*.valleyymca.org

Issued by Amazon

About this certificate

This digital certificate with serial number 07:aa:37:e6:3c:5f:2f:20:0f:07:7b:69:f4:10:f6:72 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.valleyymca.org

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:aa:37:e6:3c:5f:2f:20:0f:07:7b:69:f4:10:f6:72
Serial Number (int): 10188420210135082014595366469376210546
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 65:76:4a:98:eb:88:a4:f0:b7:44:cd:14:1e:67:26:99:61:33:26:39
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): e2:47:64:c5:92:f2:d6:b7:bf:e5:47:ab:11:8e:34:04:41:a4:0f:70
Fingerprint (sha256): 4f:af:c5:56:24:ce:4e:4e:87:00:ff:66:8f:92:71:ef:bd:7b:0e:04:c2:cb:79:51:33:fe:dc:c9:91:67:53:26

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.valleyymca.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.valleyymca.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.valleyymca.org

Other certificates including the domain name valleyymca.org

(limited to 100 certificates)
5709436928655360-fe2.pantheonsite.io
5709436928655360-fe2.pantheonsite.io
adfs.valleyymca.org
5709436928655360-fe2.pantheonsite.io
register.valleyymca.org
5709436928655360-fe2.pantheonsite.io
5709436928655360-fe2.pantheonsite.io
securedns4.planmygift.org
fsus-2.freshservice.com
*.valleyymca.org
valleyymca.org
5709436928655360-fe2.pantheonsite.io
help.cei.com
5709436928655360-fe2.pantheonsite.io
valleyymcacares.com
fsus-2.freshservice.com
securedns4.planmygift.org
5709436928655360-fe2.pantheonsite.io
fsus-2.freshservice.com
fsus-2.freshservice.com
5709436928655360-fe2.pantheonsite.io
5709436928655360-fe2.pantheonsite.io
securedns4.planmygift.org
register.valleyymca.org
fsus-2.freshservice.com
fsus-2.freshservice.com
securedns4.planmygift.org
securedns4.planmygift.org
5709436928655360-fe2.pantheonsite.io
help.cei.com
fsus-2.freshservice.com
help.cei.com
5709436928655360-fe2.pantheonsite.io
fsus-2.freshservice.com
5709436928655360-fe2.pantheonsite.io
5709436928655360-fe2.pantheonsite.io
adfs.valleyymca.org
register.valleyymca.org
fsus-2.freshservice.com
ymcaoffers.valleyymca.org
valleyymcacares.org
fsus-2.freshservice.com
securedns4.planmygift.org
register.valleyymca.org
help.cei.com
5709436928655360-fe2.pantheonsite.io
adfs.valleyymca.org
adfs.valleyymca.org
5709436928655360-fe2.pantheonsite.io
register.valleyymca.org
5709436928655360-fe2.pantheonsite.io
valleyymca.org
ymcaoffers.valleyymca.org
fsus-2.freshservice.com
www.azymcas.valleyymca.org
help.cei.com
fsus-2.freshservice.com
5709436928655360-fe2.pantheonsite.io
*.valleyymca.org
fsus-2.freshservice.com
securedns4.planmygift.org
register.valleyymca.org
5709436928655360-fe2.pantheonsite.io
5709436928655360-fe2.pantheonsite.io
5709436928655360-fe2.pantheonsite.io
fsus-2.freshservice.com
securedns4.planmygift.org
fsus-2.freshservice.com
*.valleyymca.org
fsus-2.freshservice.com
fsus-2.freshservice.com
5709436928655360-fe2.pantheonsite.io
securedns4.planmygift.org
fsus-2.freshservice.com
5709436928655360-fe2.pantheonsite.io
fsus-2.freshservice.com
*.valleyymca.org
5709436928655360-fe2.pantheonsite.io
securecounter.com
help.cei.com
fsus-2.freshservice.com
help.cei.com
securecounter.com
fsus-2.freshservice.com
securecounter.com
valleyymca.org
5709436928655360-fe2.pantheonsite.io
fsus-2.freshservice.com
fsus-2.freshservice.com
valleyymcacares.org
help.cei.com
securedns4.planmygift.org
5709436928655360-fe2.pantheonsite.io
help.cei.com
ymcagovernance.org
fsus-2.freshservice.com
help.cei.com
valleyymca.org
securedns4.planmygift.org
5709436928655360-fe2.pantheonsite.io

