refugees.kiva.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:71:ff:1d:b8:2d:4f:04:9c:9f:a7:60:bf:91:66:37:a1:42 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=refugees.kiva.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:71:ff:1d:b8:2d:4f:04:9c:9f:a7:60:bf:91:66:37:a1:42Serial Number (int): 300127872708433926644987409734920276779330
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 95:bf:47:a2:a4:d3:55:e5:bf:92:51:36:4b:b0:3f:42:2e:a0:e5:b5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): c3:61:ca:7b:46:5f:70:02:19:a8:1c:73:5a:bd:35:b6:91:dd:86:54
Fingerprint (sha256): 4e:32:33:ab:4f:9d:ce:36:03:6c:aa:90:fa:c4:b2:35:04:a1:14:89:0e:26:1d:24:a6:12:4d:3c:11:4b:da:5c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate refugees.kiva.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for refugees.kiva.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
refugees.kiva.org
Other certificates including the domain name kiva.org
(limited to 100 certificates)
devvm-api.dk1.kiva.org
secure.novica.com
secure.novica.com
*.stage.kiva.org
*.stage.kiva.org
gender.kiva.org
masterbooker.com
lend.kiva.org
groove.ehlinks.com
jespergustafsson.com
secure.novica.com
*.dev.kiva.org
groove.simondata.com
careers.kiva.org
partnerships.kiva.org
sni.cloudflaressl.com
login.kiva.org
www.marlim.co
*.dev.kiva.org
groove.robinpowered.com
*.dev.kiva.org
www.kiva.org
lend.kiva.org
www.gender.kiva.org
sgchuscpje.device.sighub.ch
go.kiva.org
groove.swivl.com
www.gender.kiva.org
groove.lyric.com
partnerships.kiva.org
groove.kiva.org
links.kiva.org
www.starterplus.net
login.kiva.org
groove.ehlinks.com
secure.novica.com
cdn.steviewonder.es
lend.kiva.org
partnerships.kiva.org
groove.jebbit.com
lend.kiva.org
www.refugees.kiva.org
us.kiva.org
groove.jebbit.com
admin-api.k1.kiva.org
go.kiva.org
*.kiva.org
www.kiva.org
groove.adpearance.com
*.stage.kiva.org
*.kiva.org
educathours.com
secure.novica.com
groove.cloudleaf.io
*.kiva.org
secure.novica.com
www.refugees.kiva.org
login.kiva.org
partner-api.k1.kiva.org
novica.com
*.kiva.org
login.kiva.org
www.labs.kiva.org
www.dashboard.geotargetly.com
gender.kiva.org
groove.kiva.org
www.refugees.kiva.org
groove.trustarc.com
novica.com
viska.com
*.kiva.org
sg.travelrank.org
go.kiva.org
secure.novica.com
login.qa.kiva.org
*.qa.kiva.org
branded.grooveapp.com
us.kiva.org
groove.g2.com
groove.uber.com
www.webboot.io
refugees.kiva.org
careers.kiva.org
wordscanner.app
*.kiva.org
*.kiva.org
careers.kiva.org
sdk.sl.kiva.org
*.dev.kiva.org
*.stage.kiva.org
*.kiva.org
us.kiva.org
wordscanner.app
*.dk1.kiva.org
admin-api.dk1.kiva.org
careers.kiva.org
*.dev.kiva.org
*.dev.kiva.org
marketplace-api.k1.kiva.org
bjuttflix.niels.me
secure.novica.com
secure.novica.com
*.stage.kiva.org
*.stage.kiva.org
gender.kiva.org
masterbooker.com
lend.kiva.org
groove.ehlinks.com
jespergustafsson.com
secure.novica.com
*.dev.kiva.org
groove.simondata.com
