bridgewater.vt.gov

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:1e:a4:fd:1e:a9:ef:ee:1a:fa:6d:1d:e7:0f:da:99:51:f4 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=bridgewater.vt.gov

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:1e:a4:fd:1e:a9:ef:ee:1a:fa:6d:1d:e7:0f:da:99:51:f4
Serial Number (int): 271764636467258931701873412096521471087092
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: b1:92:31:9f:6f:a3:36:cb:d6:ed:07:0a:c4:27:8f:56:d4:05:e9:69
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 42:b8:12:a5:ad:f4:8a:a2:d1:11:2c:3b:62:4b:59:c8:90:83:87:86
Fingerprint (sha256): 4c:78:b1:4f:6c:05:f7:0b:f8:bd:fa:90:50:b6:73:be:9b:a3:d4:e9:85:af:b1:1d:4a:7d:30:34:16:df:52:e4

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate bridgewater.vt.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bridgewater.vt.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bridgewater.vt.gov

Other certificates including the domain name vt.gov

(limited to 100 certificates)
www.myvtax.vermont.gov
www.poultney.vt.gov
www.vermont.gov
ssl7.revizesites.com
anrmaps.vermont.gov
bridgewater.vt.gov
www.tradoc.army.mil
www.tradoc.army.mil
www.skysoldiers.army.mil
www.skysoldiers.army.mil
www.tradoc.army.mil
www.ahsuploader.vt.gov
rms.vermont.gov
bridgewater.vt.gov
ssl7.revizesites.com
anrmaps.vermont.gov
westfield.vt.gov
www.vermont.gov
anrmaps.vermont.gov
www.bridgewater.vt.gov
vtlottery.com
www.bridgewater.vt.gov
ljfo.vermont.gov
www.poultney.vt.gov
www.tradoc.army.mil
www.skysoldiers.army.mil
ssl7.revizesites.com
www.bridgewater.vt.gov
rupert.vt.gov
ssl7.revizesites.com
psp.education.vt.gov
www.skysoldiers.army.mil
www.skysoldiers.army.mil
www.usaplants.vermont.gov
www.rms.vermont.gov
ssl7.revizesites.com
publicportal.courts.vt.gov
mabdapplytest.vt.gov
www.vermont.gov
uipublic.labor.vermont.gov
www.ahsuploadertest.vt.gov
secure.education.state.vt.us
www.skysoldiers.army.mil
www.vermont.gov
www.vermont.gov
vtjfo.bluehousegroup.com
pawlet.vt.gov
www.ahsuploader.vt.gov
www.tradoc.army.mil
bridgewater.vt.gov
www.myvtax.vermont.gov
www.skysoldiers.army.mil
vtlottery.com
www.vermont.gov
townofcambridgevt.org
vtlottery.com
www.staging.myvtax.vermont.gov
vtlottery.com
vtjfo.bluehousegroup.com
www.tradoc.army.mil
rupert.vt.gov
www.myvtax.vermont.gov
www.poultney.vt.gov
ssl7.revizesites.com
ssl7.revizesites.com
vtjfo.bluehousegroup.com
www.poultney.vt.gov
www.poultney.vt.gov
www.poultney.vt.gov
middletownsprings.vt.gov
vtlottery.com
ljfo.vermont.gov
www.myvtax.vermont.gov
anrmaps.vermont.gov
ssl7.revizesites.com
anrmaps.vermont.gov
www.tradoc.army.mil
anrmaps.vermont.gov
ssl7.revizesites.com
verv.vermont.gov
www.skysoldiers.army.mil
secure.education.state.vt.us
pawlet.vt.gov
rupert.vt.gov
anrmaps.vermont.gov
www.skysoldiers.army.mil
*.pawlet.vt.gov
ljfo.vermont.gov
verv.vermont.gov
www.skysoldiers.army.mil
ssl7.revizesites.com
id-dev.vt.gov
secure.education.state.vt.us
cambridge.vermont.gov
www.poultney.vt.gov
vtlottery.com
www.poultney.vt.gov
ljfo.vermont.gov
www.skysoldiers.army.mil
vtjfo.bluehousegroup.com

