*.associatedpress.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 0b:86:ac:a4:16:87:4e:e7:d3:e5:a5:0d:f3:83:ce:93 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.associatedpress.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:86:ac:a4:16:87:4e:e7:d3:e5:a5:0d:f3:83:ce:93Serial Number (int): 15320777307520469753599151340400135827
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 59:35:71:ac:16:aa:c5:ae:25:6f:3b:0f:02:15:aa:99:25:ef:22:13
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 35:28:35:8e:81:7d:80:05:a6:ee:da:39:85:bb:c8:1d:ef:e4:d4:9c
Fingerprint (sha256): 54:f6:3d:28:f3:a6:30:e7:da:c9:df:58:09:0a:8f:43:71:30:46:59:21:16:cc:0f:14:12:21:31:ab:f6:7a:03
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate *.associatedpress.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.associatedpress.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.associatedpress.com
associatedpress.com
associatedpress.com
Other certificates including the domain name associatedpress.com
(limited to 100 certificates)
ap.org
epix.ap.org
*.dne.associatedpress.com
salesagency.associatedpress.com
associatedpress.com
kibana.associatedpress.com
transref.associatedpress.com
*.dne.associatedpress.com
ppc.associatedpress.com
igmapi.associatedpress.com
*.associatedpress.com
ap.org
nrmailsvc-use1.associatedpress.com
binaryapi.associatedpress.com
associatedpress.com
nrmailsvc-usw2.associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
*.associatedpress.com
kpapiv.associatedpress.com
fox.associatedpress.com
transref.associatedpress.com
*.associatedpress.com
*.associatedpress.com
apnsapi-use1-2.associatedpress.com
associatedpress.com
votecastint.associatedpress.com
origin-interactive.associatedpress.com
transref.associatedpress.com
newsdesk.associatedpress.com
binaryapi.associatedpress.com
ppcapi.associatedpress.com
fox.associatedpress.com
kibana.associatedpress.com
vcapi.associatedpress.com
interactives.associatedpress.com
*.dne.associatedpress.com
nrcartsvc-use1.associatedpress.com
ppcapiext.associatedpress.com
fox.associatedpress.com
apcbo.associatedpress.com
apcbo.associatedpress.com
nrmailsvc-usw2-2.associatedpress.com
vcapi.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
apnsapi-usw2-2.associatedpress.com
igmapi.associatedpress.com
transref.associatedpress.com
ppcapi.associatedpress.com
newsdesk.associatedpress.com
ppc.associatedpress.com
fox.associatedpress.com
vcapiint.associatedpress.com
kpapiv.associatedpress.com
hiveprod1.associatedpress.com
ppcapiext.associatedpress.com
origin-interactive.associatedpress.com
origin-interactive.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.associatedpress.com
epix.ap.org
*.associatedpress.com
sharingnetwork.associatedpress.com
*.associatedpress.com
igmapi.associatedpress.com
*.dne.associatedpress.com
ap.org
*.associatedpress.com
*.dne.associatedpress.com
kpapi.associatedpress.com
*.dne.associatedpress.com
ingestwf.associatedpress.com
nrmailsvc-use1-2.associatedpress.com
transref.associatedpress.com
associatedpress.com
epix.ap.org
*.dne.associatedpress.com
salesagency.associatedpress.com
associatedpress.com
kibana.associatedpress.com
transref.associatedpress.com
*.dne.associatedpress.com
ppc.associatedpress.com
igmapi.associatedpress.com
*.associatedpress.com