Certificate

The complete raw certificate details for *.valleyymca.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIQB6o35jxfLyAPB3tp9BD2cjANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjIwMDAwMDBaFw0yMDA4MjIx
MjAwMDBaMBsxGTAXBgNVBAMMECoudmFsbGV5eW1jYS5vcmcwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCpmLJ+qvPZmWBoOZnztpQ2PaPpji2LtDEoEbQZ
Tu0M5YDFcPNS/fmaGOd0dQr9AvaPWkTZrCAPNN4b0iYEPl9Ns8wXho0yMgXye/Nh
48YHxIeGjkv59urapEzsdqqIbpDeOeqD242EJ9vpmF1x/u2KRT0Sy/ZjPv30gzhN
m955CRE/J53RdCzV2KYHjA9HYdWxK7iZ94huC1pfF18roeYVGExN14LtUlJ2dhbd
qt/oKgYRlvPtLenFkxxU/BU8mt4rBH/2KCob7hWp29Rj+o7+hWEEeJPFDRTzLJVt
PVFFHtYBj00kc0biZRmkrT+dmRqXxfY+pGrPYEYMdlCrC2pxAgMBAAGjggJ9MIIC
eTAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUZXZK
mOuIpPC3RM0UHmcmmWEzJjkwGwYDVR0RBBQwEoIQKi52YWxsZXl5bWNhLm9yZzAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG
A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29t
L3NjYTFiLmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYI
KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6
b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9u
dHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBBQYKKwYBBAHWeQIE
AgSB9gSB8wDxAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFs
G1ZAvAAABAMASDBGAiEA8AURzOD3x5D9R5ifYXkMxtRyBzZTX43clFdkwaCjF9YC
IQCcoxuIerYPqSsSZisOLuitGebxeosTizyOnjWYxqHM6wB2AId1v+dZfPiMQ5lf
vfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABbBtWQVsAAAQDAEcwRQIhAK5/Ey0LJODk
0ev1wm1N2O7swa7yvSVdlZTgONImnBkgAiB9UnqzjLTYwMEiksqPSml3V7A+JoPb
VrcBpHQTlHTqbjANBgkqhkiG9w0BAQsFAAOCAQEAEsPVR4hhdLIjEwJPNpS5HCH/
xaYFyna5we+pnyY+aEERF1+yDPBkB79SPJQWK7k1ckorcv4YxTQJ36bjMwMgZYjG
P7gk8RFbnlvF01yPNfpkg3ivxxfQHLyIfRyDDuDY/fLxSiEoR399nQm6wv71eaCK
E1iHB+eEeEgZQ04D6AxWxNW127pLi8E1eBaifyG8o+90At+UUlZxhfDES0fCiCEz
BPmsFOqOyvojtad/wcRpyV6F/wscZ4LhF5OZK/j5ndh83gvNr9ZbndFjCk4GkoxL
zmPqD8WRnxmQQ28trEeXP5KcrEpJ6/XBk/W+Nl5UN6FAFmisuyiZVdgocODrZA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZiyfqrz2ZlgaDmZ87aU
Nj2j6Y4ti7QxKBG0GU7tDOWAxXDzUv35mhjndHUK/QL2j1pE2awgDzTeG9ImBD5f
TbPMF4aNMjIF8nvzYePGB8SHho5L+fbq2qRM7HaqiG6Q3jnqg9uNhCfb6Zhdcf7t
ikU9Esv2Yz799IM4TZveeQkRPyed0XQs1dimB4wPR2HVsSu4mfeIbgtaXxdfK6Hm
FRhMTdeC7VJSdnYW3arf6CoGEZbz7S3pxZMcVPwVPJreKwR/9igqG+4VqdvUY/qO
/oVhBHiTxQ0U8yyVbT1RRR7WAY9NJHNG4mUZpK0/nZkal8X2PqRqz2BGDHZQqwtq
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10188420210135082014595366469376210546
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.valleyymca.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21409571357307962380983092195611844116106699207999743408096019621720601146928336098743841426796234587473824219951340206118570077857549294986150366545045576231188867443410745931792622903900994697221725970174198398401271342599641453878115248687790384850169402833347355314955987472559647707965374312443416239142302226783623328607659968451260813094976800870313435970091289663932953726194413549362688474615339456877390829533655939773600629790326854036148598993012343719430245318617463724412718846367610594755064666937011491035290514933939665738911722264248242689812139325618752917879233782230776647352357131383339387415153
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							65764a98eb88a4f0b744cd141e67269961332639
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.valleyymca.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016c1b5640bc0000040300483046022100f00511cce0f7c790fd47989f61790cc6d4720736535f8ddc945764c1a0a317d60221009ca31b887ab60fa92b12662b0e2ee8ad19e6f17a8b138b3c8e9e3598c6a1cceb0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016c1b56415b0000040300473045022100ae7f132d0b24e0e4d1ebf5c26d4dd8eeecc1aef2bd255d9594e038d2269c192002207d527ab38cb4d8c0c12292ca8f4a697757b03e2683db56b701a474139474ea6e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0012c3d547886174b22313024f3694b91c21ffc5a605ca76b9c1efa99f263e684111175fb20cf06407bf523c94162bb935724a2b72fe18c53409dfa6e33303206588c63fb824f1115b9e5bc5d35c8f35fa648378afc717d01cbc887d1c830ee0d8fdf2f14a2128477f7d9d09bac2fef579a08a13588707e784784819434e03e80c56c4d5b5dbba4b8bc1357816a27f21bca3ef7402df9452567185f0c44b47c288213304f9ac14ea8ecafa23b5a77fc1c469c95e85ff0b1c6782e11793992bf8f99dd87cde0bcdafd65b9dd1630a4e06928c4bce63ea0fc5919f1990436f2dac47973f929cac4a49ebf5c193f5be365e5437a1401668acbb289955d82870e0eb64