Certificate

The complete raw certificate details for bridgewater.vt.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAx6k/R6p7+4a+m0d5w/amVH0MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEwMjIyMDQ1MzlaFw0x
OTAxMjAyMDQ1MzlaMB0xGzAZBgNVBAMTEmJyaWRnZXdhdGVyLnZ0LmdvdjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPR3qZprpYdlquQKF+36Mb7Ruyx7
tHYBVGvznx7MRhZGv1HnMOvF+F+HnOJ3duWeVn3PIgzOOOrqmMDWSYDC/h09rgCL
OKI2h1SjKyj6GCZi2DbixRxDaN1YA5Smfvguh/zLnQIWZB44dUJZO4TO8191DLUB
cEZAeaNAMXsKYeDmdl+SItpg2Svr2F6GKCLgee8MRI3hjoQP2W87aU2L4srzHfXb
ghpASnlEAFw64lJNsE9ZQ7L4toRlShxOiZjG9xoWAEo+47X2yB8frLQmLzMrq5Xi
sSVNqiYdDe6y4WrmwzY3rbnb9w8YkOU61fzhkKFhxj6vvy+9yQgYhkHjJmcCAwEA
AaOCAxowggMWMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsZIxn2+jNsvW7QcKxCeP
VtQF6WkwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH
AQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5
cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5
cHQub3JnLzAdBgNVHREEFjAUghJicmlkZ2V3YXRlci52dC5nb3Ywgf4GA1UdIASB
9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo
dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz
IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg
UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj
YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv
c2l0b3J5LzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AOJpS64m6OlACeiGG7Y7
g9Q+5/50iPukjyiTAZ3d8dv+AAABZp29lD0AAAQDAEgwRgIhAJYnZfsmRMpxNLdc
c81lzhhUXCTZzmZeqz8zmrAmkqqlAiEAhbwmCD1u86WXiFLKWc3mvdnQlIMj4Xts
NZrsoxjlPL0AdQApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWad
vZRSAAAEAwBGMEQCIB20mBQrk1nyNGbQfRFEZQfx6uSE+iTRtmjGK4eA8o2XAiBO
oeuSpc+cbS0pQ+hgXbZy4fbtuc3IcjARtrIQwjLs7TANBgkqhkiG9w0BAQsFAAOC
AQEAlMRZj7HX88Sn4GLmPpJDf3XbHmT66qEkK8KhgfOauQP8rdyzw7bngYGWvB8r
DYPvIGLHJb4GuxJ+ZFcwN5KA3GxW2swugH2i3n0Nr7BlAhw1h4zQEeW7JGCXOOgS
SozWTOT0MnkfVmHLtbdgdcQyhxXH+RK4dJu6jLvXjBRsSZmY+Kuyw56B2g5WDL7O
1PgzzDG0fR4gYqPb0cfYlAyF3DACYs/ejrRleLxajK46eG/JzSGTzxYTRBoM4w7A
/i93eI5lotg1tXWUU2c6go54hlPrICaiKsZN6YXzJSBsRuuzAXW+VRwi+epgeI0Z
arBYhaZVrlAa1w/sBhdsl/KrfQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Hepmmulh2Wq5AoX7fox
vtG7LHu0dgFUa/OfHsxGFka/Uecw68X4X4ec4nd25Z5Wfc8iDM446uqYwNZJgML+
HT2uAIs4ojaHVKMrKPoYJmLYNuLFHENo3VgDlKZ++C6H/MudAhZkHjh1Qlk7hM7z
X3UMtQFwRkB5o0Axewph4OZ2X5Ii2mDZK+vYXoYoIuB57wxEjeGOhA/ZbztpTYvi
yvMd9duCGkBKeUQAXDriUk2wT1lDsvi2hGVKHE6JmMb3GhYASj7jtfbIHx+stCYv
MyurleKxJU2qJh0N7rLhaubDNjetudv3DxiQ5TrV/OGQoWHGPq+/L73JCBiGQeMm
ZwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 271764636467258931701873412096521471087092
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-22 20:45:39 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-20 20:45:39 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bridgewater.vt.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30861154195892027911094580956327425891353732456256663524709829422931534593351704673566900957066571665470315858449217780949102954963482674059404588741942404903747808188536447018029140476192526021947268045367174678312509262305549852523819576465897206789538509092116509372827580008661409777507697498161026629294947735462182495924481232342892838866033460922335096129324408245836863646431991569919527015574499150613483476064836798015105942634419474576635227675730849105165439798478807059097256878763052258787629516949237534903274946475888461966155612848735923212625339773811630263140488281813700346507287407434068727637607
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b192319f6fa336cbd6ed070ac4278f56d405e969
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridgewater.vt.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001669dbd943d0000040300483046022100962765fb2644ca7134b75c73cd65ce18545c24d9ce665eab3f339ab02692aaa502210085bc26083d6ef3a5978852ca59cde6bdd9d0948323e17b6c359aeca318e53cbd007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001669dbd9452000004030046304402201db498142b9359f23466d07d11446507f1eae484fa24d1b668c62b8780f28d9702204ea1eb92a5cf9c6d2d2943e8605db672e1f6edb9cdc8723011b6b210c232eced
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0094c4598fb1d7f3c4a7e062e63e92437f75db1e64faeaa1242bc2a181f39ab903fcaddcb3c3b6e7818196bc1f2b0d83ef2062c725be06bb127e645730379280dc6c56dacc2e807da2de7d0dafb065021c35878cd011e5bb24609738e8124a8cd64ce4f432791f5661cbb5b76075c4328715c7f912b8749bba8cbbd78c146c499998f8abb2c39e81da0e560cbeced4f833cc31b47d1e2062a3dbd1c7d8940c85dc300262cfde8eb46578bc5a8cae3a786fc9cd2193cf1613441a0ce30ec0fe2f77788e65a2d835b5759453673a828e788653eb2026a22ac64de985f325206c46ebb30175be551c22f9ea60788d196ab05885a655ae501ad70fec06176c97f2ab7d