test.rails-management.daznservices.com

Issued by Amazon

About this certificate

This digital certificate with serial number 03:91:b4:f0:64:16:87:0e:81:c9:5c:60:0c:77:c6:f1 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=test.rails-management.daznservices.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:91:b4:f0:64:16:87:0e:81:c9:5c:60:0c:77:c6:f1
Serial Number (int): 4744236911305693486213416921524061937
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 8f:94:fe:f4:85:09:54:1e:2d:cc:c3:dc:65:54:2d:cd:cb:c1:9a:59
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): e2:fd:cc:73:cf:3b:91:41:de:af:c8:b3:ee:df:fb:f1:15:e4:ec:69
Fingerprint (sha256): 54:a7:04:0b:4f:7f:e1:07:f7:69:5c:fb:9a:11:59:c6:a9:65:31:6c:ae:bb:0e:52:08:e3:63:95:84:91:a0:03

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate test.rails-management.daznservices.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for test.rails-management.daznservices.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

test.rails-management.daznservices.com
*.test.rails-management.daznservices.com

Other certificates including the domain name daznservices.com

(limited to 100 certificates)
san15.performgroup.com
rails-management.daznservices.com
san17.performgroup.com
*.daznservices.com
ra.daznservices.com
san15.performgroup.com
stage.rails-management.daznservices.com
san18.performgroup.com
san18.performgroup.com
stage.rails-management.daznservices.com
san1.daznservices.com
san2.daznservices.com
san1.daznservices.com
san17.performgroup.com
san17.performgroup.com
san18.performgroup.com
stage.rails-management.daznservices.com
san15.performgroup.com
rails-management.daznservices.com
san1.daznservices.com
san1.daznservices.com
*.stage.daznservices.com
san18.performgroup.com
san2.daznservices.com
dev.rails-management.daznservices.com
san1.daznservices.com
san15.performgroup.com
san15.performgroup.com
san2.daznservices.com
san15.performgroup.com
san18.performgroup.com
san1.daznservices.com
san2.daznservices.com
san18.performgroup.com
san2.daznservices.com
san15.performgroup.com
san18.performgroup.com
san1.daznservices.com
san1.daznservices.com
san18.performgroup.com
san2.daznservices.com
san15.performgroup.com
san1.daznservices.com
san1.daznservices.com
dev.rails-management.daznservices.com
san1.daznservices.com
*.performgroup.com
san15.performgroup.com
san2.daznservices.com
san2.daznservices.com
san15.performgroup.com
ra.daznservices.com
san1.daznservices.com
san1.daznservices.com
san15.performgroup.com
san2.daznservices.com
san17.performgroup.com
san1.daznservices.com
san1.daznservices.com
san17.performgroup.com
test.rails-management.daznservices.com
ra.daznservices.com
*.dc1.daznservices.com
san2.daznservices.com
san1.daznservices.com
test.rails-management.daznservices.com
san1.daznservices.com
san1.daznservices.com
san17.performgroup.com
san2.daznservices.com
san1.daznservices.com
san1.daznservices.com
san15.performgroup.com
*.daznservices.com
san18.performgroup.com
san18.performgroup.com
san2.daznservices.com
san15.performgroup.com
ra.daznservices.com
*.dev.daznservices.com
san15.performgroup.com
ra.daznservices.com
san15.performgroup.com
san18.performgroup.com
san15.performgroup.com
san2.daznservices.com
dev.rails-management.daznservices.com
san15.performgroup.com
san15.performgroup.com
san18.performgroup.com
san15.performgroup.com
san2.daznservices.com
san17.performgroup.com
san17.performgroup.com
san18.performgroup.com
san1.daznservices.com
san1.daznservices.com
*.performgroup.com
san1.daznservices.com
test.rails-management.daznservices.com

