cargolux.com
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 01:c8:71:e1:08:89:53:1b:44:90:f3:43:7f:45:0b:35 was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=cargolux.com
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:c8:71:e1:08:89:53:1b:44:90:f3:43:7f:45:0b:35Serial Number (int): 2369997108755555122122620092801157941
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: e5:1f:e7:ed:15:73:a7:2e:fb:bb:87:b0:d5:59:77:4f:b8:b0:1b:65
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 37:e2:67:1c:f6:39:ce:78:f8:c5:a7:de:29:f9:5e:55:74:5d:2d:7f
Fingerprint (sha256): 6a:80:1c:72:88:0e:c1:c9:aa:f1:a8:18:49:b4:7a:6e:3c:70:02:27:86:09:d9:14:6d:79:8f:fb:c5:6a:59:67
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate cargolux.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cargolux.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cargolux.com
Other certificates including the domain name cargolux.com
(limited to 100 certificates)
www.cargolux.com
cargolux.com
*.cargolux.com
www.cargolux.com
sip.champ.aero
www.cargolux.com
www.cargolux.com
CVZPWEUASAVAS01.cargolux.com
anniversary.cargolux.com
www.cargolux.com
sync.cargolux.com
cargolux.com
*.cargolux.com
cargolux.com
cargolux.com
cargolux.com
cargolux.com
sync.cargolux.com
*.cargolux.com
cargolux.com
sync.cargolux.com
www.cargolux.com
sip.champ.aero
sync.cargolux.com
www.cargolux.com
sync.cargolux.com
sip.champ.aero
www.cargolux.com
*.cargolux.com
www.cargolux.com
*.cargolux.com
sync.cargolux.com
sync.cargolux.com
sip.champ.aero
anniversary.cargolux.com
sync.cargolux.com
www.cargolux.com
*.cargolux.com
cargolux.com
*.cargolux.com
www.cargolux.com
sip.champ.aero
www.cargolux.com
www.cargolux.com
CVZPWEUASAVAS01.cargolux.com
anniversary.cargolux.com
www.cargolux.com
sync.cargolux.com
cargolux.com
*.cargolux.com
cargolux.com
cargolux.com
cargolux.com
cargolux.com
sync.cargolux.com
*.cargolux.com
cargolux.com
sync.cargolux.com
www.cargolux.com
sip.champ.aero
sync.cargolux.com
www.cargolux.com
sync.cargolux.com
sip.champ.aero
www.cargolux.com
*.cargolux.com
www.cargolux.com
*.cargolux.com
sync.cargolux.com
sync.cargolux.com
sip.champ.aero
anniversary.cargolux.com
sync.cargolux.com
www.cargolux.com
*.cargolux.com
Certificate
The complete raw certificate details for cargolux.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHhDCCBWygAwIBAgIQAchx4QiJUxtEkPNDf0ULNTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMxMDMwMDAwMDAwWhcNMjQwNDMwMjM1OTU5WjAXMRUwEwYDVQQDEwxjYXJnb2x1 eC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChFEY3/qZKYR4h 4/SaC7wRbfKQCOQCTwRvPgnclLe3Gnj8BlPvFlxSu53/jmpSli2SCLa3c1PciniI EZpOVViIzmReoqOYwbcVSFC/14JW0LzZB3glHGQrpXgeId2xKfojxZmOJVAjq68k LblHV4GDbyyfRL6MlDSc8gvY//PBpz0Q14g8grgDr5L5p86Ev1B+YOEAgWP/YxIA /o2OIa0b0IWE2AmMPPBslcEqoIrf7APJFQizqSLaTtRqb3/MusullNRLWGXKoDu0 7OXtifSgKWrXyP7T/UJ2N6NH31CJdJxm07MkYYUlJKIX6cGRMuWSNDaqT8HAKmu4 I2K7hagZAgMBAAGjggOFMIIDgTAfBgNVHSMEGDAWgBSltNbrNsTna6bfxGQLASog BLhmIzAdBgNVHQ4EFgQU5R/n7RVzpy77u4ew1Vl3T7iwG2UwFwYDVR0RBBAwDoIM Y2FyZ29sdXguY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEW G2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNVHR8EgZcwgZQwSKBGoESG Qmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQw OTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0cDovL2NybDQuZGlnaWNlcnQu Y29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMIGH BggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0 LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0dl b1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3J0MAwGA1UdEwEB /wQCMAAwggF7BgorBgEEAdZ5AgQCBIIBawSCAWcBZQB2AHb/iD8KtvuVUcJhzPWH ujS0pM27KdxoQgqf5mdMWjp0AAABi35OB1EAAAQDAEcwRQIgDX8kzaRtmNsykqXi sqZlNrTJOi33DhbqsP82azGA5wwCIQCjo71eMsqJmnYGhBdmnaB8rsnb6YgyJ1nb bghKtPOQ8wB0AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi35O B00AAAQDAEUwQwIgSVRIkJDDq4k/CwAgjkY8280VT79s5KAeSQO+1egp+kICH1FN SkUBjf8SshkWQNwoHsG7/EK0s85D6crVDyWEG9oAdQA7U3d1Pi25gE6LMFsG/kA7 Z9hPw/THvQANLXJv4frUFwAAAYt+TgeEAAAEAwBGMEQCIDX4YqeUXGWsI/f7J180 