*.associatedpress.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 0b:86:ac:a4:16:87:4e:e7:d3:e5:a5:0d:f3:83:ce:93 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.associatedpress.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:86:ac:a4:16:87:4e:e7:d3:e5:a5:0d:f3:83:ce:93
Serial Number (int): 15320777307520469753599151340400135827
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 59:35:71:ac:16:aa:c5:ae:25:6f:3b:0f:02:15:aa:99:25:ef:22:13
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 35:28:35:8e:81:7d:80:05:a6:ee:da:39:85:bb:c8:1d:ef:e4:d4:9c
Fingerprint (sha256): 54:f6:3d:28:f3:a6:30:e7:da:c9:df:58:09:0a:8f:43:71:30:46:59:21:16:cc:0f:14:12:21:31:ab:f6:7a:03

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate *.associatedpress.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.associatedpress.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.associatedpress.com
associatedpress.com

Other certificates including the domain name associatedpress.com

(limited to 100 certificates)
ap.org
epix.ap.org
*.dne.associatedpress.com
salesagency.associatedpress.com
associatedpress.com
kibana.associatedpress.com
transref.associatedpress.com
*.dne.associatedpress.com
ppc.associatedpress.com
igmapi.associatedpress.com
*.associatedpress.com
ap.org
nrmailsvc-use1.associatedpress.com
binaryapi.associatedpress.com
associatedpress.com
nrmailsvc-usw2.associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
*.associatedpress.com
kpapiv.associatedpress.com
fox.associatedpress.com
transref.associatedpress.com
*.associatedpress.com
*.associatedpress.com
apnsapi-use1-2.associatedpress.com
associatedpress.com
votecastint.associatedpress.com
origin-interactive.associatedpress.com
transref.associatedpress.com
newsdesk.associatedpress.com
binaryapi.associatedpress.com
ppcapi.associatedpress.com
fox.associatedpress.com
kibana.associatedpress.com
vcapi.associatedpress.com
interactives.associatedpress.com
*.dne.associatedpress.com
nrcartsvc-use1.associatedpress.com
ppcapiext.associatedpress.com
fox.associatedpress.com
apcbo.associatedpress.com
apcbo.associatedpress.com
nrmailsvc-usw2-2.associatedpress.com
vcapi.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.dne.associatedpress.com
*.dne.associatedpress.com
apnsapi-usw2-2.associatedpress.com
igmapi.associatedpress.com
transref.associatedpress.com
ppcapi.associatedpress.com
newsdesk.associatedpress.com
ppc.associatedpress.com
fox.associatedpress.com
vcapiint.associatedpress.com
kpapiv.associatedpress.com
hiveprod1.associatedpress.com
ppcapiext.associatedpress.com
origin-interactive.associatedpress.com
origin-interactive.associatedpress.com
kibana.associatedpress.com
associatedpress.com
*.associatedpress.com
epix.ap.org
*.associatedpress.com
sharingnetwork.associatedpress.com
*.associatedpress.com
igmapi.associatedpress.com
*.dne.associatedpress.com
ap.org
*.associatedpress.com
*.dne.associatedpress.com
kpapi.associatedpress.com
*.dne.associatedpress.com
ingestwf.associatedpress.com
nrmailsvc-use1-2.associatedpress.com
transref.associatedpress.com
associatedpress.com

