*.adiag-qa.bruker.com

Issued by Thawte TLS RSA CA G1

About this certificate

This digital certificate with serial number 0e:65:47:2a:b7:46:2b:c6:5d:03:68:c5:22:0c:db:98 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.adiag-qa.bruker.com

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0e:65:47:2a:b7:46:2b:c6:5d:03:68:c5:22:0c:db:98
Serial Number (int): 19135057359086113004432735631309593496
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: a1:4b:7b:ad:7d:2c:c2:96:93:9d:a5:9a:be:b4:35:8e:d5:0e:e6:d0
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7

Fingerprint (sha1): 12:61:e7:bf:e4:59:be:1e:c1:c8:13:f3:15:ea:d3:1b:ef:d4:4a:e2
Fingerprint (sha256): 59:55:6f:ff:1c:68:27:7d:ab:1e:55:20:26:2d:55:55:99:7e:3e:42:7b:4b:74:eb:a3:14:f5:d9:9d:2a:c0:d4

Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt

Revocation information

OCSP Server: http://status.thawte.com
CRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl

Check the revocation status for certificate *.adiag-qa.bruker.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.adiag-qa.bruker.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.adiag-qa.bruker.com

Other certificates including the domain name bruker.com

(limited to 100 certificates)
bruker.com
*.autodiagnose.bruker.com
bruker.com
*.adiag-qa.bruker.com
mbna.bruker.com
licensecentral-bdal.bruker.com
*.autodiagnose.bruker.com
*.adiag-qa.bruker.com
store-stage.bruker.com
www.bruker.com
mbns.bruker.com
*.bruker.com
cibrubwp07.bruker.com
www.bruker.com
*.bruker.com
*.adiag-dev.bruker.com
www.bruker.com
*.bruker.com
guestportal.bruker.com
sso.bruker.com
bruker.com
licensecentral-bbio.bruker.com
mbna.bruker.com
mc.bruker.com
*.bruker.com
fileshare-calid.bruker.com
bruker.com
ir.bruker.com
fileshare-calid.bruker.com
bruker.com
ir.bruker.com
autodiscover.bruker-nano.com
webmail.bruker.com
mbna.bruker.com
www.opticsblog.bruker.com
mbopt.bruker.com
monitoring-mrs.bruker.com
fileshare-nano.bruker.com
mbns.bruker.com
knoluvit.adiag-dev.bruker.com
monitoring-mrs.bruker.com
www.bruker.com
licensecentral-bopt.bruker.com
mhmp.bruker.com
*.autodiagnose.bruker.com
*.adiag-dev.bruker.com
www.opticsblog.bruker.com
mbopt.bruker.com
bruker.com
login.bruker.com
*.autodiagnose.bruker.com
ok.bruker.com
*.autodiagnose.bruker.com
*.adiag-qa.bruker.com
ok.bruker.com
*.bruker.com
cibrubwp07.bruker.com
bruker.com
mc.bruker.com
guestportal-01-emea.bruker.com
monitoring-mrs.bruker.com
ibcm.bruker.com
licensecentral-bbio.bruker.com
fileshare-nano.bruker.com
fileshare-nano.bruker.com
*.adiag-qa.bruker.com
fileshare-nano.bruker.com
bruker.com
www.bruker.com
repo-bbio.bruker.com
mc.bruker.com
opticsblog.bruker.com
bruker.com
*.bruker.com
www.opticsblog.bruker.com
fileshare-nano.bruker.com
*.bruker.com
bruker.com
guestportal-02-emea.bruker.com
www.opticsblog.bruker.com
www.opticsblog.bruker.com
www.bruker.com
licensecentral-baxs.bruker.com
cibrubwq05.bruker.com
login.bruker.com
login.bruker.com
cibrubwp07.bruker.com
licensecentral-baxs.bruker.com
*.bruker.com
mc.bruker.com
fileshare-nano.bruker.com
ir.bruker.com
autodiscover.bruker-nano.com
fileshare-calid.bruker.com
mhmp.bruker.com
autodiscover.bruker-nano.com
cibrubwp07.bruker.com
fileshare-calid.bruker.com
www.bruker.com
fileshare-calid.bruker.com