lKYJ5hZUSnWm1SAqKZUSECUVAiB55cS8wC0/K+RZV9CeqlCl1O5NIS5QRnJpH/Fo 0sgogzANBgkqhkiG9w0BAQsFAAOCAgEAl29d+H46A9YH5orfJBWNaxS3+KGylFTi dUZyRLE05hFxf74CUH2EGAb2iZT0/otvmKH2zeqFr4TvxWjzP7E3XuBU0tE+vIxI tLPRI7EVxhcXtpSN20lbuSjpUWpmA5XU1H0mNshrJOLpvaQmntrBmWLXH3HvHDZo 9w4sKKiUNEVCekhsdbPA2jpLGnm3V/Uav8F1ELiUDDngiegvYKmMyuL+Ihr5D7tG rqwEWh2NYpuOPu266VKVrixQDj+UUhLEUnVvmsJkRbh4qGgzj7zSOAphpHC8Phyy DB6cPvV7qJkxJXkQVd5+6aPEjV0XbSec4DKIlWsdtifkzhZ/3jO1idgg6KMQ+cba FoPKbUe9+5IN9hpvdFlnsAGyAhw9zoPLgzXQnlegk5y2RzixxpBayfkuL1p4VOsL 5SU6fJtatWVtYRaxQ8/bsfg0Xp8KeQMxgh1+9uMjtCabbf2Z0QkmwVDSWLQ3xmIl LaPdYa++t6cX3D8x18zZirOd48GwmI9Holb58d8tCJRCRNJCYL7MfUH6Peddd7uV 5Di3Ew7P0XdUIooa3TYBIrT82GxLRkWdsh0s6bybmrq/vTlEcsMMXFASKKzGOsGV vTsIBQkoghUxQdOWcp64aKOwEU7anFhwpZucE130rbz+j4QzCVCu8nohYZGII/jz RtQxNxN2xq4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRRGN/6mSmEeIeP0mgu8 EW3ykAjkAk8Ebz4J3JS3txp4/AZT7xZcUrud/45qUpYtkgi2t3NT3Ip4iBGaTlVY iM5kXqKjmMG3FUhQv9eCVtC82Qd4JRxkK6V4HiHdsSn6I8WZjiVQI6uvJC25R1eB g28sn0S+jJQ0nPIL2P/zwac9ENeIPIK4A6+S+afOhL9QfmDhAIFj/2MSAP6NjiGt G9CFhNgJjDzwbJXBKqCK3+wDyRUIs6ki2k7Uam9/zLrLpZTUS1hlyqA7tOzl7Yn0 oClq18j+0/1CdjejR99QiXScZtOzJGGFJSSiF+nBkTLlkjQ2qk/BwCpruCNiu4Wo GQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2369997108755555122122620092801157941 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cargolux.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20334364725493717650513273470981418075489963227450453803832545192961990246249633945997563618276653636847116131072096557448928582387832846380918219797827938357583417427707202489060054026063217937485084038177490870856636467881522551753692488677842266504783475620302624722211002398897052368752256413540483362156536721026635613228752423738812139936187309841099790483748038924108622282355833579693835801940364397970835030324246477640780494536897686661159672967474354219496440332710785868935686502321066204497856857280652854811571327503939618843834702725298567444948672474495043079143523302271100669617633205242013717735449 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e51fe7ed1573a72efbbb87b0d559774fb8b01b65 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cargolux.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes) 016500760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b7e4e0751000004030047304502200d7f24cda46d98db3292a5e2b2a66536b4c93a2df70e16eab0ff366b3180e70c022100a3a3bd5e32ca899a76068417669da07caec9dbe988322759db6e084ab4f390f300740048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b7e4e074d000004030045304302204954489090c3ab893f0b00208e463cdbcd154fbf6ce4a01e4903bed5e829fa42021f514d4a45018dff12b2191640dc281ec1bbfc42b4b3ce43e9cad50f25841bda0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b7e4e07840000040300463044022035f862a7945c65ac23f7fb275f3494a609e616544a75a6d5202a299512102515022079e5c4bcc02d3f2be45957d09eaa50a5d4ee4d212e504672691ff168d2c82883 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00976f5df87e3a03d607e68adf24158d6b14b7f8a1b29454e275467244b134e611717fbe02507d841806f68994f4fe8b6f98a1f6cdea85af84efc568f33fb1375ee054d2d13ebc8c48b4b3d123b115c61717b6948ddb495bb928e9516a660395d4d47d2636c86b24e2e9bda4269edac19962d71f71ef1c3668f70e2c28a8943445427a486c75b3c0da3a4b1a79b757f51abfc17510b8940c39e089e82f60a98ccae2fe221af90fbb46aeac045a1d8d629b8e3eedbae95295ae2c500e3f945212c452756f9ac26445b878a868338fbcd2380a61a470bc3e1cb20c1e9c3ef57ba8993125791055de7ee9a3c48d5d176d279ce03288956b1db627e4ce167fde33b589d820e8a310f9c6da1683ca6d47bdfb920df61a6f745967b001b2021c3dce83cb8335d09e57a0939cb64738b1c6905ac9f92e2f5a7854eb0be5253a7c9b5ab5656d6116b143cfdbb1f8345e9f0a790331821d7ef6e323b4269b6dfd99d10926c150d258b437c662252da3dd61afbeb7a717dc3f31d7ccd98ab39de3c1b0988f47a256f9f1df2d08944244d24260becc7d41fa3de75d77bb95e438b7130ecfd17754228a1add360122b4fcd86c4b46459db21d2ce9bc9b9ababfbd394472c30c5c501228acc63ac195bd3b0805092882153141d396729eb868a3b0114eda9c5870a59b9c135df4adbcfe8f84330950aef27a2161918823f8f346d431371376c6ae