*.flock.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0f:72:a0:70:1f:56:00:de:cb:be:6b:63:7b:23:85:9d was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.flock.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0f:72:a0:70:1f:56:00:de:cb:be:6b:63:7b:23:85:9d
Serial Number (int): 20533595847435501342890254036164117917
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 5b:ca:63:3f:94:ee:3d:0f:8f:4e:19:ac:78:10:06:ac:18:c2:50:90
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 22:ed:65:43:61:71:4f:e6:96:e7:e2:4f:31:86:90:30:82:87:2b:5a
Fingerprint (sha256): 51:b6:00:69:44:7f:a8:6a:0a:3b:03:9e:dd:a5:8c:04:bf:c5:96:60:ec:72:03:18:ff:b5:fb:42:6e:5b:4f:e9

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.flock.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.flock.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.flock.com
*.flock.co
*.apps.flock.com
*.apps.flock.co

Other certificates including the domain name flock.com

(limited to 100 certificates)
corporatestatus.tyro.com
support.flock.com
support.flock.com
pages.flock.com
webinar.flock.com
corporatestatus.tyro.com
pages.flock.com
enomstatus.com
corporatestatus.tyro.com
ent.flock.com
kb.flock.com
*.internal.flock.com
*.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.com
support.flock.com
*.flock.com
faq.internal.flock.com
webinar.flock.com
blog.flock.com
corporatestatus.tyro.com
*.flock.co
blog.flock.com
corporatestatus.tyro.com
*.ops.flock.com
faq.internal.flock.com
corporatestatus.tyro.com
enomstatus.com
enomstatus.com
corporatestatus.tyro.com
*.flock.co
*.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
webinar.flock.com
api.flock.com
enomstatus.com
ent.flock.com
www.flock.com
bugzilla.flock.com
kb.flock.com
*.flock.com
support.flock.com
monumentstatus.mambu.com
ent.flock.com
blog.flock.com
enomstatus.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
blog.flock.com
www.flock.com
enomstatus.com
staging.mail.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
enomstatus.com
*.i.flock.com
enomstatus.com
support.flock.com
*.flock.co
extensions.flock.com
corporatestatus.tyro.com
*.flock.com
enomstatus.com
vpn.flock.com
my.flock.com
enomstatus.com
corporatestatus.tyro.com
corporatestatus.tyro.com
enomstatus.com
blog.flock.com
update.flock.com
support.flock.com
enomstatus.com
ent.flock.com
corporatestatus.tyro.com
www.flock.com
ent.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.co
*.flock.com
blog.flock.com
*.flock.com
support.flock.com
corporatestatus.tyro.com
support.flock.com
*.flock.com
webinar.flock.com
www.flock.com
pages.flock.com
support.flock.com
*.flock.com

