idea.org.ar
Issued by R3
About this certificate
This digital certificate with serial number 03:22:1c:73:fa:60:ee:99:88:22:0b:4d:d3:db:2b:ae:07:21 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=idea.org.ar
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:22:1c:73:fa:60:ee:99:88:22:0b:4d:d3:db:2b:ae:07:21Serial Number (int): 272944278846895504402389731834280866088737
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6d:82:ad:da:95:20:b3:bd:5c:64:8f:e9:8d:e8:f8:b7:cc:ea:23:bd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 56:fe:f4:bf:6c:aa:68:2e:9d:d8:f6:62:16:19:03:72:75:fb:bc:16
Fingerprint (sha256): 6a:eb:8f:b0:a8:60:fa:bd:d5:11:99:fe:a6:99:8d:bb:b0:6d:87:1a:21:20:5d:8a:26:71:d5:e8:f2:5e:2c:64
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate idea.org.ar
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for idea.org.ar
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
idea.org.ar
www.idea.org.ar
www.idea.org.ar
Other certificates including the domain name idea.org.ar
(limited to 100 certificates)
idea.org.ar
54coloquio.idea.org.ar
management.idea.org.ar
www.idea.org.ar
coloquio.idea.org.ar
54coloquio.idea.org.ar
idea.org.ar
53coloquio.idea.org.ar
idea.org.ar
53coloquio.idea.org.ar
staging.idea.org.ar
54coloquio.idea.org.ar
idea.org.ar
www.idea.org.ar
53coloquio.idea.org.ar
coloquio53.idea.org.ar
idea.org.ar
www.idea.org.ar
53coloquio.idea.org.ar
coloquio53.idea.org.ar
54coloquio.idea.org.ar
coloquio54.idea.org.ar.ci7.toservers.com
idea.org.ar
54coloquio.idea.org.ar
agroindustria.idea.org.ar
idea.org.ar
idea.org.ar
staging.idea.org.ar
53coloquio.idea.org.ar
idea.org.ar
www.idea.org.ar
idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
management.idea.org.ar
testing.idea.org.ar
management.idea.org.ar
management.idea.org.ar
agroindustria2021.idea.org.ar
coloquio.idea.org.ar
idea.org.ar
53coloquio.idea.org.ar
54coloquio.idea.org.ar
www.idea.org.ar
management.idea.org.ar
www.idea.org.ar
idea.org.ar
management.idea.org.ar
idea.org.ar
idea.org.ar
54coloquio.idea.org.ar
idea.org.ar
coloquio.idea.org.ar
management.idea.org.ar
testing.idea.org.ar
management.idea.org.ar
idea.org.ar
idea.org.ar
management.idea.org.ar
management.idea.org.ar
testing.idea.org.ar
53coloquio.idea.org.ar
www.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
coloquio.idea.org.ar
management.idea.org.ar
staging.idea.org.ar
53coloquio.idea.org.ar
idea.org.ar
idea.org.ar
coloquio53.idea.org.ar
coloquio54.idea.org.ar.ci7.toservers.com
coloquio.idea.org.ar
management.idea.org.ar
coloquio.idea.org.ar
53coloquio.idea.org.ar
53coloquio.idea.org.ar
53coloquio.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
testing.idea.org.ar
management.idea.org.ar
53coloquio.idea.org.ar
53coloquio.idea.org.ar
coloquio53.idea.org.ar
management.idea.org.ar
management.idea.org.ar
staging.idea.org.ar
54coloquio.idea.org.ar
management.idea.org.ar
www.idea.org.ar
coloquio.idea.org.ar
54coloquio.idea.org.ar
idea.org.ar
53coloquio.idea.org.ar
idea.org.ar
53coloquio.idea.org.ar
staging.idea.org.ar
54coloquio.idea.org.ar
idea.org.ar
www.idea.org.ar
53coloquio.idea.org.ar
coloquio53.idea.org.ar
idea.org.ar
