www.vleo.net
- Andrea Leofreddi -
Issued by StartCom Class 2 IV Server CA
About this certificate
This digital certificate with serial number 11:48:f0:e3:59:9f:ce:a2:70:94:a6:f5:8e:f3:6c:ae was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Andrea Leofreddi
Organization:
Andrea Leofreddi
State / Province:
Roma
Locality: Ponzano Romano
Country: IT
Locality: Ponzano Romano
Country: IT
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 11:48:f0:e3:59:9f:ce:a2:70:94:a6:f5:8e:f3:6c:aeSerial Number (int): 22975607092993205450924037480796875950
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: b0:01:ce:2f:32:28:77:35:cf:d7:35:c4:30:7a:a9:9f:ff:56:ea:70
AuthorityKeyId: 94:de:85:41:2a:a5:d9:45:f6:60:2c:2e:4c:93:09:a6:2c:23:7e:3e
Fingerprint (sha1): 31:b5:6a:44:52:a8:d8:62:1b:dc:fa:85:d4:6b:0b:7a:ea:c7:72:e3
Fingerprint (sha256): 4f:95:15:26:04:28:dd:1d:a3:f6:fa:5a:c0:93:79:95:57:5e:49:0e:33:e8:e7:4e:60:6b:6e:5c:29:33:d1:ef
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server2.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server2.crl
Check the revocation status for certificate www.vleo.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.vleo.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.vleo.net
vleo.net
vleo.net
Other certificates including the domain name vleo.net
(limited to 100 certificates)
test2.gcp.vleo.net
status.vleo.net
repo.vleo.net
*.vleo.net
*.intra.vleo.net
test1.gcp.vleo.net
www.vleo.net
status.tbft.org.uk
*.vleo.net
status.hotel-spider.com
*.vleo.net
*.vleo.net
ldap.intra.vleo.net
status.premierforestgroup.com
irc.vleo.net
ldap.intra.vleo.net
timel.vleo.net
*.vleo.net
mail.vleo.net
status.vleo.net
repo.vleo.net
*.vleo.net
*.intra.vleo.net
test1.gcp.vleo.net
www.vleo.net
status.tbft.org.uk
*.vleo.net
status.hotel-spider.com
*.vleo.net
*.vleo.net
ldap.intra.vleo.net
status.premierforestgroup.com
irc.vleo.net
ldap.intra.vleo.net
timel.vleo.net
*.vleo.net
mail.vleo.net
Certificate
The complete raw certificate details for www.vleo.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgIQEUjw41mfzqJwlKb1jvNsrjANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDIgSVYgU2VydmVyIENBMB4XDTE2MDIyNzA5MzAwOVoXDTE4MDIy ODA5MzAwOVowZzELMAkGA1UEBhMCSVQxDTALBgNVBAgMBFJvbWExFzAVBgNVBAcM DlBvbnphbm8gUm9tYW5vMRkwFwYDVQQKDBBBbmRyZWEgTGVvZnJlZGRpMRUwEwYD VQQDDAx3d3cudmxlby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCumbVQgHgZ1XH5Ty16W7A5magYxF/ut95vqHOeSkybOxP/wdkMTkwZMMTYmW7c WoszQQRv43enpXTBSha0ZFjd7AVadlaNdS31QYHYrFUfNEqFswcA8FW3xIkqWpy2 H1ZjTHSAVGMMle9tWhXwEgVGO2A8VGs95BOCqz1zrzZ3SEEnwlAkLEHucyynfuTD iIroXGf9DB6wjtw45cxeYFplywVlca5Hx2Vx0imscVI6PYqOlg4SxwkxiVYSix9i qJPsYfaRRRN19yruh6oL4eRdcUphekCtjOvhtn5zYeju+ZeIWO+Bp49jNZ80XudR /KNuH2PX/TfXG5yMG8JiUvbTAgMBAAGjggHDMIIBvzAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMAkGA1UdEwQCMAAwHQYDVR0O BBYEFLABzi8yKHc1z9c1xDB6qZ//VupwMB8GA1UdIwQYMBaAFJTehUEqpdlF9mAs LkyTCaYsI34+MG8GCCsGAQUFBwEBBGMwYTAkBggrBgEFBQcwAYYYaHR0cDovL29j c3Auc3RhcnRzc2wuY29tMDkGCCsGAQUFBzAChi1odHRwOi8vYWlhLnN0YXJ0c3Ns LmNvbS9jZXJ0cy9zY2Euc2VydmVyMi5jcnQwOAYDVR0fBDEwLzAtoCugKYYnaHR0 