip.com
snow-flake.com
tanyetta.com
tepintaskmanager.net
urbanfaith.mobi
voiceplug.com
Other certificates including the domain name axiompraesidium.org
(limited to 100 certificates)
books.sunset.bible
alln.cc
cheeselam.org
axiompraesidium.org
trailerupholstery.ca
trojans.college
shadi.date
axiompraesidium.org
axiompraesidium.org
axiompraesidium.org
fitmart.in.axiompraesidium.org
ronhouse.name
ahmadi.org
allaboutltc.org
axiompraesidium.org
brioche.house
xcluded.net.axiompraesidium.org
digitaldecimal.org
alln.cc
cheeselam.org
axiompraesidium.org
trailerupholstery.ca
trojans.college
shadi.date
axiompraesidium.org
axiompraesidium.org
axiompraesidium.org
fitmart.in.axiompraesidium.org
ronhouse.name
ahmadi.org
allaboutltc.org
axiompraesidium.org
brioche.house
xcluded.net.axiompraesidium.org
digitaldecimal.org
Certificate
The complete raw certificate details for axiompraesidium.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGnDCCBYSgAwIBAgISAwOmqU/NwIX9t+C19KX2QPYbMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDcxOTEyNDVaFw0yNDA4MDUxOTEyNDRaMB4xHDAaBgNVBAMT E2F4aW9tcHJhZXNpZGl1bS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQClEqtBkSjzmmU73omaDuxxBDadzAq9MkXnO7T5/O9qN/mgy+6qDIpFrQ5X LhOeCwO69+U/yVmFT98Jg2blkdRRPLylYA4ZLJ7J3yYECZfyn3Afnb/60reup31B Ceube7EhxrxVgACxCbuG88onckNkuoF0UOhoMt8zXoZQh70XNTFktPBseNFAOGA7 LU5uuueLNM+pUcafCgYwbjw5whKZlM8x9+HFtjbDVtJywEmtyXBMK1U38UuskZXe QNYUXoSnY9bAxBReRa75Ne/rLrZqkK1pcB0EQrJaqea6LwSdH0VWN53ONnjOz35P zME0Zg6uy0gGOSzjHb5dvT31787TAgMBAAGjggO+MIIDujAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFOlpgQqj5kUX7rHAJgAfSWL5b9tVMB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMIIBxQYDVR0RBIIBvDCCAbiCE2F4aW9tcHJhZXNpZGl1bS5vcmeCEGJo b3BhbGRlbnRpc3QuaW6CF2JsdWVhbmRncmVlbmRpYW1vbmQuY29tghljYW5keXdy YXBwZXJjcmVhdGlvbnMuY29tgg5kaWFtb25kcmluZy5pboIOZGlydHlnZW5lcy5v cmeCG2ZyZWVjYXZpdHl3YWxsaW5zdWxhdGlvbi51a4IXaW5nZWJyaWRlc29ybmFt ZW50cy5jb22CEGxvZ2ljZXhwZXJ0cy5jb22CDW1ldGFtb29jaC5jb22CDW1va3No YXlvZ2EuaW6CC29uZWZhaXRoLnVzgg5xdWVlcnR1bmVzLmNvbYIXcXVpZ2xleWV5 ZW9udGhlYXJ0cy5jb22CEHJ1YmJlcnByaWRlcy5jb22CE3NhdWNlcmVpbWFnaW5l ZC5jb22CFXNhd29tZW5uZXR3b3JraW5nLmNvbYINc2VvdWw0dmlwLmNvbYIOc25v dy1mbGFrZS5jb22CDHRhbnlldHRhLmNvbYIUdGVwaW50YXNrbWFuYWdlci5uZXSC D3VyYmFuZmFpdGgubW9iaYINdm9pY2VwbHVnLmNvbTATBgNVHSAEDDAKMAgGBmeB DAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AD8XS0/XIkdYlB1lHIS+DRLt kDd/H4Vq68G/KIXs+GRuAAABj1Sv6MAAAAQDAEgwRgIhAPovdQGUxUyMVAQDNB0U AfIwUSWMJ1QU8hZ3jUhY4LzOAiEAtO69oAY38keSQi30dqbo2r247fYj+WNti7Ll HC3rVs8AdQAZmBBxCfDWUi4wgNKeP2S7g24ozPkPUo7u385KPxa0ygAAAY9Ur+jV AAAEAwBGMEQCIEc9qqc1SXPSfLETE1moWwKsoLFZh6lxNDBif9GQi8XdAiBq7yvX vBBJQU6e6X6OIWYOrefDwk42LnGLC2e7ek7WojANBgkqhkiG9w0BAQsFAAOCAQEA utoXUr6fLY12GfGXRUpcofWxjNajHY9NP53jpADQ3/k9Afxz2S10mKxuLzMlWCh5 LB2+0MDItwYoVrkqe3y3Ll9WWoRCPrz0JvHCxAYgku8DEys7GQMpyBDyrnQrQWC+ p1G1DyDisNsNL8clfbQaLRL5kBAKCUzzRn30r5vXI2t8BiOqvdfIoQnKL02QDiVD r1a9xdKOAlgV74I5a0+r0imOeJg9iXoy1rgmz8BXP0OLwlnFdlAHf8TIWx3bQImz kF3DrnrY8FiOlvkIFB1Z2RT8uqJEtg7LumKMSsv1CGRJwoq9HQuIjvaazO+fNoVQ F8cOkHDoUbDO0FZgcbP0Ww== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRKrQZEo85plO96Jmg7s cQQ2ncwKvTJF5zu0+fzvajf5oMvuqgyKRa0OVy4TngsDuvflP8lZhU/fCYNm5ZHU UTy8pWAOGSyeyd8mBAmX8p9wH52/+tK3rqd9QQnrm3uxIca8VYAAsQm7hvPKJ3JD ZLqBdFDoaDLfM16GUIe9FzUxZLTwbHjRQDhgOy1ObrrnizTPqVHGnwoGMG48OcIS mZTPMffhxbY2w1bScsBJrclwTCtVN/FLrJGV3kDWFF6Ep2PWwMQUXkWu+TXv6y62 apCtaXAdBEKyWqnmui8EnR9FVjedzjZ4zs9+T8zBNGYOrstIBjks4x2+Xb099e/O 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 262579235860124658862109602101702227457563 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-07 19:12:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-05 19:12:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'axiompraesidium.