Certificate

The complete raw certificate details for *.associatedpress.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgIQC4aspBaHTufT5aUN84POkzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDkwNDAwMDAwMFoXDTI0MTAwMjIzNTk1OVowIDEe
MBwGA1UEAwwVKi5hc3NvY2lhdGVkcHJlc3MuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtwgnvcfuvOMSAC15ucwPZEQC8h0EFbFphMNOydQPRg6n
1QHskWBKwpiKCAd0S0tnKE+TV+uiiMKtsW3iHX669RO8f87kr25IRXjkz7kmV1xG
M2gsyvPQBh9Vogr0hdoe65pZqoBmxGLKq90g9Ju+uRge8qbrXuDGH+vWzn0Tk1RR
yqV2kUSdGpd1mwxF7O45VdQrwkMD1p0/v4Dfp+jbupCoOGgl03LX0AkcJpt9+JKl
7Z+Bfk+gE7KPzvpEiUROVqGPlytGHREB6e3BKwKNDlHMFABn3Cb+WFMavWVaGc2A
kigmSREkE4B22XOcROknu3uYGjip1P6Hlz7J8N6qXQIDAQABo4IDAjCCAv4wHwYD
VR0jBBgwFoAUgbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFFk1cawWqsWu
JW87DwIVqpkl7yITMDUGA1UdEQQuMCyCFSouYXNzb2NpYXRlZHByZXNzLmNvbYIT
YXNzb2NpYXRlZHByZXNzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
cjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNybDATBgNVHSAEDDAKMAgGBmeB
DAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIy
bTAxLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0w
MS5hbWF6b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1UdEwEB/wQCMAAwggF9Bgor
BgEEAdZ5AgQCBIIBbQSCAWkBZwB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI
WUZxH7WbAAABil64P9QAAAQDAEYwRAIgUcVyp2QORTi1ItJO7qA4v+lE8+W8Zm13
8nzriyk0udgCIEQ82FDmXnnvbuiJrqgn/jZ2sEI8BbjWuXFHDSLtP77KAHUASLDj
a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGKXrg+NQAABAMARjBEAiAI
Z4OwFPf2bEuN3l/N+QsGsgxBBBGdPxvdem1X4nLI6gIgMjmlKLiYWdze/pUxrdyO
478Afc5fX2f8bDc1czTShQAAdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0w
SNf7qwAAAYpeuD3dAAAEAwBIMEYCIQCb54uOSKM2uRFJLOsBuqzXrb4b2gH+Gg49
/79iG6OVSAIhAJheFRlrONHH27JQNZGZ7iV0/T2BwowJW9yUg5t/DVTjMA0GCSqG
SIb3DQEBCwUAA4IBAQCXC2YD5OUTXjv/Vixv53bK3FZ/fEJRWiRH1BEEBrS8IStu
yMXGFebzkYmk2uH0R4pX3sEw/x513df8dCOYZJLDFyrwtSd8C85gHmkvSizzpyln
fz+4tCNeeKCFxjEaUc8T9tr8MhzmSMOi6eba943XLiZ79nKRne1E6u63tS7JSXb1
CZLZbVMJLk/nJV/Sx9ooxH52/SxdMcM3u53mwpDnZR/yfwsucy+2OoNxFe3u42HE
78fgyQpj4ni2fYmGwhc6GNAbx+OmcRexGMgqC5hAok92vWVRrRiGyOR28A77zH8r
nmhGj4NGHl+vOqgSGfNFu7YxXFbTD2KIHtZPvMlu
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwgnvcfuvOMSAC15ucwP
ZEQC8h0EFbFphMNOydQPRg6n1QHskWBKwpiKCAd0S0tnKE+TV+uiiMKtsW3iHX66
9RO8f87kr25IRXjkz7kmV1xGM2gsyvPQBh9Vogr0hdoe65pZqoBmxGLKq90g9Ju+
uRge8qbrXuDGH+vWzn0Tk1RRyqV2kUSdGpd1mwxF7O45VdQrwkMD1p0/v4Dfp+jb
upCoOGgl03LX0AkcJpt9+JKl7Z+Bfk+gE7KPzvpEiUROVqGPlytGHREB6e3BKwKN
DlHMFABn3Cb+WFMavWVaGc2AkigmSREkE4B22XOcROknu3uYGjip1P6Hlz7J8N6q
XQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15320777307520469753599151340400135827
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.associatedpress.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23105631307307963085856126637076790331156111495675322895285989720736512757705471263395030637385205253099103760607125533446498868116163733229596030055055883302319111911878031617404385719273138925368779525561374050017286452533491710604071572626757906812079105140770722849256458400437415721802974667289666943107611292186938457388221004840511208307100743556980528564854219908657338782279011834000394844844324761850530710111354654134377083761863945344885562065644952044987001270021853346312000620922539986636210389416487721973314219992724199808549494774225698182296961240191671120645370650042166571353574309753494926436957
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							593571ac16aac5ae256f3b0f0215aa9925ef2213
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.associatedpress.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'associatedpress.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018a5eb83fd40000040300463044022051c572a7640e4538b522d24eeea038bfe944f3e5bc666d77f27ceb8b2934b9d80220443cd850e65e79ef6ee889aea827fe3676b0423c05b8d6b971470d22ed3fbeca00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a5eb83e3500000403004630440220086783b014f7f66c4b8dde5fcdf90b06b20c4104119d3f1bdd7a6d57e272c8ea02203239a528b89859dcdefe9531addc8ee3bf007dce5f5f67fc6c37357334d28500007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a5eb83ddd00000403004830460221009be78b8e48a336b911492ceb01baacd7adbe1bda01fe1a0e3dffbf621ba39548022100985e15196b38d1c7dbb250359199ee2574fd3d81c28c095bdc94839b7f0d54e3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00970b6603e4e5135e3bff562c6fe776cadc567f7c42515a2447d4110406b4bc212b6ec8c5c615e6f39189a4dae1f4478a57dec130ff1e75ddd7fc7423986492c3172af0b5277c0bce601e692f4a2cf3a729677f3fb8b4235e78a085c6311a51cf13f6dafc321ce648c3a2e9e6daf78dd72e267bf672919ded44eaeeb7b52ec94976f50992d96d53092e4fe7255fd2c7da28c47e76fd2c5d31c337bb9de6c290e7651ff27f0b2e732fb63a837115edeee361c4efc7e0c90a63e278b67d8986c2173a18d01bc7e3a67117b118c82a0b9840a24f76bd6551ad1886c8e476f00efbcc7f2b9e68468f83461e5faf3aa81219f345bbb6315c56d30f62881ed64fbcc96e