generation-sara-foundation.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0e:f2:7e:3b:87:7e:b9:53:5a:7a:ed:23:2d:01:1f:ef:9f was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=generation-sara-foundation.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0e:f2:7e:3b:87:7e:b9:53:5a:7a:ed:23:2d:01:1f:ef:9fSerial Number (int): 266423139543955191168896700755373688090527
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d5:5e:21:fd:ae:c9:85:00:c5:e8:1a:27:e0:0c:4f:c6:74:8b:28:ed
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f3:f2:34:5d:dc:d6:52:ce:86:d3:39:e4:a9:1a:fc:b2:50:96:83:52
Fingerprint (sha256): 4e:25:8d:33:f2:d9:ec:5a:5b:ee:f2:c3:ea:0e:07:7c:f1:b2:7c:72:0f:89:cb:0a:1e:1c:53:94:82:9d:07:3b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate generation-sara-foundation.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for generation-sara-foundation.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
generation-sara-foundation.org
www.generation-sara-foundation.org
www.generation-sara-foundation.org
Other certificates including the domain name generation-sara-foundation.org
(limited to 100 certificates)
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
Certificate
The complete raw certificate details for generation-sara-foundation.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGlzCCBX+gAwIBAgISAw7yfjuHfrlTWnrtIy0BH++fMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMTUxMTU1MDNaFw0x OTA2MTMxMTU1MDNaMCkxJzAlBgNVBAMTHmdlbmVyYXRpb24tc2FyYS1mb3VuZGF0 aW9uLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJdI0989j29m CCM60OCDnVzM2C1pZaezYiy6Rr95jfiX0RQmqXeH7+2b6UArzANOISqEPtV8Pzs/ bORFOWYcrXZan/ehpIz0ioHf9LkYXPc58vpB5CbqLOab02Z+4zq5e5kJvwgieyMJ LsfwnxHMuewdprqHBc1C8quAw5ZxeMFdzJF7L0BcjpvGXwT8n8cCqidWQ76uF73E ZrHaytpvp9M+vNF062RwwgTbkMMN6/vjyqrGUBJuLW3AoU0xlsJVOZ3K5J0gxZ13 J3tzY4C12H6T/pdIWCdoLrJkGGaiiCW9/nR0ZBR8XLuuJRbFqcqmjAMeSt3Y28B8 vkSZZLuHHcH7Hqxsf0AAzw0tYDx5MCCR3MoBf9D5lXbu757eWBLsGlVVH7cgYwLM IPjdZ1O0XerzhNd0lmPRmMvGMa9jfBccOBDwq9DX8QbDTzyG5+SM+hQOpXEv9uFB n1qKpytqqnTRENgSU6/Wi2XzX+EQd8rVOCjKnCVwowj6U/vItpnUAIfbKsGbEn/v GtcC4ghZdQNSMw64ViWyCMKSbaQ5bvv4qXedQfbb9aYl9zqSbs5+sAlubh8N7GFp tAElZW7wPlWPsxgEIjidimKhLMWNLKTzluLz1VLLy/F7sqKk+hFJvZntjDQzCwbC CYxaupQryWKDfE5+B2p/svT+9GIpsFSpAgMBAAGjggKWMIICkjAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFNVeIf2uyYUAxegaJ+AMT8Z0iyjtMB8GA1UdIwQYMBaAFKhK amMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYi aHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYj aHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wTQYDVR0RBEYwRIIe Z2VuZXJhdGlvbi1zYXJhLWZvdW5kYXRpb24ub3JngiJ3d3cuZ2VuZXJhdGlvbi1z YXJhLWZvdW5kYXRpb24ub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQB gt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUA4mlLribo6UAJ6IYbtjuD1D7n/nSI +6SPKJMBnd3x2/4AAAFpgWuO/wAABAMARjBEAiB5UnQlj5FfSrxAwrP/j5O010Lq J6XKnvIKpVD3T9NHKQIgCBDpbXOZi1THXqPqveP0gqviwSs6E2m8y8VmhO2S+oYA dgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWmBa5FJAAAEAwBH MEUCIQD/pQmtWP7QdYrsBZeJZ56E88uY6DH2sgNK2tT8odj+HwIgP/EljPeSKdBo jq0b4PmEBhTC1P/ZP1k36DAQHYcwjdgwDQYJKoZIhvcNAQELBQADggEBAA0dcrku xPNnaOLp2QQKS/HruAfTqGZUOmv2Id+DK1zGXaVxQnTQtz7klxQhDgF0tnKT4dqf Uk4V9o6B1UtH1ETbVDhsNAKZSJgfyzM5drKlLRvOkDGI0MJCXeyu+0if2a6NMdrf JgvIdNIw8EJPnif5dBN2BNIGKdgPezoJi1y+CYDg1maKlFCTnm3t2WYWrbxL1PDC pPKqnkhXScymTXDvtCnf5bgQ9/ZFTuhXfQlUmrBAm9wu0JUl4Hd+4bWMPWjnOsjp Wk+OUQIGvfo8Hsi/zzhjvqw825aIr4LyjxE21b/V+bV/TkqRBY/QIowhNkhExUlA K5JFhyltl+0N5OE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAl0jT3z2Pb2YIIzrQ4IOd