onelovekmc.com
Issued by R3
About this certificate
This digital certificate with serial number 04:12:18:2c:e8:1a:e3:c3:5e:78:5a:02:2b:62:49:4e:f2:ae was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=onelovekmc.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:12:18:2c:e8:1a:e3:c3:5e:78:5a:02:2b:62:49:4e:f2:aeSerial Number (int): 354606360972227941998646913444378024276654
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 9f:7e:0b:29:0d:21:eb:28:25:b3:b5:66:d1:bd:24:25:f3:57:d8:d7
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 2b:d0:71:5f:8f:0c:a5:7c:1f:3c:57:e0:bb:37:37:05:6a:4c:82:ed
Fingerprint (sha256): 67:64:68:c1:9b:18:43:af:5a:c2:82:01:6d:a9:bf:1a:4b:4a:2e:97:a8:d9:00:a9:7e:79:d3:c6:78:17:1c:8f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate onelovekmc.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for onelovekmc.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
onelovekmc.com
Other certificates including the domain name onelovekmc.com
(limited to 100 certificates)
onelovekmc.com
journeys.synergy.net.au
swernick.com
staging.onelovekmc.com
scierie-borie.fr
cfaukansanfernando.turnosweb.app
gvindia.org
webinar.iasaglobal.com
onelovekmc.com
rockersesports.com
sunjoined.com
www.medici.vc
gemuesesinddieneuensneakers.eu
www.funeralchecklist.com
create.ourtreasurehunt.com
rockersesports.com
www.frontfiles.com
www.nortenoboots.com.mx
gvindia.org
onelovekmc.com
dbarros.dev
leafy.earth
onelovekmc.com
leafy.earth
www.frontfiles.com
www.exenea.com
app.datanamo.com
hmlg.onb.vc
www.fizenco.com
www.nortenoboots.com.mx
dev.getreplayapp.com
www.carnaubal.ce.gov.br
www.pilatesestudioa.com.br
onelovekmc.com
moellnitz.org
test.inhalt.dk
www.kelimat.app
www.zartexvertagen.com
figure1-admin-staging.figure1.com
www.calories.fyi
nimbook.tk
meteolytics.ca
bridgefoundry.org
meteolytics.ca
admin.sunbears.com
futures-photography.com
blog.thestyl.us
naturivida.emaiswallet.com
post.predigle.com
app.bricks4schoolz.com
bochud.com
nc.conversionomics.com
link.sicoobnet.com.br
blog.thestyl.us
onelovekmc.com
www.aosfj.com
coral.innoqua.jp
gemuesesinddieneuensneakers.eu
eyecode.co.za
www.onelovekmc.com
hadanikki.com
www.vibewave.app
www.debugdungeon.com
bridgefoundry.org
app-live-score.smartcricket.com
tehtavaluokat.fi
staging.onelovekmc.com
a2dweb.com
greatcliff.se
doc.aiqahealth.com
canvasu.agregar.io
www.vibewave.app
webinar.iasaglobal.com
admin.ondamotoboy.com.br
www.clockcode.io
onelovekmc.com
www.camillely.com
www.naturalhappy.fr
app.youth611.org
thara.jp
cfaukansanfernando.turnosweb.app
cv.jackjoynson.co.uk
www.godutch.app
carez.yangchigi.com
admin.sunbears.com
www.hevoshieroja.info
www.hoodooware.org
gc.staging.quintoandar.com.br
onelovekmc.com
post.predigle.com
www.clockcode.io
app.youth611.org
jubo.onelovekmc.com
thara.jp
www.uhspremium.com
staging.onelovekmc.com
journeys.synergy.net.au
swernick.com
staging.onelovekmc.com
scierie-borie.fr
cfaukansanfernando.turnosweb.app
