www.riotkayaks.com

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 06:df:e9:ae:ab:a2:a1:14:3c:e5:fd:5d:03:e7:76:c5 was issued on by DigiCert, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.riotkayaks.com

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:df:e9:ae:ab:a2:a1:14:3c:e5:fd:5d:03:e7:76:c5
Serial Number (int): 9137989814419233456343056182487250629
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 19:72:e4:c5:7f:a2:0e:59:ac:2a:dd:90:a4:72:88:c1:78:7a:ec:fe
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): e2:6c:06:6b:0e:ad:3c:11:6e:98:70:10:4b:03:e3:de:42:07:7f:2b
Fingerprint (sha256): 60:f9:9e:b9:09:af:1d:49:19:02:fe:05:c3:f2:e6:d6:9c:02:85:31:e5:c9:ad:bb:dc:e5:dc:5a:f6:6e:ce:2e

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate www.riotkayaks.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.riotkayaks.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.riotkayaks.com
riotkayaks.com

Other certificates including the domain name riotkayaks.com

(limited to 100 certificates)
www.riotkayaks.com
riotkayaks.com
support.safapply.com
support.augos.io
riotkayaks.com
www.riotkayaks.com

Certificate

The complete raw certificate details for www.riotkayaks.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHnDCCBYSgAwIBAgIQBt/prquioRQ85f1dA+d2xTANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMwMjAxMDAwMDAwWhcNMjQwMjE2MjM1OTU5WjAdMRswGQYDVQQDExJ3d3cucmlv
dGtheWFrcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBvUo4
qSt5ER/sIsv3uXVoWfS/uCVRPUL0Egu/nZzDmzvZiwpu/ri/TuUtHd7fCFJZ6NJP
XVx4XbQmyRTAduWKueF5HDHQVDvW1fecnNPGm2NPswCu8yXaiffP3kPVE1vR9j8J
7LkwLTWPtRRyTSF+TdiRmo5utPuS08ka3NdEESxTvPJy7ZVE28TO8/nRBV3UQijP
qIwskWbfOd2Ah8ZVBDCtii8si0Q8fsppWOP6HMwBFZjRk26qCqBv0BsQJSLY/8Du
RqWA5yvzdLtsxGXp39NNZ15SuHiUpfqoadfNPn1Nb8a7fBlXqSbRXH38QKq5QfVL
CaJn9xk4z/9qcyWVAgMBAAGjggOXMIIDkzAfBgNVHSMEGDAWgBSltNbrNsTna6bf
xGQLASogBLhmIzAdBgNVHQ4EFgQUGXLkxX+iDlmsKt2QpHKIwXh67P4wLQYDVR0R
BCYwJIISd3d3LnJpb3RrYXlha3MuY29tgg5yaW90a2F5YWtzLmNvbTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNVHR8E
gZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEds
b2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0cDovL2Ny
bDQuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIw
MjJDQTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0
dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBhwYIKwYBBQUHAQEEezB5MCQGCCsG
AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0
dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQw
OTZTSEEyNTYyMDIyQ0ExLmNydDAJBgNVHRMEAjAAMIIBegYKKwYBBAHWeQIEAgSC
AWoEggFmAWQAdQDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYYL
PzaHAAAEAwBGMEQCIDzwCuJpH8iT2uADnkzqg4Cd5bBqZoZN511ZaTYHkOlUAiB7
g5O5bvDzBG306VoD4/YIjOHHxS+/TdxdGIrSa1bQ0AB1AHPZnokbTJZ4oCB9R53m
ssYc0FFecRkqjGuAEHrBd3K1AAABhgs/NswAAAQDAEYwRAIgQg88kZWWYU7BKD1t
/ZPb44rBzSXkCIENxX6ZTxfYj08CIEXuUGRcgBfS/04tIuRHT8EVqzgvTverWhvp
eIyAaAmJAHQASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGGCz82
lwAABAMARTBDAiAGJnlc/9D/CsWJ7Mr2wbAmz0crT76L37CsOW09slKBnQIfBtKl
Wci75NV9rftBEoJvsmBwOGY11YPXQWvmLmOC4DANBgkqhkiG9w0BAQsFAAOCAgEA
MMiSRxcWoDflyJwoj1Iym5jZO/Io/XlSoio15SYA8Q7IRBu2CzO1sDTylJBBQWu+
Ha1OAP9Hli3IkgNMsDDzIaaeXdy+kQQdTqga8onXO5vExToyE6LOkclB0NbK7EDk
NGBaPiCOr+H5jxBIhGAQ12zEmOEJD5HmbabtpyDA88fd5iRfgBa4C+r/rKgzsdI8
fTNqfzRKeiL6rOjb7wHjmkS1J8dP4/HeVhbXnQXaJSf5EmrSlw2c5ICeMittyhxA
RB3iHFOxSCe7oEuUikNLlHdRK9tY16fk/ZaljPm0u2b7Alt0W6LXM9K3zaMHAQXR
SzIflYh2MGdvMNROGm9PBswp3pR4eQUqS14VmagwdyMklbF5907TfMnFJmnlsAMD
/YZnGNnRscHT9Ju0gM7QDZCHIFoGzSHaBAOc8TM4BC+CEljWBUnAJ5mDHtYVTPGG
