*.albergo-ristorante-cacciatori.com

Issued by Actalis Domain Validation Server CA G2

About this certificate

This digital certificate with serial number 21:b4:34:7b:91:c7:de:20:f0:9b:38:74:ae:74:7a:8f was issued on by Actalis S.p.A./03358520967.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.albergo-ristorante-cacciatori.com,OU=Domain Control Validated by Actalis S.p.A.

Actalis S.p.A./03358520967

Organization: Actalis S.p.A./03358520967
State / Province: Bergamo
Locality: Ponte San Pietro
Country: IT

This certificate has expire since

Certificate Details

Serial Number (hex): 21:b4:34:7b:91:c7:de:20:f0:9b:38:74:ae:74:7a:8f
Serial Number (int): 44800201770918823555527558446573714063
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: d5:55:34:e6:64:82:aa:2d:6f:56:81:fc:b8:c8:df:7a:8a:4a:57:1a
AuthorityKeyId: d5:40:08:f7:96:22:4e:19:b3:da:e5:61:93:ba:ba:b7:3e:eb:b9:cd

Fingerprint (sha1): 3a:f7:65:2e:be:37:1f:93:a4:7e:f0:5d:aa:9a:a9:d7:23:1f:c5:a1
Fingerprint (sha256): 66:67:c5:f9:32:8a:05:b7:7d:9b:d0:24:bd:bf:c8:fd:22:14:27:21:a5:b0:0a:3f:06:02:8f:f4:02:fb:91:32

Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-autdvg2

Revocation information

OCSP Server: http://ocsp06.actalis.it/VA/AUTHDV-G2
CRL Distribution Point: http://crl06.actalis.it/Repository/AUTHDV-G2/getLastCRL

Check the revocation status for certificate *.albergo-ristorante-cacciatori.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.albergo-ristorante-cacciatori.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com

Other certificates including the domain name albergo-ristorante-cacciatori.com

(limited to 100 certificates)
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
*.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
www.albergo-ristorante-cacciatori.com
*.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
www.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
*.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
www.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com
www.albergo-ristorante-cacciatori.com
*.albergo-ristorante-cacciatori.com
*.albergo-ristorante-cacciatori.com
albergo-ristorante-cacciatori.com