Certificate

The complete raw certificate details for *.flock.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIQD3KgcB9WAN7LvmtjeyOFnTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIzMDAwMDAwMFoXDTI1MDEyNjIzNTk1OVowFjEU
MBIGA1UEAwwLKi5mbG9jay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5Z5urDADOpmjVw2W2bDHDMTTgvQvUVcmHvMPykzmwCwFvDjN0RdyAsR+S
5CaNEqQ3yCJQoG+yzLuV7/wxkygws6Ue3ECHkHPaZTAPR6iAkKaTX9KVBroiSj3+
FOmNd7926Z39PLqkr3AmI6vuRR+Sn+51jO54h7oHaReQXuU1XOYvvWPNKVjXFtZk
nwAouNuhKol91OggAAHgU4A3Zx4nQgr+T0oUME6oZ5dUEK75lNnBBHD7hWzJZBlr
mflD1xVaC2FeOmkwZpgUlL77SISh5hiPUnw6vlX8whF0kiP6bFN73yCEDgjOt2Qv
N+4jNyk6PF2hkKpv/LfSPzcILJQpAgMBAAGjggMTMIIDDzAfBgNVHSMEGDAWgBTA
MVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUW8pjP5TuPQ+PThmseBAGrBjC
UJAwRQYDVR0RBD4wPIILKi5mbG9jay5jb22CCiouZmxvY2suY2+CECouYXBwcy5m
bG9jay5jb22CDyouYXBwcy5mbG9jay5jbzATBgNVHSAEDDAKMAgGBmeBDAECATAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG
A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29t
L3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9v
Y3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2Ny
dC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAw
ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AE51oydcmhDDOFts1N8/Uusd8OCO
G41pwLH6ZLFimjnfAAABjLmsLEAAAAQDAEYwRAIgTQb9sn3OqBLGa42uMxZ3KXHS
nhysXPplK9ju1TRyLnQCIAudZuDIVmZuxcH6Y4g/OS6RpKj2vi9O9BMP9t+mxGH2
AHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGMuawsaQAABAMA
SDBGAiEAq39uAzHkwllukuYFUxBHodwZjmVc6gcUNVsmf+dHk44CIQCKk+MhbgDn
nz9X62ygaRfyl0dw83qw0c2VFgj7Mh9gdQB2AObSMWNAd4zBEEEG13G5zsHSQPaW
hIb7uocyHf0eN45QAAABjLmsLJQAAAQDAEcwRQIgBP7KKPPkHXTOA7xqHQkpuOG3
AP53IJh417RbXDrnFYkCIQCyg9ADrUwO27rFJgZUnanI3w0vWZ0Vb7JeIUOZEqyz
1TANBgkqhkiG9w0BAQsFAAOCAQEAQKJK3H0BXH4iX8/GLUGDCzyeJ6uZDzx5Urd9
/GIC/FVLKQZIL/GXc3RxBbw+DIjFb+UYE8/q3fABnBKCReOdHdtkOyTuLeIgHL24
3i3rioLffV9DVDJOqKMUFQm4VqojiZ7NTMEYTZ6juL0Unualjz3QGvRhFkmdkJwl
I6bb3OJzIm+ytHNyUWuOQZdwqLo9E4cwtJHTCzC0UUh8+1zfMAosUzRsHxoOkcyd
7zvP2jDsSND1Xra+hNe03CiSF++DFWS1hGMFCz89BgQmHcRfeSBsjEg0brZWq7Ai
BXKg7oatvLqXwFyps69ahpPJMvNk0zd7LpFIvECvNzxID6Pz2w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWebqwwAzqZo1cNltmwx
wzE04L0L1FXJh7zD8pM5sAsBbw4zdEXcgLEfkuQmjRKkN8giUKBvssy7le/8MZMo
MLOlHtxAh5Bz2mUwD0eogJCmk1/SlQa6Iko9/hTpjXe/dumd/Ty6pK9wJiOr7kUf
kp/udYzueIe6B2kXkF7lNVzmL71jzSlY1xbWZJ8AKLjboSqJfdToIAAB4FOAN2ce
J0IK/k9KFDBOqGeXVBCu+ZTZwQRw+4VsyWQZa5n5Q9cVWgthXjppMGaYFJS++0iE
oeYYj1J8Or5V/MIRdJIj+mxTe98ghA4IzrdkLzfuIzcpOjxdoZCqb/y30j83CCyU
KQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20533595847435501342890254036164117917
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.flock.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23405177466526303814549090579845657865555315212302685015204975407352950978562733137744778635601542177646451512372411307914148905443184953516786465426617667323745737754665884138636564102886827763252483996193321201154093692527624798787855753495154349434910602542204022303705796265173050583732777926624573203106119758664458568445947623057590180599791650661683892615008636994098332128762380022668741352163286403534962238631626039691060324424858235025541958628882290979308267967820226837860362458052934333672524628321210840502958773297963186525336643153422725153489604780368541539823749157375230357048338176617003369665577
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5bca633f94ee3d0f8f4e19ac781006ac18c25090
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flock.co'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.apps.flock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.apps.flock.co'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cb9ac2c40000004030046304402204d06fdb27dcea812c66b8dae3316772971d29e1cac5cfa652bd8eed534722e7402200b9d66e0c856666ec5c1fa63883f392e91a4a8f6be2f4ef4130ff6dfa6c461f60077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018cb9ac2c690000040300483046022100ab7f6e0331e4c2596e92e605531047a1dc198e655cea0714355b267fe747938e0221008a93e3216e00e79f3f57eb6ca06917f2974770f37ab0d1cd951608fb321f6075007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018cb9ac2c940000040300473045022004feca28f3e41d74ce03bc6a1d0929b8e1b700fe77209878d7b45b5c3ae71589022100b283d003ad4c0edbbac52606549da9c8df0d2f599d156fb25e21439912acb3d5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0040a24adc7d015c7e225fcfc62d41830b3c9e27ab990f3c7952b77dfc6202fc554b2906482ff19773747105bc3e0c88c56fe51813cfeaddf0019c128245e39d1ddb643b24ee2de2201cbdb8de2deb8a82df7d5f4354324ea8a3141509b856aa23899ecd4cc1184d9ea3b8bd149ee6a58f3dd01af46116499d909c2523a6dbdce273226fb2b47372516b8e419770a8ba3d138730b491d30b30b451487cfb5cdf300a2c53346c1f1a0e91cc9def3bcfda30ec48d0f55eb6be84d7b4dc289217ef831564b58463050b3f3d0604261dc45f79206c8c48346eb656abb0220572a0ee86adbcba97c05ca9b3af5a8693c932f364d3377b2e9148bc40af373c480fa3f3db