securedns2.planmygift.org
Issued by R3
About this certificate
This digital certificate with serial number 03:14:f8:90:4b:ed:80:58:ce:6c:1f:cc:29:dc:bf:aa:d6:62 was issued on by Let's Encrypt.
With 88 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=securedns2.planmygift.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:14:f8:90:4b:ed:80:58:ce:6c:1f:cc:29:dc:bf:aa:d6:62Serial Number (int): 268472902907399313592085066343978248099426
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 03:57:cd:04:7d:63:e4:7f:db:8b:03:5c:a9:d7:b1:12:9c:43:76:b2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 36:03:a6:21:38:ac:e5:d8:bb:87:0b:84:cc:b8:ce:03:f1:ea:33:a8
Fingerprint (sha256): 42:93:70:4d:08:48:6f:7c:46:a8:a6:04:1e:ec:0c:cf:73:b1:de:e5:d6:0f:80:12:54:bc:fd:f7:34:e8:0a:ec
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate securedns2.planmygift.org
88
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for securedns2.planmygift.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
1899legacy.appstate.edu
cincinnatizoo.myestategift.org
endowmentfund.klrn.org
forever.gonzaga.org
getincomeforlife.org
giftplanning.chq.org
giftplanning.f4mmc.org
giftplanning.hw.com
giftplanning.lpfch.org
giftplanning.miamioh.edu
giftplanning.nufoundation.org
giftplanning.quincy.edu
giftplanning.temple.edu
giftplanning.usfca.edu
indianyouthcirclesociety.org
k-statelegacy.org
khpfoundation.championscirclesociety.org
legacy.lmu.edu
legacy.savingplaces.org
legacy.wallawalla.edu
legacygiving.easterseals.com
legacyofpeace.afsc.org
legacyplanning.acs.org
marybirdfoundation.org
multicarelegacy.org
mylegacy.monmouth.edu
myplannedgift.cgu.edu
myredwoodslegacy.org
ncgpc.org
oaktrustlegacy.pikes.org
ouramericanlegacy.org
plan.stmarytx.edu
planmygift.kvc.org
planmylegacy.pnwu.edu
planned-giving.awr.org
plannedgifts.providence.org
plannedgiving.adelphi.edu
plannedgiving.advance.einstein.edu
plannedgiving.aesnet.org
plannedgiving.alma.edu
plannedgiving.arthritis.org
plannedgiving.atlanticare.org
plannedgiving.aurora.edu
plannedgiving.balletaz.org
plannedgiving.biglife.org
plannedgiving.bravovail.org
plannedgiving.brunswickschool.org
plannedgiving.butler.org
plannedgiving.capitalhealth.org
plannedgiving.cfswia.org
plannedgiving.childrenswi.org
plannedgiving.chw.org
plannedgiving.dickinson.edu
plannedgiving.dioceseofprovidence.org
plannedgiving.dunnschool.org
plannedgiving.franciscan.edu
plannedgiving.lafoodbank.org
plannedgiving.landconserve.org
plannedgiving.mercyone.org
plannedgiving.mpnresearchfoundation.org
plannedgiving.northeastern.edu
plannedgiving.ohsufoundation.org
plannedgiving.okeeffemuseum.org
plannedgiving.rmhcbayarea.org
plannedgiving.scottishriteforchildren.org
plannedgiving.slpl.org
plannedgiving.sluh.org
plannedgiving.stepupforstudents.org
plannedgiving.vcs.net
plannedgiving.wamu.org
plannedgiving.wbu.edu
plannedgiving.womenandinfants.org
plannedgiving.yctorah.org
secctrust.org
securedns2.planmygift.org
thekingsfoundation.com
uoflplannedgifts.org
www.getincomeforlife.org
www.indianyouthcirclesociety.org
www.k-statelegacy.org
www.marybirdfoundation.org
www.multicarelegacy.org
www.myredwoodslegacy.org
www.ncgpc.org
www.ouramericanlegacy.org
www.secctrust.org
www.thekingsfoundation.com
www.uoflplannedgifts.org
cincinnatizoo.myestategift.org
endowmentfund.klrn.org
forever.gonzaga.org
getincomeforlife.org
giftplanning.chq.org
giftplanning.f4mmc.org
giftplanning.hw.com
giftplanning.lpfch.org
giftplanning.miamioh.edu