ap.org
nrmailsvc-use1.associatedpress.com
binaryapi.associatedpress.com
associatedpress.com
nrmailsvc-usw2.associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
*.associatedpress.com
kpapiv.associatedpress.com
fox.associatedpress.com
transref.associatedpress.com
*.associatedpress.com
*.associatedpress.com
apnsapi-use1-2.associatedpress.com
associatedpress.com
votecastint.associatedpress.com
origin-interactive.associatedpress.com
transref.associatedpress.com
newsdesk.associatedpress.com
binaryapi.associatedpress.com
ppcapi.associatedpress.com
fox.associatedpress.com
kibana.associatedpress.com
vcapi.associatedpress.com
interactives.associatedpress.com
*.dne.associatedpress.com
nrcartsvc-use1.associatedpress.com
ppcapiext.associatedpress.com
fox.associatedpress.com
apcbo.associatedpress.com
apcbo.associatedpress.com
nrmailsvc-usw2-2.associatedpress.com
vcapi.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
apnsapi-usw2-2.associatedpress.com
igmapi.associatedpress.com
transref.associatedpress.com
ppcapi.associatedpress.com
newsdesk.associatedpress.com
ppc.associatedpress.com
fox.associatedpress.com
vcapiint.associatedpress.com
kpapiv.associatedpress.com
hiveprod1.associatedpress.com
ppcapiext.associatedpress.com
origin-interactive.associatedpress.com
origin-interactive.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.associatedpress.com
epix.ap.org
*.associatedpress.com
sharingnetwork.associatedpress.com
*.associatedpress.com
igmapi.associatedpress.com
*.dne.associatedpress.com
ap.org
*.associatedpress.com
*.dne.associatedpress.com
kpapi.associatedpress.com
*.dne.associatedpress.com
ingestwf.associatedpress.com
nrmailsvc-use1-2.associatedpress.com
transref.associatedpress.com
associatedpress.com
Certificate
The complete raw certificate details for *.associatedpress.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgIQC4aspBaHTufT5aUN84POkzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDkwNDAwMDAwMFoXDTI0MTAwMjIzNTk1OVowIDEe MBwGA1UEAwwVKi5hc3NvY2lhdGVkcHJlc3MuY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAtwgnvcfuvOMSAC15ucwPZEQC8h0EFbFphMNOydQPRg6n 1QHskWBKwpiKCAd0S0tnKE+TV+uiiMKtsW3iHX669RO8f87kr25IRXjkz7kmV1xG M2gsyvPQBh9Vogr0hdoe65pZqoBmxGLKq90g9Ju+uRge8qbrXuDGH+vWzn0Tk1RR yqV2kUSdGpd1mwxF7O45VdQrwkMD1p0/v4Dfp+jbupCoOGgl03LX0AkcJpt9+JKl 7Z+Bfk+gE7KPzvpEiUROVqGPlytGHREB6e3BKwKNDlHMFABn3Cb+WFMavWVaGc2A kigmSREkE4B22XOcROknu3uYGjip1P6Hlz7J8N6qXQIDAQABo4IDAjCCAv4wHwYD VR0jBBgwFoAUgbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFFk1cawWqsWu JW87DwIVqpkl7yITMDUGA1UdEQQuMCyCFSouYXNzb2NpYXRlZHByZXNzLmNvbYIT YXNzb2NpYXRlZHByZXNzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu cjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNybDATBgNVHSAEDDAKMAgGBmeB DAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIy bTAxLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0w MS5hbWF6b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1UdEwEB/wQCMAAwggF9Bgor BgEEAdZ5AgQCBIIBbQSCAWkBZwB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI WUZxH7WbAAABil64P9QAAAQDAEYwRAIgUcVyp2QORTi1ItJO7qA4v+lE8+W8Zm13 8nzriyk0udgCIEQ82FDmXnnvbuiJrqgn/jZ2sEI8BbjWuXFHDSLtP77KAHUASLDj a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGKXrg+NQAABAMARjBEAiAI Z4OwFPf2bEuN3l/N+QsGsgxBBBGdPxvdem1X4nLI6gIgMjmlKLiYWdze/pUxrdyO 