assets.meredith.com

Issued by Amazon

About this certificate

This digital certificate with serial number 06:28:85:d1:4c:04:83:6f:d3:fe:b6:de:fd:49:a4:13 was issued on by Amazon.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=assets.meredith.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:28:85:d1:4c:04:83:6f:d3:fe:b6:de:fd:49:a4:13
Serial Number (int): 8185773991740456638551384149958698003
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 78:b0:b3:43:1b:56:43:78:e8:e0:a5:aa:c7:07:c0:83:be:e7:a1:f0
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 00:e1:54:55:24:cd:5c:ea:c1:84:2c:7f:ca:34:44:d0:8d:29:1b:80
Fingerprint (sha256): 4c:04:fc:2a:e2:0d:f9:1a:08:a0:d6:cf:d5:2e:a7:09:3c:e1:b3:da:93:ba:44:ea:e1:bc:39:ce:e1:20:37:27

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate assets.meredith.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for assets.meredith.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

assets.meredith.com
images.prod.meredith.com
*.staging.shopnation.com
*.qa1.shopnation.com
*.qa2.shopnation.com
*.qa3.shopnation.com

Other certificates including the domain name meredith.com

(limited to 100 certificates)
wpm.ccmp.eu
payments.meredith.com
vcacontent.meredith.com
secure.meredith.com
dyncat.cip.meredith.com
*.meredith.com
secure.static.meredith.com
*.secure.meredith.com
secure.meredith.com
matrixdev.meredith.com
meredith.com
*.meredith.com
my.meredith.com
test.secure.static.meredith.com
meredith.com
images.meredith.com
citrix.meredith.com
wpm03.eccmp.com
*.meredith.com
5713573250596864-fe4.pantheonsite.io
images.meredith.com
munkireport.meredith.com
payments.meredith.com
meredith.com
woodwing.meredith.com
secure.static.meredith.com
*.meredith.com
es.meredith.com
*.woodwing.meredith.com
kptvoasis.meredith.com
www.meredith.com
webmail.meredith.com
wpm.ccmp.eu
specialoffers.meredith.com
splunk.meredith.com
secure.static.meredith.com
wpm03.eccmp.com
intranet.meredith.com
akamai-san192.exacttarget.com
secure.meredith.com
wpm.ccmp.eu
*.meredith.com
360.meredith.com
wpm.ccmp.eu
*.images.meredith.com
quizler.meredith.com
chrysler-stg.meredith.com
Dashboards.meredith.com
*.agriculture.com
dev.app.meredith.com
adobefrl.meredith.com
collabedge.meredith.com
go.meredith.com
dev.secure.meredith.com
*.meredith.com
5713573250596864-fe4.pantheonsite.io
*.meredith.com
*.meredith.com
360-auth.meredith.com
wpm03.eccmp.com
*.meredith.com
images.qa.shopnation.com
ise.meredith.com
wpm.ccmp.eu
secure.static.meredith.com
secure.meredith.com
images.meredith.com
assets.meredith.com
*.elvis.meredith.com
accounts.bhg.com
accounts.bhg.com
*.meredith.com
*.meredith.com
LCS.MEREDITH.COM
5713573250596864-fe4.pantheonsite.io
5713573250596864-fe4.pantheonsite.io
wpm03.eccmp.com
*.elvis.meredith.com
origin-secure.meredith.com
secure.meredith.com
mywedding.com
origin-dev.secure.meredith.com
secure.meredith.com
admin-dev.meredith.com
mywedding.com
www.meredith.com
meredith.com
dev-theshop.meredith.com
mdp.api.meredith.com
wpm.ccmp.eu
secure.meredith.com
accounts.bhg.com
*.meredith.com
*.meredith.com
*.meredith.com
images.meredith.com
meredith.com
*.meredith.com
wpm03.eccmp.com
images.meredith.com

