naco.liacs.nl

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:7a:c6:35:a1:1a:25:b6:74:11:d6:7e:4c:f3:f6:a4:b3:b4 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=naco.liacs.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:7a:c6:35:a1:1a:25:b6:74:11:d6:7e:4c:f3:f6:a4:b3:b4
Serial Number (int): 303114772162073698102378599729220666307508
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 44:11:b3:62:6a:7c:a4:68:be:28:d9:36:c1:92:db:41:97:38:8b:bf
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 4f:bd:39:cc:1e:9b:2a:d9:f3:1d:77:44:47:e9:d0:cf:1c:8c:96:a9
Fingerprint (sha256): 58:ac:3c:a9:f5:05:d9:5a:0b:53:ec:9a:fc:0f:43:c1:bc:f3:fb:25:8a:d4:d0:99:09:6f:f3:59:a6:b7:89:4a

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate naco.liacs.nl

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for naco.liacs.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

naco.liacs.nl

Other certificates including the domain name liacs.nl

(limited to 100 certificates)
tls.automattic.com
deleidscheflesch.nl
tls.automattic.com
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
erumpent.liacs.nl
erumpent.liacs.nl
tornado-p-https.web.leidenuniv.nl
keep.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
elaborant.com
deleidscheflesch.nl
deleidscheflesch.nl
naco.liacs.nl
iohanalyzer.liacs.nl
lcm.liacs.nl
git.liacs.nl
deleidscheflesch.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
tls.automattic.com
git.liacs.nl
basilisk.liacs.nl
deleidscheflesch.nl
computingfrontiers.org
ada.liacs.leidenuniv.nl
basilisk.liacs.nl
basilisk.liacs.nl
tls.automattic.com
tornado-p-https.web.leidenuniv.nl
cyttron.org
tls.automattic.com
lcm.liacs.nl
elaborant.com
keep.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
press.liacs.nl
git.liacs.nl
deleidscheflesch.nl
cf19.liacs.nl
lithium.liacs.nl
bio-imaging.liacs.nl
tls.automattic.com
bio-imaging.liacs.nl
lithium.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
cml.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
keep.leidenuniv.nl
tls.automattic.com
erumpent.liacs.nl
git.liacs.nl
git.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
elaborant.com
deleidscheflesch.nl
naco.liacs.nl
git.liacs.nl
cml.liacs.nl
keep.leidenuniv.nl
lcm.liacs.nl
naco.liacs.nl
bio-imaging.liacs.nl
press.liacs.nl
press.liacs.nl
deleidscheflesch.nl
theory.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
erumpent.liacs.nl