478Afc5fX2f8bDc1czTShQAAdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0w SNf7qwAAAYpeuD3dAAAEAwBIMEYCIQCb54uOSKM2uRFJLOsBuqzXrb4b2gH+Gg49 /79iG6OVSAIhAJheFRlrONHH27JQNZGZ7iV0/T2BwowJW9yUg5t/DVTjMA0GCSqG SIb3DQEBCwUAA4IBAQCXC2YD5OUTXjv/Vixv53bK3FZ/fEJRWiRH1BEEBrS8IStu yMXGFebzkYmk2uH0R4pX3sEw/x513df8dCOYZJLDFyrwtSd8C85gHmkvSizzpyln fz+4tCNeeKCFxjEaUc8T9tr8MhzmSMOi6eba943XLiZ79nKRne1E6u63tS7JSXb1 CZLZbVMJLk/nJV/Sx9ooxH52/SxdMcM3u53mwpDnZR/yfwsucy+2OoNxFe3u42HE 78fgyQpj4ni2fYmGwhc6GNAbx+OmcRexGMgqC5hAok92vWVRrRiGyOR28A77zH8r nmhGj4NGHl+vOqgSGfNFu7YxXFbTD2KIHtZPvMlu -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwgnvcfuvOMSAC15ucwP ZEQC8h0EFbFphMNOydQPRg6n1QHskWBKwpiKCAd0S0tnKE+TV+uiiMKtsW3iHX66 9RO8f87kr25IRXjkz7kmV1xGM2gsyvPQBh9Vogr0hdoe65pZqoBmxGLKq90g9Ju+ uRge8qbrXuDGH+vWzn0Tk1RRyqV2kUSdGpd1mwxF7O45VdQrwkMD1p0/v4Dfp+jb upCoOGgl03LX0AkcJpt9+JKl7Z+Bfk+gE7KPzvpEiUROVqGPlytGHREB6e3BKwKN DlHMFABn3Cb+WFMavWVaGc2AkigmSREkE4B22XOcROknu3uYGjip1P6Hlz7J8N6q XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15320777307520469753599151340400135827 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.associatedpress.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23105631307307963085856126637076790331156111495675322895285989720736512757705471263395030637385205253099103760607125533446498868116163733229596030055055883302319111911878031617404385719273138925368779525561374050017286452533491710604071572626757906812079105140770722849256458400437415721802974667289666943107611292186938457388221004840511208307100743556980528564854219908657338782279011834000394844844324761850530710111354654134377083761863945344885562065644952044987001270021853346312000620922539986636210389416487721973314219992724199808549494774225698182296961240191671120645370650042166571353574309753494926436957 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 593571ac16aac5ae256f3b0f0215aa9925ef2213 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.associatedpress.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'associatedpress.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018a5eb83fd40000040300463044022051c572a7640e4538b522d24eeea038bfe944f3e5bc666d77f27ceb8b2934b9d80220443cd850e65e79ef6ee889aea827fe3676b0423c05b8d6b971470d22ed3fbeca00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a5eb83e3500000403004630440220086783b014f7f66c4b8dde5fcdf90b06b20c4104119d3f1bdd7a6d57e272c8ea02203239a528b89859dcdefe9531addc8ee3bf007dce5f5f67fc6c37357334d28500007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a5eb83ddd00000403004830460221009be78b8e48a336b911492ceb01baacd7adbe1bda01fe1a0e3dffbf621ba39548022100985e15196b38d1c7dbb250359199ee2574fd3d81c28c095bdc94839b7f0d54e3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00970b6603e4e5135e3bff562c6fe776cadc567f7c42515a2447d4110406b4bc212b6ec8c5c615e6f39189a4dae1f4478a57dec130ff1e75ddd7fc7423986492c3172af0b5277c0bce601e692f4a2cf3a729677f3fb8b4235e78a085c6311a51cf13f6dafc321ce648c3a2e9e6daf78dd72e267bf672919ded44eaeeb7b52ec94976f50992d96d53092e4fe7255fd2c7da28c47e76fd2c5d31c337bb9de6c290e7651ff27f0b2e732fb63a837115edeee361c4efc7e0c90a63e278b67d8986c2173a18d01bc7e3a67117b118c82a0b9840a24f76bd6551ad1886c8e476f00efbcc7f2b9e68468f83461e5faf3aa81219f345bbb6315c56d30f62881ed64fbcc96e