giftplanning.nufoundation.org
giftplanning.quincy.edu
giftplanning.temple.edu
giftplanning.usfca.edu
indianyouthcirclesociety.org
k-statelegacy.org
khpfoundation.championscirclesociety.org
legacy.lmu.edu
legacy.savingplaces.org
legacy.wallawalla.edu
legacygiving.easterseals.com
legacyofpeace.afsc.org
legacyplanning.acs.org
marybirdfoundation.org
multicarelegacy.org
mylegacy.monmouth.edu
myplannedgift.cgu.edu
myredwoodslegacy.org
ncgpc.org
oaktrustlegacy.pikes.org
ouramericanlegacy.org
plan.stmarytx.edu
planmygift.kvc.org
planmylegacy.pnwu.edu
planned-giving.awr.org
plannedgifts.providence.org
plannedgiving.adelphi.edu
plannedgiving.advance.einstein.edu
plannedgiving.aesnet.org
plannedgiving.alma.edu
plannedgiving.arthritis.org
plannedgiving.atlanticare.org
plannedgiving.aurora.edu
plannedgiving.balletaz.org
plannedgiving.biglife.org
plannedgiving.bravovail.org
plannedgiving.brunswickschool.org
plannedgiving.butler.org
plannedgiving.capitalhealth.org
plannedgiving.cfswia.org
plannedgiving.childrenswi.org
plannedgiving.chw.org
plannedgiving.dickinson.edu
plannedgiving.dioceseofprovidence.org
plannedgiving.dunnschool.org
plannedgiving.franciscan.edu
plannedgiving.lafoodbank.org
plannedgiving.landconserve.org
plannedgiving.mercyone.org
plannedgiving.mpnresearchfoundation.org
plannedgiving.northeastern.edu
plannedgiving.ohsufoundation.org
plannedgiving.okeeffemuseum.org
plannedgiving.rmhcbayarea.org
plannedgiving.scottishriteforchildren.org
plannedgiving.slpl.org
plannedgiving.sluh.org
plannedgiving.stepupforstudents.org
plannedgiving.vcs.net
plannedgiving.wamu.org
plannedgiving.wbu.edu
plannedgiving.womenandinfants.org
plannedgiving.yctorah.org
secctrust.org
securedns2.planmygift.org
thekingsfoundation.com
uoflplannedgifts.org
www.getincomeforlife.org
www.indianyouthcirclesociety.org
www.k-statelegacy.org
www.marybirdfoundation.org
www.multicarelegacy.org
www.myredwoodslegacy.org
www.ncgpc.org
www.ouramericanlegacy.org
www.secctrust.org
www.thekingsfoundation.com
www.uoflplannedgifts.org
Other certificates including the domain name planmygift.org
(limited to 100 certificates)
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
*.planmylegacy.org
planmygift.org
securedns2.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns3.planmygift.org
*.planmylegacy.org
securedns2.planmygift.org
securedns1.planmygift.org
securedns3.planmygift.org
securedns3.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns3.planmygift.org
securedns1.planmygift.org
planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
planmygift.org
planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns2.planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
planmygift.org
securedns3.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
planmygift.org
*.planmylegacy.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns3.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns3.planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns4.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
*.planmylegacy.org
planmygift.org
securedns2.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns3.planmygift.org
*.planmylegacy.org
securedns2.planmygift.org
securedns1.planmygift.org
securedns3.planmygift.org
securedns3.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns3.planmygift.org
securedns1.planmygift.org
planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
planmygift.org
planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns4.planmygift.org
securedns2.planmygift.org
securedns4.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
planmygift.org
securedns3.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
planmygift.org
*.planmylegacy.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns1.planmygift.org
securedns1.planmygift.org
securedns3.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns.planmygift.org
securedns3.planmygift.org
securedns2.planmygift.org
securedns2.planmygift.org
securedns4.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
securedns2.planmygift.org
securedns.planmygift.org
Certificate
The complete raw certificate details for securedns2.planmygift.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIODDCCDPSgAwIBAgISAxT4kEvtgFjObB/MKdy/qtZiMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MTYyMDA3MThaFw0yNDA4MTQyMDA3MTdaMCQxIjAgBgNVBAMT GXNlY3VyZWRuczIucGxhbm15Z2lmdC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCLp3aPFosvdvAbHmI16E5rMMzXy7aaqleYklgFxomlmI0zCkbx r+wODDx9cbWrRHE528sWMymiZMRkcJaMhGEdJDRDlOfmFDjewRlqwYCk9gNEExFL L64ofd/kCQPJq6y5D1S6C/DulIBqdLfQNquUo0/IxSzi41lpdR+a5TFVzuk1IVSF n92FYKdHcp3FB327ocfDDzO1VS1ZtcLsTs7xW+jWcZuzcIzVqxW7544z4cxjOFL0 /Z8A81TBhi4QPBAeZDlRlUYmBBbuh03D+IWL1QxCfeQPgyWTGXNErbxf7J5o9q2w zp/CvOrMo1hhM9ZKMDEvX6U2gnhqfN/i/vTZAgMBAAGjggsoMIILJDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFANXzQR9Y+R/24sDXKnXsRKcQ3ayMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMIIJLwYDVR0RBIIJJjCCCSKCFzE4OTlsZWdhY3kuYXBwc3Rh dGUuZWR1gh5jaW5jaW5uYXRpem9vLm15ZXN0YXRlZ2lmdC5vcmeCFmVuZG93bWVu dGZ1bmQua2xybi5vcmeCE2ZvcmV2ZXIuZ29uemFnYS5vcmeCFGdldGluY29tZWZv cmxpZmUub3JnghRnaWZ0cGxhbm5pbmcuY2hxLm9yZ4IWZ2lmdHBsYW5uaW5nLmY0 bW1jLm9yZ4ITZ2lmdHBsYW5uaW5nLmh3LmNvbYIWZ2lmdHBsYW5uaW5nLmxwZmNo Lm9yZ4IYZ2lmdHBsYW5uaW5nLm1pYW1pb2guZWR1gh1naWZ0cGxhbm5pbmcubnVm b3VuZGF0aW9uLm9yZ4IXZ2lmdHBsYW5uaW5nLnF1aW5jeS5lZHWCF2dpZnRwbGFu bmluZy50ZW1wbGUuZWR1ghZnaWZ0cGxhbm5pbmcudXNmY2EuZWR1ghxpbmRpYW55 b3V0aGNpcmNsZXNvY2lldHkub3JnghFrLXN0YXRlbGVnYWN5Lm9yZ4Ioa2hwZm91 bmRhdGlvbi5jaGFtcGlvbnNjaXJjbGVzb2NpZXR5Lm9yZ4IObGVnYWN5LmxtdS5l ZHWCF2xlZ2FjeS5zYXZpbmdwbGFjZXMub3JnghVsZWdhY3kud2FsbGF3YWxsYS5l ZHWCHGxlZ2FjeWdpdmluZy5lYXN0ZXJzZWFscy5jb22CFmxlZ2FjeW9mcGVhY2Uu YWZzYy5vcmeCFmxlZ2FjeXBsYW5uaW5nLmFjcy5vcmeCFm1hcnliaXJkZm91bmRh dGlvbi5vcmeCE211bHRpY2FyZWxlZ2FjeS5vcmeCFW15bGVnYWN5Lm1vbm1vdXRo LmVkdYIVbXlwbGFubmVkZ2lmdC5jZ3UuZWR1ghRteXJlZHdvb2RzbGVnYWN5Lm9y Z4IJbmNncGMub3JnghhvYWt0cnVzdGxlZ2FjeS5waWtlcy5vcmeCFW91cmFtZXJp Y2FubGVnYWN5Lm9yZ4IRcGxhbi5zdG1hcnl0eC5lZHWCEnBsYW5teWdpZnQua3Zj Lm9yZ4IVcGxhbm15bGVnYWN5LnBud3UuZWR1ghZwbGFubmVkLWdpdmluZy5hd3Iu b3JnghtwbGFubmVkZ2lmdHMucHJvdmlkZW5jZS5vcmeCGXBsYW5uZWRnaXZpbmcu YWRlbHBoaS5lZHWCInBsYW5uZWRnaXZpbmcuYWR2YW5jZS5laW5zdGVpbi5lZHWC GHBsYW5uZWRnaXZpbmcuYWVzbmV0Lm9yZ4IWcGxhbm5lZGdpdmluZy5hbG1hLmVk dYIbcGxhbm5lZGdpdmluZy5hcnRocml0aXMub3Jngh1wbGFubmVkZ2l2aW5nLmF0 bGFudGljYXJlLm9yZ4IYcGxhbm5lZGdpdmluZy5hdXJvcmEuZWR1ghpwbGFubmVk Z2l2aW5nLmJhbGxldGF6Lm9yZ4IZcGxhbm5lZGdpdmluZy5iaWdsaWZlLm9yZ4Ib cGxhbm5lZGdpdmluZy5icmF2b3ZhaWwub3JngiFwbGFubmVkZ2l2aW5nLmJydW5z d2lja3NjaG9vbC5vcmeCGHBsYW5uZWRnaXZpbmcuYnV0bGVyLm9yZ4IfcGxhbm5l ZGdpdmluZy5jYXBpdGFsaGVhbHRoLm9yZ4IYcGxhbm5lZGdpdmluZy5jZnN3aWEu b3Jngh1wbGFubmVkZ2l2aW5nLmNoaWxkcmVuc3dpLm9yZ4IVcGxhbm5lZGdpdmlu Zy5jaHcub3JnghtwbGFubmVkZ2l2aW5nLmRpY2tpbnNvbi5lZHWCJXBsYW5uZWRn aXZpbmcuZGlvY2VzZW9mcHJvdmlkZW5jZS5vcmeCHHBsYW5uZWRnaXZpbmcuZHVu bnNjaG9vbC5vcmeCHHBsYW5uZWRnaXZpbmcuZnJhbmNpc2Nhbi5lZHWCHHBsYW5u