*.verity-hce.stage.va.ggops.com

Issued by Amazon

About this certificate

This digital certificate with serial number 04:ff:58:fa:7a:0d:87:62:4d:f3:e3:d2:52:db:43:30 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.verity-hce.stage.va.ggops.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:ff:58:fa:7a:0d:87:62:4d:f3:e3:d2:52:db:43:30
Serial Number (int): 6642752378925321016704489391241511728
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 00:f1:bf:84:5c:a5:49:4d:4e:72:fb:fd:fb:03:f8:20:b3:85:c2:e5
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 16:5a:31:3b:58:4e:4a:30:b2:1c:cd:49:3e:8c:e9:0a:df:d1:ec:e0
Fingerprint (sha256): 51:3d:f9:ad:37:dc:f1:36:59:0f:d5:e4:c3:88:21:1f:d8:c9:e6:5a:05:a8:25:3f:b2:99:72:9e:a8:ab:8f:dd

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.verity-hce.stage.va.ggops.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.verity-hce.stage.va.ggops.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.verity-hce.stage.va.ggops.com

Other certificates including the domain name ggops.com

(limited to 100 certificates)
*.ops.k8s.ggops.com
*.ambassador.dev.sandbox.ggops.com
*.sports.ggops.com
*.mle.va.sx.ggops.com
*.dev.sandbox.ggops.com
*.dev.sandbox.ggops.com
sports.drone.vi.ggops.com
pritunl.sandbox.ggops.com
*.dev.k8s.sx.ggops.com
*.k8s.dev.sandbox.ggops.com
*.prod.sandbox.ggops.com
*.sandbox.ggops.com
*.ambassador.dev.sandbox.ggops.com
*.dev.k8s.sx.ggops.com
*.verity-api.dev.va.ggops.com
zip-code-service.ops-8604.ggops.com
*.dev.sandbox.ggops.com
*.web-engineering.k8s.ggops.com
demo-manager.dev.va.ggops.com
pritunl.mongodb.va.ggops.com
*.ggops.com
*.config-dashboard-api.dev.va.ggops.com
*.verity-visualizer.dev.va.ggops.com
data-engineering.drone.va.ggops.com
*.k8s.prod.sandbox.ggops.com
*.dev.sandbox.ggops.com
*.k8s.dev.sandbox.ggops.com
*.mle.va.sx.ggops.com
sports-api--dev.sports.ggops.com
pritunl.sandbox.ggops.com
*.video-converter.dev.va.ggops.com
*.cv.k8s.sx.ggops.com
pritunl.va.ggops.com
*.gumgum.com
pritunl.va.ggops.com
*.verity.k8s.sx.ggops.com
pritunl.va.ggops.com
*.k8s.prod.sandbox.ggops.com
pritunl.sandbox.ggops.com
*.sandbox.ggops.com
publisher-manager-lambdas.ggops.com
*.gumgum.com
*.gumgum.com
pritunl.mongodb.va.ggops.com
*.advertising-api-v2.dev.va.ggops.com
*.nlp.k8s.sx.ggops.com
*.sports.ggops.com
*.vi.ggops.com
*.sandbox.ggops.com
pritunl.va.ggops.com
creative.preview.ggops.com
*.gumgum.com
*.ggops.com
*.verity-api.stage.va.ggops.com
pritunl.ca.ggops.com
*.ggops.com
*.gumgum.com
*.gumgum.com
*.drone.sandbox.ggops.com
*.gumgum.com
*.gumgum.com
preview.ggops.com
*.k8s.dev.sandbox.ggops.com
*.ggops.com
*.ad-server.k8s.ggops.com
publisher-manager-lambdas.ggops.com
*.gumgum.com
verity-api-test.ggops.com
*.verity-testing-tool.dev.va.ggops.com
*.gumgum.com
*.gumgum-jwt-auth.dev.va.ggops.com
*.prod.sandbox.ggops.com
pritunl.va.ggops.com
*.k8s.prod.sandbox.ggops.com
*.mle-inference.va.sx.ggops.com
*.drone.sandbox.ggops.com
*.gumgum.com
*.ggops.com
*.web-engineering.k8s.ggops.com
*.va.sx.ggops.com
*.web-engineering.k8s.ggops.com
*.verity.va.sx.ggops.com
*.verity-testing-tool.dev.va.ggops.com
*.dev.k8s.sx.ggops.com
*.dev.sandbox.ggops.com
ggops.com
*.dev.sandbox.ggops.com
*.dev.sandbox.ggops.com
*.verity-api.gumgum.com
*.sandbox.ggops.com
*.gumgum.com
*.gumgum-jwt.dev.va.ggops.com
*.sandbox.ggops.com
*.gumgum.com
*.demo-manager-api.dev.va.ggops.com
*.columbia-wall.dev.va.ggops.com
*.dev.sandbox.ggops.com
data-science.drone.va.ggops.com
*.drone.va.ggops.com
*.verity-hce.stage.va.ggops.com

