one.neuf.no
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:af:1b:2e:36:24:d1:ed:ac:6a:41:b1:04:2d:e1:f8:09:50 was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=one.neuf.no
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:af:1b:2e:36:24:d1:ed:ac:6a:41:b1:04:2d:e1:f8:09:50Serial Number (int): 320922401106153958520984322329283816589648
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 33:67:f9:09:6c:f0:71:c0:e7:3f:fc:31:83:60:d0:67:dc:a0:07:0f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 44:0f:2f:3d:9c:40:c2:b3:fd:72:cf:ca:06:31:09:5c:6c:c2:e9:89
Fingerprint (sha256): 42:67:11:a6:8a:d4:d5:ca:81:4c:d4:b6:74:7a:61:e5:8f:f5:46:03:2a:a5:0e:71:89:06:53:48:d3:15:63:a6
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate one.neuf.no
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for one.neuf.no
Public Key Algorithm
ECDSA
Key Size
384
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
observium.neuf.no
one.neuf.no
puppetboard.neuf.no
sensu.neuf.no
sentry.neuf.no
one.neuf.no
puppetboard.neuf.no
sensu.neuf.no
sentry.neuf.no
Other certificates including the domain name neuf.no
(limited to 100 certificates)
tls-everywhere-1.studentersamfundet.no
edb.technology
mirror.neuf.no
mirror.neuf.no
mdb.neuf.no
mirror.neuf.no
studentersamfundet.no
studentersamfundet.no
tls-everywhere-2.studentersamfundet.no
edb.technology
studentersamfundet.no
sha256.neuf.no
one.neuf.no
booking.studentersamfundet.no
misc-domains.neuf.no
viteboka.studentersamfundet.no
mirror.neuf.no
tls-everywhere.studentersamfundet.no
edb.technology
medlem.neuf.no
viteboka.studentersamfundet.no
medlem.neuf.no
one.neuf.no
booking.studentersamfundet.no
viteboka.studentersamfundet.no
pico.neuf.no
ulydig.neuf.no
git.neuf.no
kak.neuf.no
ulydig.neuf.no
edb.technology
ulydig.neuf.no
one.neuf.no
git.neuf.no
at.neuf.no
git.neuf.no
blekka.neuf.no
drift.neuf.no
lynx.neuf.no
lynx.neuf.no
booking.studentersamfundet.no
lynx.neuf.no
pico.neuf.no
tls-everywhere-3.studentersamfundet.no
medlem.neuf.no
git.neuf.no
at.neuf.no
misc-domains.neuf.no
kassa.neuf.no
mdb.neuf.no
tls-everywhere.studentersamfundet.no
booking.studentersamfundet.no
ulydig.neuf.no
one.neuf.no
medlem.neuf.no
pico.neuf.no
studentersamfundet.no
kak.neuf.no
edb.technology
kak.neuf.no
viteboka.studentersamfundet.no
booking.studentersamfundet.no
misc-domains.neuf.no
lynx.neuf.no
medlem.neuf.no
viteboka.studentersamfundet.no
medlem.neuf.no
mirror.neuf.no
edb.technology
edb.technology
edb.technology
git.neuf.no
studentersamfundet.no
one.neuf.no
*.neuf.no
studentersamfundet.no
kak.neuf.no
one.neuf.no
kak.neuf.no
tls-everywhere-2.studentersamfundet.no
mirror.neuf.no
lynx.neuf.no
kak.neuf.no
booking.studentersamfundet.no
app.neuf.no
studentersamfundet.no
studentersamfundet.no
tls-everywhere.studentersamfundet.no
lynx.neuf.no
dusken.neuf.no
mdb.neuf.no
observium.neuf.no
booking.studentersamfundet.no
mirror.neuf.no
edb.technology
viteboka.studentersamfundet.no
tls-everywhere-1.studentersamfundet.no
kak.neuf.no
one.neuf.no
medlem.neuf.no
edb.technology
mirror.neuf.no
mirror.neuf.no
mdb.neuf.no
mirror.neuf.no
studentersamfundet.no
studentersamfundet.no
tls-everywhere-2.studentersamfundet.no
edb.technology
studentersamfundet.no
sha256.neuf.no
one.neuf.no
booking.studentersamfundet.no
misc-domains.neuf.no
viteboka.studentersamfundet.no
mirror.neuf.no
tls-everywhere.studentersamfundet.no
edb.technology
medlem.neuf.no
viteboka.studentersamfundet.no
medlem.neuf.no
one.neuf.no
booking.studentersamfundet.no
viteboka.studentersamfundet.no
pico.neuf.no
ulydig.neuf.no
git.neuf.no
kak.neuf.no
ulydig.neuf.no
edb.technology
ulydig.neuf.no
one.neuf.no
git.neuf.no
at.neuf.no
git.neuf.no
blekka.neuf.no
drift.neuf.no
lynx.neuf.no
lynx.neuf.no
booking.studentersamfundet.no
lynx.neuf.no
pico.neuf.no
tls-everywhere-3.studentersamfundet.no
medlem.neuf.no
git.neuf.no
at.neuf.no
misc-domains.neuf.no
kassa.neuf.no
mdb.neuf.no
tls-everywhere.studentersamfundet.no
booking.studentersamfundet.no
ulydig.neuf.no
one.neuf.no
medlem.neuf.no
pico.neuf.no
studentersamfundet.no
kak.neuf.no
edb.technology
kak.neuf.no
viteboka.studentersamfundet.no
booking.studentersamfundet.no
misc-domains.neuf.no
lynx.neuf.no
medlem.neuf.no
viteboka.studentersamfundet.no
medlem.neuf.no
mirror.neuf.no
edb.technology
edb.technology
edb.technology
git.neuf.no