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20838526331236539156259724866540547241192393619148484373076336326220016366596807298495319474918780760262548932090863564764629786989187185106195909236798671051215429392918324553799633433201652212793231482058503912924977789912634112804588058717361073526171397177653654471202082469921877958917508619811965984075192685300301278745276887464838751127680338899423123355813321656678040325510284176515168480653377818380180765194196474809377960256865541176317315604058552812221547399602997291817654826355117958759090885746438874495599474498960584393904181712128635747536559605609331713961874849338662643544777119319620328607443 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e969810aa3e64517eeb1c026001f4962f96fdb55 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (444 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'axiompraesidium.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bhopaldentist.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blueandgreendiamond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'candywrappercreations.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diamondring.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirtygenes.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'freecavitywallinsulation.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingebridesornaments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'logicexperts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'metamooch.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mokshayoga.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onefaith.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queertunes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'quigleyeyeonthearts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rubberprides.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saucereimagined.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sawomennetworking.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seoul4vip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'snow-flake.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tanyetta.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tepintaskmanager.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'urbanfaith.mobi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voiceplug.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f54afe8c00000040300483046022100fa2f750194c54c8c540403341d1401f23051258c275414f216778d4858e0bcce022100b4eebda00637f24792422df476a6e8dabdb8edf623f9636d8bb2e51c2deb56cf0075001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f54afe8d500000403004630440220473daaa7354973d27cb1131359a85b02aca0b15987a9713430627fd1908bc5dd02206aef2bd7bc1049414e9ee97e8e21660eade7c3c24e362e718b0b67bb7a4ed6a2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bada1752be9f2d8d7619f197454a5ca1f5b18cd6a31d8f4d3f9de3a400d0dff93d01fc73d92d7498ac6e2f33255828792c1dbed0c0c8b7062856b92a7b7cb72e5f565a84423ebcf426f1c2c4062092ef03132b3b190329c810f2ae742b4160bea751b50f20e2b0db0d2fc7257db41a2d12f990100a094cf3467df4af9bd7236b7c0623aabdd7c8a109ca2f4d900e2543af56bdc5d28e025815ef82396b4fabd2298e78983d897a32d6b826cfc0573f438bc259c57650077fc4c85b1ddb4089b3905dc3ae7ad8f0588e96f908141d59d914fcbaa244b60ecbba628c4acbf5086449c28abd1d0b888ef69accef9f36855017c70e9070e851b0ced0566071b3f45b