Certificate

The complete raw certificate details for *.albergo-ristorante-cacciatori.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIQIbQ0e5HH3iDwmzh0rnR6jzANBgkqhkiG9w0BAQsFADCB
kDELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl
IFNhbiBQaWV0cm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3
MS8wLQYDVQQDDCZBY3RhbGlzIERvbWFpbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBH
MjAeFw0xOTEyMjUwNDEwMjdaFw0yMTAzMjYwNDEwMjdaMGMxMzAxBgNVBAsMKkRv
bWFpbiBDb250cm9sIFZhbGlkYXRlZCBieSBBY3RhbGlzIFMucC5BLjEsMCoGA1UE
AwwjKi5hbGJlcmdvLXJpc3RvcmFudGUtY2FjY2lhdG9yaS5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzCS/JbBRrRwHwd2yuC3WGzIlCfTc9pXI6
MIXLnWUq324DE+f4FOLUCboaIcgXPBg8pwY3HKmRZyLbOIQS8A2JUuIWxx/LEsKR
X9p09uKUqxTiZzPSKMc0uBf24Rif0UGh7VKuqhKP0JMismTSB5bS/A39AVGn1ALw
T6SyOu6Tv/eS6ScaBe4sfKe2V8x5AnD+mPh81l+RnD5AIlx6SlUW4Hi2sg8UrIpJ
ha8fh5pS7e0YSEB/eRuPA3rGxG/5XC8LMzXh6TVPevjw9n8SEWOrHKjhrVW8SuUJ
WSAV0UxUrC9pAz+8LqsFSdentb3lHo+CvcsP6X2VBND2pt0cYFsLAgMBAAGjggN0
MIIDcDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFNVACPeWIk4Zs9rlYZO6urc+
67nNMH0GCCsGAQUFBwEBBHEwbzA6BggrBgEFBQcwAoYuaHR0cDovL2NhY2VydC5h
Y3RhbGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0ZHZnMjAxBggrBgEFBQcwAYYlaHR0
cDovL29jc3AwNi5hY3RhbGlzLml0L1ZBL0FVVEhEVi1HMjBRBgNVHREESjBIgiMq
LmFsYmVyZ28tcmlzdG9yYW50ZS1jYWNjaWF0b3JpLmNvbYIhYWxiZXJnby1yaXN0
b3JhbnRlLWNhY2NpYXRvcmkuY29tMFEGA1UdIARKMEgwPAYGK4EfARcBMDIwMAYI
KwYBBQUHAgEWJGh0dHBzOi8vd3d3LmFjdGFsaXMuaXQvYXJlYS1kb3dubG9hZDAI
BgZngQwBAgEwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEgGA1UdHwRB
MD8wPaA7oDmGN2h0dHA6Ly9jcmwwNi5hY3RhbGlzLml0L1JlcG9zaXRvcnkvQVVU
SERWLUcyL2dldExhc3RDUkwwHQYDVR0OBBYEFNVVNOZkgqotb1aB/LjI33qKSlca
MA4GA1UdDwEB/wQEAwIFoDCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcAVYHU
whaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFvO0jZ3wAABAMASDBGAiEA
+OH8gZHP126Fk1zzAwJqC97dtuCUICQriKeWYM7BRj8CIQCO9+oKqfo2SAE4DZla
RmpqIcURsS5YfZ5G8nGH3wXFzQB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaN
sgiaN9kTAAABbztI2bcAAAQDAEgwRgIhAPHvaXeNrlUbgcnM/UHy/s8wV2Lnu7/A
3lzKmLb91ovyAiEA+BV1Mou9ZEq1g8zwDqX0piZVQ6jFCEFclYcVMCrOZbsAdgDu
S723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAW87SNmwAAAEAwBHMEUC
IQCsndJDNIyk6SYOP49vwPYYAOURQ0fYKCKefvNzQQJXsQIgOTUDHdBrpx8jw8aO
LwO0eHmcOMowdvXXx2JledQ1fDQwDQYJKoZIhvcNAQELBQADggEBAFLzWPsfQnbN
s6RfmA20pMYrKHqvMX875O1mh+fIS4lxbT3KC7FkBJN3L2N5t9P2Y/K5yMhx1h3L
MrxcPi7mxiXDS+yoRTqxgtfJO7s3IpE+O3fza+vyiEVMRb53/hPLMob++Z/VBaku
zVzy37jHHuOcPMT4H3pHRQTg7iQk5hrEiTEXTJ/REf7f1anyz+0EgzxzovX+mek+
0vb+6l8CtZ6cYIahu9H05Tw9ds3J6+gIJQZaLC/788gB5CSRZFxAXQbsKpB+jMfV
8l42qeA79yVsEtw17kR17a1sQ6zpq+3yFRiBiLMtu+fsAlxjCuRHHfDwUYzcrlyw
kjsAftgkc7s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wkvyWwUa0cB8Hdsrgt1
hsyJQn03PaVyOjCFy51lKt9uAxPn+BTi1Am6GiHIFzwYPKcGNxypkWci2ziEEvAN
iVLiFscfyxLCkV/adPbilKsU4mcz0ijHNLgX9uEYn9FBoe1SrqoSj9CTIrJk0geW
0vwN/QFRp9QC8E+ksjruk7/3kuknGgXuLHyntlfMeQJw/pj4fNZfkZw+QCJcekpV
FuB4trIPFKyKSYWvH4eaUu3tGEhAf3kbjwN6xsRv+VwvCzM14ek1T3r48PZ/EhFj
qxyo4a1VvErlCVkgFdFMVKwvaQM/vC6rBUnXp7W95R6Pgr3LD+l9lQTQ9qbdHGBb
CwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 44800201770918823555527558446573714063
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A./03358520967'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Domain Validation Server CA G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-25 04:10:27 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-26 04:10:27 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Domain Control Validated by Actalis S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.albergo-ristorante-cacciatori.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30680438221192511542276290488376060120633284402859980215016814251635841969813319485377514513929425199704073487063694330332534649493831134573585384804489398936818316233759410239557794226560695181954087259785316275072244787473143639186761165649145217179952126377010477879380139356375399451944384897358575649579021370384805801806931611512633859282116794384556743883211246952549869193093449063392655290453978788837873983806670263730160408957530641196957087264489681730477467694614710485515084026310715742469506294383907902475369896015149606245034032290764190905329179310434148219988333720199914162429053772314806237289227
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d54008f796224e19b3dae56193babab73eebb9cd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-autdvg2'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp06.actalis.it/VA/AUTHDV-G2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.albergo-ristorante-cacciatori.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'albergo-ristorante-cacciatori.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl06.actalis.it/Repository/AUTHDV-G2/getLastCRL'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d55534e66482aa2d6f5681fcb8c8df7a8a4a571a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a0077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016f3b48d9df0000040300483046022100f8e1fc8191cfd76e85935cf303026a0bdeddb6e09420242b88a79660cec1463f0221008ef7ea0aa9fa364801380d995a466a6a21c511b12e587d9e46f27187df05c5cd0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f3b48d9b70000040300483046022100f1ef69778dae551b81c9ccfd41f2fecf305762e7bbbfc0de5cca98b6fdd68bf2022100f81575328bbd644ab583ccf00ea5f4a6265543a8c508415c958715302ace65bb007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016f3b48d9b00000040300473045022100ac9dd243348ca4e9260e3f8f6fc0f61800e5114347d828229e7ef373410257b102203935031dd06ba71f23c3c68e2f03b478799c38ca3076f5d7c7626579d4357c34
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0052f358fb1f4276cdb3a45f980db4a4c62b287aaf317f3be4ed6687e7c84b89716d3dca0bb1640493772f6379b7d3f663f2b9c8c871d61dcb32bc5c3e2ee6c625c34beca8453ab182d7c93bbb3722913e3b77f36bebf288454c45be77fe13cb3286fef99fd505a92ecd5cf2dfb8c71ee39c3cc4f81f7a474504e0ee2424e61ac48931174c9fd111fedfd5a9f2cfed04833c73a2f5fe99e93ed2f6feea5f02b59e9c6086a1bbd1f4e53c3d76cdc9ebe80825065a2c2ffbf3c801e42491645c405d06ec2a907e8cc7d5f25e36a9e03bf7256c12dc35ee4475edad6c43ace9abedf215188188b32dbbe7ec025c630ae4471df0f0518cdcae5cb0923b007ed82473bb