cornerstone.rs
Issued by Encryption Everywhere DV TLS CA - G2
About this certificate
This digital certificate with serial number 0c:32:ac:42:36:4a:bd:48:2e:4a:b6:34:d4:40:bc:78 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cornerstone.rs
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:32:ac:42:36:4a:bd:48:2e:4a:b6:34:d4:40:bc:78Serial Number (int): 16213844612658830784802040393083436152
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 1e:5c:ef:a3:40:62:8c:37:b6:1f:d6:c0:86:d4:95:12:e0:15:b0:aa
AuthorityKeyId: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6
Fingerprint (sha1): 2c:f9:b5:fb:f3:ae:49:5c:fe:92:b8:0c:24:33:d9:86:dc:16:74:90
Fingerprint (sha256): 48:cf:8d:ce:71:5c:3d:ef:11:60:23:f3:44:8c:b3:5b:25:e0:d8:c1:2a:c8:e5:36:f4:cf:55:68:08:88:fb:8c
Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCheck the revocation status for certificate cornerstone.rs
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cornerstone.rs
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cornerstone.rs
www.cornerstone.rs
www.cornerstone.rs
Other certificates including the domain name cornerstone.rs
(limited to 100 certificates)
help.wellnessgate.hu
help.wellnessgate.hu
help.wellnessgate.hu
podrska.cornerstone.rs
desk.jetenterprises.co.uk
desk.jetenterprises.co.uk
cornerstone.rs
help.wellnessgate.hu
support.phocealight.fr
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
help.wellnessgate.hu
support.blits.ai
vragen.oamkbsittard.nl
help.wellnessgate.hu
help.wellnessgate.hu
podrska.cornerstone.rs
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
splitpay.dorset.tech
help.wellnessgate.hu
podrska.cornerstone.rs
cornerstone.rs
desk.jetenterprises.co.uk
webmail.cornerstone.rs
podrska.cornerstone.rs
splitpay.dorset.tech
vragen.oamkbsittard.nl
help.wellnessgate.hu
support.fortifiedit.co.uk
support.fortifiedit.co.uk
splitpay.dorset.tech
support.bacbnl.nl
help.wellnessgate.hu
help.wellnessgate.hu
support.fortifiedit.co.uk
vragen.oamkbsittard.nl
support.phocealight.fr
cornerstone.rs
help.wellnessgate.hu
cornerstone.rs
help.wellnessgate.hu
vragen.oamkbsittard.nl
support.bacbnl.nl
help.wellnessgate.hu
support.fortifiedit.co.uk
help.wellnessgate.hu
desk.jetenterprises.co.uk
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
business-support.excire.com
help.wellnessgate.hu
support.phocealight.fr
help.wellnessgate.hu
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
splitpay.dorset.tech
help.wellnessgate.hu
support.phocealight.fr
help.wellnessgate.hu
help.wellnessgate.hu
podrska.cornerstone.rs
desk.jetenterprises.co.uk
desk.jetenterprises.co.uk
cornerstone.rs
help.wellnessgate.hu
support.phocealight.fr
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
help.wellnessgate.hu
support.blits.ai
vragen.oamkbsittard.nl
help.wellnessgate.hu
help.wellnessgate.hu
podrska.cornerstone.rs
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
splitpay.dorset.tech
help.wellnessgate.hu
podrska.cornerstone.rs
cornerstone.rs
desk.jetenterprises.co.uk
webmail.cornerstone.rs
podrska.cornerstone.rs
splitpay.dorset.tech
vragen.oamkbsittard.nl
help.wellnessgate.hu
support.fortifiedit.co.uk
support.fortifiedit.co.uk
splitpay.dorset.tech
support.bacbnl.nl
help.wellnessgate.hu
help.wellnessgate.hu
support.fortifiedit.co.uk
vragen.oamkbsittard.nl
support.phocealight.fr
cornerstone.rs
help.wellnessgate.hu
cornerstone.rs
help.wellnessgate.hu
vragen.oamkbsittard.nl
support.bacbnl.nl
help.wellnessgate.hu
support.fortifiedit.co.uk
help.wellnessgate.hu
desk.jetenterprises.co.uk
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
business-support.excire.com
help.wellnessgate.hu
support.phocealight.fr
help.wellnessgate.hu
help.wellnessgate.hu
helpdesk.hinweisgeberprogramm.de
splitpay.dorset.tech
help.wellnessgate.hu
support.phocealight.fr
Certificate
