www.gidget.koumbit.org

Issued by R3

About this certificate

This digital certificate with serial number 04:95:ba:df:fa:6e:17:7b:94:c2:71:bc:4a:79:b6:c2:55:f2 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.gidget.koumbit.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:95:ba:df:fa:6e:17:7b:94:c2:71:bc:4a:79:b6:c2:55:f2
Serial Number (int): 399399615767001031606545174911745156863474
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 52:86:96:48:6b:96:fe:65:a3:ee:72:01:23:31:30:12:bd:20:dd:e2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 05:6a:71:63:48:95:26:12:50:32:24:42:8c:de:1b:f3:49:8e:09:90
Fingerprint (sha256): 5e:ca:8d:50:1a:3e:f4:c6:94:cd:e3:0b:7c:d7:48:c8:f8:7b:67:ab:59:8a:d0:80:41:87:8b:cb:d3:76:3b:29

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.gidget.koumbit.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.gidget.koumbit.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.gidget.koumbit.org

Other certificates including the domain name koumbit.org

(limited to 100 certificates)
nextcloud.cumulus.koumbit.org
gabrielle.koumbit.org
www.vikinge.koumbit.org
www.koumbit.org
www.apbm.koumbit.org
www.shadowrun.koumbit.org
www.assep.koumbit.org
cmac.gwradio.koumbit.org
lmssop.koumbit.org
www.narchive.koumbit.org
www.johnb.koumbit.org
www.gfilion.koumbit.org
www.adte2254.koumbit.org
pplif.koumbit.org
www.assep.koumbit.org
www.koumbit.org
tnm.koumbit.org
nextcloud.cumulus.koumbit.org
www.assep.koumbit.org
mystic.koumbit.org
www.joasia.koumbit.org
wiki.praec.koumbit.org
www.gabrielle.koumbit.org
www.gidget.koumbit.org
gabrielle.koumbit.org
*.koumbit.org
www.koumbit.org
www.gfilion.koumbit.org
www.koumbit.org
gidget.koumbit.org
www.kepo.koumbit.org
confluetest.kwekwe.koumbit.org
www.joasia.koumbit.org
nextcloud.sdcmp.koumbit.org
www.joasia.koumbit.org
www.narchive.koumbit.org
vikinge.koumbit.org
www.assep.koumbit.org
wb.tnm.koumbit.org
rcentres.koumbit.org
www.assep.koumbit.org
www.shadowrun.koumbit.org
www.koumbit.org
www.koumbit.org
wb.tnm.koumbit.org
www.tnm.koumbit.org
www.narchive.koumbit.org
cmac.gwradio.koumbit.org
www.ktrh.koumbit.org
nuage.ecrinum.koumbit.org
nextcloud.sdcmp.koumbit.org
nuage.ecrinum.koumbit.org
www.philou.koumbit.org
70s.haproxy.koumbit.org
narchive.koumbit.org
www.koumbit.org
www.assep.koumbit.org
www.gabrielle.koumbit.org
www.gidget.koumbit.org
www.koumbit.org
https56.nina.koumbit.org
etcgroup.koumbit.org
www.koumbit.org
www.praec.koumbit.org
www.kepo.koumbit.org
rcentres.koumbit.org
ktrh.koumbit.org
www.joasia.koumbit.org
www.assep.koumbit.org
gretchenk.gwradio.koumbit.org
www.koumbit.org
www.enkerli.koumbit.org
*.koumbit.org
shadowrun.koumbit.org
www.koumbit.org
www.mystic.koumbit.org
www.koumbit.org
www.assep.koumbit.org
www.koumbit.org
www.koumbit.org
www.joasia.koumbit.org
enkerli.koumbit.org
cache.haproxy.koumbit.org
www.largot.koumbit.org
ktrh.koumbit.org
www.enkerli.koumbit.org
www.koumbit.org
vikinge.koumbit.org
gidget.koumbit.org
www.joasia.koumbit.org
www.praec.koumbit.org
tnm.koumbit.org
www.sdcmp.koumbit.org
www.koumbit.org
www.koumbit.org
www.koumbit.org
wp.nina.koumbit.org
www.assep.koumbit.org
81s.haproxy.koumbit.org
www.koumbit.org

