woodmagazine.com

Issued by Amazon

About this certificate

This digital certificate with serial number 03:fd:ff:c0:91:22:a9:83:8b:73:29:fe:45:5e:e0:68 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=woodmagazine.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:fd:ff:c0:91:22:a9:83:8b:73:29:fe:45:5e:e0:68
Serial Number (int): 5306522363737423331909993610331742312
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 18:9f:ed:d6:bb:74:d9:0f:6e:3d:81:74:a8:2d:25:cf:83:8f:d1:5b
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): fd:e3:ad:e2:7c:41:d5:81:a5:36:ba:2f:72:a8:fa:64:69:8d:89:5b
Fingerprint (sha256): 56:3e:b1:f8:3e:7a:7b:5c:3c:2f:b1:05:03:3e:93:7c:65:6c:58:b3:50:47:37:4b:fb:d3:25:42:49:0e:0f:4c

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate woodmagazine.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for woodmagazine.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

woodmagazine.com
*.woodmagazine.com

Other certificates including the domain name woodmagazine.com

(limited to 100 certificates)
payments.meredith.com
qa4.ugc.marthastewart.com
woodmagazine.com
*.secure.meredith.com
secure.meredith.com
my.meredith.com
sli.dailypaws.com
sli.dailypaws.com
a-ue1.mydomaine.com
payments.meredith.com
qa4.ugc.marthastewart.com
specialoffers.meredith.com
sli.dailypaws.com
*.agriculture.com
dev.secure.meredith.com
sli.dailypaws.com
secure.meredith.com
mywedding.com
secure.meredith.com
mywedding.com
qa2.ugc.marthastewart.com
a-uw2.mydomaine.com
mdp.api.meredith.com
woodmagazine.com
secure.meredith.com
a-ue1.mydomaine.com
qa4.ugc.marthastewart.com
ugc.marthastewart.com
secure.meredith.com
socialize.woodmagazine.com
test.payments.meredith.com
secure.meredith.com
sli.dailypaws.com
a-ue1.mydomaine.com
qa3.ugc.marthastewart.com
ugc.marthastewart.com
sli.dailypaws.com
test.secure.meredith.com
qa3.ugc.marthastewart.com
links.allrecipes.com
sli.dailypaws.com
agriculture.com
cr-iframe.magazine.store
*.woodmagazine.com
secure.meredith.com
payments.meredith.com
*.secure.meredith.com
secure.meredith.com
qa3.ugc.marthastewart.com
www.agriculture.com
cr-iframe.magazine.store
agriculture.com
api.meredith.com
payments.meredith.com
ugc.marthastewart.com
qa2.ugc.marthastewart.com
*.secure.meredith.com
secure.meredith.com
ugc.marthastewart.com
my.meredith.com
test.payments.meredith.com
qa3.ugc.marthastewart.com
sli.dailypaws.com
my.woodmagazine.com
secure.meredith.com
sli.dailypaws.com
qa3.ugc.marthastewart.com
sli.dailypaws.com
cr-iframe.magazine.store
secure.meredith.com
mywedding.com
woodmagazine.com
secure.woodmagazine.com
*.agriculture.com
sli.dailypaws.com
qa2.ugc.marthastewart.com
qa2.ugc.marthastewart.com
woodmagazine.com
*.secure.meredith.com
my.woodmagazine.com
sli.dailypaws.com
ugc.marthastewart.com
a-ue1.shape.com
origin-cr-iframe.magazine.store
woodmagazine.com
a-ue1.mydomaine.com
qa3.ugc.marthastewart.com
secure.meredith.com
qa3.ugc.marthastewart.com
*.health.com
woodmagazine.com
qa2.ugc.marthastewart.com
qa4.ugc.marthastewart.com
secure.woodmagazine.com
my.meredith.com
*.secure.meredith.com
*.secure.meredith.com
secure.meredith.com
a-ue1.shape.com
dev.secure.meredith.com

