greatlakesbeacon.org
Issued by Starfield Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 76:b2:0b:26:b6:4e:cb:db was issued on by Starfield Technologies, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=greatlakesbeacon.org
Starfield Technologies, Inc.
Organization:
Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
Organization unit: http://certs.starfieldtech.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 76:b2:0b:26:b6:4e:cb:dbSerial Number (int): 8552910903225273307
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: 52:6f:f0:59:70:04:d7:e3:9e:7d:2a:d9:30:a9:0b:84:a7:c2:e0:07
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63
Fingerprint (sha1): 62:ff:47:3a:1a:3e:c7:80:33:f5:43:96:b0:f3:be:26:59:9e:4f:5c
Fingerprint (sha256): 51:e6:de:50:ad:ff:df:37:24:fd:a4:56:c5:51:07:d9:c9:f8:5e:34:cf:d5:fd:8d:6e:d8:91:5c:20:a2:2c:d2
Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt
Revocation information
OCSP Server: http://ocsp.starfieldtech.com/CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-713.crl
Check the revocation status for certificate greatlakesbeacon.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for greatlakesbeacon.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
greatlakesbeacon.org
www.greatlakesbeacon.org
www.greatlakesbeacon.org
Other certificates including the domain name greatlakesbeacon.org
(limited to 100 certificates)
greatlakesbeacon.org
webmail.progressmichigan.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
webmail.progressmichigan.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
greatlakesbeacon.org
Certificate
The complete raw certificate details for greatlakesbeacon.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG0jCCBbqgAwIBAgIIdrILJrZOy9swDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNV BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUw IwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypo dHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNV BAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIw HhcNMjQwNTE5MjMyMTE1WhcNMjUwNTE5MjMyMTE1WjAfMR0wGwYDVQQDExRncmVh dGxha2VzYmVhY29uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKAL6Rle5AAX92b1yeC96lp6e3p74QgStHoSXcbWOk8uH2THo+voo5dMse0kYW41 6Ll7kAKeMT4LolqSvB092jA11ad7e2ySwCz24SnHf5SV7b3czlEJEak5Jb+hrF0O vlk67VVzOTlY47AjujRCpsfJeOnjuu2daasDMODWyc0ozLiYn4xjIoNhYJlyymF5 qYwoOr/9DRRIyD4W6IowezyJLBAAEMmFbmQUhviOZIdexYzqt/9chFeq7JKIRO2D LQrXIy4Ypvfi1w2HPBK1XDloaPXXA9KszCtfgoRarzn847I8Z+F94qliFPFU3sZx LoFkLVBumekEoG5yolAZ+RMCAwEAAaOCA2gwggNkMAwGA1UdEwEB/wQCMAAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA9BgNV HR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3NmaWcy czEtNzEzLmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYBBQUH AgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3Np dG9yeS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0 dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDov L2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcy LmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzA5BgNVHREEMjAw ghRncmVhdGxha2VzYmVhY29uLm9yZ4IYd3d3LmdyZWF0bGFrZXNiZWFjb24ub3Jn MB0GA1UdDgQWBBRSb/BZcATX4559KtkwqQuEp8LgBzCCAX8GCisGAQQB1nkCBAIE ggFvBIIBawFpAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGP kyjMrAAABAMARzBFAiEAwcUrBI5d/89RuPYWE4r4fa/EbQ0NzwWtIFW4VhCXsHcC IEerBHJs0d30iApT4xn/COHdq1ZRSEo3YiPfr9G1ygEEAHcAfVkeEuF4KnscYWd8 Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGPkyjNvQAABAMASDBGAiEArUlt0BhhbwFN