www.knallhart.de
Issued by RapidSSL RSA CA 2018
About this certificate
This digital certificate with serial number 04:78:da:89:85:64:20:84:be:8b:24:c6:25:80:99:ab was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.knallhart.de
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:78:da:89:85:64:20:84:be:8b:24:c6:25:80:99:abSerial Number (int): 5944420066998255778033693555523885483
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: f3:d6:d0:c9:31:2b:84:30:1e:d0:62:1b:44:a0:af:56:b6:e9:01:ee
AuthorityKeyId: 53:ca:17:59:fc:6b:c0:03:21:2f:1a:ae:e4:aa:a8:1c:82:56:da:75
Fingerprint (sha1): 86:2b:b7:cb:ae:7a:50:43:fe:27:de:8c:01:d7:d5:98:ac:03:08:e6
Fingerprint (sha256): 4a:fd:40:50:2b:9e:b7:2a:fb:db:5e:81:a1:74:63:d4:aa:c9:c6:16:90:08:6c:f3:13:26:5b:b2:35:ed:74:62
Issuing Certificate URL: http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt
Revocation information
OCSP Server: http://status.rapidssl.comCRL Distribution Point: http://cdp.rapidssl.com/RapidSSLRSACA2018.crl
Check the revocation status for certificate www.knallhart.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.knallhart.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.knallhart.de
knallhart.de
knallhart.de
Other certificates including the domain name knallhart.de
(limited to 100 certificates)
mail.twooit.com
ssl.masterlogin.de
mail.twooit.com
www.knallhart.de
mail.routing.net
www.knallhart.de
*.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
mail.twooit.com
www.knallhart.de
www.knallhart.de
mail.routing.net
www.knallhart.de
www.knallhart.de
ssl.masterlogin.de
ssl.masterlogin.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
ssl.masterlogin.de
ssl.masterlogin.de
www.knallhart.de
ssl.masterlogin.de
mail.twooit.com
www.knallhart.de
mail.routing.net
www.knallhart.de
*.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
mail.twooit.com
www.knallhart.de
www.knallhart.de
mail.routing.net
www.knallhart.de
www.knallhart.de
ssl.masterlogin.de
ssl.masterlogin.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
www.knallhart.de
ssl.masterlogin.de
ssl.masterlogin.de
www.knallhart.de
Certificate
The complete raw certificate details for www.knallhart.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGuTCCBaGgAwIBAgIQBHjaiYVkIIS+iyTGJYCZqzANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe Fw0xODA4MjEwMDAwMDBaFw0xOTA5MjAxMjAwMDBaMBsxGTAXBgNVBAMTEHd3dy5r bmFsbGhhcnQuZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMOzdw fuXh5C1/hJ5OT7Y22POyjl3HxaPpRTiGNokuxmgHtsF+M0NTcqjqROFdhDDMpcby /LT4NhPefB1zZzAXpS7q+nluK9UtJ8jzsmF3PUoWn9f5uVNUW4OIsd+Yx8Bb0GGq WKAxUXPYUyIBpuL9/yWH04VhIzUgQTOuc2EVn/ZXLDgTYeK/dSUkdsxI+wG/GYdc CN6mDgj+47YFMIn0SnBvpMLketI4eUtaxK9qX5LXiguQUCao/yi3savj5YUjwXVl YeE+jPtsT+C3StAlQrjhmBz5gte0coEbZFKKc9JXKHHdXHAcoM6GT7NvbXwWDG6a FPIZMCrawWzEwHsiPTSQmJiLECGYfhnN+yd7tuOvtEqWrbEiNxtycubF9vU3QjfI MvxS/MwSRZrWUDjwdTM5GUdNsDqXGjyj8NIBWeLslFMaS4n9ZNmXeABXu+4nb8Io /0OV9cDhzYdhFwkpk7SYZwppj3cpieDZQr9QXF8a/j1bPx2Q6AjQfsyDvmSF/Cuu v1IUYwgE5NnHyNI+NV30KQm3lyPSHcUh750st98GoioN+zgwqIqZ+fZxUdDWbz1X nAAxSFSggQFD/IaifK7Yapc0cc4zdCraG+88EpJrnzkejaERshvv5KhZzXzSPfJs hF4+y9U5AZeL5i4pNmozlc3cklA4jETMQq2GfQIDAQABo4ICtDCCArAwHwYDVR0j BBgwFoAUU8oXWfxrwAMhLxqu5KqoHIJW2nUwHQYDVR0OBBYEFPPW0MkxK4QwHtBi G0Sgr1a26QHuMCkGA1UdEQQiMCCCEHd3dy5rbmFsbGhhcnQuZGWCDGtuYWxsaGFy dC5kZTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jZHAucmFwaWRzc2wuY29tL1Jh cGlkU1NMUlNBQ0EyMDE4LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBAjAqMCgG CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAEC ATB1BggrBgEFBQcBAQRpMGcwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMucmFw aWRzc2wuY29tMD0GCCsGAQUFBzAChjFodHRwOi8vY2FjZXJ0cy5yYXBpZHNzbC5j b20vUmFwaWRTU0xSU0FDQTIwMTguY3J0MAkGA1UdEwQCMAAwggECBgorBgEEAdZ5 AgQCBIHzBIHwAO4AdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAA AWVbYp8eAAAEAwBGMEQCICvBay9rsXth9kyk1tJpPhHpzabqT+xqZMuKfDfnVtRj AiB1xHK1bLrMfXFeUuOJWpib1d2Oc5uVS6sEd4vV8HC3EQB1AId1v+dZfPiMQ5lf vfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZVtin6YAAAQDAEYwRAIgPbGPUoaSaiMK KX+h+KqCH2sHKad9LKlI+v/y2rzRHsUCIEY3M+80pQMHtfpwGg/RCF4a0807qETa 5k7+YEuN9VW8MA0GCSqGSIb3DQEBCwUAA4IBAQCwBf31japaYb8WWdzYrJPXwAJL