XMzYLWllp7NiLLpGv3mN+JfRFCapd4fv7ZvpQCvMA04hKoQ+1Xw/Oz9s5EU5Zhyt dlqf96GkjPSKgd/0uRhc9zny+kHkJuos5pvTZn7jOrl7mQm/CCJ7Iwkux/CfEcy5 7B2muocFzULyq4DDlnF4wV3MkXsvQFyOm8ZfBPyfxwKqJ1ZDvq4XvcRmsdrK2m+n 0z680XTrZHDCBNuQww3r++PKqsZQEm4tbcChTTGWwlU5ncrknSDFnXcne3NjgLXY fpP+l0hYJ2gusmQYZqKIJb3+dHRkFHxcu64lFsWpyqaMAx5K3djbwHy+RJlku4cd wfserGx/QADPDS1gPHkwIJHcygF/0PmVdu7vnt5YEuwaVVUftyBjAswg+N1nU7Rd 6vOE13SWY9GYy8Yxr2N8Fxw4EPCr0NfxBsNPPIbn5Iz6FA6lcS/24UGfWoqnK2qq dNEQ2BJTr9aLZfNf4RB3ytU4KMqcJXCjCPpT+8i2mdQAh9sqwZsSf+8a1wLiCFl1 A1IzDrhWJbIIwpJtpDlu+/ipd51B9tv1piX3OpJuzn6wCW5uHw3sYWm0ASVlbvA+ VY+zGAQiOJ2KYqEsxY0spPOW4vPVUsvL8XuyoqT6EUm9me2MNDMLBsIJjFq6lCvJ YoN8Tn4Han+y9P70YimwVKkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266423139543955191168896700755373688090527 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-15 11:55:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-13 11:55:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'generation-sara-foundation.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 617186843289970810578610919268155804132087872994524056032779345270375620990347136807212356599175569589558191319353790976764431794469462370598632361128563863200507387498859017192013658638236583473833188913409524345749875511960761863009206669642073143675672606169971508049916424164777631454576606937978034374081992530232258645733882503247169646401196629915491145789947756320082784810295700264115876976914127961722533833119770499922832916379833301189807260958946960795040417724898196173737268326975480239501012972396450246564608282531319428049820408521223587788439081591888366421413017814495789801745643781269287814154309047848403389475546055318748782366775985805882761599199698029828225352613715015216447311072837872107878719758571192797472529740140484775871079590281559332211664396818833972233489370940712160317811506733754727873859116560038082991217170454629649654943455401410930471847187138727789563700211372470555804051974629323906539818563343689479876262706622390361732503237089810639097842697156620926936325086307322872477487935787119201042745552775481315676541888837633315648790976817484753696097057603021688322137803006860943607201906456136806009089136885313578340858494107035089216804072900052662292239829255690269350064837801 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d55e21fdaec98500c5e81a27e00c4fc6748b28ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'generation-sara-foundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generation-sara-foundation.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000169816b8eff00000403004630440220795274258f915f4abc40c2b3ff8f93b4d742ea27a5ca9ef20aa550f74fd3472902200810e96d73998b54c75ea3eabde3f482abe2c12b3a1369bccbc56684ed92fa86007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000169816b91490000040300473045022100ffa509ad58fed0758aec059789679e84f3cb98e831f6b2034adad4fca1d8fe1f02203ff1258cf79229d0688ead1be0f9840614c2d4ffd93f5937e830101d87308dd8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000d1d72b92ec4f36768e2e9d9040a4bf1ebb807d3a866543a6bf621df832b5cc65da5714274d0b73ee49714210e0174b67293e1da9f524e15f68e81d54b47d444db54386c34029948981fcb333976b2a52d1bce903188d0c2425decaefb489fd9ae8d31dadf260bc874d230f0424f9e27f974137604d20629d80f7b3a098b5cbe0980e0d6668a9450939e6dedd96616adbc4bd4f0c2a4f2aa9e485749cca64d70efb429dfe5b810f7f6454ee8577d09549ab0409bdc2ed09525e0777ee1b58c3d68e73ac8e95a4f8e510206bdfa3c1ec8bfcf3863beac3cdb9688af82f28f1136d5bfd5f9b57f4e4a91058fd0228c21364844c549402b924587296d97ed0de4e1