wLvW8EUeppQUKl24h2F79U4m/1en+DhBZVOSIeo59+Tyoh+dt9GiksjHPgY//LSF
MfadVZzJkAcLEMJGQvI5llqpYHSFagk8kaP54LSgGWKggGkXhHkhhwsrbNS/NgcF
azWggU25XpWU++z5gddl594PVtCAjuQQhwrW4d3OHnAMMA3Apd8wGZUtvIuh8tqb
+VtNGdO3azV7JhssMp56JDw1CXO1Zlfbl4Mr0JuCV0M=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb1KOKkreREf7CLL97l1
aFn0v7glUT1C9BILv52cw5s72YsKbv64v07lLR3e3whSWejST11ceF20JskUwHbl
irnheRwx0FQ71tX3nJzTxptjT7MArvMl2on3z95D1RNb0fY/Cey5MC01j7UUck0h
fk3YkZqObrT7ktPJGtzXRBEsU7zycu2VRNvEzvP50QVd1EIoz6iMLJFm3zndgIfG
VQQwrYovLItEPH7KaVjj+hzMARWY0ZNuqgqgb9AbECUi2P/A7kalgOcr83S7bMRl
6d/TTWdeUrh4lKX6qGnXzT59TW/Gu3wZV6km0Vx9/ECquUH1SwmiZ/cZOM//anMl
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9137989814419233456343056182487250629
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-16 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.riotkayaks.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24457335200406967401900738732186863338896857332562023987830746145070344952611986793587774648781911172472307659779260243507619001542928844996574682875414892690647271465750158291658600688491998978004479898603112765917514687188105236080405620148750766073010634272530504845252966508249352408452624161698436560938260396879488417169122242846935662371132986388334090942608907693861797279969877470126543131010119876917414327419370188065097037069652602120000695080766208976362373679807137372199501274188903184885775463494799408784592066299379253942915509323913403857861399659258558251595757001500281569759391265875720777442709
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1972e4c57fa20e59ac2add90a47288c1787aecfe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.riotkayaks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riotkayaks.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (358 bytes)
							0164007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001860b3f3687000004030046304402203cf00ae2691fc893dae0039e4cea83809de5b06a66864de75d5969360790e95402207b8393b96ef0f3046df4e95a03e3f6088ce1c7c52fbf4ddc5d188ad26b56d0d000750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001860b3f36cc00000403004630440220420f3c919596614ec1283d6dfd93dbe38ac1cd25e408810dc57e994f17d88f4f022045ee50645c8017d2ff4e2d22e4474fc115ab382f4ef7ab5a1be9788c8068098900740048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001860b3f3697000004030045304302200626795cffd0ff0ac589eccaf6c1b026cf472b4fbe8bdfb0ac396d3db252819d021f06d2a559c8bbe4d57dadfb4112826fb26070386635d583d7416be62e6382e0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0030c892471716a037e5c89c288f52329b98d93bf228fd7952a22a35e52600f10ec8441bb60b33b5b034f2949041416bbe1dad4e00ff47962dc892034cb030f321a69e5ddcbe91041d4ea81af289d73b9bc4c53a3213a2ce91c941d0d6caec40e434605a3e208eafe1f98f1048846010d76cc498e1090f91e66da6eda720c0f3c7dde6245f8016b80beaffaca833b1d23c7d336a7f344a7a22faace8dbef01e39a44b527c74fe3f1de5616d79d05da2527f9126ad2970d9ce4809e322b6dca1c40441de21c53b14827bba04b948a434b9477512bdb58d7a7e4fd96a58cf9b4bb66fb025b745ba2d733d2b7cda3070105d14b321f95887630676f30d44e1a6f4f06cc29de947879052a4b5e1599a83077232495b179f74ed37cc9c52669e5b00303fd866718d9d1b1c1d3f49bb480ced00d9087205a06cd21da04039cf13338042f821258d60549c02799831ed6154cf186c0bbd6f0451ea694142a5db887617bf54e26ff57a7f8384165539221ea39f7e4f2a21f9db7d1a292c8c73e063ffcb48531f69d559cc990070b10c24642f239965aa96074856a093c91a3f9e0b4a01962a0806917847921870b2b6cd4bf3607056b35a0814db95e9594fbecf981d765e7de0f56d0808ee410870ad6e1ddce1e700c300dc0a5df3019952dbc8ba1f2da9bf95b4d19d3b76b357b261b2c329e7a243c350973b56657db97832bd09b825743