f02.chtah.com

Issued by R3

About this certificate

This digital certificate with serial number 03:39:b4:75:63:26:db:b0:c5:1c:17:b2:c4:ff:d8:96:7b:26 was issued on by Let's Encrypt.

With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=f02.chtah.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:39:b4:75:63:26:db:b0:c5:1c:17:b2:c4:ff:d8:96:7b:26
Serial Number (int): 280972823258785177645216231617443608820518
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 68:ec:88:95:f9:18:a9:59:ad:3c:36:84:82:79:dd:82:7d:9a:10:b9
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 9c:ef:83:36:74:c5:92:1c:de:16:0d:23:c6:47:f7:94:56:c9:ac:26
Fingerprint (sha256): 46:00:4a:3e:88:63:7a:87:1e:7a:10:0f:24:c2:eb:b7:eb:11:44:21:5d:b8:bf:f3:f3:fc:c9:3a:de:a2:c6:2a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate f02.chtah.com

16

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for f02.chtah.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

f.comunicaciones-libertyseguros.es
f.e.bobbibrown.com.hk
f.e.clinique.com.my
f.e.jomalone.com.hk
f.e.maccosmetics.com.tw
f.ecrm.wynninsidermacau.com
f.email.account.sony.com
f.email.sonyentertainmentnetwork.com
f.mail.postcodelottery.co.uk
f.news.classicspecs.com
f.northerntoolemail.com
f.northerntoolmail.com
f.smehk.dbs.com
f.status.rebatecard.com
f.update.wishfinmailer.com
f02.chtah.com

Other certificates including the domain name chtah.com

(limited to 100 certificates)
f06.chtah.com
f04.chtah.com
f05.chtah.com
f03.chtah.com
f01.chtah.com
f04.chtah.com
f01.chtah.com
f.chtah.com
f.chtah.com
wpm.ccmp.eu
f.chtah.com
wpm.ccmp.eu
f03.chtah.com
f01.chtah.com
f01.chtah.com
f05.chtah.com
f.chtah.com
f.chtah.com
f02.chtah.com
f.chtah.com
f.chtah.com
*.chtah.com
f.chtah.com
f.chtah.com
f06.chtah.com
f03.chtah.com
f.chtah.com
f03.chtah.com
f04.chtah.com
wpm.ccmp.eu
f01.chtah.com
f04.chtah.com
f06.chtah.com
p.chtah.com
f02.chtah.com
p.chtah.com
f04.chtah.com
f04.chtah.com
wpm.ccmp.eu
*.chtah.com
f02.chtah.com
f04.chtah.com
f01.chtah.com
f06.chtah.com
f01.chtah.com
f02.chtah.com
f02.chtah.com
f01.chtah.com
f01.chtah.com
f01.chtah.com
f06.chtah.com
*.chtah.com
f01.chtah.com
f01.chtah.com
f04.chtah.com
f05.chtah.com
f02.chtah.com
f06.chtah.com
f05.chtah.com
f.chtah.com
f06.chtah.com
wpm.ccmp.eu
f.chtah.com
f05.chtah.com
f.chtah.com
f02.chtah.com
f01.chtah.com
f01.chtah.com
f04.chtah.com
f02.chtah.com
f04.chtah.com
f03.chtah.com
f01.chtah.com
*.chtah.com
f05.chtah.com
f02.chtah.com
f.chtah.com
wpm.ccmp.eu
f03.chtah.com
f.chtah.com
f01.chtah.com
f04.chtah.com
f06.chtah.com
f05.chtah.com
f03.chtah.com
f05.chtah.com
f04.chtah.com
f02.chtah.com
wpm.ccmp.eu
f04.chtah.com
f02.chtah.com
f03.chtah.com
f01.chtah.com
f06.chtah.com
f.chtah.com
f.chtah.com
f03.chtah.com
f01.chtah.com
f01.chtah.com
f04.chtah.com