Certificate

The complete raw certificate details for www.gidget.koumbit.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISBJW63/puF3uUwnG8Snm2wlXyMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MDUxOTI4MjhaFw0yMzEyMDQxOTI4MjdaMCExHzAdBgNVBAMT
Fnd3dy5naWRnZXQua291bWJpdC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDJ0N3fNNuTKSPOX9Xq04+eqNxAFagiGvLUVDRp3QtqhgZGOaJ+J9hv
hexR3Ak9OHddA+SijOiW5//v7DXDVxu1F6oEplYJcHXlemSUK4L1y/eJXtArISPi
hrY8DRihFRlrAo3WCrwOCymQbWk0DPArepj2hG+zIwj42OD1ZnvOzgbUfp3z10Ud
HsEjFcBy85CnE1kiZD4s5vDFnkjrxKmj8FEUDKbod5bpHFW3k2uY6JnhlJyiNg6x
qSwxTqbwgAGzngIIPUFoVCqZIgZauzVEnZEmihhqnDUn5HyBQUfFNPQyTyOHQ75I
AzxCj9DhGnS10XsLYcmM7I2uMjVuH1q25+SV5swl9QNe/6nJpDAlDSMtmPuf8bKm
kLRzCMU6hxNicV1y72Y7OlnLYfKpmY7Lzkov2eLfMAn5x48bmYch9fSpXH/8yS5R
lwx8CP3Khg+ihKBrDZPj3+0gTkVNBDzhOTUIvOwJRdta4fHb5B4wFEzT5AuzVBk7
25Qnp4+xT20lMWTXIMThVw2WMHx9NXWhonh09UNVFVUnxEkdFulvlMDo3r+8ahkn
ZmBVvjZO2H0k7e5EGE1v7E3yfJ1aZqg/K7M/2t23StRIs3y0SJUekqOrOpMo8Kqp
r2qBi5SqH9yaqNsuLNKFg+qLqfER/IL+LZBOzaIi0a7oC2k7paI96QIDAQABo4IC
GDCCAhQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRShpZIa5b+ZaPucgEjMTASvSDd
4jAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJ
MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcw
AoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAhBgNVHREEGjAYghZ3d3cuZ2lkZ2V0
LmtvdW1iaXQub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIE
AgSB9QSB8gDwAHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGK
ZwhBugAABAMARzBFAiBlWZvaXhKo90/nXsTjAFWy1byeeEGBLpthoZOlYvJvHAIh
AJZ5ZJtDvJcrkhtaafWa/gL9Z6dHWoRTlPJ4n65BFbCEAHYAejKMVNi3LbYg6jjg
Uh7phBZwMhOFTTvSK8E6V6NS61IAAAGKZwhB3QAABAMARzBFAiEA8dK+Zt4Iu+Ti
a8wY1HcjrhYbpwrdrRcrqNx399UMnpsCIFt7mSE6mTI6u3deOgI9yCHQIH5uNCIx
PlPP4D2kT3XDMA0GCSqGSIb3DQEBCwUAA4IBAQC4R2+9ncy9XQ+YFp30cAlWoynW
5/OnGFj0HqmUst+HGmonKW4K05gmnlGrG62f1Qf5HUEXX83BLf37Rbc7X3XfC65z
Mt+i2RwHNhhKhRGb+LARyzDgcSzxBHANO6i2XJ5Xgj1tALiqucx+S/RSAgKlGhrt
GzlfdQVSXUoWPOdIcTwsq6sZNgfiftKnvIWVbz+9p60vHSS5TJoudif8tcV+EHQF
TgftM3u+GQQW3crjvjoA2FK+f4pLXjo9aOTQecoDRU5rEMA7I2VpEplKhdX8URd6
M2BGTeVqxiyRiBsiuIUK328uivDu2J4pnCi1V9sjS8wiEVWXPS9eNbMZpffz
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAydDd3zTbkykjzl/V6tOP
nqjcQBWoIhry1FQ0ad0LaoYGRjmififYb4XsUdwJPTh3XQPkoozoluf/7+w1w1cb
tReqBKZWCXB15XpklCuC9cv3iV7QKyEj4oa2PA0YoRUZawKN1gq8DgspkG1pNAzw
K3qY9oRvsyMI+Njg9WZ7zs4G1H6d89dFHR7BIxXAcvOQpxNZImQ+LObwxZ5I68Sp
o/BRFAym6HeW6RxVt5NrmOiZ4ZScojYOsaksMU6m8IABs54CCD1BaFQqmSIGWrs1
RJ2RJooYapw1J+R8gUFHxTT0Mk8jh0O+SAM8Qo/Q4Rp0tdF7C2HJjOyNrjI1bh9a
tufklebMJfUDXv+pyaQwJQ0jLZj7n/GyppC0cwjFOocTYnFdcu9mOzpZy2HyqZmO
y85KL9ni3zAJ+cePG5mHIfX0qVx//MkuUZcMfAj9yoYPooSgaw2T49/tIE5FTQQ8
4Tk1CLzsCUXbWuHx2+QeMBRM0+QLs1QZO9uUJ6ePsU9tJTFk1yDE4VcNljB8fTV1
oaJ4dPVDVRVVJ8RJHRbpb5TA6N6/vGoZJ2ZgVb42Tth9JO3uRBhNb+xN8nydWmao
PyuzP9rdt0rUSLN8tEiVHpKjqzqTKPCqqa9qgYuUqh/cmqjbLizShYPqi6nxEfyC
