Serviço de Validação on-line do Cartão de Cidadão 000139 - EC do Cartão de Cidadão

- Cartão de Cidadão -

Issued by Cartão de Cidadão 003

About this certificate

This digital certificate with serial number 55:e0:48:32:bd:24:b1:a2:84:c7:fa:82:e9:8b:29:d9 was issued on by SCEE - Sistema de Certificação Electrónica do Estado.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • The commonName field of the subject MUST be less than 65 characters (RFC 5280: A.1)
  • Certificate had 0 embedded SCTs. Browser policy may require 4 for this certificate. Check if certificate has enough embedded SCTs to meet Apple CT Policy (https://support.apple.com/en-us/HT205280)

Cartão de Cidadão

Organization: Cartão de Cidadão
Organization unit: Serviços do Cartão de Cidadão
Organization unit: Validação on-line
Country: PT

SCEE - Sistema de Certificação Electrónica do Estado

Organization: SCEE - Sistema de Certificação Electrónica do Estado
Organization unit: ECEstado
Country: PT

This certificate will expire on

Certificate Details

Serial Number (hex): 55:e0:48:32:bd:24:b1:a2:84:c7:fa:82:e9:8b:29:d9
Serial Number (int): 114148918491466266261650079061830740441
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 86:22:28:09:ae:b7:f3:c0:f8:e4:3f:d6:95:23:b6:57:5e:f8:8f:2c
AuthorityKeyId: 3c:df:ca:b3:5a:3c:39:1e:8c:e6:e2:39:82:70:0a:89:ac:fd:2e:f6

Fingerprint (sha1): e5:01:cd:62:77:87:61:59:0a:15:45:b8:9a:0f:39:cf:d8:92:e6:08
Fingerprint (sha256): 3c:cf:cf:80:e9:f2:d3:89:9c:88:6e:db:5e:72:c2:4f:6f:e4:80:8d:6b:c7:31:bf:95:58:f9:95:a3:e0:01:fe


Revocation information

OCSP Server: http://ocsp.root.cartaodecidadao.pt/publico/ocsp
CRL Distribution Point: http://pki.cartaodecidadao.pt/publico/lrc/cc_ec_cidadao_crl003_crl.crl

Check the revocation status for certificate Serviço de Validação on-line do Cartão de Cidadão 000139 - EC do Cartão de Cidadão

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for Serviço de Validação on-line do Cartão de Cidadão 000139 - EC do Cartão de Cidadão