Certificate

The complete raw certificate details for woodmagazine.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIQA/3/wJEiqYOLcyn+RV7gaDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA1MTAwMDAwMDBaFw0yMDA2MTAx
MjAwMDBaMBsxGTAXBgNVBAMTEHdvb2RtYWdhemluZS5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDTbZWxobVkD4lBHMncs1ZVz1swjAi0W5kuH9j0
E4ODg5rTtsfImne62yd29utc0WavaCjiQpSoxnPsir+hu9xkCUX6j/xvnnVooF8i
jcmqR2UAiXfAn/hclouFY/bGI6SRaTFaNXP5QY6Cufcfb9V3y7e52S/gLI5dMV8U
6hbdUqhuyVyNOObTRTZs3n3b0HRt1LwPjHdfv3MIToDPkd6zddUIRmAdI3Y7KCWJ
wHi2+zIjx3wBiC7KX7/8HpdD3l0OqnbliHS3UhfuYU0raPgQzaHD6uy4HqFHxVQ4
NPEQJpbf7AI4LLyz13xqS7yu2r3sQTbPN0JL1OHmaVzshaoVAgMBAAGjggKQMIIC
jDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUGJ/t
1rt02Q9uPYF0qC0lz4OP0VswLwYDVR0RBCgwJoIQd29vZG1hZ2F6aW5lLmNvbYIS
Ki53b29kbWFnYXppbmUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5z
Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZI
AYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0
dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0
cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB
/wQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDuS723dc5guuFCaR+r4Z5m
ow9+X7By2IMAxHuJeqj9ywAAAWqiDBS2AAAEAwBHMEUCIQCtBnYws9K+/SxSbQG7
krOQD/dGLiYAFuWgDabCMmtPXwIgc0wXRDI+Z/vMUpGazC/gArjIbPfT85DJA+xw
cwLqjWYAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWqiDBXU
AAAEAwBHMEUCIGzR9asc0VNmEDHj5K0o+a+2Vg0RycPiYrm2HMWGe5oNAiEA337P
yQYF771IfhedoG3aHcfC/VZTl+SLxKox0fw5/+wwDQYJKoZIhvcNAQELBQADggEB
AGcIEnsITDJu5l+bMyfiIHqVCluwz+HJlDPADyaKgPLL2jWKX9XrUj8s3ia5JPC5
fP3Hv4Ofa2uw2f2YJgL0L2ci6fjtQOjqxPLhUFE9OzTr8Lg+McVykRazkm1b+Xx8
wH6Q4Qau4ISo9FmG/oYwyC5oOKjXgYy9zisSUw9X9qUFBEeUJqbhwCuzDU2eGCAj
TVQ18c660mWftYSj/1+fjoUXYHVucY1KhYwJfBcsLlc7V5VucB5WzwTEY21B6y0j
UyiRbkekHCKnEi/ugJ1/a2jblPxc6d4aMLSr+dilPGFPXGma/CSbzKKziouOFaE8
gGguxhtPQAQXlqprVj+GHfs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA022VsaG1ZA+JQRzJ3LNW
Vc9bMIwItFuZLh/Y9BODg4Oa07bHyJp3utsndvbrXNFmr2go4kKUqMZz7Iq/obvc
ZAlF+o/8b551aKBfIo3JqkdlAIl3wJ/4XJaLhWP2xiOkkWkxWjVz+UGOgrn3H2/V
d8u3udkv4CyOXTFfFOoW3VKobslcjTjm00U2bN5929B0bdS8D4x3X79zCE6Az5He
s3XVCEZgHSN2OyglicB4tvsyI8d8AYguyl+//B6XQ95dDqp25Yh0t1IX7mFNK2j4
EM2hw+rsuB6hR8VUODTxECaW3+wCOCy8s9d8aku8rtq97EE2zzdCS9Th5mlc7IWq
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5306522363737423331909993610331742312
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-10 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'woodmagazine.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26690320598000966517510720393677543174949330815988283082614120084340649961589619016977074220846724467674830497230020831000535069837274948668153315381502483233167269483075954455931980871699845200164665607853303764409572894571749493675711479826404473878094648966867899567706383401765796039020481220233344468534962711502107138908690020293834431425039969172897520102970589370190730433813016073630940515399816751294830132751462599769539444130315318809348120101703810168682680790116575834874011452615850473818441689577900217883756098479731504993292003978879966415659690201633567700430564477393649932876481622319960967981589
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							189fedd6bb74d90f6e3d8174a82d25cf838fd15b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'woodmagazine.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.woodmagazine.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016aa20c14b60000040300473045022100ad067630b3d2befd2c526d01bb92b3900ff7462e260016e5a00da6c2326b4f5f0220734c1744323e67fbcc52919acc2fe002b8c86cf7d3f390c903ec707302ea8d660076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016aa20c15d4000004030047304502206cd1f5ab1cd153661031e3e4ad28f9afb6560d11c9c3e262b9b61cc5867b9a0d022100df7ecfc90605efbd487e179da06dda1dc7c2fd565397e48bc4aa31d1fc39ffec
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006708127b084c326ee65f9b3327e2207a950a5bb0cfe1c99433c00f268a80f2cbda358a5fd5eb523f2cde26b924f0b97cfdc7bf839f6b6bb0d9fd982602f42f6722e9f8ed40e8eac4f2e150513d3b34ebf0b83e31c5729116b3926d5bf97c7cc07e90e106aee084a8f45986fe8630c82e6838a8d7818cbdce2b12530f57f6a50504479426a6e1c02bb30d4d9e1820234d5435f1cebad2659fb584a3ff5f9f8e851760756e718d4a858c097c172c2e573b57956e701e56cf04c4636d41eb2d235328916e47a41c22a7122fee809d7f6b68db94fc5ce9de1a30b4abf9d8a53c614f5c699afc249bcca2b38a8b8e15a13c80682ec61b4f40041796aa6b563f861dfb