Certificate

The complete raw certificate details for test.rails-management.daznservices.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIQA5G08GQWhw6ByVxgDHfG8TANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAzMTEwMDAwMDBaFw0yMTA0MTEx
MjAwMDBaMDExLzAtBgNVBAMTJnRlc3QucmFpbHMtbWFuYWdlbWVudC5kYXpuc2Vy
dmljZXMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeS4qGIU
dpmS4rC6BGylaoU/fbwo0x8L/zV/S/KDXbohlJN6np4CAJ5zvWSGfzV9bSTgRw70
0O2brHY2/ymkO0iMVt0FOhTog8W0OGYvjuqx6pK/kJ5nuJVHYVlonVbNtT5kkCyT
ZOT2exEhYFZgcrmRHk3OqEL5YDJ84QWoREO/14q6IRvgIlHNw8hzYsLFS0fJQ9gK
A7vyPDRQKWmgl87GXJ+EQ0yQlvx90gK67SP3xQHTfpzNEy4nA4PVJ+xdbgKt20Ej
4hI7E+ypHpd7TtjRvEf285L5TrpZ1gm2EVjHZaLGx5che3T6arbw+7xY/vYIYb+v
msLeSb023AZ7nwIDAQABo4ICuzCCArcwHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOU
ByeWdFv5PdAwHQYDVR0OBBYEFI+U/vSFCVQeLczD3GVULc3LwZpZMFsGA1UdEQRU
MFKCJnRlc3QucmFpbHMtbWFuYWdlbWVudC5kYXpuc2VydmljZXMuY29tgigqLnRl
c3QucmFpbHMtbWFuYWdlbWVudC5kYXpuc2VydmljZXMuY29tMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAw
oC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3Js
MCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRp
MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNv
bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20v
c2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8A
dQC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAXDKauPVAAAEAwBG
MEQCIDDyuHQSSU9CfOMJnm7R9cCkwGq70WC9ccAklZq4qX68AiAhbAYGGPKFi9GS
7o4Ye7FmDC7Z8O2FsfoFfkXhXPN//QB2AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yh
c5SyXub2xw7KAAABcMpq5AUAAAQDAEcwRQIgAtnkxd5L1AzdrJXVz7M4ixwOHAtq
YOvmdXUA5VC8qckCIQCov5GoGFGxtlCX+7keGqU9OptjGxu8JO1a69v9WPG9AjAN
BgkqhkiG9w0BAQsFAAOCAQEAj7cRzxAVvX9WucmVJGwnEWdzQoWbzxYzaC0EZwlj
dPDM212E5qNyvZck9arnEL9p4zb9R1pFVLDmw+YwRHHsfc+/RXHgeEZqhkzVNXxO
YlSa0FD6klCnl0rxxoWWuGuYQqf6AXRsN6Bi8lcQCT9IcTcgY33w77O0vT528Ce7
RsXHOV4S728WNaOmk+hk9IJqsE2e+pN4ZqNO6dLkiJBUKU7z5ngwsVl74EKURKXS
0laapGyMEkchEMG5Me9B0+XIi1kc3pQTzW/fCu2vYrTUnok86seUEFTeC9MmLzcU
cwV7aKoUED/XDklkspfJLHALcKCL7yXaguZYQyGqhnG6Hg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeS4qGIUdpmS4rC6BGyl
aoU/fbwo0x8L/zV/S/KDXbohlJN6np4CAJ5zvWSGfzV9bSTgRw700O2brHY2/ymk
O0iMVt0FOhTog8W0OGYvjuqx6pK/kJ5nuJVHYVlonVbNtT5kkCyTZOT2exEhYFZg
crmRHk3OqEL5YDJ84QWoREO/14q6IRvgIlHNw8hzYsLFS0fJQ9gKA7vyPDRQKWmg
l87GXJ+EQ0yQlvx90gK67SP3xQHTfpzNEy4nA4PVJ+xdbgKt20Ej4hI7E+ypHpd7
TtjRvEf285L5TrpZ1gm2EVjHZaLGx5che3T6arbw+7xY/vYIYb+vmsLeSb023AZ7
nwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4744236911305693486213416921524061937
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-11 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test.rails-management.daznservices.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25991639204217343362957970521440771225864673299642448808294898494539513036070136093131124712592728200355174378183841713006774361120470954116223029002213228346585096881665753805477880045748706544400862233239224375346116577643697249539604155209612252480052846692869887578945756281397020104557426578646919615284599656222565694728753534818895510866773475271237494269462496641137485735702524439110510004965951549524518679114178474592049073622760781714813281896262067245340464611483841383311303201580516667243184198796063833750286189158460964629644303678151789993844864070154323493111894531332700560654715460007833857588127
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8f94fef48509541e2dccc3dc65542dcdcbc19a59
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.rails-management.daznservices.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.test.rails-management.daznservices.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000170ca6ae3d50000040300463044022030f2b87412494f427ce3099e6ed1f5c0a4c06abbd160bd71c024959ab8a97ebc0220216c060618f2858bd192ee8e187bb1660c2ed9f0ed85b1fa057e45e15cf37ffd0076005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca00000170ca6ae4050000040300473045022002d9e4c5de4bd40cddac95d5cfb3388b1c0e1c0b6a60ebe6757500e550bca9c9022100a8bf91a81851b1b65097fbb91e1aa53d3a9b631b1bbc24ed5aebdbfd58f1bd02
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008fb711cf1015bd7f56b9c995246c2711677342859bcf1633682d0467096374f0ccdb5d84e6a372bd9724f5aae710bf69e336fd475a4554b0e6c3e6304471ec7dcfbf4571e078466a864cd5357c4e62549ad050fa9250a7974af1c68596b86b9842a7fa01746c37a062f25710093f48713720637df0efb3b4bd3e76f027bb46c5c7395e12ef6f1635a3a693e864f4826ab04d9efa937866a34ee9d2e4889054294ef3e67830b1597be0429444a5d2d2569aa46c8c12472110c1b931ef41d3e5c88b591cde9413cd6fdf0aedaf62b4d49e893ceac7941054de0bd3262f371473057b68aa14103fd70e4964b297c92c700b70a08bef25da82e6584321aa8671ba1e