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment

Extended Key Usages

OCSP Signing

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for Serviço de Validação on-line do Cartão de Cidadão 000139 - EC do Cartão de Cidadão in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQVeBIMr0ksaKEx/qC6Ysp2TANBgkqhkiG9w0BAQsFADCB
hDELMAkGA1UEBhMCUFQxQDA+BgNVBAoMN1NDRUUgLSBTaXN0ZW1hIGRlIENlcnRp
ZmljYcOnw6NvIEVsZWN0csOzbmljYSBkbyBFc3RhZG8xETAPBgNVBAsMCEVDRXN0
YWRvMSAwHgYDVQQDDBdDYXJ0w6NvIGRlIENpZGFkw6NvIDAwMzAeFw0yMjA4MDkw
OTE4MDBaFw0yNTA4MTAxODE1MTNaMIHYMQswCQYDVQQGEwJQVDEcMBoGA1UECgwT
Q2FydMOjbyBkZSBDaWRhZMOjbzEpMCcGA1UECwwgU2VydmnDp29zIGRvIENhcnTD
o28gZGUgQ2lkYWTDo28xHDAaBgNVBAsME1ZhbGlkYcOnw6NvIG9uLWxpbmUxYjBg
BgNVBAMMWVNlcnZpw6dvIGRlIFZhbGlkYcOnw6NvIG9uLWxpbmUgZG8gQ2FydMOj
byBkZSBDaWRhZMOjbyAwMDAxMzkgLSBFQyBkbyBDYXJ0w6NvIGRlIENpZGFkw6Nv
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZJw+CMMvJv9gnzI2I56
mo9lyICdo9R3lcVt8/vgEpG4JfV+sdiZ78uBPYLm1u41nicHWNz08075ZLR/MQFT
bb36fFFmZ5bYOHLbuCh3Vp4Td1awhsZ88zZIju8pZtTHqNhrzgLCcd3WhpB2iICV
qo3/Wiu8uA9mhFZMsTFpm91DCucEqnyYo2D1Ir4yaD25Ws5NXHX9b2UATBCuSCPC
0PRD1FLjPu6JEB1bG7ewNxzT8GhM5IAYEU/GOjmwAdq2TTdzjjC5sWxZafb0Iusd
lEzWo6oI1FhfLkhFSX0ENEK9zJXFeo/3Q4meecx8SzYK4r3khIDTIxoy/SsdQ1N4
6wIDAQABo4IB6zCCAecwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQ838qzWjw5
Hozm4jmCcAqJrP0u9jBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6
Ly9vY3NwLnJvb3QuY2FydGFvZGVjaWRhZGFvLnB0L3B1YmxpY28vb2NzcDCBuQYD
VR0gBIGxMIGuMFUGCmCEbAEBAQIEAAcwRzBFBggrBgEFBQcCARY5aHR0cHM6Ly9w
a2kuY2FydGFvZGVjaWRhZGFvLnB0L3B1YmxpY28vcG9saXRpY2FzL2Nwcy5odG1s
MFUGC2CEbAEBAQIEAAEGMEYwRAYIKwYBBQUHAgEWOGh0dHBzOi8vcGtpLmNhcnRh
b2RlY2lkYWRhby5wdC9wdWJsaWNvL3BvbGl0aWNhcy9jcC5odG1sMA8GCSsGAQUF
BzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwVwYDVR0fBFAwTjBMoEqgSIZG
aHR0cDovL3BraS5jYXJ0YW9kZWNpZGFkYW8ucHQvcHVibGljby9scmMvY2NfZWNf
Y2lkYWRhb19jcmwwMDNfY3JsLmNybDAdBgNVHQ4EFgQUhiIoCa6388D45D/WlSO2
V174jywwDgYDVR0PAQH/BAQDAgbAMA0GCSqGSIb3DQEBCwUAA4ICAQBrEmyExjaT
ycAYvfCQ6DpBC3hLzUlE05vfj1ffF9H4lOvevim0RLxA+FKJVB/Wau9p6iUVtllR
Yjt8clRG9Za+tJWDX4aNYBnA7ZppbT7v+WTFxTdYrAsCMjwe01LiKlwl8iUdXYpw
FyR0InbAEpAwRGINEN5OyfH+D2qTnFcXCDsHk0TDVytl6ZljYuwvpyCdNMTiBPsX
TaNXcafQkc0IkG/zwBaufnFPAZGwD84SFOohB8NJNeeuOg8AxCw+iGc85ZUAmi4/
XUPkJEetcFLVGfOYEzMR0uO7i8MHm40D/wEF4BPk28Sm9n9lvaqakj+1kjNCCtHN
9hOg6JcwmmNBSXBCynghnfnj9/GbeplxSct09hj7/F0ROOJgcwzM/kkaLikjRBhK
SWzj1NPyCN3i0dSsoHeT+4otInwnxdL7dgQcA44qN+mBzFZ25RF5Lxn06cQeQx/7
hY3khYmiAc49E+U4eaSOzM+rowOu9XxXjiPF7Qdn+zzmXNUIvykSRiMEVysKKcen
DHlHYvgQNKqsef/KnYX3qp2w+q+MBo+Rg1ZK/o6Nh7bgASuQ78ZB4VUreHiKL7gB
i+7kqKg+nCgueGUENZ4EoVJ5LVJB/C4X7Oo0lO30P+NMAtq8qxyxWLVTBNYppf7B
AdV65TJJP9CI1JIIZWc4/crkHzLVpm39aw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZJw+CMMvJv9gnzI2I56
mo9lyICdo9R3lcVt8/vgEpG4JfV+sdiZ78uBPYLm1u41nicHWNz08075ZLR/MQFT
bb36fFFmZ5bYOHLbuCh3Vp4Td1awhsZ88zZIju8pZtTHqNhrzgLCcd3WhpB2iICV
qo3/Wiu8uA9mhFZMsTFpm91DCucEqnyYo2D1Ir4yaD25Ws5NXHX9b2UATBCuSCPC
0PRD1FLjPu6JEB1bG7ewNxzT8GhM5IAYEU/GOjmwAdq2TTdzjjC5sWxZafb0Iusd
lEzWo6oI1FhfLkhFSX0ENEK9zJXFeo/3Q4meecx8SzYK4r3khIDTIxoy/SsdQ1N4
6wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 114148918491466266261650079061830740441