gvindia.org
webinar.iasaglobal.com
onelovekmc.com
rockersesports.com
sunjoined.com
www.medici.vc
gemuesesinddieneuensneakers.eu
www.funeralchecklist.com
create.ourtreasurehunt.com
rockersesports.com
www.frontfiles.com
www.nortenoboots.com.mx
gvindia.org
onelovekmc.com
dbarros.dev
leafy.earth
onelovekmc.com
leafy.earth
www.frontfiles.com
www.exenea.com
app.datanamo.com
hmlg.onb.vc
www.fizenco.com
www.nortenoboots.com.mx
dev.getreplayapp.com
www.carnaubal.ce.gov.br
www.pilatesestudioa.com.br
onelovekmc.com
moellnitz.org
test.inhalt.dk
www.kelimat.app
www.zartexvertagen.com
figure1-admin-staging.figure1.com
www.calories.fyi
nimbook.tk
meteolytics.ca
bridgefoundry.org
meteolytics.ca
admin.sunbears.com
futures-photography.com
blog.thestyl.us
naturivida.emaiswallet.com
post.predigle.com
app.bricks4schoolz.com
bochud.com
nc.conversionomics.com
link.sicoobnet.com.br
blog.thestyl.us
onelovekmc.com
www.aosfj.com
coral.innoqua.jp
gemuesesinddieneuensneakers.eu
eyecode.co.za
www.onelovekmc.com
hadanikki.com
www.vibewave.app
www.debugdungeon.com
bridgefoundry.org
app-live-score.smartcricket.com
tehtavaluokat.fi
staging.onelovekmc.com
a2dweb.com
greatcliff.se
doc.aiqahealth.com
canvasu.agregar.io
www.vibewave.app
webinar.iasaglobal.com
admin.ondamotoboy.com.br
www.clockcode.io
onelovekmc.com
www.camillely.com
www.naturalhappy.fr
app.youth611.org
thara.jp
cfaukansanfernando.turnosweb.app
cv.jackjoynson.co.uk
www.godutch.app
carez.yangchigi.com
admin.sunbears.com
www.hevoshieroja.info
www.hoodooware.org
gc.staging.quintoandar.com.br
onelovekmc.com
post.predigle.com
www.clockcode.io
app.youth611.org
jubo.onelovekmc.com
thara.jp
www.uhspremium.com
staging.onelovekmc.com
Certificate
The complete raw certificate details for onelovekmc.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6DCCA9CgAwIBAgISBBIYLOga48NeeFoCK2JJTvKuMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MTAyMTMzNDRaFw0yNDA4MDgyMTMzNDNaMBkxFzAVBgNVBAMT Dm9uZWxvdmVrbWMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA nh07kAz9h5nIkz/xfbcxbzoNqbdHhubeMbE3IP99s/UUnflAwQcTIjWQRy/S5lKq X5Nj7bnwA56MhDj8bCayeo6sYf9chzUzH++h4pYlLZmkvtuJsCxBX+hNnEOkCghF CyVlujS7nswExoR7vu3F/vakvp0BWiMlhnBrOs2DM9V90+GMkxAeCs18fJNaNHvz V+mgQQWZsbefYUvgxdcjS+NAIOC8N6BqStT9wWMWr0clSZjascOpuLfIRo3zi5J0 oiBI8x4gfx9NQU9vvuhuxx3YSsVqElxCxj4qm0teZ4Kb1uC55NA9A9TUaJQS6oox +vqz4PPro0rXTut18SHBywIDAQABo4ICDzCCAgswDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBSffgspDSHrKCWztWbRvSQl81fY1zAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzAZBgNVHREEEjAQgg5vbmVsb3Zla21jLmNvbTATBgNVHSAEDDAKMAgGBmeBDAEC ATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AEiw42vapkc0D+VqAvqdMOscUgHL Vt0sgdm7v6s52IRzAAABj2SkDy0AAAQDAEYwRAIgE/PMVg97p+ta+hg6vkajH5Oq fgjbO28ahSwl7z5nvFYCIFwzrBU74Mgu/TskZ2QWoWEwDmhdUuYq3q597SPkeZB7 AHYA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGPZKQP4QAABAMA RzBFAiEAyqL+vX9urvZmSaoHxfEPZo/OhXYocueBneYEjkNnsEICID2Bs5XmpIlG