ZWRnaXZpbmcubGFmb29kYmFuay5vcmeCHnBsYW5uZWRnaXZpbmcubGFuZGNvbnNl cnZlLm9yZ4IacGxhbm5lZGdpdmluZy5tZXJjeW9uZS5vcmeCJ3BsYW5uZWRnaXZp bmcubXBucmVzZWFyY2hmb3VuZGF0aW9uLm9yZ4IecGxhbm5lZGdpdmluZy5ub3J0 aGVhc3Rlcm4uZWR1giBwbGFubmVkZ2l2aW5nLm9oc3Vmb3VuZGF0aW9uLm9yZ4If cGxhbm5lZGdpdmluZy5va2VlZmZlbXVzZXVtLm9yZ4IdcGxhbm5lZGdpdmluZy5y bWhjYmF5YXJlYS5vcmeCKXBsYW5uZWRnaXZpbmcuc2NvdHRpc2hyaXRlZm9yY2hp bGRyZW4ub3JnghZwbGFubmVkZ2l2aW5nLnNscGwub3JnghZwbGFubmVkZ2l2aW5n LnNsdWgub3JngiNwbGFubmVkZ2l2aW5nLnN0ZXB1cGZvcnN0dWRlbnRzLm9yZ4IV cGxhbm5lZGdpdmluZy52Y3MubmV0ghZwbGFubmVkZ2l2aW5nLndhbXUub3JnghVw bGFubmVkZ2l2aW5nLndidS5lZHWCIXBsYW5uZWRnaXZpbmcud29tZW5hbmRpbmZh bnRzLm9yZ4IZcGxhbm5lZGdpdmluZy55Y3RvcmFoLm9yZ4INc2VjY3RydXN0Lm9y Z4IZc2VjdXJlZG5zMi5wbGFubXlnaWZ0Lm9yZ4IWdGhla2luZ3Nmb3VuZGF0aW9u LmNvbYIUdW9mbHBsYW5uZWRnaWZ0cy5vcmeCGHd3dy5nZXRpbmNvbWVmb3JsaWZl Lm9yZ4Igd3d3LmluZGlhbnlvdXRoY2lyY2xlc29jaWV0eS5vcmeCFXd3dy5rLXN0 YXRlbGVnYWN5Lm9yZ4Iad3d3Lm1hcnliaXJkZm91bmRhdGlvbi5vcmeCF3d3dy5t dWx0aWNhcmVsZWdhY3kub3Jnghh3d3cubXlyZWR3b29kc2xlZ2FjeS5vcmeCDXd3 dy5uY2dwYy5vcmeCGXd3dy5vdXJhbWVyaWNhbmxlZ2FjeS5vcmeCEXd3dy5zZWNj dHJ1c3Qub3Jnghp3d3cudGhla2luZ3Nmb3VuZGF0aW9uLmNvbYIYd3d3LnVvZmxw bGFubmVkZ2lmdHMub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHUAGZgQcQnw1lIuMIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoA AAGPgzsW/AAABAMARjBEAiA/K+K8zvc6UktUwN9Qam4PvFUVi1tFEIFxgPUvtv09 oAIgHQu59Z6TV8LdZ2HeThT4dYVbUlPjzG498PdpMGtJsyUAdwDuzdBk1dsazsVc t520zROiModGfLzs3sNRSFlGcR+1mwAAAY+DOxbwAAAEAwBIMEYCIQDWWT27eu6B wHPaKe7pq0843xnE4IEtc1EeUtMQed62vwIhAPVoRTgApL/uV1UzfCApjAfiUnb0 rnYpvjwJtMd5bAxfMA0GCSqGSIb3DQEBCwUAA4IBAQCf3EPJUMWSRlDxT+dIlsWf wSXP7TiMJA5tcJRccqfkgwziKFP4ePCo3+0tI+EpycdAyVajGnNzrFhdiXblK7x7 l0cCLNZtwhGVumRI/qpX5tJ+D3bjqOUSNCLFDeTEmpunUhfPGZILYKWq9tObSFp2 ofwP/TBBEXYve7Im6ypmnsZNRET2VWW8v89ga8jwnlyS59KNk/E9DKxAzungbB7i 7XJeLYNTX1Xivvk2bHOLB3HnyaQ50Ga5f++aEQgvjT0QR9WbJ8qRmxFo9kipyUaG ErpzEqjx+wOFeBLzsyqV9RaT9QdDtJqfP91GKoCPGBwMSYngsa3yCU0lnFrUzuiH -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6d2jxaLL3bwGx5iNehO azDM18u2mqpXmJJYBcaJpZiNMwpG8a/sDgw8fXG1q0RxOdvLFjMpomTEZHCWjIRh HSQ0Q5Tn5hQ43sEZasGApPYDRBMRSy+uKH3f5AkDyausuQ9Uugvw7pSAanS30Dar lKNPyMUs4uNZaXUfmuUxVc7pNSFUhZ/dhWCnR3KdxQd9u6HHww8ztVUtWbXC7E7O 8Vvo1nGbs3CM1asVu+eOM+HMYzhS9P2fAPNUwYYuEDwQHmQ5UZVGJgQW7odNw/iF i9UMQn3kD4MlkxlzRK28X+yeaPatsM6fwrzqzKNYYTPWSjAxL1+lNoJ4anzf4v70 2QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 268472902907399313592085066343978248099426 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-16 20:07:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-14 20:07:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'securedns2.planmygift.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17629703532940347708710443228078651619176971463970195907869006322261239561510665782194768946371444321108050410187773989647824109844542792166676597527489610728303437133313408475165133728270564448579137669460460362289990036633646853110048593520262117742678580015123351323645409215890547833346924812092120851539964086330835270521186448217049554889893586948800639080799618241437867692301478501026695066188501041156906439813731745724317663451131754875830227215934437838913033214026521312426385521635889128920896026585117693772931927146400101760978488657880378649906337259693422468826898119591135762834459329886629029410009 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0357cd047d63e47fdb8b035ca9d7b1129c4376b2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2342 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1899legacy.appstate.