claremontmckenna.edu

Issued by R3

About this certificate

This digital certificate with serial number 03:30:0f:35:a0:9b:ad:a3:b2:d0:e2:e8:6a:09:b8:bb:fa:46 was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=claremontmckenna.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:30:0f:35:a0:9b:ad:a3:b2:d0:e2:e8:6a:09:b8:bb:fa:46
Serial Number (int): 277690628276675702850091986079702486612550
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 9a:fd:9c:5c:25:27:f7:3d:a7:63:fa:00:6a:0c:82:e1:98:41:d4:9a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 9b:a6:44:5e:8d:ec:a2:0e:69:b0:4b:26:9d:b8:45:40:5f:fc:4e:d3
Fingerprint (sha256): 66:db:3c:17:db:60:cd:33:0b:64:ca:27:c6:50:55:bb:2e:fb:82:2b:7a:ae:c2:0a:8f:38:17:87:66:33:65:18

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate claremontmckenna.edu

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for claremontmckenna.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

claremontmckenna.edu
cmc.edu
d8.cmc.edu
www.claremontmckenna.edu
www.cmc.edu

Other certificates including the domain name claremontmckenna.edu

(limited to 100 certificates)
cmapx1.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
email.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
5689413791121408-fe4.pantheonsite.io
claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
*.claremontmckenna.edu
catalog.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
email.claremontmckenna.edu
*.claremontmckenna.edu
www.cmc.edu
5663052624035840-fe4.pantheonsite.io
5663052624035840-fe4.pantheonsite.io
5663052624035840-fe4.pantheonsite.io
catalog.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
www.claremontmckenna.edu
webdav.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
portal.claremontmckenna.edu
email2.claremontmckenna.edu
cmapx1.claremontmckenna.edu
statagw.claremontmckenna.edu
www.cmc.edu
*.claremontmckenna.edu
*.claremontmckenna.edu
*.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
www.claremontmckenna.edu
www.cmc.edu
5663052624035840-fe4.pantheonsite.io
5663052624035840-fe4.pantheonsite.io
claremontmckenna.edu
*.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
*.claremontmckenna.edu
claremontmckenna.edu
claremontmckenna.edu
*.claremontmckenna.edu
*.claremontmckenna.edu
email2.claremontmckenna.edu
claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
email.claremontmckenna.edu
email.claremontmckenna.edu
email.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
email.claremontmckenna.edu
claremontmckenna.edu
email.claremontmckenna.edu
claremontmckenna.edu
claremontmckenna.edu
cmapx2.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
claremontmckenna.edu
webdav.claremontmckenna.edu
portal.claremontmckenna.edu
email.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
*.claremontmckenna.edu
*.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
5689413791121408-fe4.pantheonsite.io
cmapx2.claremontmckenna.edu
*.claremontmckenna.edu
statagw.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
*.claremontmckenna.edu
vpn.claremontmckenna.edu
statagw.claremontmckenna.edu
*.claremontmckenna.edu
claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
vpn.claremontmckenna.edu
claremontmckenna.edu
wlan2.claremontmckenna.edu
email.claremontmckenna.edu
email.claremontmckenna.edu
catalog.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
*.claremontmckenna.edu
catalog.claremontmckenna.edu
*.claremontmckenna.edu
*.claremontmckenna.edu
email.claremontmckenna.edu
claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
portal.claremontmckenna.edu
www.claremontmckenna.edu
5663052624035840-fe4.pantheonsite.io
5663052624035840-fe4.pantheonsite.io
www.claremontmckenna.edu
*.claremontmckenna.edu
5689413791121408-fe4.pantheonsite.io
5663052624035840-fe4.pantheonsite.io