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SCEE - Sistema de Certificação Electrónica do Estado'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ECEstado'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cartão de Cidadão 003'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-09 09:18:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-10 18:15:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cartão de Cidadão'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Serviços do Cartão de Cidadão'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Validação on-line'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Serviço de Validação on-line do Cartão de Cidadão 000139 - EC do Cartão de Cidadão'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27465925067305129756518411160491189454440786803426216331136685757952058627925908636994807562344362035147056826327019001982707723607011653189344445832955275339844648195351620302611365498022370236841191756458396589349969088694303895409506806427619223850130657880459802030503497665491839338068406318089094392449893979555554942587642267219257467689161497718915334181439614635219807234232674692826215236605714841463114966835677657791401847697468702127900252335082031018784587219340218747430903892461050913029494569462402178919281867595156188301041271986147936425170738081812893246434840614344507417967889287580411531327723
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3cdfcab35a3c391e8ce6e23982700a89acfd2ef6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.root.cartaodecidadao.pt/publico/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (177 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.620.1.1.1.2.4.0.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://pki.cartaodecidadao.pt/publico/politicas/cps.html'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.620.1.1.1.2.4.0.1.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://pki.cartaodecidadao.pt/publico/politicas/cp.html'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1.5 (ocspNoCheck)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.9 (ocspSigning)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.cartaodecidadao.pt/publico/lrc/cc_ec_cidadao_crl003_crl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							86222809aeb7f3c0f8e43fd69523b6575ef88f2c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2 bits)
							06c0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		006b126c84c63693c9c018bdf090e83a410b784bcd4944d39bdf8f57df17d1f894ebdebe29b444bc40f85289541fd66aef69ea2515b65951623b7c725446f596beb495835f868d6019c0ed9a696d3eeff964c5c53758ac0b02323c1ed352e22a5c25f2251d5d8a701724742276c012903044620d10de4ec9f1fe0f6a939c5717083b079344c3572b65e9996362ec2fa7209d34c4e204fb174da35771a7d091cd08906ff3c016ae7e714f0191b00fce1214ea2107c34935e7ae3a0f00c42c3e88673ce595009a2e3f5d43e42447ad7052d519f398133311d2e3bb8bc3079b8d03ff0105e013e4dbc4a6f67f65bdaa9a923fb59233420ad1cdf613a0e897309a6341497042ca78219df9e3f7f19b7a997149cb74f618fbfc5d1138e260730cccfe491a2e292344184a496ce3d4d3f208dde2d1d4aca07793fb8a2d227c27c5d2fb76041c038e2a37e981cc5676e511792f19f4e9c41e431ffb858de48589a201ce3d13e53879a48ecccfaba303aef57c578e23c5ed0767fb3ce65cd508bf2912462304572b0a29c7a70c794762f81034aaac79ffca9d85f7aa9db0faaf8c068f9183564afe8e8d87b6e0012b90efc641e1552b78788a2fb8018beee4a8a83e9c282e786504359e04a152792d5241fc2e17ecea3494edf43fe34c02dabcab1cb158b55304d629a5fec101d57ae532493fd088d49208656738fdcae41f32d5a66dfd6b