The complete raw certificate details for cornerstone.rs in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCDCCBPCgAwIBAgIQDDKsQjZKvUguSrY01EC8eDANBgkqhkiG9w0BAQsFADBu MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg RFYgVExTIENBIC0gRzIwHhcNMjQwMjAzMDAwMDAwWhcNMjUwMjAzMjM1OTU5WjAZ MRcwFQYDVQQDEw5jb3JuZXJzdG9uZS5yczCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALyedZCLkf0DaiKneBrE6e5sioBudDveCsJXzz76YEN814kHppQj G/3YJ1bXTE005wXFJ73yBSAIN8nKf5WmhwPXA+g3Vh+gt6PJuxuBF1aI/uFqL+2y NqPYLYeDJ1npdhZYSsjHFxtfixm4J1ZdJBbyZMyH3OICJ3xuUPmLi84XI8co3Mn2 9Kxb+YPsYtKody21NSjEjbnxNBztPpz5MJYhUu/w6e2+NAayDFL+pY919JflSsSr z/Aa/E81MMPGxsSHJBz0a6BHcQx47Fd+BV5aCh3WlOCO8WZCu47FJsiR3RxF6jVk HNTVmAk/fuRx1pqI+t8a2cNYdmvcXrqD7Z8CAwEAAaOCAvUwggLxMB8GA1UdIwQY MBaAFHjfkZBf7t6s9sV169VMVVPvJEq2MB0GA1UdDgQWBBQeXO+jQGKMN7Yf1sCG 1JUS4BWwqjAtBgNVHREEJjAkgg5jb3JuZXJzdG9uZS5yc4ISd3d3LmNvcm5lcnN0 b25lLnJzMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6 Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUH MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+aHR0cDov L2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVyeXdoZXJlRFZUTFND QS1HMi5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo AHUATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGNbGjr6QAABAMA RjBEAiAx3gw42DpmA1mv07peRVXZT6ML3u53upBxasGcaUYmFQIgaowrWe8N/u7i gFC/eowfWXH8029IwzSa0e3jhl3kar4AdwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6V nrkDL9kOjC55uAAAAY1saOwZAAAEAwBIMEYCIQDOS0YR1jogosPldSgZBER7E87p 8K+AEONiZdhYZaVMNwIhAIf9JxsjtWuezxzZkD8yw1DB1Up6gPFgqIsZHFGWrGnS AHYA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGNbGjsSQAABAMA RzBFAiEAoTWzTmay0bmBG3hVuFYhS6ugWLB9TN0rEkt6sd1byP0CIBgAWFPHy1/z Njkgk+Ff7hL9CE6lPrBL/Z+JiXZALMbjMA0GCSqGSIb3DQEBCwUAA4IBAQChuNA4 HGzW3qp67f8ACu/6toKy6fPH6FKc7sMqzeF1y+c8CgZ8dSqfwXfj7IagzdXaoZgU w84y2L6bkuHbFajVC7xcEMkD7gp28KNhxTKE6t4/9KOCM1CApgve3DgAvjxXQoNi CjetPBENJQrOdnOKht0ro+7gsCaRQpTHdaRwUM/EDc8pSUqiVfn53bfGVYFkTrk7 XUyN8eDkXDgxHhAWaaB8FYNSSSKB+n2EdaeQqpsBtE7hJEYNWeeElqPJPbvdF9bK 2etYivNw1SgYPZXyDZ7k/sPFOWNkaWZL9gpkXRI49XhfnKqIY1TMdaZsaCysrh0d AttxTXJZYwZO0rBI -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ51kIuR/QNqIqd4GsTp 7myKgG50O94KwlfPPvpgQ3zXiQemlCMb/dgnVtdMTTTnBcUnvfIFIAg3ycp/laaH A9cD6DdWH6C3o8m7G4EXVoj+4Wov7bI2o9gth4MnWel2FlhKyMcXG1+LGbgnVl0k FvJkzIfc4gInfG5Q+YuLzhcjxyjcyfb0rFv5g+xi0qh3LbU1KMSNufE0HO0+nPkw liFS7/Dp7b40BrIMUv6lj3X0l+VKxKvP8Br8TzUww8bGxIckHPRroEdxDHjsV34F XloKHdaU4I7xZkK7jsUmyJHdHEXqNWQc1NWYCT9+5HHWmoj63xrZw1h2a9xeuoPt nwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16213844612658830784802040393083436152 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cornerstone.rs' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23810940495588641564496608126566610814525115101036176802294420566607765565238778752905686519580302688415279396505602717337858794311946716108012054711699789780705859485530236101257761955614335878233940731010080560791533130120570043632123776191547665304467225207592697028633288296790412517771064651151534719687889555047335499439186477256561091136644581139624009197890426677891258670159170296455315202999104516769378134866445778319960396074037640520645741198120858031628165324203225921100810390715692016866780239024806486330613040892403305167960471032920375544946382149350706423941904680002116175857728895671679995604383 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1e5cefa340628c37b61fd6c086d49512e015b0aa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cornerstone.rs' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cornerstone.rs' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d6c68ebe90000040300463044022031de0c38d83a660359afd3ba5e4555d94fa30bdeee77ba90716ac19c6946261502206a8c2b59ef0dfeeee28050bf7a8c1f5971fcd36f48c3349ad1ede3865de46abe0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018d6c68ec190000040300483046022100ce4b4611d63a20a2c3e575281904447b13cee9f0af8010e36265d85865a54c3702210087fd271b23b56b9ecf1cd9903f32c350c1d54a7a80f160a88b191c5196ac69d2007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018d6c68ec490000040300473045022100a135b34e66b2d1b9811b7855b856214baba058b07d4cdd2b124b7ab1dd5bc8fd022018005853c7cb5ff336392093e15fee12fd084ea53eb04bfd9f898976402cc6e3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a1b8d0381c6cd6deaa7aedff000aeffab682b2e9f3c7e8529ceec32acde175cbe73c0a067c752a9fc177e3ec86a0cdd5daa19814c3ce32d8be9b92e1db15a8d50bbc5c10c903ee0a76f0a361c53284eade3ff4a382335080a60bdedc3800be3c574283620a37ad3c110d250ace76738a86dd2ba3eee0b026914294c775a47050cfc40dcf29494aa255f9f9ddb7c65581644eb93b5d4c8df1e0e45c38311e101669a07c158352492281fa7d8475a790aa9b01b44ee124460d59e78496a3c93dbbdd17d6cad9eb588af370d528183d95f20d9ee4fec3c539636469664bf60a645d1238f5785f9caa886354cc75a66c682cacae1d1d02db714d725963064ed2b048