Certificate

The complete raw certificate details for *.adiag-qa.bruker.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIQDmVHKrdGK8ZdA2jFIgzbmDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe
Fw0yMDAxMjQwMDAwMDBaFw0yMTAxMjMxMjAwMDBaMCAxHjAcBgNVBAMMFSouYWRp
YWctcWEuYnJ1a2VyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMT/HIGwH1++heKii0B2CP0ZaaCoky8+NbEB05HzPFNwXXQ2WFQKcsVY4+kvG3cD
AMhK8TaM11kkzUpj48LqWUCrA/09P7EcyAsgz3MkxdKvJo+8cA4MKjA0B4X+63eP
G5zpEoNV2dv59yeNKExnBa+rWeXA7218jxd0+MwV91dJOMJdBfgzBy6qaxNQ+Ys7
4FhzXJ2D8Pm9xPEqBvv8t95qt8NfJflv94RHKcxyuL4wDu7AbO3VI8hS9k2LBYv/
9sfOYuxM3bi+rU8b7ZhaMH1SiimTG1yPwzrPlMHXs0V0/OShlMCIfzKbsb73O3MA
/nF3RaW9IUfpx1XP+CJ9+48CAwEAAaOCAqYwggKiMB8GA1UdIwQYMBaAFKWM/jLM
6w8s1BnGCLgAJIhdw8W3MB0GA1UdDgQWBBShS3utfSzClpOdpZq+tDWO1Q7m0DAg
BgNVHREEGTAXghUqLmFkaWFnLXFhLmJydWtlci5jb20wDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAs
hipodHRwOi8vY2RwLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNBQ0FHMS5jcmwwTAYD
VR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
ZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwcAYIKwYBBQUHAQEEZDBiMCQGCCsG
AQUFBzABhhhodHRwOi8vc3RhdHVzLnRoYXd0ZS5jb20wOgYIKwYBBQUHMAKGLmh0
dHA6Ly9jYWNlcnRzLnRoYXd0ZS5jb20vVGhhd3RlVExTUlNBQ0FHMS5jcnQwCQYD
VR0TBAIwADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2APZclC/RdzAiFFQYCDCU
Vo7jTRMZM7/fDC8gC8xO8WTjAAABb9ix+T0AAAQDAEcwRQIgZdaldot+7/LUnGzx
14G8AqWPrzyHHn8jD8Yf4+7LhjICIQCOrfj6plVSqHTKRghNN+p4poISuCkZaPVc
jQf03PEFkwB3AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2xw7KAAABb9ix
+XsAAAQDAEgwRgIhAK8FMej90XV0EZ5dI9H+DVYs44vCS5Ao517PMWksU29RAiEA
sRmkrKRsXclPER2wmum0PuQUWhtc2wZIBrN+IBtI7IQwDQYJKoZIhvcNAQELBQAD
ggEBADLCH/5pUF06sh7QQqE8G05+SR7kmu5aC9Ed23T2anRn6kGkCre1jNFO45S5
vlkDkAIezei3jYIAEpuefPEpInXxQsUz2MNddFV0/Ev25FZ3jPn5Vs2g9HlF25WA
VnCePmKmWU0fJsTmQD5ISHgssDJZxu2Lsr6OjkacuNaD/Fux695fw/E+C9yu+9yb
tzWKe8D69JY2zmZxsGWkmzqblWYp2jhci12NLzSgFlA8TtCzog0t6oC+QFdisxBC
NRkc44JWeXvwMfEZQtfq36oYo4h1xoIQtCvg7y+436yhRjQx6bpGKQmPjbNSAtRE
8UBVsRstEbJlbJsTtfT0rARwrTM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP8cgbAfX76F4qKLQHYI
/RlpoKiTLz41sQHTkfM8U3BddDZYVApyxVjj6S8bdwMAyErxNozXWSTNSmPjwupZ
QKsD/T0/sRzICyDPcyTF0q8mj7xwDgwqMDQHhf7rd48bnOkSg1XZ2/n3J40oTGcF
r6tZ5cDvbXyPF3T4zBX3V0k4wl0F+DMHLqprE1D5izvgWHNcnYPw+b3E8SoG+/y3
3mq3w18l+W/3hEcpzHK4vjAO7sBs7dUjyFL2TYsFi//2x85i7EzduL6tTxvtmFow
fVKKKZMbXI/DOs+UwdezRXT85KGUwIh/Mpuxvvc7cwD+cXdFpb0hR+nHVc/4In37
jwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19135057359086113004432735631309593496
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-23 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.adiag-qa.bruker.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24868507870580295962998809385478822425556347142494238857876284493460082181555298049591384342070855972093723111561643854765383603772990564480534987853450578140841721201176536574472606017398417785697438989777092250724113432888061316588730661077020735296799414935215996443781433795216446302796073519446506173828806054125707698998289477751191209567257652055841031357342512976490350449950640614941565545012133324805577170665071695031653537656814062905499398537333536950567817215959965433212209028857937019406524183209580826241626473885416603498631957538078777805551314621705855560375584638506533705160787816940281156991887
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a14b7bad7d2cc296939da59abeb4358ed50ee6d0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.adiag-qa.bruker.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016fd8b1f93d0000040300473045022065d6a5768b7eeff2d49c6cf1d781bc02a58faf3c871e7f230fc61fe3eecb86320221008eadf8faa65552a874ca46084d37ea78a68212b8291968f55c8d07f4dcf105930077005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000016fd8b1f97b0000040300483046022100af0531e8fdd17574119e5d23d1fe0d562ce38bc24b9028e75ecf31692c536f51022100b119a4aca46c5dc94f111db09ae9b43ee4145a1b5cdb064806b37e201b48ec84
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0032c21ffe69505d3ab21ed042a13c1b4e7e491ee49aee5a0bd11ddb74f66a7467ea41a40ab7b58cd14ee394b9be590390021ecde8b78d8200129b9e7cf1292275f142c533d8c35d745574fc4bf6e456778cf9f956cda0f47945db958056709e3e62a6594d1f26c4e6403e4848782cb03259c6ed8bb2be8e8e469cb8d683fc5bb1ebde5fc3f13e0bdcaefbdc9bb7358a7bc0faf49636ce6671b065a49b3a9b956629da385c8b5d8d2f34a016503c4ed0b3a20d2dea80be405762b3104235191ce38256797bf031f11942d7eadfaa18a38875c68210b42be0ef2fb8dfaca1463431e9ba4629098f8db35202d444f14055b11b2d11b2656c9b13b5f4f4ac0470ad33