*.ems-schiers.ch

Issued by SwissSign RSA TLS DV ICA 2022 - 1

About this certificate

This digital certificate with serial number 31:c5:47:25:e1:78:46:e0:be:a7:e5:1f:2c:c7:7b:fc:78:6f:d5:bf was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.ems-schiers.ch

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 31:c5:47:25:e1:78:46:e0:be:a7:e5:1f:2c:c7:7b:fc:78:6f:d5:bf
Serial Number (int): 284139992436928212747957678959391007672101754303
Serial Number lenght: 158 bits, 20 octets

SubjectKeyId: 17:f6:8f:b3:f2:4a:d2:f5:2b:14:85:05:1e:fa:d4:1e:7d:a8:55:ad
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de

Fingerprint (sha1): 7d:a2:86:bb:3d:28:e1:e0:2d:69:bd:c4:b9:e0:d1:d8:b1:fd:f6:ab
Fingerprint (sha256): 3e:e1:88:8a:93:85:5d:74:74:d1:fa:00:1f:34:25:7a:c6:34:30:24:ad:86:02:74:d2:0a:83:30:df:6c:da:5c

Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba

Check the revocation status for certificate *.ems-schiers.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.ems-schiers.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.ems-schiers.ch
ems-schiers.ch

Other certificates including the domain name ems-schiers.ch

(limited to 100 certificates)