/i2QTs2iItGu6AtpO6WiPekCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 399399615767001031606545174911745156863474
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-05 19:28:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 19:28:27 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gidget.koumbit.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 823336980098129406440769296592683043951022161812543698534298284763779563869408429161022628901606129876315949104587801384716363298943333775561428063862428208225094629012721359170350707912166562631240683560143520657348393724637024502611825255484182019664202256548021638563176519688422827723860199784883243939860888823241196327774359601471095780519827201961632950292645840958533326662400680819984895086693597399071252955513789549487501823727502388867488790545293011459603167052299033751596579776135733380902231366830738196170275687694450001675189031790193664411976400673797188313043446758557242830526067822040963424264031213246959240984425974506036425826011045442733898729750219242756033590548401271106650775781744616530813627394775329982875124957703576269658650379038868773922890039388736548129479394539386244631475892392780647161684968694569643411007859324806503393296730458268261745047338712530576001879797115999681130524827355476968646531698707969732850581375057322359978334721736143683867735433690943481230419215835190294133971477085549261466263977188541367663490997567507197925439556310632690485145073569464682149820946333183376505290670634793753151188743300006443329734178973749781003911457215045388151936679856784993259857526249
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							528696486b96fe65a3ee720123313012bd20dde2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gidget.koumbit.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018a670841ba0000040300473045022065599bda5e12a8f74fe75ec4e30055b2d5bc9e7841812e9b61a193a562f26f1c0221009679649b43bc972b921b5a69f59afe02fd67a7475a845394f2789fae4115b0840076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018a670841dd0000040300473045022100f1d2be66de08bbe4e26bcc18d47723ae161ba70addad172ba8dc77f7d50c9e9b02205b7b99213a99323abb775e3a023dc821d0207e6e3422313e53cfe03da44f75c3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b8476fbd9dccbd5d0f98169df4700956a329d6e7f3a71858f41ea994b2df871a6a27296e0ad398269e51ab1bad9fd507f91d41175fcdc12dfdfb45b73b5f75df0bae7332dfa2d91c0736184a85119bf8b011cb30e0712cf104700d3ba8b65c9e57823d6d00b8aab9cc7e4bf4520202a51a1aed1b395f7505525d4a163ce748713c2cabab193607e27ed2a7bc85956f3fbda7ad2f1d24b94c9a2e7627fcb5c57e1074054e07ed337bbe190416ddcae3be3a00d852be7f8a4b5e3a3d68e4d079ca03454e6b10c03b23656912994a85d5fc51177a3360464de56ac62c91881b22b8850adf6f2e8af0eed89e299c28b557db234bcc221155973d2f5e35b319a5f7f3