cDovL2NybC5zdGFydHNzbC5jb20vc2NhLXNlcnZlcjIuY3JsMCEGA1UdEQQaMBiC DHd3dy52bGVvLm5ldIIIdmxlby5uZXQwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5z dGFydHNzbC5jb20vMFAGA1UdIARJMEcwCAYGZ4EMAQIDMDsGCysGAQQBgbU3AQIE MCwwKgYIKwYBBQUHAgEWHmh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeTAN BgkqhkiG9w0BAQsFAAOCAQEAJZf4CABqK36wYLKDxX5JFY1fK1Hs+/H/3SAcKwAE L7bXVgIoQgg4oU4gyh3KyVEcDbFME/XUb4aMAOvH4llj9n66YfTwx+BCBeDSybAM nuohJSJ1LzVThRe0gTLqr8NLkhZqDvIbv/W59s+vSK7kT1f8+CJW0SDoudhOrJ86 m+MFVLJ0e9O133wTtrXhEBDRf9Qjq9dJyyPgUVi/bAgFOQEE0u/24AyiqnMJSxAA l5lUPp7qZVmnGG2mWh3jZb0C5Uxi1Fg58U8sIZKe3Iz61I1v47k36rxSVCEqowai +mTWOdlRLQB0D8S5HGYYpJgtLcCW0JcoUs1BLKyVpqKALg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpm1UIB4GdVx+U8teluw OZmoGMRf7rfeb6hznkpMmzsT/8HZDE5MGTDE2Jlu3FqLM0EEb+N3p6V0wUoWtGRY 3ewFWnZWjXUt9UGB2KxVHzRKhbMHAPBVt8SJKlqcth9WY0x0gFRjDJXvbVoV8BIF RjtgPFRrPeQTgqs9c682d0hBJ8JQJCxB7nMsp37kw4iK6Fxn/QwesI7cOOXMXmBa ZcsFZXGuR8dlcdIprHFSOj2KjpYOEscJMYlWEosfYqiT7GH2kUUTdfcq7oeqC+Hk XXFKYXpArYzr4bZ+c2Ho7vmXiFjvgaePYzWfNF7nUfyjbh9j1/031xucjBvCYlL2 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 22975607092993205450924037480796875950 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 IV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-02-27 09:30:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-28 09:30:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Roma' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponzano Romano' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Andrea Leofreddi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.vleo.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22041261431877443347774151814642229347509094720689363906059099493686785756298656185402339819165334012358556043272945938751854593907024352304776823888155792058062394363518880241928799345995354797097459736124780930928510949221756983574823841491732620783195070127448215922871851719857229229285673512662424778718108599035679958946600690163428324744315861111778052793281529068261766098851004018903241381490403117447986869412114195233405029434231541122712504700950837058158667421471243586827748980776219167265178494477060700869402870851836606793326334711252076819704339023841543650135077731674168452146722060140091909797587 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b001ce2f32287735cfd735c4307aa99fff56ea70 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 94de85412aa5d945f6602c2e4c9309a62c237e3e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vleo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vleo.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002597f808006a2b7eb060b283c57e49158d5f2b51ecfbf1ffdd201c2b00042fb6d7560228420838a14e20ca1dcac9511c0db14c13f5d46f868c00ebc7e25963f67eba61f4f0c7e04205e0d2c9b00c9eea212522752f35538517b48132eaafc34b92166a0ef21bbff5b9f6cfaf48aee44f57fcf82256d120e8b9d84eac9f3a9be30554b2747bd3b5df7c13b6b5e11010d17fd423abd749cb23e05158bf6c0805390104d2eff6e00ca2aa73094b10009799543e9eea6559a7186da65a1de365bd02e54c62d45839f14f2c21929edc8cfad48d6fe3b937eabc5254212aa306a2fa64d639d9512d00740fc4b91c6618a4982d2dc096d0972852cd412cac95a6a2802e