studentersamfundet.no
one.neuf.no
*.neuf.no
studentersamfundet.no
kak.neuf.no
one.neuf.no
kak.neuf.no
tls-everywhere-2.studentersamfundet.no
mirror.neuf.no
lynx.neuf.no
kak.neuf.no
booking.studentersamfundet.no
app.neuf.no
studentersamfundet.no
studentersamfundet.no
tls-everywhere.studentersamfundet.no
lynx.neuf.no
dusken.neuf.no
mdb.neuf.no
observium.neuf.no
booking.studentersamfundet.no
mirror.neuf.no
edb.technology
viteboka.studentersamfundet.no
tls-everywhere-1.studentersamfundet.no
kak.neuf.no
one.neuf.no
medlem.neuf.no
Certificate
The complete raw certificate details for one.neuf.no in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE5zCCA8+gAwIBAgISA68bLjYk0e2sakGxBC3h+AlQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTgxNTAzMTJaFw0y MDAzMTcxNTAzMTJaMBYxFDASBgNVBAMTC29uZS5uZXVmLm5vMHYwEAYHKoZIzj0C AQYFK4EEACIDYgAE3luCs2eD2+ZlWpNHthCpvm+Hae2DmktZfqjvRCt8/uK6MPx+ B6P+vLD7p6EOdMdypkmCGGQKeAlevS7JIh+yFPUO7vs7iKOT3K/He5F8yOSLy70K 9M+vgUWNbRmfqKpDo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQzZ/kJ bPBxwOc//DGDYNBn3KAHDzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMF0GA1UdEQRWMFSCEW9ic2Vydml1bS5uZXVmLm5v ggtvbmUubmV1Zi5ub4ITcHVwcGV0Ym9hcmQubmV1Zi5ub4INc2Vuc3UubmV1Zi5u b4IOc2VudHJ5Lm5ldWYubm8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC 3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcw ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6 cOeySVMt74uQXgAAAW8Zv7ngAAAEAwBIMEYCIQDomCi1oztNdpn785JgZi9DvVhZ DPpkPZsxVZPVNmdamwIhAOVFpr+qg+QK1lsm9qaXAFExZpi+9T7RVF5pOJy/vgJ3 AHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFvGb+67AAABAMA RjBEAiB+m+Gf6uZvBCotrrD+I2yqqCTLzPrvHwzNvxcMBnm81wIgbhNcgW6pvpZK vMeKdO5XuiTSVBzZvxy/A5a1LROfH7UwDQYJKoZIhvcNAQELBQADggEBABv7uhhF TkbC+6E2VWOkc+9BRLiDB83BPFtaRt+7Bcnz6pZEHPm3iekMmAUTGUS1MRPQ7VFl VaDNwC9V9Ds2Qq9rs/7uHhQj14r44RkhiPbuYtSIFSH1SCgeMxjn1DE4eBKfXXnu p7uZ2cBzbFD+QKYE4d+4lUPAmhEPfomwyt65AXsk0nVMxViAetTKou1vLSUVD1lc 8egNsfgOmbn06lZKeLQ+6lzUqquUhvE/AQYc4q9in3wUQhdKBqXjIrzdqoRo9Z7A RM7PiFleNCh/GHtaBZR/kE9kjA6Iy2TbwG6GVE3B/w9Cd6Tfrj6tn9LMfRBymkQT lkRGj0qj5zdlvfg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE3luCs2eD2+ZlWpNHthCpvm+Hae2DmktZ fqjvRCt8/uK6MPx+B6P+vLD7p6EOdMdypkmCGGQKeAlevS7JIh+yFPUO7vs7iKOT 3K/He5F8yOSLy70K9M+vgUWNbRmfqKpD -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 320922401106153958520984322329283816589648 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-18 15:03:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-17 15:03:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'one.neuf.no' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.132.0.34 (secp384r1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (776 bits) 0004de5b82b36783dbe6655a9347b610a9be6f8769ed839a4b597ea8ef442b7cfee2ba30fc7e07a3febcb0fba7a10e74c772a6498218640a78095ebd2ec9221fb214f50eeefb3b88a393dcafc77b917cc8e48bcbbd0af4cfaf81458d6d199fa8aa43 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3367f9096cf071c0e73ffc318360d067dca0070f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'observium.neuf.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'one.neuf.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'puppetboard.neuf.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sensu.neuf.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sentry.neuf.no' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f19bfb9e00000040300483046022100e89828b5a33b4d7699fbf39260662f43bd58590cfa643d9b315593d536675a9b022100e545a6bfaa83e40ad65b26f6a6970051316698bef53ed1545e69389cbfbe02770075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f19bfbaec000004030046304402207e9be19feae66f042a2daeb0fe236caaa824cbccfaef1f0ccdbf170c0679bcd702206e135c816ea9be964abcc78a74ee57ba24d2541cd9bf1cbf0396b52d139f1fb5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001bfbba18454e46c2fba1365563a473ef4144b88307cdc13c5b5a46dfbb05c9f3ea96441cf9b789e90c9805131944b53113d0ed516555a0cdc02f55f43b3642af6bb3feee1e1423d78af8e1192188f6ee62d4881521f548281e3318e7d4313878129f5d79eea7bb99d9c0736c50fe40a604e1dfb89543c09a110f7e89b0cadeb9017b24d2754cc558807ad4caa2ed6f2d25150f595cf1e80db1f80e99b9f4ea564a78b43eea5cd4aaab9486f13f01061ce2af629f7c1442174a06a5e322bcddaa8468f59ec044cecf88595e34287f187b5a05947f904f648c0e88cb64dbc06e86544dc1ff0f4277a4dfae3ead9fd2cc7d10729a44139644468f4aa3e73765bdf8