ig+iCApb7FyK6eCIlVr4wxp2WKXk1qg95dn665g/YFRtPNorGldQs+70yKs5kkKz oUNflET/m7H3Heqp6Qff0Qe6cYx6TtcT/0SR646dZFZtEW7KxZB9PHwLQlasxNQE k5xU7/g80MC1tWlGNXigUGw7hbzISfV7pBrzMV0QTvl62TCUk8X1WfRBdIdO1Lop azu1uv1Oyry7bEXwxYRKS3FC+JWyCbyoTkjnXsSEcHbA9ba8n5qmNrJ3xN5jUxjB WD93BUCZD4vHhk8oHhj61th2A/Kv7maZoBMKa+unNlYc46dxYSYqWijtzg/9 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzDs3cH7l4eQtf4SeTk+2 Ntjzso5dx8Wj6UU4hjaJLsZoB7bBfjNDU3Ko6kThXYQwzKXG8vy0+DYT3nwdc2cw F6Uu6vp5bivVLSfI87Jhdz1KFp/X+blTVFuDiLHfmMfAW9BhqligMVFz2FMiAabi /f8lh9OFYSM1IEEzrnNhFZ/2Vyw4E2Hiv3UlJHbMSPsBvxmHXAjepg4I/uO2BTCJ 9Epwb6TC5HrSOHlLWsSval+S14oLkFAmqP8ot7Gr4+WFI8F1ZWHhPoz7bE/gt0rQ JUK44Zgc+YLXtHKBG2RSinPSVyhx3VxwHKDOhk+zb218FgxumhTyGTAq2sFsxMB7 Ij00kJiYixAhmH4Zzfsne7bjr7RKlq2xIjcbcnLmxfb1N0I3yDL8UvzMEkWa1lA4 8HUzORlHTbA6lxo8o/DSAVni7JRTGkuJ/WTZl3gAV7vuJ2/CKP9DlfXA4c2HYRcJ KZO0mGcKaY93KYng2UK/UFxfGv49Wz8dkOgI0H7Mg75khfwrrr9SFGMIBOTZx8jS PjVd9CkJt5cj0h3FIe+dLLffBqIqDfs4MKiKmfn2cVHQ1m89V5wAMUhUoIEBQ/yG onyu2GqXNHHOM3Qq2hvvPBKSa585Ho2hEbIb7+SoWc180j3ybIRePsvVOQGXi+Yu KTZqM5XN3JJQOIxEzEKthn0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5944420066998255778033693555523885483 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-20 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.knallhart.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 833191071473561505994914880320259129058401678747647001631107852677424991807616890536215435591666411465611994507233341490979980143349267675813139527853490167798664175483458219743499395998774220565248710849312790684674516918070169827266841797622139236977823721265859181321875169479732769531884133531370461673057931376639258942645158788489126619395213225787533135083818523169222637039242249347553116580889949859912702512967840182957436798864877126778961963719687862966179668938753759696603579385786922444193168749734623258047982118592687557360727828369459967586823067917580505813129701552578837106478458159777616311112286082487407739786033608538668134852746557540821062793090461680740401522552081400408924697432866997280910495510198403767499921099687987103275637579120321353869290804310381553415778872337996960185015659027066054951074801126685286168743187358189429839375828224549739408226825709387185577123959623898315187853272887549453034327632689259058564786801335146161820898980913330692663324180380097715303147084809659145603060447269029678996032145464102573760587774333322621015074227163528109774826455052310195025047880075138542803702502756062551227923267622194336451222241848338067944261002212401918514847045779771708628842415741 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 53ca1759fc6bc003212f1aaee4aaa81c8256da75 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f3d6d0c9312b84301ed0621b44a0af56b6e901ee . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.knallhart.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knallhart.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.rapidssl.com/RapidSSLRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.rapidssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.rapidssl.com/RapidSSLRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001655b629f1e000004030046304402202bc16b2f6bb17b61f64ca4d6d2693e11e9cda6ea4fec6a64cb8a7c37e756d463022075c472b56cbacc7d715e52e3895a989bd5dd8e739b954bab04778bd5f070b7110075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001655b629fa6000004030046304402203db18f5286926a230a297fa1f8aa821f6b0729a77d2ca948fafff2dabcd11ec50220463733ef34a50307b5fa701a0fd1085e1ad3cd3ba844dae64efe604b8df555bc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b005fdf58daa5a61bf1659dcd8ac93d7c0024b8a0fa2080a5bec5c8ae9e088955af8c31a7658a5e4d6a83de5d9faeb983f60546d3cda2b1a5750b3eef4c8ab399242b3a1435f9444ff9bb1f71deaa9e907dfd107ba718c7a4ed713ff4491eb8e9d64566d116ecac5907d3c7c0b4256acc4d404939c54eff83cd0c0b5b569463578a0506c3b85bcc849f57ba41af3315d104ef97ad9309493c5f559f44174874ed4ba296b3bb5bafd4ecabcbb6c45f0c5844a4b7142f895b209bca84e48e75ec4847076c0f5b6bc9f9aa636b277c4de635318c1583f770540990f8bc7864f281e18fad6d87603f2afee6699a0130a6beba736561ce3a77161262a5a28edce0ffd