Id/7lVZjosOF8uK7eVG4B2Rwv3PG3U8CIQDYY3MkNexY/5Vl6JqukkvTEtMAsCXW IyehfbfqOOGe6wB2AMz7D2qFcQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAAB j5MozjgAAAQDAEcwRQIhAPxtvXT/lvy1gVXepXgTGzXxB69gKM6m36s9FUzW3YuP AiA1qPe5clFzY1bfu301KWH4P5Tr738/0j3cfyOv2II4xjANBgkqhkiG9w0BAQsF AAOCAQEAmRIfqcRHS60kX0dd66wUJ5l5tv//+99uN40vsCsKp8Wb4Z+5OR2o7fiF 5HgDv+UNcjGmQRX+NUMZy0Jf761GLkOcXVqyWu1Gaff0SKGj9oKWaOmUHi8s1fxo q2K68qO2XD0WMGijW/z6IhTJ7Gh3rZ8E+IW2Rkx/3Z8dmd6PSEyjdXQPQBZHUSPG meVt8wRY/afkqK1mqJuWaUbOWG0llFlmSzWHpADsSY09bUt93YJd0CKcRsV9Sb0+ clXQcG9RqM4J8TkkFaGbY6VcMYCQH3wyQgtNHTpfOvmelUUdTlT6fSR8be9d+x3h 0GNmhEoLibElhiiWSd9Eug1lKNmDjQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAvpGV7kABf3ZvXJ4L3q Wnp7envhCBK0ehJdxtY6Ty4fZMej6+ijl0yx7SRhbjXouXuQAp4xPguiWpK8HT3a MDXVp3t7bJLALPbhKcd/lJXtvdzOUQkRqTklv6GsXQ6+WTrtVXM5OVjjsCO6NEKm x8l46eO67Z1pqwMw4NbJzSjMuJifjGMig2FgmXLKYXmpjCg6v/0NFEjIPhboijB7 PIksEAAQyYVuZBSG+I5kh17FjOq3/1yEV6rskohE7YMtCtcjLhim9+LXDYc8ErVc OWho9dcD0qzMK1+ChFqvOfzjsjxn4X3iqWIU8VTexnEugWQtUG6Z6QSgbnKiUBn5 EwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8552910903225273307 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-19 23:21:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-19 23:21:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'greatlakesbeacon.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20204002102409092854947672296965514896977267818661755112260756287112785826594716294106285751663203374553025995328065267016359625399529044591767188792308974401619732955137073050146508838364549907424703132997743453657367458151092746707245227262710204875402603276854902892876816651772158468938103633171872763755823433369134542580626685927731804596026112611795809492231916630289088449628058110077771554135989375160958191737065122171604901090952025918785143341082408561746254686508945919798110740703209371047935757296223071862012042665987589808704723431532405637237963247386424580059460732877095164992989046360544772749587 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-713.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greatlakesbeacon.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.greatlakesbeacon.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 526ff0597004d7e39e7d2ad930a90b84a7c2e007 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f9328ccac0000040300473045022100c1c52b048e5dffcf51b8f616138af87dafc46d0d0dcf05ad2055b8561097b077022047ab04726cd1ddf4880a53e319ff08e1ddab5651484a376223dfafd1b5ca01040077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f9328cdbd0000040300483046022100ad496dd018616f014d21dffb955663a2c385f2e2bb7951b8076470bf73c6dd4f022100d863732435ec58ff9565e89aae924bd312d300b025d62327a17db7ea38e19eeb007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f9328ce380000040300473045022100fc6dbd74ff96fcb58155dea578131b35f107af6028cea6dfab3d154cd6dd8b8f022035a8f7b97251736356dfbb7d352961f83f94ebef7f3fd23ddc7f23afd88238c6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0099121fa9c4474bad245f475debac14279979b6fffffbdf6e378d2fb02b0aa7c59be19fb9391da8edf885e47803bfe50d7231a64115fe354319cb425fefad462e439c5d5ab25aed4669f7f448a1a3f6829668e9941e2f2cd5fc68ab62baf2a3b65c3d163068a35bfcfa2214c9ec6877ad9f04f885b6464c7fdd9f1d99de8f484ca375740f4016475123c699e56df30458fda7e4a8ad66a89b966946ce586d259459664b3587a400ec498d3d6d4b7ddd825dd0229c46c57d49bd3e7255d0706f51a8ce09f1392415a19b63a55c3180901f7c32420b4d1d3a5f3af99e95451d4e54fa7d247c6def5dfb1de1d06366844a0b89b12586289649df44ba0d6528d9838d