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cincinnatizoo.myestategift.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'endowmentfund.klrn.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'forever.gonzaga.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'getincomeforlife.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.chq.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.f4mmc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.hw.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.lpfch.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.miamioh.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.nufoundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.quincy.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.temple.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftplanning.usfca.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'indianyouthcirclesociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k-statelegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khpfoundation.championscirclesociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy.lmu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy.savingplaces.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy.wallawalla.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacygiving.easterseals.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacyofpeace.afsc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacyplanning.acs.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marybirdfoundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'multicarelegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mylegacy.monmouth.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myplannedgift.cgu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myredwoodslegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ncgpc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oaktrustlegacy.pikes.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ouramericanlegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plan.stmarytx.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'planmygift.kvc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'planmylegacy.pnwu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'planned-giving.awr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgifts.providence.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.adelphi.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.advance.einstein.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.aesnet.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.alma.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.arthritis.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.atlanticare.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.aurora.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.balletaz.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.biglife.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.bravovail.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.brunswickschool.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.butler.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.capitalhealth.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.cfswia.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.childrenswi.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.chw.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.dickinson.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.dioceseofprovidence.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.dunnschool.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.franciscan.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.lafoodbank.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.landconserve.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.mercyone.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.mpnresearchfoundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.northeastern.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.ohsufoundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.okeeffemuseum.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.rmhcbayarea.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.scottishriteforchildren.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.slpl.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.sluh.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.stepupforstudents.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.vcs.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.wamu.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.wbu.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.womenandinfants.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plannedgiving.yctorah.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secctrust.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securedns2.planmygift.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thekingsfoundation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uoflplannedgifts.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.getincomeforlife.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.indianyouthcirclesociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.k-statelegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.marybirdfoundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.multicarelegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.myredwoodslegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ncgpc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ouramericanlegacy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.secctrust.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thekingsfoundation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uoflplannedgifts.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f833b16fc000004030046304402203f2be2bccef73a524b54c0df506a6e0fbc55158b5b4510817180f52fb6fd3da002201d0bb9f59e9357c2dd6761de4e14f875855b5253e3cc6e3df0f769306b49b325007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f833b16f00000040300483046022100d6593dbb7aee81c073da29eee9ab4f38df19c4e0812d73511e52d31079deb6bf022100f568453800a4bfee5755337c20298c07e25276f4ae7629be3c09b4c7796c0c5f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009fdc43c950c5924650f14fe74896c59fc125cfed388c240e6d70945c72a7e4830ce22853f878f0a8dfed2d23e129c9c740c956a31a7373ac585d8976e52bbc7b9747022cd66dc21195ba6448feaa57e6d27e0f76e3a8e5123422c50de4c49a9ba75217cf19920b60a5aaf6d39b485a76a1fc0ffd304111762f7bb226eb2a669ec64d4444f65565bcbfcf606bc8f09e5c92e7d28d93f13d0cac40cee9e06c1ee2ed725e2d83535f55e2bef9366c738b0771e7c9a439d066b97fef9a11082f8d3d1047d59b27ca919b1168f648a9c9468612ba7312a8f1fb03857812f3b32a95f51693f50743b49a9f3fdd462a808f181c0c4989e0b1adf2094d259c5ad4cee887