www.sikla.com
Issued by R3
About this certificate
This digital certificate with serial number 04:18:f8:3a:aa:4a:49:a8:06:a1:91:bf:bd:bb:9f:df:88:f4 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.sikla.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:18:f8:3a:aa:4a:49:a8:06:a1:91:bf:bd:bb:9f:df:88:f4Serial Number (int): 356945873683211276049508001023457635567860
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: eb:47:24:70:79:86:11:70:3d:96:83:9e:66:9a:e0:be:48:1e:d3:99
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b4:4a:41:3f:b4:fd:3a:de:3f:2b:c1:08:c7:70:a8:09:84:05:00:af
Fingerprint (sha256): 45:cb:42:a2:55:00:c6:fa:4a:bf:84:53:b8:e9:73:63:ed:43:0e:da:fd:70:f8:a4:08:84:42:ab:3c:64:01:36
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.sikla.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.sikla.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sikla.com
www.sikla.com
www.sikla.com
Other certificates including the domain name sikla.com
(limited to 100 certificates)
webmail.sikla.com
www.sikla.com
landingpage.sikla.com
webmailer.sikla.com
blog.sikla.com
webmail.sikla.com
www.sikla.com
www.sikla.com
webmail.sikla.com
webmail.sikla.com
webmailer.sikla.com
webmail.sikla.de
www.sikla.com
webmail.sikla.de
webmailer.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
webmail.sikla.com
www.sikla.com
webmailer.sikla.com
webmail.sikla.de
www.sikla.com
www.sikla.com
webmail.sikla.com
landingpage.sikla.com
webmail.sikla.com
webmail.sikla.com
webmail.sikla.com
webmail.sikla.com
www.sikla.com
www.sikla.com
webmailer.sikla.com
webmailer.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
www.sikla.com
webmail.sikla.com
webmail.sikla.de
webmailer.sikla.com
www.sikla.com
webmail.sikla.de
www.sikla.com
webmail.sikla.com
webmailer.sikla.com
webmail.sikla.com
webmail.sikla.com
webmail.sikla.com
www.sikla.com
webmailer.sikla.com
webmailer.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
landingpage.sikla.com
webmailer.sikla.com
blog.sikla.com
webmail.sikla.com
www.sikla.com
www.sikla.com
webmail.sikla.com
webmail.sikla.com
webmailer.sikla.com
webmail.sikla.de
www.sikla.com
webmail.sikla.de
webmailer.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
webmail.sikla.com
www.sikla.com
webmailer.sikla.com
webmail.sikla.de
www.sikla.com
www.sikla.com
webmail.sikla.com
landingpage.sikla.com
webmail.sikla.com
webmail.sikla.com
webmail.sikla.com
webmail.sikla.com
www.sikla.com
www.sikla.com
webmailer.sikla.com
webmailer.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
www.sikla.com
webmailer.sikla.com
www.sikla.com
www.sikla.com
webmail.sikla.com
webmail.sikla.de
webmailer.sikla.com
www.sikla.com
webmail.sikla.de
www.sikla.com
webmail.sikla.com
webmailer.sikla.com
webmail.sikla.com
webmail.sikla.com
webmail.sikla.com
www.sikla.com
webmailer.sikla.com
webmailer.sikla.com
www.sikla.com
webmailer.sikla.com
Certificate
The complete raw certificate details for www.sikla.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgISBBj4OqpKSagGoZG/vbuf34j0MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTkwMDIyMjhaFw0yNDAxMTcwMDIyMjdaMBgxFjAUBgNVBAMT DXd3dy5zaWtsYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCh gWPkwXPldi1KUhGQXx+SPjPHhxNTtLMXyKUjzaSAbIER/i+nK4rO86pexQcLq57z KyjaYBGq6n/z3odtpzoHlNs4RSQEygQHhzTkuDh790XcWwwqj2Ga8T3/h0KYG2iR 2wPa5TR6TAld3d09WoCyO+1fm7ADoYiQ0gfbnBDXxvbVWqwvcZ56muntNE32uq1m 30ruICydHc7MQ4UJZzNmysO9S7y51bhC7HgAXy8R0J2z2hVPmj8wAn5GIjqpBgYi t0UX6bn5sBv2Tid0r0b7+/r2xg5RkncptQHx/V3A4p/JLe+yIBua9f13hhw9FfKx 7t/iIL7Qz5/j+TDW8KPuX8Aj4iG5CIJai7Pl8K3pCJ2Nk3PkmAj0SVZpHM7oz/xw X7zgjPRjp7xp3eB0+RYIKeLygadTrPbafOIGGRW/Uc7XcvEu89TTiY2JdVwYhHX2 7AICDHoQESltWuECgJw//7LIGoEvLNotn5JghVLRmVp63otnnBUkfW17Ab3Zg8qg Kaz9UpXBiLgm1GtR5rbUdObJb8DqdfgK60x/Fl806Kq4olSq2wdgROumivWY1MkQ OJnZtUJ9zFr0neDVUJnLpAkmSacxZNSNm/mpP10UrjE86BswcUKk1sIAgbdwK2HG ZSIQ4iac5UBaLtY/i5aPcRwLXWJVh0MJExZ01uU67wIDAQABo4ICHDCCAhgwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBTrRyRweYYRcD2Wg55mmuC+SB7TmTAfBgNVHSME GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov L3IzLmkubGVuY3Iub3JnLzAjBgNVHREEHDAagglzaWtsYS5jb22CDXd3dy5zaWts YS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEGBgorBgEEAdZ5AgQCBIH3BIH0 APIAdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYtFht7EAAAE AwBIMEYCIQDI2ux56wMMKumx6Cg6kxOP2UxGWkjk578P3/LAbOUVOwIhAP3WjiBK k24OsGvCNWq1EuLkxna13sQa36ZJQTPZ6FEIAHcAO1N3dT4tuYBOizBbBv5AO2fY T8P0x70ADS1yb+H61BcAAAGLRYbengAABAMASDBGAiEA/tUpUsJRdbaBY7gaEYrG VMqVQoMrteapK1M5ehe5ZakCIQCC3eAz7zentX1nVb/mVITRch52Z8YMZqLwjgvk HBg54TANBgkqhkiG9w0BAQsFAAOCAQEATV2HLxuo0m97XIDOrcaE108p4lshNvzD LcIvDr0e/IMic78ZJdHhgMM+hRw/ctbu/GtHvm8OVNy84dvCFX5u85YKQ2xXEIKJ Zl2IPeVuJ9yqvw4idWWWmsCifl/9dAPh655itKuQmyVjNRzyudUE4izP8LK3cY6m fukR43EAg5EQNKDBItxctkEuaRv06WtlDT/SpuHjEXte7ghw9/yRS8nPf7NbFfe2 IH8tGXP+GsHbME0bbzzbBywvP3CQuCpEKD4XMgotTeX5REPSK1Tsd8YDlGvQ/dha nG7zTuGA3AcI2LB5pDryFWLk7/vNoUa8LN51FIZoMlqQBVek4O8gCA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoYFj5MFz5XYtSlIRkF8f kj4zx4cTU7SzF8ilI82kgGyBEf4vpyuKzvOqXsUHC6ue8yso2mARqup/896Hbac6 B5TbOEUkBMoEB4c05Lg4e/dF3FsMKo9hmvE9/4dCmBtokdsD2uU0ekwJXd3dPVqA sjvtX5uwA6GIkNIH25wQ18b21VqsL3Geeprp7TRN9rqtZt9K7iAsnR3OzEOFCWcz ZsrDvUu8udW4Qux4AF8vEdCds9oVT5o/MAJ+RiI6qQYGIrdFF+m5+bAb9k4ndK9G +/v69sYOUZJ3KbUB8f1dwOKfyS3vsiAbmvX9d4YcPRXyse7f4iC+0M+f4/kw1vCj 7l/AI+IhuQiCWouz5fCt6QidjZNz5JgI9ElWaRzO6M/8cF+84Iz0Y6e8ad3gdPkW CCni8oGnU6z22nziBhkVv1HO13LxLvPU04mNiXVcGIR19uwCAgx6EBEpbVrhAoCc P/+yyBqBLyzaLZ+SYIVS0Zlaet6LZ5wVJH1tewG92YPKoCms/VKVwYi4JtRrUea2 1HTmyW/A6nX4CutMfxZfNOiquKJUqtsHYETrpor1mNTJEDiZ2bVCfcxa9J3g1VCZ y6QJJkmnMWTUjZv5qT9dFK4xPOgbMHFCpNbCAIG3cCthxmUiEOImnOVAWi7WP4uW j3EcC11iVYdDCRMWdNblOu8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 356945873683211276049508001023457635567860 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-19 00:22:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-17 00:22:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sikla.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 658884671512833208288484958448317055634948468444412087632359421201816691860157178312805525929797157874107627176888592083876638180825720065868312398612415470126065883985101894601075567820914789788579633605787576638276935447975510844780041966130817995592380082886755564626081129597894016168291106731330009763238331129657541583093291514956670434526309541992959812440091920664863595315095414633985450161634235596296084825066911333690237211352855141788932317304424601860646779872878807889701264531888249133281285297070284088761236838029574156701398603347757143991448771487781984046666117555656566371968695003092688526884004507497360636908854260337803818026289940330724520730694522038404574036500359285731741842395942416350392655894577987553188855654296688764825334641486373262134150934250290369123471283337050662136134607073409144039829185798469327011966440591799169625744554443888751415553042509287410358794549289740860668574344344977337305297974571142130333072517829948026274930493635245146062093682897311178703541265206593293802362498958344914450125282099846292092929869191904470153112099557351975984746747001986840447382991562139772447926965692451313155405497064787220261872202185272044348482629800817224399288783605403999096227052271 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eb472470798611703d96839e669ae0be481ed399 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sikla.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sikla.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b4586dec40000040300483046022100c8daec79eb030c2ae9b1e8283a93138fd94c465a48e4e7bf0fdff2c06ce5153b022100fdd68e204a936e0eb06bc2356ab512e2e4c676b5dec41adfa6494133d9e851080077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b4586de9e0000040300483046022100fed52952c25175b68163b81a118ac654ca9542832bb5e6a92b53397a17b965a902210082dde033ef37a7b57d6755bfe65484d1721e7667c60c66a2f08e0be41c1839e1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004d5d872f1ba8d26f7b5c80ceadc684d74f29e25b2136fcc32dc22f0ebd1efc832273bf1925d1e180c33e851c3f72d6eefc6b47be6f0e54dcbce1dbc2157e6ef3960a436c57108289665d883de56e27dcaabf0e227565969ac0a27e5ffd7403e1eb9e62b4ab909b2563351cf2b9d504e22ccff0b2b7718ea67ee911e3710083911034a0c122dc5cb6412e691bf4e96b650d3fd2a6e1e3117b5eee0870f7fc914bc9cf7fb35b15f7b6207f2d1973fe1ac1db304d1b6f3cdb072c2f3f7090b82a44283e17320a2d4de5f94443d22b54ec77c603946bd0fdd85a9c6ef34ee180dc0708d8b079a43af21562e4effbcda146bc2cde75148668325a900557a4e0ef2008