hallinta.op-kassa.fi

Issued by Amazon

About this certificate

This digital certificate with serial number 0b:9b:fa:9f:ee:1f:0f:02:d1:d7:9e:57:ba:02:f0:b3 was issued on by Amazon.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=hallinta.op-kassa.fi

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0b:9b:fa:9f:ee:1f:0f:02:d1:d7:9e:57:ba:02:f0:b3
Serial Number (int): 15431397240080705495399408206973431987
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 1c:6e:6b:ff:79:0e:50:9e:d0:87:3e:3c:d2:79:85:c2:f5:25:8b:6f
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 2c:bb:4b:12:11:00:f6:ad:12:ee:4f:dc:77:ca:d8:b3:0c:4b:0d:28
Fingerprint (sha256): 44:0f:65:0e:35:19:2c:df:a8:fe:c8:ac:c4:ae:aa:c8:ff:f1:d3:2c:14:1a:b2:ba:8b:2d:b2:8d:eb:85:cd:d3

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate hallinta.op-kassa.fi

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hallinta.op-kassa.fi

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hallinta.op-kassa.fi
api-nc-hallinta.op-kassa.fi
opkassa-prod-api-cloudfrontbo.opkassa.aws.tuot.op-palvelut.fi

Other certificates including the domain name op-kassa.fi

(limited to 100 certificates)
prod.op-kassa.fi
tuki.op-kassa.fi
tuki.op-kassa.fi
api-nc.op-kassa.fi
www.op-kassa.fi
qa-shopify.op-kassa.fi
mp.op-kassa.fi
rd.op-kassa.fi
op-kassa.fi
tuki.op-kassa.fi
op-kassa.fi
www.op-kassa.fi
qa.op-kassa.fi
rd.op-kassa.fi
www.op-kassa.fi
qa.op-kassa.fi
*.opkassa.aws.kehi.op-palvelut.net
op-kassa.fi
op-kassa.fi
hallinta.op-kassa.fi
op-kassa.fi
qa.op-kassa.fi
tuki.op-kassa.fi
qa-qrpay.op-kassa.fi
qa.op-kassa.fi
prod.op-kassa.fi
qa.op-kassa.fi
*.qav2.op-kassa.fi
status.op-kassa.fi
op-kassa.fi
www.op-kassa.fi
shopify.op-kassa.fi
rd.op-kassa.fi
op-kassa.fi
qa.op-kassa.fi
api.op-kassa.fi
shopify.op-kassa.fi
*.op-kassa.fi
hallinta.op-kassa.fi
www.op-kassa.fi
rd.op-kassa.fi
mpos-qa.op-kassa.fi
rd.op-kassa.fi
qa.op-kassa.fi
opkassa.aws.tuot.op-palvelut.fi
opkassa.aws.tuot.op-palvelut.fi
api.op-kassa.fi
hallinta.op-kassa.fi
qa.op-kassa.fi
op-kassa.fi
shopify.op-kassa.fi
www.op-kassa.fi
qa-qrpay.op-kassa.fi
pivokassa.fi
hallinta.op-kassa.fi
qrpay.op-kassa.fi
www.op-kassa.fi
www.op-kassa.fi
mp.op-kassa.fi
rd.op-kassa.fi
api-nc-hallinta.op-kassa.fi
mpos-qa.op-kassa.fi
www.op-kassa.fi
*.opkassa.aws.kehi.op-palvelut.net
rd.op-kassa.fi
mp.op-kassa.fi
opkassa.aws.tuot.op-palvelut.fi
api-nc-shopify.op-kassa.fi
mp.op-kassa.fi
qa.op-kassa.fi
qa.op-kassa.fi
rd.op-kassa.fi
qa-shopify.op-kassa.fi
mpos-qa.op-kassa.fi
qrpay.op-kassa.fi
qa.op-kassa.fi
api.op-kassa.fi
tuki.op-kassa.fi
www.op-kassa.fi
api.op-kassa.fi
opkassa.aws.tuot.op-palvelut.fi
dev.op-kassa.fi
*.opkassa.aws.kehi.op-palvelut.net
mp.op-kassa.fi
www.op-kassa.fi

