aleyant.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:d9:c8:21:3a:22:a6:5e:93:6f:ca:45:f5:44:70:45:7e:8e was issued on by Let's Encrypt.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=aleyant.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:d9:c8:21:3a:22:a6:5e:93:6f:ca:45:f5:44:70:45:7e:8e
Serial Number (int): 335444149541202704719505787261861377703566
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 13:82:a1:c9:46:62:22:ab:16:c6:a2:b1:bc:d7:c1:17:f0:bb:97:0b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): bf:be:86:93:53:12:90:9d:02:64:c2:2b:8c:be:b7:f1:57:74:f4:18
Fingerprint (sha256): 47:ca:ea:16:5d:70:c4:82:46:0f:38:6f:f9:4f:b4:46:c4:9f:8d:91:61:d4:e1:82:49:f9:b3:89:d7:bd:11:ae

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate aleyant.com

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aleyant.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aleyant.com
colorprodupe.aleyant.com
englishfamily.aleyant.com
www.aleyant.com
www.colorprodupe.aleyant.com
www.englishfamily.aleyant.com
www.node1.aleyant.com
www.node2.aleyant.com
www.node3.aleyant.com

Other certificates including the domain name aleyant.com

(limited to 100 certificates)
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
books.newhorizonnetwork.net
aleyant.com
aleyant.com
*.aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
blog.aleyant.com
aleyant.com
aleyant.com
aleyant.com
accounts.recstra.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
access.ourvolaris.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
access.ourvolaris.com
blog.aleyant.com
webext.ourvolaris.com
blog.aleyant.com
aleyant.com
access.ourvolaris.com
aleyant.com
access.ourvolaris.com
aleyant.com
aleyant.com
client.sv3nska.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
*.aleyant.com
aleyant.com
books.ksedpainting.com
tls.automattic.com
aleyant.com
payments.aleyant.com
aleyant.com
clients.nevron360.com
aleyant.com
access.ourvolaris.com
clients.thatcherswineconsulting.com
payments.aleyant.com
aleyant.com
client.sv3nska.com
webext.ourvolaris.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
aleyant.com
payments.aleyant.com
aleyant.com
client.sv3nska.com
tls.automattic.com
blog.aleyant.com
aleyant.com
access.ourvolaris.com
*.aleyant.com
*.aleyant.com
aleyant.com
aleyant.com
books.ksedpainting.com
aleyant.com
aleyant.com
aleyant.com
tls.automattic.com
aleyant.com
blog.aleyant.com
books.dlogiceu.com
payments.aleyant.com
access.ourvolaris.com
aleyant.com
access.ourvolaris.com
aleyant.com
books.ksedpainting.com
aleyant.com
aleyant.com
books.nephosit.com
aleyant.com
aleyant.com
blog.aleyant.com
aleyant.com
aleyant.com