Certificate

The complete raw certificate details for naco.liacs.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISA3rGNaEaJbZ0EdZ+TPP2pLO0MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MDgyMjI0MzZaFw0x
ODEwMDYyMjI0MzZaMBgxFjAUBgNVBAMTDW5hY28ubGlhY3MubmwwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9OohSS+93t2eyA9D/OTjUFfr6O1nMa8Qo
w91SyLobUNOR5iSOlrftUT1HxOSf351psCsgdX0Xo5ur0d8mf+bigyK9iY5o0OQR
gBAl1aADk85UtEZeWiXLBEe4AiXwXF3irrYKFP21721QH3EiqZSGpDcCaJHqVYrr
1iuh7rsiXo157PO1sWxa9ex8B4IP7CMGeSGMzt9m7za+y5jQ6IYbbdECINkMIcKc
Q1jTaF23y69G1gA8eFYP0vLHizIXJrnb1LEqmtk+DaTtC9Sw+kg/G6ypWU+7b5eT
ZLw6K3mCmPJb0xFEhMW+FgWzVw2WiT4S4YM/A1VGtHPfpQbir7xrAgMBAAGjggMU
MIIDEDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEQRs2JqfKRovijZNsGS20GXOIu/
MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw
YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y
ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y
Zy8wGAYDVR0RBBEwD4INbmFjby5saWFjcy5ubDCB/gYDVR0gBIH2MIHzMAgGBmeB
DAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMu
bGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNh
dGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFu
ZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5
IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMIIB
AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctyk
wwz05UVH9HgAAAFkfDYWCgAABAMARzBFAiEAxwrKyMmWn/QM2u6WZ0kKeI4VN8gk
yXB+86DX1HanFy8CIBx/0mqgLKeZEhfBntB2qJC+t/Am2COU7qN3uW9cOBpRAHUA
VYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFkfDYZDgAABAMARjBE
AiALrj2OysYew9B7PgHx2lac17u09rbGXwqx/FtGgOnpkAIgTR/r673yFcgPd7Eo
1eixgjyZC+ZGni+9yziRw8nYk94wDQYJKoZIhvcNAQELBQADggEBAIuy0BPlodkP
MGkvSDj0Mi5LNy05fh5J0cLn+50d1kyhQf47hEbJG82DDrJNTxa2FcYfI3g5XYFj
sZ9tMNH84Gg6l+kEKUqqnZC8IsFEcjyCt2u9v+HDHqm+C7xW/HMV6dxr2v6jjXLa
zrxscLKI51L3dAh2lk2Q+7ON0fbMrCpIqw7YBnGD58HniqYlB/Gj3BLhEtcCg7DH
gv6Y5BndoffPrf1pdEQIBXyVfOZUV/c4447lzdUAaGjDrS3RaO2oUdqdILuXXghv
56Kr+4vbAKSVn8qBuNduO+c1oYSNdAiSICi29DQHCxYnBqpTX3tQTtOAVYxKANlT
f1cddERqgPc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTqIUkvvd7dnsgPQ/zk4
1BX6+jtZzGvEKMPdUsi6G1DTkeYkjpa37VE9R8Tkn9+dabArIHV9F6Obq9HfJn/m
4oMivYmOaNDkEYAQJdWgA5POVLRGXlolywRHuAIl8Fxd4q62ChT9te9tUB9xIqmU
hqQ3AmiR6lWK69Yroe67Il6NeezztbFsWvXsfAeCD+wjBnkhjM7fZu82vsuY0OiG
G23RAiDZDCHCnENY02hdt8uvRtYAPHhWD9Lyx4syFya529SxKprZPg2k7QvUsPpI
PxusqVlPu2+Xk2S8Oit5gpjyW9MRRITFvhYFs1cNlok+EuGDPwNVRrRz36UG4q+8
awIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 303114772162073698102378599729220666307508
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-08 22:24:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-06 22:24:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'naco.liacs.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23887903092924505338700468469261976571027069241763586419330110518842064864481644251901177381208710277258476917324523882084055676169841452117926082514771487130495225052798659270012415275755182650382334022388195514211375209803624562022890827111585637148007342330124863784729681831283438693907377594312241401820631636613786883878637902197823789448991270514835309566090079849452610625407398626620940244449808536471293185525401198669153036240272095198652918194049113169011349956567780808340971229246165940297692370907708634747331468517562931115979415925578695923096999676600523703131060893829076915537006647894521228016747
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4411b3626a7ca468be28d936c192db4197388bbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'naco.liacs.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001647c36160a0000040300473045022100c70acac8c9969ff40cdaee9667490a788e1537c824c9707ef3a0d7d476a7172f02201c7fd26aa02ca7991217c19ed076a890beb7f026d82394eea377b96f5c381a510075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001647c36190e000004030046304402200bae3d8ecac61ec3d07b3e01f1da569cd7bbb4f6b6c65f0ab1fc5b4680e9e99002204d1febebbdf215c80f77b128d5e8b1823c990be6469e2fbdcb3891c3c9d893de
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008bb2d013e5a1d90f30692f4838f4322e4b372d397e1e49d1c2e7fb9d1dd64ca141fe3b8446c91bcd830eb24d4f16b615c61f2378395d8163b19f6d30d1fce0683a97e904294aaa9d90bc22c144723c82b76bbdbfe1c31ea9be0bbc56fc7315e9dc6bdafea38d72dacebc6c70b288e752f7740876964d90fbb38dd1f6ccac2a48ab0ed8067183e7c1e78aa62507f1a3dc12e112d70283b0c782fe98e419dda1f7cfadfd69744408057c957ce65457f738e38ee5cdd5006868c3ad2dd168eda851da9d20bb975e086fe7a2abfb8bdb00a4959fca81b8d76e3be735a1848d7408922028b6f434070b162706aa535f7b504ed380558c4a00d9537f571d74446a80f7