Certificate

The complete raw certificate details for *.ems-schiers.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIhzCCBm+gAwIBAgIUMcVHJeF4RuC+p+UfLMd7/Hhv1b8wDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDUxNDE0
NDUxOFoXDTI1MDUxNDE0NDUxOFowGzEZMBcGA1UEAwwQKi5lbXMtc2NoaWVycy5j
aDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKKSb/wJc9hH0uUvF4K0
6LpGjfsNfnj50lcZXdrKimXkW9OvPEErTADkpNDbNKblL/YdEzO/9hwZ7Ub223bb
oBrdt/qxp1M3NpznXLW63yc0Fr3BiTXrf8YTp7pgaL2K21gWIY0yVLChN5dh6OJr
/YrQjo/o6gluSia91zvKTsnnxz3yRdJZULlR62QAK8IW5WhNInzD+gV9EH6X3Nqn
GnjFehucX8ZBtOFEfjtj2Gq7VuzQmAOhRLjVrzJx7/0SIdPxtj/mNcgwXCwfIXYa
VdtKU1LvmFX/SVFK6Lc6j8v0N+FVAPFtosLofp6dCKgfdPREFqbl1TLMGoJsOyOn
APcCAwEAAaOCBIwwggSIMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZA
aHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTFiODYzMzg1LWY0YTktNDdmYS04
OGE1LTJhNWFiZmQ0YTE2NzBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3Nz
aWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjcz
ZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECATAIBgYEAI96AQYwUAYIYIV0AVkCAQEw
RDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20v
U3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9j
cmwuc3dpc3NzaWduLmNoL2NkcC02Nzk3MjNiMi04NjQxLTQ2NDItODUwMC1mNmQy
ZmYzN2U2YmEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB
/wQEAwIFoDArBgNVHREEJDAighAqLmVtcy1zY2hpZXJzLmNogg5lbXMtc2NoaWVy
cy5jaDAdBgNVHQ4EFgQUF/aPs/JK0vUrFIUFHvrUHn2oVa0wHwYDVR0jBBgwFoAU
671/SZOMye7sorr3HNJn8IOx6t4wggJvBgorBgEEAdZ5AgQCBIICXwSCAlsCWQB2
ACjigTj9gyFF6anWqnU3bYN3qIUSs8B/ckFIIdy96YxmAAABj3eQpnIAAAQDAEcw
RQIhAKMu8eSPkr4eRnyJfytDfgGA4aU9NvWqLPNQrJNC8YJeAiBPyMuo8iqwGb81
MbY/w6QI71lFbs4MAoBu+6f7OefMyQB3AOCSs/wMHcjnaDYf3mG5lk0KUngZinLW
csSwTaVtb1QEAAABj3eQpDUAAAQDAEgwRgIhAPfMYhWM/rM9qzan8OczeGvYhP0j
4dwLYiBboGJ+pno6AiEAlLKQask/x7fllIUmsC/bqEhxtE16ehD2lwavuU4vSn0A
dwDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY93kKMfAAAEAwBI
MEYCIQCXrT3zI+Aa1tBWU9EySkjMxQd2iwlu9gfQaqESEqMCgwIhAOzfVWSZ5Twq
Rg1DRZYxwD86TJWgLsiOlj2XDZseoSJkAHYAzPsPaoVxCWX+lZtTzumyfCLphVwN
l422qX5UwP5MDbAAAAGPd5CjegAABAMARzBFAiBBqwIrB7eY82okTnHQfLaDqyJY
6YsnGWdWABCstm46HwIhAKVIGmGMN7MzdMGP+ZzPUCb6MXXgFBe3j921eDMUFbO9
AHUATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPd5CjUQAABAMA
RjBEAiAIlGu6rnPecANPIwTOgQzwRPxBazZeCYHyfIlMnhHyCwIgMOSmDY7zgFSI
hAq5Qdz8xwRyzvss0gF6tQK2FdDmRVYwDQYJKoZIhvcNAQELBQADggIBAGfnvtll
NZA412jYYVH1hvjRab9byf9XbrrmIzlTcLF/j7mKg69jU5VHpiIcA4KqF8Au4x75
pWUxyhN+3pQaKUAeJVSFjSMFT/lKIK71kNxWKelGqgr/d2L7lpybg0KdYU3Jzgsh
SGao9Wr5GBvhONmz9GU83IVuKlUdqVVtlq65phu410kEuUYVCQzNHeqRi5Lmrihi
hqMd0Kbn6FlJqkaBN1I4fXbNRYNbQRGMsJ9RzjpEskZEpSPIld++Sfn1fl57JlDQ
x+f63Rl549MmRGem6lNi+aeB/uVsFlXVKEUJGCmE/RiLuUdAcTd9pBvilHguiFEJ
9QpndNa+A4qEbzo1Tjthgnklth91w74i2sYLCe5UW8EV7E3rBMn+eoVCHxGwzhxQ
DQDpqYatt5QU0zGDWVZFbL4l9HIjr2oMm6kqWla+r+sgZJPcLRHggxJsEhfXnTN3
HVIEpZkTffnoBM2rUBUHZLYtpVBUzdYqlNUkS89IP96WJ3q/AVtknoOTZdeXJufs
ETZbd1YCIqkA5y3e3w7V6FgWuxQ2A48JGYu3j3oWx24gOc3tYP/9RfGBewfz7+Yw
/jW5UDC0zddZZCr9jBYf4XPuTkc61EGm7dzRvmYvKdAJfVB9K5L8YJrAQY2UaBCu
Bp95xsrokRUWMAnt3jx52R70wDafi2n5H6s8
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopJv/Alz2EfS5S8XgrTo
ukaN+w1+ePnSVxld2sqKZeRb0688QStMAOSk0Ns0puUv9h0TM7/2HBntRvbbdtug
Gt23+rGnUzc2nOdctbrfJzQWvcGJNet/xhOnumBovYrbWBYhjTJUsKE3l2Ho4mv9
itCOj+jqCW5KJr3XO8pOyefHPfJF0llQuVHrZAArwhblaE0ifMP6BX0Qfpfc2qca
eMV6G5xfxkG04UR+O2PYartW7NCYA6FEuNWvMnHv/RIh0/G2P+Y1yDBcLB8hdhpV
20pTUu+YVf9JUUrotzqPy/Q34VUA8W2iwuh+np0IqB909EQWpuXVMswagmw7I6cA
9wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 284139992436928212747957678959391007672101754303
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 14:45:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-14 14:45:18 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ems-schiers.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20522816397273438110932454629724389593619747649550869819834980527164270354234850592447643105623986833261778196631650862975299526175356404904207399766016029411043419547493622920139495684100147196826573529649958243915895692506001864837007845180897414575142440621152939976528445651534358061372738095144242132328001556808255531290811276337503252709248467585139483428848797806571836425438725103681163147390758338621268089661643699468659846785602078664879187589535077809619001047028361873575472944902322325047806919564858892685801535254126095834903227446245741153693517749824151469566370345589685687424976582000474780532983
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ems-schiers.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ems-schiers.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							17f68fb3f24ad2f52b1485051efad41e7da855ad
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (607 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes)
							025900760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018f7790a6720000040300473045022100a32ef1e48f92be1e467c897f2b437e0180e1a53d36f5aa2cf350ac9342f1825e02204fc8cba8f22ab019bf3531b63fc3a408ef59456ece0c02806efba7fb39e7ccc9007700e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018f7790a4350000040300483046022100f7cc62158cfeb33dab36a7f0e733786bd884fd23e1dc0b62205ba0627ea67a3a02210094b2906ac93fc7b7e5948526b02fdba84871b44d7a7a10f69706afb94e2f4a7d007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f7790a31f000004030048304602210097ad3df323e01ad6d05653d1324a48ccc507768b096ef607d06aa11212a30283022100ecdf556499e53c2a460d43459631c03f3a4c95a02ec88e963d970d9b1ea12264007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f7790a37a0000040300473045022041ab022b07b798f36a244e71d07cb683ab2258e98b271967560010acb66e3a1f022100a5481a618c37b33374c18ff99ccf5026fa3175e01417b78fddb578331415b3bd0075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f7790a3510000040300463044022008946bbaae73de70034f2304ce810cf044fc416b365e0981f27c894c9e11f20b022030e4a60d8ef3805488840ab941dcfcc70472cefb2cd2017ab502b615d0e64556
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0067e7bed965359038d768d86151f586f8d169bf5bc9ff576ebae623395370b17f8fb98a83af63539547a6221c0382aa17c02ee31ef9a56531ca137ede941a29401e2554858d23054ff94a20aef590dc5629e946aa0aff7762fb969c9b83429d614dc9ce0b214866a8f56af9181be138d9b3f4653cdc856e2a551da9556d96aeb9a61bb8d74904b94615090ccd1dea918b92e6ae286286a31dd0a6e7e85949aa46813752387d76cd45835b41118cb09f51ce3a44b24644a523c895dfbe49f9f57e5e7b2650d0c7e7fadd1979e3d3264467a6ea5362f9a781fee56c1655d5284509182984fd188bb9474071377da41be294782e885109f50a6774d6be038a846f3a354e3b61827925b61f75c3be22dac60b09ee545bc115ec4deb04c9fe7a85421f11b0ce1c500d00e9a986adb79414d331835956456cbe25f47223af6a0c9ba92a5a56beafeb206493dc2d11e083126c1217d79d33771d5204a599137df9e804cdab50150764b62da55054cdd62a94d5244bcf483fde96277abf015b649e839365d79726e7ec11365b77560222a900e72ddedf0ed5e85816bb1436038f09198bb78f7a16c76e2039cded60fffd45f1817b07f3efe630fe35b95030b4cdd759642afd8c161fe173ee4e473ad441a6eddcd1be662f29d0097d507d2b92fc609ac0418d946810ae069f79c6cae89115163009edde3c79d91ef4c0369f8b69f91fab3c