Certificate

The complete raw certificate details for aleyant.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISA9nIIToipl6Tb8pF9URwRX6OMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MTEwMzQ1MDlaFw0x
OTEyMTAwMzQ1MDlaMBYxFDASBgNVBAMTC2FsZXlhbnQuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI7j94/HhOqAtfI7/vSB9hslwuA208mrx6u3
McgYQiQSvCK3SmZLHokwwSksG12MtJ9xzFm4LLBcC/Q2jiqIDzpWhkqHld0bAUPt
NDqVPcGs1DIlC9l8lidtKD6uTVoeyyqh9hbworSCBetfyJ2IRw6QnE1Hicoy0qNk
gl5YxTKmpByoGFd999kTor8ulMEjRT8w800JU/pK7b8SqeUSGLwOov9+pDR4Cg5a
sTHbQMvaReqqRPC6UX1UGey5CKTPDHDKmEjbcJG9A9b8tLo8wZxBOogbO5tk6FQT
Mwkpuz/cnuAboAZziAffgLWN6pOUjG0Gwu5fGjvwFcFuPlyvoQIDAQABo4IDKzCC
AycwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQTgqHJRmIiqxbGorG818EX8LuXCzAf
BgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEw
LgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcw
LwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcv
MIHgBgNVHREEgdgwgdWCC2FsZXlhbnQuY29tghhjb2xvcnByb2R1cGUuYWxleWFu
dC5jb22CGWVuZ2xpc2hmYW1pbHkuYWxleWFudC5jb22CD3d3dy5hbGV5YW50LmNv
bYIcd3d3LmNvbG9ycHJvZHVwZS5hbGV5YW50LmNvbYIdd3d3LmVuZ2xpc2hmYW1p
bHkuYWxleWFudC5jb22CFXd3dy5ub2RlMS5hbGV5YW50LmNvbYIVd3d3Lm5vZGUy
LmFsZXlhbnQuY29tghV3d3cubm9kZTMuYWxleWFudC5jb20wTAYDVR0gBEUwQzAI
BgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw
cy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBvU3as
MfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAW0eo7obAAAEAwBHMEUCIQCF
v0nvjQkfVP8VJrrjlcohQcZoy3Er/gaLniLkgfxqZwIgZfUBgq4I5R0TnFIQO85G
4tKX7+S3kKmAFOigUCtGma4AdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdo
VEvYjQAAAW0eo7mfAAAEAwBHMEUCIQCIUM7yZWP8cpE4i4o0mOi6NKGZcS5IYXA8
qBd5nnPE3wIgZnmjpsibxunOgDoK8pWYr0lWnU+i/UtS1Ep+i24+ETQwDQYJKoZI
hvcNAQELBQADggEBAGJ90KoUaSpCV1Uja24Qsx363u9ONCnvXKNCgqV+4o2Sb2A9
miR+lHRBmkgyXvU5GJaWBiLwfFZBCOE+I/Cl4Jjt1SUodQxQI+m41opDvWj7yA1R
LA6rN3FI9K3u4S42nBolPW1RmM++anf5u37D0GBhfToQkNWd5jiLTHkLAfP+A+0Y
MfI5jnMqr11oSHZ2CQIDez2hNrv3CD/kutTdF8gcmyGAZ6QmqTclllTnWG+2Ep18
/8Q/Dk2JzYNPGWl3U7L9be/wmGzRJ6vAnZYKNgI4+0BnmdSjuCOe+R1mh/bamKAh
4hKBrNdyU1zddjsL1zxO5cm/Fd7N54B9wSwXDPQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI7j94/HhOqAtfI7/vSB
9hslwuA208mrx6u3McgYQiQSvCK3SmZLHokwwSksG12MtJ9xzFm4LLBcC/Q2jiqI
DzpWhkqHld0bAUPtNDqVPcGs1DIlC9l8lidtKD6uTVoeyyqh9hbworSCBetfyJ2I
Rw6QnE1Hicoy0qNkgl5YxTKmpByoGFd999kTor8ulMEjRT8w800JU/pK7b8SqeUS
GLwOov9+pDR4Cg5asTHbQMvaReqqRPC6UX1UGey5CKTPDHDKmEjbcJG9A9b8tLo8
wZxBOogbO5tk6FQTMwkpuz/cnuAboAZziAffgLWN6pOUjG0Gwu5fGjvwFcFuPlyv
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 335444149541202704719505787261861377703566
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-11 03:45:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-10 03:45:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aleyant.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20773543944282050331248638500374206013143464078312410231582790807650212455324048150865714979073362087273028746020982447662182568298314894538515189309462313873233774449405041872160694985342173577527381363035441606733784964979102018180836269140122305028288082440923691977951685606238650791389618095871763521353993907870373644722802662267148155743498996663810941450335051706667729855823210151300170711515776389066258904136060343171761612306805894341259715140737446678541135651823549313447189977712622988102047060994034436294235178458256688034429950580592747854366764872704150416247439239572579721506026650901422047801249
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1382a1c9466222ab16c6a2b1bcd7c117f0bb970b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (216 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colorprodupe.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'englishfamily.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.colorprodupe.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.englishfamily.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.node1.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.node2.aleyant.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.node3.aleyant.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016d1ea3ba1b000004030047304502210085bf49ef8d091f54ff1526bae395ca2141c668cb712bfe068b9e22e481fc6a67022065f50182ae08e51d139c52103bce46e2d297efe4b790a98014e8a0502b4699ae00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d1ea3b99f00000403004730450221008850cef26563fc7291388b8a3498e8ba34a199712e4861703ca817799e73c4df02206679a3a6c89bc6e9ce803a0af29598af49569d4fa2fd4b52d44a7e8b6e3e1134
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00627dd0aa14692a425755236b6e10b31dfadeef4e3429ef5ca34282a57ee28d926f603d9a247e9474419a48325ef5391896960622f07c564108e13e23f0a5e098edd52528750c5023e9b8d68a43bd68fbc80d512c0eab377148f4adeee12e369c1a253d6d5198cfbe6a77f9bb7ec3d060617d3a1090d59de6388b4c790b01f3fe03ed1831f2398e732aaf5d684876760902037b3da136bbf7083fe4bad4dd17c81c9b218067a426a937259654e7586fb6129d7cffc43f0e4d89cd834f19697753b2fd6deff0986cd127abc09d960a360238fb406799d4a3b8239ef91d6687f6da98a021e21281acd772535cdd763b0bd73c4ee5c9bf15decde7807dc12c170cf4