Certificate

The complete raw certificate details for hallinta.op-kassa.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIQC5v6n+4fDwLR155XugLwszANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjMwMDAwMDBaFw0yMDA4MjMx
MjAwMDBaMB8xHTAbBgNVBAMTFGhhbGxpbnRhLm9wLWthc3NhLmZpMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEZ0N3Khgo3qJQ7/1XkRRrCQ4+ef41dI
K5NAmSBY8mz+V/suBJbCycNmXWGchljaOaSJobJUB4ZttRKvz4tPvOumVNOGc+OQ
jr7rA5Vs6Rw7wZpGvSB+25gNdhkyMs1H2JGc7JuYjDf5ehGF+D3OgITjWHJHNTpr
+uSMcvXY9CDG6FlzQf2GtF63p2NcO6MgimXPRcMVHRAlMlFE9Av/N+JNwqH3mFRW
Adl199FGZ7EIV2bPa7wI66lXf8J+jsV3Xozx475yBN3kF1XwTpK17qi65L4hluzq
8LNa/HNzr97yJT0sP+SK5ToUHoz9UfNdvXxn3IjRUHkoJ2lIyQn22wIDAQABo4IC
3DCCAtgwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYE
FBxua/95DlCe0Ic+PNJ5hcL1JYtvMHsGA1UdEQR0MHKCFGhhbGxpbnRhLm9wLWth
c3NhLmZpghthcGktbmMtaGFsbGludGEub3Ata2Fzc2EuZmmCPW9wa2Fzc2EtcHJv
ZC1hcGktY2xvdWRmcm9udGJvLm9wa2Fzc2EuYXdzLnR1b3Qub3AtcGFsdmVsdXQu
ZmkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0
LmNvbS9zY2ExYi5jcmwwIAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIB
MHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIu
YW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFt
YXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGF
AAABbBxB4gkAAAQDAEcwRQIgH/gHK1tCFH9Ke+Zox42zVEf7X0pqqhChCejfK7Wh
bQoCIQDgf44kIbPk3ePI3SCSG0f05R60j6Xvz76FzAvZmGGzZAB2AId1v+dZfPiM
Q5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABbBxB4qUAAAQDAEcwRQIgHQcwm0kx
ebqKUeXdOpjLE0tT7GRY4rCZxbX/L1apgoICIQC9xiMwlK7G/MaUboAvPvi+a8tB
HkDpUQi+ejXoTsUXWTANBgkqhkiG9w0BAQsFAAOCAQEAiVEMt+a9aISHKdPFurYL
nBgGB26wS6W1GorCA0tSK6XGZqIOyxno3nb0MvLI45vrHJaaCPcwpVqbUmbkpRmD
j53t/GeOy4gNn2xNAjBslkbEb3l/M1AraJu7I5wGt2j/Y1vdvHX7Sc29NCSxqRFy
9FXJuRIEyfHSnApx9kuiGf0p8f1oyfXtBxHvIfHaJb6m11B38eWWSTPV2u29OAMK
qGSbTKLRSquUEIH9NZR9OuZgEjJFrmtNKjWSD2j9foj4xRWyUyrLCI5DWhabLuLW
FZaNI1zDB5grrZDcF4Rd1a6q9MLgYL23O3lSLCcuMSVBNnJiicMd6sScxAoQXwmI
Aw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEZ0N3Khgo3qJQ7/1XkR
RrCQ4+ef41dIK5NAmSBY8mz+V/suBJbCycNmXWGchljaOaSJobJUB4ZttRKvz4tP
vOumVNOGc+OQjr7rA5Vs6Rw7wZpGvSB+25gNdhkyMs1H2JGc7JuYjDf5ehGF+D3O
gITjWHJHNTpr+uSMcvXY9CDG6FlzQf2GtF63p2NcO6MgimXPRcMVHRAlMlFE9Av/
N+JNwqH3mFRWAdl199FGZ7EIV2bPa7wI66lXf8J+jsV3Xozx475yBN3kF1XwTpK1
7qi65L4hluzq8LNa/HNzr97yJT0sP+SK5ToUHoz9UfNdvXxn3IjRUHkoJ2lIyQn2
2wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15431397240080705495399408206973431987
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-23 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hallinta.op-kassa.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17708104843238406517364810384263932574790892250681674517290431984229845522703618868253105491948099085795902842761030111049012847032557029481696664566555049487130697817095145871707883746454846639012630818377294591338918206386375170283494243943893682665871295728803515789351964693465503118213866423011597088781426062428158686463262553420563509920272488421843934490244882105618785056232077538990037518128617201591185894462230985061373506073254244333558224765399162992134239590226798208885992490562093677736819179753148255277942772579620220965810873958062831162337008412426011280641346343323277992577900196919138954376923
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1c6e6bff790e509ed0873e3cd27985c2f5258b6f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hallinta.op-kassa.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-nc-hallinta.op-kassa.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opkassa-prod-api-cloudfrontbo.opkassa.aws.tuot.op-palvelut.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016c1c41e209000004030047304502201ff8072b5b42147f4a7be668c78db35447fb5f4a6aaa10a109e8df2bb5a16d0a022100e07f8e2421b3e4dde3c8dd20921b47f4e51eb48fa5efcfbe85cc0bd99861b3640076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016c1c41e2a5000004030047304502201d07309b493179ba8a51e5dd3a98cb134b53ec6458e2b099c5b5ff2f56a98282022100bdc6233094aec6fcc6946e802f3ef8be6bcb411e40e95108be7a35e84ec51759
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0089510cb7e6bd68848729d3c5bab60b9c1806076eb04ba5b51a8ac2034b522ba5c666a20ecb19e8de76f432f2c8e39beb1c969a08f730a55a9b5266e4a519838f9dedfc678ecb880d9f6c4d02306c9646c46f797f33502b689bbb239c06b768ff635bddbc75fb49cdbd3424b1a91172f455c9b91204c9f1d29c0a71f64ba219fd29f1fd68c9f5ed0711ef21f1da25bea6d75077f1e5964933d5daedbd38030aa8649b4ca2d14aab941081fd35947d3ae660123245ae6b4d2a35920f68fd7e88f8c515b2532acb088e435a169b2ee2d615968d235cc307982bad90dc17845dd5aeaaf4c2e060bdb73b79522c272e31254136726289c31deac49cc40a105f098803