zHWPGY4xl5Pf4OFiL2dS6ksn1JkSMvP4MA0GCSqGSIb3DQEBCwUAA4IBAQAv75HT RFEQbNdfHt0aqrL/nQIb56dC3Yr0fCautIrpNjppG9PWfT1Fz6ppthMwzzBiVk8T 0ORXum82lZFt7/fxSBbInWebBTr0xlEFfE3iUFWOdlTCH3viiPHxsDpcaTclItK2 sYmUJcsTDRpxCsNG+R0l/B/cmu6F6ruPnTBRbWNEoPyjsaKnQOLRQhO8K26cDI0E huAQJjiNZ8NCf8TYUGSz2yWw5SPlSJdS9MpNMV73p/WrXtQahbrU1ynR049+myHW lsHg9OWvYmqcFKN8bUT9+MJE9e3yc3c1CX7ySnlBNSpSnmQ2E53zblJes1nnm7Bt 5GBS4xJB/Yjefhfa -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh07kAz9h5nIkz/xfbcx bzoNqbdHhubeMbE3IP99s/UUnflAwQcTIjWQRy/S5lKqX5Nj7bnwA56MhDj8bCay eo6sYf9chzUzH++h4pYlLZmkvtuJsCxBX+hNnEOkCghFCyVlujS7nswExoR7vu3F /vakvp0BWiMlhnBrOs2DM9V90+GMkxAeCs18fJNaNHvzV+mgQQWZsbefYUvgxdcj S+NAIOC8N6BqStT9wWMWr0clSZjascOpuLfIRo3zi5J0oiBI8x4gfx9NQU9vvuhu xx3YSsVqElxCxj4qm0teZ4Kb1uC55NA9A9TUaJQS6oox+vqz4PPro0rXTut18SHB ywIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 354606360972227941998646913444378024276654 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-10 21:33:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-08 21:33:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'onelovekmc.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19960067349891933646818385530145885270909732075397038730729701654360220336792719407655787960924356906536844883640371463384771224248492105478682013173096914335747860290087367928952230213429509790802523395876417475276591997637471932934726839296621710432523239527206105135139580639213285216700637472714799332051725115472304626787089332266975877123080303258942611179657402125437216575054953768174743702504957432433623311177033060139284439386794664756096558612635909556569884204578696109254549749310640101637388631325894365207770831766774158228594054892729133507952784997963752965766943684572497017115479213752033891959243 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9f7e0b290d21eb2825b3b566d1bd2425f357d8d7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onelovekmc.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f64a40f2d0000040300463044022013f3cc560f7ba7eb5afa183abe46a31f93aa7e08db3b6f1a852c25ef3e67bc5602205c33ac153be0c82efd3b24676416a161300e685d52e62adeae7ded23e479907b007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f64a40fe10000040300473045022100caa2febd7f6eaef66649aa07c5f10f668fce85762872e7819de6048e4367b04202203d81b395e6a48946cc758f198e319793dfe0e1622f6752ea4b27d4991232f3f8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002fef91d34451106cd75f1edd1aaab2ff9d021be7a742dd8af47c26aeb48ae9363a691bd3d67d3d45cfaa69b61330cf3062564f13d0e457ba6f3695916deff7f14816c89d679b053af4c651057c4de250558e7654c21f7be288f1f1b03a5c69372522d2b6b1899425cb130d1a710ac346f91d25fc1fdc9aee85eabb8f9d30516d6344a0fca3b1a2a740e2d14213bc2b6e9c0c8d0486e01026388d67c3427fc4d85064b3db25b0e523e5489752f4ca4d315ef7a7f5ab5ed41a85bad4d729d1d38f7e9b21d696c1e0f4e5af626a9c14a37c6d44fdf8c244f5edf2737735097ef24a7941352a529e6436139df36e525eb359e79bb06de46052e31241fd88de7e17da