Certificate

The complete raw certificate details for *.verity-hce.stage.va.ggops.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIElDCCA3ygAwIBAgIQBP9Y+noNh2JN8+PSUttDMDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA5MDQwMDAwMDBaFw0yMDEwMDQx
MjAwMDBaMCoxKDAmBgNVBAMMHyoudmVyaXR5LWhjZS5zdGFnZS52YS5nZ29wcy5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtCvHmO9OYtXwNBsC2
4iD6o9yhrkv2SBJTWQgtKyfcaSztbx1cO03iyCFwWgVblCCTh2IcgatxDWoQ4025
6t4pfTDk1/l2620Zn2siFj2DuWuvBrYsc1A1aqGdP+5/Ul+yWJzZaMEKHtmVOkNW
UJEvgi2xnLtqPQvDAMoSHVdcvtaHtoj1THPARs2HHMfe5Xqn20ARRkGJFPjJ2SZl
hnT8WsOgHwXpMdvLwiWHgfG7N2qH9UPj77d68VtTqSn0H+CRNGnglXOzU6i9IqCy
ygPkw4NEZGVHzJT4Y6VL6FZZ/9NN6nQdB5+fSiwSYn6+FVUYfwRdsrZH8MeUUfbP
QaJlAgMBAAGjggGYMIIBlDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k9
0DAdBgNVHQ4EFgQUAPG/hFylSU1Ocvv9+wP4ILOFwuUwKgYDVR0RBCMwIYIfKi52
ZXJpdHktaGNlLnN0YWdlLnZhLmdnb3BzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAE
GTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsG
AQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYB
BQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNy
dDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC4Qf+uQlmuwb4+ehOrV91isttTwqMwpkBNuOFfoVh09cML+f8jH/V5
vhvPsGzBNuUavSQkq6A/jN4BbMRgtXHs/paAX3BSP8b+QHxWwAegNe7F1guR/RE/
XD26I2UBj5UkTM4QOJHv7OXo7EARMWyHPm1NbI7mbW0aAsv6Lfrwfn3cAfZtCLka
9ETTORVqkFbYxD3KvjMY4nHNvXrbhpenbP1Dug3vXxoyIPSNWSzYN88aYh1E/OD8
T3jOnmbFcv1KWWh88DHfBsnvk5s9woMidr50yqA0hE9B0ORTwGhZjM+unp+NCZFS
ikxpOgQSHQR++nS5jtfOZ3fTTyKPA/ym
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQrx5jvTmLV8DQbAtuIg
+qPcoa5L9kgSU1kILSsn3Gks7W8dXDtN4sghcFoFW5Qgk4diHIGrcQ1qEONNuere
KX0w5Nf5duttGZ9rIhY9g7lrrwa2LHNQNWqhnT/uf1Jfslic2WjBCh7ZlTpDVlCR
L4ItsZy7aj0LwwDKEh1XXL7Wh7aI9UxzwEbNhxzH3uV6p9tAEUZBiRT4ydkmZYZ0
/FrDoB8F6THby8Ilh4Hxuzdqh/VD4++3evFbU6kp9B/gkTRp4JVzs1OovSKgssoD
5MODRGRlR8yU+GOlS+hWWf/TTep0HQefn0osEmJ+vhVVGH8EXbK2R/DHlFH2z0Gi
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6642752378925321016704489391241511728
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-04 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.verity-hce.stage.va.ggops.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21844623900007621008709160477741018286837073788529214012129778081735374915092158337798619638685607161811830192626374875235564973138531888805070697326237220796091129188324434595622382161354468366647038888923565856962684856389796368498380414264880303521998417617313715554934623265266117845341796133715285229914187445388870611302602167844626481955992463095638660884917546370923072657297648678056136411676847000824060009851753533462881381633655134168522713083478112098991289569367818492357584954826403458877818365896248991374398379174882105475268390579531203398335555069338964507278600266393332532475762765971214034903653
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							00f1bf845ca5494d4e72fbfdfb03f820b385c2e5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.verity-hce.stage.va.ggops.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b841ffae4259aec1be3e7a13ab57dd62b2db53c2a330a6404db8e15fa15874f5c30bf9ff231ff579be1bcfb06cc136e51abd2424aba03f8cde016cc460b571ecfe96805f70523fc6fe407c56c007a035eec5d60b91fd113f5c3dba2365018f95244cce103891efece5e8ec4011316c873e6d4d6c8ee66d6d1a02cbfa2dfaf07e7ddc01f66d08b91af444d339156a9056d8c43dcabe3318e271cdbd7adb8697a76cfd43ba0def5f1a3220f48d592cd837cf1a621d44fce0fc4f78ce9e66c572fd4a59687cf031df06c9ef939b3dc2832276be74caa034844f41d0e453c068598ccfae9e9f8d0991528a4c693a04121d047efa74b98ed7ce6777d34f228f03fca6