Certificate

The complete raw certificate details for assets.meredith.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgIQBiiF0UwEg2/T/rbe/UmkEzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA5MjYwMDAwMDBaFw0xOTEwMjYx
MjAwMDBaMB4xHDAaBgNVBAMTE2Fzc2V0cy5tZXJlZGl0aC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/eM9X4bwhiNyM5WiYPpDiDk0O1KUer/E3
InUm6TbAap9ZZqvuCIVyl5Mg3YULGTRxLtfBxmF2rRR9r2rSzRErMoXFxbc5WP+m
R+ofjRV15ruEFyrBIK0wp+cvnzi4SJPOuJsNVbqOG2VLItexcjNwyoYsxhsdiIe7
0P1GO9+DoqSJ+ZZ3jkZVOBp/I+W9iFascyjoExh2Vgqy3gCD/eJ4nFn4x8O5iL8x
Ie/sZnNXpeSexONLMN3QgShgOQ1vSee7X/0HzeLSV5QICXkCVEXwkQUAG3h0D6C+
nZr8i3xL+ecVfgQ9TjgOhM4o2kLXmKM2g29scHJEzlxPFImIA2IBAgMBAAGjggL6
MIIC9jAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU
eLCzQxtWQ3jo4KWqxwfAg77nofAwgZYGA1UdEQSBjjCBi4ITYXNzZXRzLm1lcmVk
aXRoLmNvbYIYaW1hZ2VzLnByb2QubWVyZWRpdGguY29tghgqLnN0YWdpbmcuc2hv
cG5hdGlvbi5jb22CFCoucWExLnNob3BuYXRpb24uY29tghQqLnFhMi5zaG9wbmF0
aW9uLmNvbYIUKi5xYTMuc2hvcG5hdGlvbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipo
dHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcmwwIAYDVR0g
BBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggr
BgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29tMDYGCCsG
AQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5j
cnQwDAYDVR0TAQH/BAIwADCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AKS5CZC0
GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZhdozckAAAQDAEgwRgIhAOOS
bppYDJsKmtN/605Czn1ekoeygtkKFXWErpWtWDauAiEA1Z1YBzkmayWOiBl4oSvz
q+JI6EKxITJek+7/zQNTk1QAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/
XqCDDwAAAWYXaM6zAAAEAwBIMEYCIQCdL1SpBgsaMHSROfvlcyoTZuK9Bi8Sm13G
coSqq+E7NwIhAPn+s7O1HgiMbW2TO787aFoQlnRTc7jAk4OahGl0tS3BMA0GCSqG
SIb3DQEBCwUAA4IBAQAartyLNzJb57Atl6HSuZukkqZM372Vot2bZVNfknRVRvdF
2wGgaHI8DifHqhSK3svTcPkskWlqy+spP/HB+WmaTAciR4ljfDjdi0MslBQRsalS
rpxvLrIjd6nzStoqO8+lVolc6LZcLD0PyjFMYWuP+HDCCJWpZXBHL+rM7LmnsJDw
QbtaKNH1Ai8vTSNC06linR7qj5eH4+ARNs5Kqwnt9+Nwgld4PcfQOdZ0DNO4g11q
JG2flWODd53QEiJ60pzvMclCZPptU5dl50LSQSPvDx6NHKoSo9D9iNxoz80Pyizq
3MnPzojQ/2bP3PKwWBMUlod/FCbH01E7GSknYIN2
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3jPV+G8IYjcjOVomD6Q
4g5NDtSlHq/xNyJ1Juk2wGqfWWar7giFcpeTIN2FCxk0cS7XwcZhdq0Ufa9q0s0R
KzKFxcW3OVj/pkfqH40Vdea7hBcqwSCtMKfnL584uEiTzribDVW6jhtlSyLXsXIz
cMqGLMYbHYiHu9D9Rjvfg6KkifmWd45GVTgafyPlvYhWrHMo6BMYdlYKst4Ag/3i
eJxZ+MfDuYi/MSHv7GZzV6XknsTjSzDd0IEoYDkNb0nnu1/9B83i0leUCAl5AlRF
8JEFABt4dA+gvp2a/It8S/nnFX4EPU44DoTOKNpC15ijNoNvbHByRM5cTxSJiANi
AQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8185773991740456638551384149958698003
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-26 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'assets.meredith.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24171089847665827289382875165357666175613680487744487659153665605695917368470262136302280886403550934406679392342565785103481500187270360356732545156149376842357288076074785246192918133686400348678039638168294261696243071990823426229816413215781962643358634079390801238892786274560099689201181523072159535177573631386270239209787846810527244100058845919898625851813795309688074843094374803747763112651049200923987664335231674519479800690695187201255170238539304763256562578227273801315948557015459557714079365568642013783412119672954877406480690590799464914136403095578289840258923442059018773542795876387677999948289
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							78b0b3431b564378e8e0a5aac707c083bee7a1f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (142 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.meredith.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.prod.meredith.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa1.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa2.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa3.shopnation.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001661768cdc90000040300483046022100e3926e9a580c9b0a9ad37feb4e42ce7d5e9287b282d90a157584ae95ad5836ae022100d59d580739266b258e881978a12bf3abe248e842b121325e93eeffcd035393540077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001661768ceb300000403004830460221009d2f54a9060b1a30749139fbe5732a1366e2bd062f129b5dc67284aaabe13b37022100f9feb3b3b51e088c6d6d933bbf3b685a1096745373b8c093839a846974b52dc1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001aaedc8b37325be7b02d97a1d2b99ba492a64cdfbd95a2dd9b65535f92745546f745db01a068723c0e27c7aa148adecbd370f92c91696acbeb293ff1c1f9699a4c07224789637c38dd8b432c941411b1a952ae9c6f2eb22377a9f34ada2a3bcfa556895ce8b65c2c3d0fca314c616b8ff870c20895a96570472feaccecb9a7b090f041bb5a28d1f5022f2f4d2342d3a9629d1eea8f9787e3e01136ce4aab09edf7e3708257783dc7d039d6740cd3b8835d6a246d9f956383779dd012227ad29cef31c94264fa6d539765e742d24123ef0f1e8d1caa12a3d0fd88dc68cfcd0fca2ceadcc9cfce88d0ff66cfdcf2b058131496877f1426c7d3513b192927608376