careers.kiva.org
partnerships.kiva.org
sni.cloudflaressl.com
login.kiva.org
www.marlim.co
*.dev.kiva.org
groove.robinpowered.com
*.dev.kiva.org
www.kiva.org
lend.kiva.org
www.gender.kiva.org
sgchuscpje.device.sighub.ch
go.kiva.org
groove.swivl.com
www.gender.kiva.org
groove.lyric.com
partnerships.kiva.org
groove.kiva.org
links.kiva.org
www.starterplus.net
login.kiva.org
groove.ehlinks.com
secure.novica.com
cdn.steviewonder.es
lend.kiva.org
partnerships.kiva.org
groove.jebbit.com
lend.kiva.org
www.refugees.kiva.org
us.kiva.org
groove.jebbit.com
admin-api.k1.kiva.org
go.kiva.org
*.kiva.org
www.kiva.org
groove.adpearance.com
*.stage.kiva.org
*.kiva.org
educathours.com
secure.novica.com
groove.cloudleaf.io
*.kiva.org
secure.novica.com
www.refugees.kiva.org
login.kiva.org
partner-api.k1.kiva.org
novica.com
*.kiva.org
login.kiva.org
www.labs.kiva.org
www.dashboard.geotargetly.com
gender.kiva.org
groove.kiva.org
www.refugees.kiva.org
groove.trustarc.com
novica.com
viska.com
*.kiva.org
sg.travelrank.org
go.kiva.org
secure.novica.com
login.qa.kiva.org
*.qa.kiva.org
branded.grooveapp.com
us.kiva.org
groove.g2.com
groove.uber.com
www.webboot.io
refugees.kiva.org
careers.kiva.org
wordscanner.app
*.kiva.org
*.kiva.org
careers.kiva.org
sdk.sl.kiva.org
*.dev.kiva.org
*.stage.kiva.org
*.kiva.org
us.kiva.org
wordscanner.app
*.dk1.kiva.org
admin-api.dk1.kiva.org
careers.kiva.org
*.dev.kiva.org
*.dev.kiva.org
marketplace-api.k1.kiva.org
bjuttflix.niels.me
Certificate
The complete raw certificate details for refugees.kiva.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISA3H/HbgtTwScn6dgv5FmN6FCMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMjIxNTQwMjZaFw0y MDAzMjExNTQwMjZaMBwxGjAYBgNVBAMTEXJlZnVnZWVzLmtpdmEub3JnMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugACV8E3e+dvGpuJUZZ4hFnutzM0 IypWzCfEpDFqtZB5bwLrmg5WNUYzI0U2rduFbBkv/zi5wLkWjRNkUbLR2RCP7HKY ZsFE2fOL5uMxJWo2XPuylLLj9kXf1R6Jv34TStfkWK074vOVR6W9p3voP8IMk7p3 2WEETvWnBd3AlaGJvopOFUWyGewb/IIXkYsRV5Iftzt0Bpzv38cTqC7cuHmz9EXp fsJ3YVdm2KsLKFVHvGc1QfYci2Dc0mUJ9vuG5ffoe2f49rZkBfqbcAXIbMCmEp41 hh2LH6gTET0ZlSqrgBuhiZcEtRKqIqoAbXOqD8W0UcFFHrb/7uWZBf/JkQIDAQAB o4ICZjCCAmIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSVv0eipNNV5b+SUTZLsD9C LqDltTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcB AQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlw dC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlw dC5vcmcvMBwGA1UdEQQVMBOCEXJlZnVnZWVzLmtpdmEub3JnMEwGA1UdIARFMEMw CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA8JWk WfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFvLns+OQAABAMARzBFAiEA mOxs4v7Rh1cI5CenX5wiDsTYLS1fbU1H++MqdXwICrACIHOcdsrJav0Wq87j6OLd IznNe4F3YcT2G8dJy80+o0iRAHYAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6 GmnTohwAAAFvLns+XwAABAMARzBFAiEAzTecffEZnk/w0end5HStdN13ychwjjzg /Yz0bCe3mc8CICe0b4Vr5ZGM84Mmyo3n3GanS5aIMrYRGFOJrACrGDLKMA0GCSqG