Certificate

The complete raw certificate details for claremontmckenna.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAzAPNaCbraOy0OLoagm4u/pGMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMDQxNTE4MzRaFw0yNDAxMDIxNTE4MzNaMB8xHTAbBgNVBAMT
FGNsYXJlbW9udG1ja2VubmEuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwHSnemv0wZzcXAgMkBQXztwjNHFrHpIs5axrzzrdlw7T+GZAQLPiUvSZ
mF3ScRQ1Ni77M7wvvj8WKgEm6kmkIGsqEr1NwVO/9M+bfL4ePy1ywV87Wx7ZOVVK
4JWJMqctOtWZynJz3jX67Nda0+9B++4/N4TAaLpUnxu83mMaTL+l/8yYin0iItxx
Z3YRMvL8oMO9BWqFighCSszfIpRufGHjpEeodJZe7aLi7DcePvwyXZWi/al1YQeC
dFkrpkcgk8myhP/APzQjk3bdKAlwKQDdvQR4Y3b+bMJVibDWVrVqjLz+ybpaAJiO
jKOmp9NDC6LZPJujVsE+mvYR8y2ZVQIDAQABo4ICUDCCAkwwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBSa/ZxcJSf3Padj+gBqDILhmEHUmjAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzBbBgNVHREEVDBSghRjbGFyZW1vbnRtY2tlbm5hLmVkdYIHY21jLmVk
dYIKZDguY21jLmVkdYIYd3d3LmNsYXJlbW9udG1ja2VubmEuZWR1ggt3d3cuY21j
LmVkdTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA
7gB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABivt74O8AAAQD
AEYwRAIgKzwF4c2RSqn2p7LJCoVY4hkYARPLaAm/t1jOTP5W97QCIHcw6agt+WWX
EYayScE6u6Mo/lm0HPCZ6N/pBzY3lL40AHUA7s3QZNXbGs7FXLedtM0TojKHRny8
7N7DUUhZRnEftZsAAAGK+3vgzwAABAMARjBEAiAoDcwQBoFcMCGWCk7aIfEsGNTT
j567tQTU4sj0wacvHwIgT5iVg0KaUomEie8pVhf1uDDiv6lwAlTDzWOYyy+gcuww
DQYJKoZIhvcNAQELBQADggEBAKG2aAY6Vo/lQkE2rW/YRm0AOjuBIArOlqyubgSe
Ov9Gl+Gfb6TCinZbRu/hX5WhIF9dD9Xfi5hgSkBD7nOonk5n37IytYKRPA9uh4SF
GDStrcc42yhWqXOyOdQjfAP4GzwOsjp32aDYeBynzX88RenLFbqszyPZLU6QlKEL
CojixZ/Hc/q6LbnYagnxsrkKpdL4tosOHz3d55D9NFxe7+V5B1uphvvDv17tNq8Q
A2YYpLgQfzt/UqTApotoAtfvFUXjeEPwmCHDSHALyONrgshrHczSMD+9+T0kw48w
kVderSM6e5MHj4PeCMVaTXCCOGIm6FOhogyJigr0tr6dpq8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHSnemv0wZzcXAgMkBQX
ztwjNHFrHpIs5axrzzrdlw7T+GZAQLPiUvSZmF3ScRQ1Ni77M7wvvj8WKgEm6kmk
IGsqEr1NwVO/9M+bfL4ePy1ywV87Wx7ZOVVK4JWJMqctOtWZynJz3jX67Nda0+9B
++4/N4TAaLpUnxu83mMaTL+l/8yYin0iItxxZ3YRMvL8oMO9BWqFighCSszfIpRu
fGHjpEeodJZe7aLi7DcePvwyXZWi/al1YQeCdFkrpkcgk8myhP/APzQjk3bdKAlw
KQDdvQR4Y3b+bMJVibDWVrVqjLz+ybpaAJiOjKOmp9NDC6LZPJujVsE+mvYR8y2Z
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 277690628276675702850091986079702486612550
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-04 15:18:34 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-02 15:18:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'claremontmckenna.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24295278889261962340330570593076765092564594026629510040566849443941721212705222905469227342749655760761925628146467776896918161669177237506061638055976839317974540229085566909601290432792766688540743857041618507082302908209321494362376641574366690514136936988276436757394515726000349835912320682069511736058985263380188984941851626522348036976567257123937402752130277851931257557691396509910741392947845349707974538616547869499133806197294376341097227039876415788275764051935080580783290065738507278734728703160147978353048962982659390140744073959855669537306275821116832669307766091573181749448001568724078979553621
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9afd9c5c2527f73da763fa006a0c82e19841d49a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'claremontmckenna.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'd8.cmc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.claremontmckenna.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmc.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018afb7be0ef000004030046304402202b3c05e1cd914aa9f6a7b2c90a8558e219180113cb6809bfb758ce4cfe56f7b402207730e9a82df965971186b249c13abba328fe59b41cf099e8dfe907363794be34007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018afb7be0cf00000403004630440220280dcc1006815c3021960a4eda21f12c18d4d38f9ebbb504d4e2c8f4c1a72f1f02204f989583429a52898489ef295617f5b830e2bfa9700254c3cd6398cb2fa072ec
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a1b668063a568fe5424136ad6fd8466d003a3b81200ace96acae6e049e3aff4697e19f6fa4c28a765b46efe15f95a1205f5d0fd5df8b98604a4043ee73a89e4e67dfb232b582913c0f6e8784851834adadc738db2856a973b239d4237c03f81b3c0eb23a77d9a0d8781ca7cd7f3c45e9cb15baaccf23d92d4e9094a10b0a88e2c59fc773faba2db9d86a09f1b2b90aa5d2f8b68b0e1f3ddde790fd345c5eefe579075ba986fbc3bf5eed36af10036618a4b8107f3b7f52a4c0a68b6802d7ef1545e37843f09821c348700bc8e36b82c86b1dccd2303fbdf93d24c38f3091575ead233a7b93078f83de08c55a4d7082386226e853a1a20c898a0af4b6be9da6af