Certificate

The complete raw certificate details for f02.chtah.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAzm0dWMm27DFHBeyxP/YlnsmMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzExMjkxNDU0NThaFw0yNDAyMjcxNDU0NTdaMBgxFjAUBgNVBAMT
DWYwMi5jaHRhaC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH
/V2dJh5GNI/KlE4oKSvzb2NpWGGbm114n+lRrewkQos8i30jZkq0c+e2Y9qZnJ5G
nye9Rb24a48LzJVnkHYQEnkwAfqukapU0TVTPGAXZ/ogXpn4NxZHP9TDevWXyONU
0FxOsvZDaoQyV3eXD0dm+N6el2tvS5t0APpWSet0HEPLlPTYtfcomhhCaa/PQDfq
byq81l0EGTPvPmaqCSG/A1tUdg7NpHLkm37yryuDZgV0qmVTKU6gIB9/2CGsQ/z9
JcKifeuZ2YcIxttVS/9fqoD8Hc/LowtHsIbtV2rtxvlga3/43J9gA0hQ3UhAjsJW
9DNWdZ6Kadb2D1Zlt6/7AgMBAAGjggKrMIICpzAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFGjsiJX5GKlZrTw2hIJ53YJ9mhC5MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MIIBpQYDVR0RBIIBnDCCAZiCImYuY29tdW5pY2FjaW9uZXMtbGliZXJ0eXNlZ3Vy
b3MuZXOCFWYuZS5ib2JiaWJyb3duLmNvbS5oa4ITZi5lLmNsaW5pcXVlLmNvbS5t
eYITZi5lLmpvbWFsb25lLmNvbS5oa4IXZi5lLm1hY2Nvc21ldGljcy5jb20udHeC
G2YuZWNybS53eW5uaW5zaWRlcm1hY2F1LmNvbYIYZi5lbWFpbC5hY2NvdW50LnNv
bnkuY29tgiRmLmVtYWlsLnNvbnllbnRlcnRhaW5tZW50bmV0d29yay5jb22CHGYu
bWFpbC5wb3N0Y29kZWxvdHRlcnkuY28udWuCF2YubmV3cy5jbGFzc2ljc3BlY3Mu
Y29tghdmLm5vcnRoZXJudG9vbGVtYWlsLmNvbYIWZi5ub3J0aGVybnRvb2xtYWls
LmNvbYIPZi5zbWVoay5kYnMuY29tghdmLnN0YXR1cy5yZWJhdGVjYXJkLmNvbYIa
Zi51cGRhdGUud2lzaGZpbm1haWxlci5jb22CDWYwMi5jaHRhaC5jb20wEwYDVR0g
BAwwCjAIBgZngQwBAgEwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQEL
BQADggEBACL/KwVaoNa83OCz1GOs2Gsot9teWZQvbSCFILBNV7jAPVKFAQctMNOE
JeKQ3JoFWmByEI80Xv4L5I597aQMfqriBo3AuFLi4VTas2yUUNfffscYwf6j24lr
Zktf7y2NAFTK+eTlZ4wxkmBvgCwSNDvPNJ7wqxkCraRaRvafCI/GSMcchB+XYRji
FOM09gYH+bUc9/ga0fbOBK/D3DGf07Dt22AhJ8HVclWt3KZ7PaK3ckm1EX287oYk
6ZETN+3azv+0A5mNnCdIqljIogVYgkpqETsUlrZkFr25EYFugIUVax4NNb/dm1FQ
PREKC8eIcb4MM5Qt6rE53VaOKtMEmVw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/1dnSYeRjSPypROKCkr
829jaVhhm5tdeJ/pUa3sJEKLPIt9I2ZKtHPntmPamZyeRp8nvUW9uGuPC8yVZ5B2
EBJ5MAH6rpGqVNE1UzxgF2f6IF6Z+DcWRz/Uw3r1l8jjVNBcTrL2Q2qEMld3lw9H
Zvjenpdrb0ubdAD6VknrdBxDy5T02LX3KJoYQmmvz0A36m8qvNZdBBkz7z5mqgkh
vwNbVHYOzaRy5Jt+8q8rg2YFdKplUylOoCAff9ghrEP8/SXCon3rmdmHCMbbVUv/
X6qA/B3Py6MLR7CG7Vdq7cb5YGt/+NyfYANIUN1IQI7CVvQzVnWeimnW9g9WZbev
+wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 280972823258785177645216231617443608820518
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-29 14:54:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-27 14:54:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'f02.chtah.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25246361961185943698213758144972172865667561817103208851927368371621727240142389353048090526219871897580353606719852708797129418746214368302492304975670425217500813461984914604425875492509434787426484969668247306029662686488730197592989480877193499092843801510367732738351672310627640187591376913122699587264078504563555604047023040795196135736634008573609274032970733234101727315655420905739730579693517118188856583125628488266959296387860084626885961804300990164783283771527351439171288528465150509500123168939944685194210321017818416291739287183522706017512398794742816967266870285396583238858267667512743211544571
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							68ec8895f918a959ad3c36848279dd827d9a10b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (412 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.comunicaciones-libertyseguros.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.e.bobbibrown.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.e.clinique.com.my'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.e.jomalone.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.e.maccosmetics.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.ecrm.wynninsidermacau.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.email.account.sony.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.email.sonyentertainmentnetwork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.mail.postcodelottery.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.news.classicspecs.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.northerntoolemail.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.northerntoolmail.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.smehk.dbs.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.status.rebatecard.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.update.wishfinmailer.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f02.chtah.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0022ff2b055aa0d6bcdce0b3d463acd86b28b7db5e59942f6d208520b04d57b8c03d528501072d30d38425e290dc9a055a6072108f345efe0be48e7deda40c7eaae2068dc0b852e2e154dab36c9450d7df7ec718c1fea3db896b664b5fef2d8d0054caf9e4e5678c3192606f802c12343bcf349ef0ab1902ada45a46f69f088fc648c71c841f976118e214e334f60607f9b51cf7f81ad1f6ce04afc3dc319fd3b0eddb602127c1d57255addca67b3da2b77249b5117dbcee8624e9911337eddaceffb403998d9c2748aa58c8a20558824a6a113b1496b66416bdb911816e8085156b1e0d35bfdd9b51503d110a0bc78871be0c33942deab139dd568e2ad304995c