SIb3DQEBCwUAA4IBAQAHHaBJGRm2G9lYMv9iWFCzKzoekdyuZdJmAPE9V4lz/fnL 9v31HS8OjmFGaCt1zdouCgfVomb5lLonjXTVapTyzFMMIUYCDIsPCwD5GSJWMne5 jC65jvWt29Ect2+DJkEKm5hiSOHWaG93KjusiInswYUB1p8xzlfFo//UBjWasysL ZZahamgbZAseXS7b10hQDbCYQ/h3+n91RiacMSA+FFg6da8fCPOLpC7hGIzYjkAG VxLslSjP2YErTm4SW+fgTEEtH9U+Od2FfecudvUoLpriq7MeP7CBsKPWHV8URMvs b2MZ8koHQWzZyckQQBq7s3eF/Wfxhz7YPwS76xkV -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugACV8E3e+dvGpuJUZZ4 hFnutzM0IypWzCfEpDFqtZB5bwLrmg5WNUYzI0U2rduFbBkv/zi5wLkWjRNkUbLR 2RCP7HKYZsFE2fOL5uMxJWo2XPuylLLj9kXf1R6Jv34TStfkWK074vOVR6W9p3vo P8IMk7p32WEETvWnBd3AlaGJvopOFUWyGewb/IIXkYsRV5Iftzt0Bpzv38cTqC7c uHmz9EXpfsJ3YVdm2KsLKFVHvGc1QfYci2Dc0mUJ9vuG5ffoe2f49rZkBfqbcAXI bMCmEp41hh2LH6gTET0ZlSqrgBuhiZcEtRKqIqoAbXOqD8W0UcFFHrb/7uWZBf/J kQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300127872708433926644987409734920276779330 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-22 15:40:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-21 15:40:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'refugees.kiva.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23480329236475163574567183223338701302324913908743974530923080886346628124650302614175216827066109113117724273980098971724103230487365320603442557706919962351393224906640992246018219342361916418412234905146538819835333605217299062221566921873436091714231730434568502573714362870077361662968783693312775565994281435373282749016270120800848701428417442379971369051825167988394159045682811895443559178421315350437056297503713978267967555104313047054787955587094724090647023554279112071998298428482444283514999207684807655930236045702567806837067063888568512111833320420019081680343817220569990270517017356051650961197457 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 95bf47a2a4d355e5bf9251364bb03f422ea0e5b5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'refugees.kiva.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016f2e7b3e39000004030047304502210098ec6ce2fed1875708e427a75f9c220ec4d82d2d5f6d4d47fbe32a757c080ab00220739c76cac96afd16abcee3e8e2dd2339cd7b817761c4f61bc749cbcd3ea3489100760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f2e7b3e5f0000040300473045022100cd379c7df1199e4ff0d1e9dde474ad74dd77c9c8708e3ce0fd8cf46c27b799cf022027b46f856be5918cf38326ca8de7dc66a74b968832b611185389ac00ab1832ca . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00071da0491919b61bd95832ff625850b32b3a1e91dcae65d26600f13d578973fdf9cbf6fdf51d2f0e8e6146682b75cdda2e0a07d5a266f994ba278d74d56a94f2cc530c2146020c8b0f0b00f91922563277b98c2eb98ef5addbd11cb76f8326410a9b986248e1d6686f772a3bac8889ecc18501d69f31ce57c5a3ffd406359ab32b0b6596a16a681b640b1e5d2edbd748500db09843f877fa7f7546269c31203e14583a75af1f08f38ba42ee1188cd88e40065712ec9528cfd9812b4e6e125be7e04c412d1fd53e39dd857de72e76f5282e9ae2abb31e3fb081b0a3d61d5f1444cbec6f6319f24a07416cd9c9c910401abbb37785fd67f1873ed83f04bbeb1915