www.idea.org.ar
53coloquio.idea.org.ar
coloquio53.idea.org.ar
54coloquio.idea.org.ar
coloquio54.idea.org.ar.ci7.toservers.com
idea.org.ar
54coloquio.idea.org.ar
agroindustria.idea.org.ar
idea.org.ar
idea.org.ar
staging.idea.org.ar
53coloquio.idea.org.ar
idea.org.ar
www.idea.org.ar
idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
management.idea.org.ar
testing.idea.org.ar
management.idea.org.ar
management.idea.org.ar
agroindustria2021.idea.org.ar
coloquio.idea.org.ar
idea.org.ar
53coloquio.idea.org.ar
54coloquio.idea.org.ar
www.idea.org.ar
management.idea.org.ar
www.idea.org.ar
idea.org.ar
management.idea.org.ar
idea.org.ar
idea.org.ar
54coloquio.idea.org.ar
idea.org.ar
coloquio.idea.org.ar
management.idea.org.ar
testing.idea.org.ar
management.idea.org.ar
idea.org.ar
idea.org.ar
management.idea.org.ar
management.idea.org.ar
testing.idea.org.ar
53coloquio.idea.org.ar
www.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
coloquio.idea.org.ar
management.idea.org.ar
staging.idea.org.ar
53coloquio.idea.org.ar
idea.org.ar
idea.org.ar
coloquio53.idea.org.ar
coloquio54.idea.org.ar.ci7.toservers.com
coloquio.idea.org.ar
management.idea.org.ar
coloquio.idea.org.ar
53coloquio.idea.org.ar
53coloquio.idea.org.ar
53coloquio.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
54coloquio.idea.org.ar
testing.idea.org.ar
management.idea.org.ar
53coloquio.idea.org.ar
53coloquio.idea.org.ar
coloquio53.idea.org.ar
management.idea.org.ar
management.idea.org.ar
staging.idea.org.ar
Certificate
The complete raw certificate details for idea.org.ar in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgISAyIcc/pg7pmIIgtN09srrgchMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjEyMDAyMjNaFw0yMzEyMjAyMDAyMjJaMBYxFDASBgNVBAMT C2lkZWEub3JnLmFyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyouy zf8Qaj+A61e2Z4MEMC/Ph9j52NYxYLIYuT5Qzf8qW0BUBoQR1gXwh+Q8ILUlILiU mCfYzVEq/BS8pwsNyKvrtUMJE61oQVZOEhuMIqIRY5mESki4k6V5ryBT+EO7BS1l 05iobhgtE1srdsL4ALhtw8Z5IhM9QABxfYLeD+6iR7bmnbt6l6us3wQzi+uo5qR6 H2+OPFf6QOASCBnXt2ZBhaZQ460zQ/kPs2h9R2i7g3cpXl95h32IpjYlmyrk3OpL 2lmiXyMCO+jDCSpqSIF30rf13EsWDcVBan34ZSTXdIXfcqTn3VPZ8I/4de0lwg+K w/qiLLzjqVitDgJk9QIDAQABo4ICHTCCAhkwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBRtgq3alSCzvVxkj+mN6Pi3zOojvTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAn BgNVHREEIDAeggtpZGVhLm9yZy5hcoIPd3d3LmlkZWEub3JnLmFyMBMGA1UdIAQM MAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUA6D7Q2j71BjUy 51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGKuY0MLQAABAMARjBEAiAvkEZtEK7D s1cq0oBwnQL2Zyi74tLCRoFUYMBbWtQQNwIgA/6LCkEpiyNjKQITf1inAxivPgVz bBfs7SqB0TST3lUAdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAA AYq5jQyoAAAEAwBHMEUCIQDhTWVNlRbDS5hfZbs55CprYLMPKO1ycRU9eNGvjr5s iQIgZ6dLSZ0qUHXZrJREJ6bnoQIurzqy5QnZphGjM311Cd8wDQYJKoZIhvcNAQEL BQADggEBAD1TT7RN9ktOy7DqFRdDiUhwr0PSH+PY4uoyzBeO72Im6lh6T5D4steb Gkm9aF2rSRzSarivlL8L6B2gCydIw+yZyRfRN/acccitwUKOuYyQOsDTDZv2Z/jE KhcyKUpPdAvaG6q6UT5sGv3uEL2ezI+F3ibZmHWNqp4rv1Hev4N7W4r1m3CzqRhn tvpDFe57Zpv7BlHzESVlbvOhb59kssTXgtGNcOaFu0GIR+tJH92Z2s3TyiERlZ/J g4DqM/8wUWOu05qlB8I61P+QGXJxxDcw2yAu34tNiP7/yPjmOozZr3oOzXi8OZwx j83BV8t5oFvqG7Vy1Xq9Wl5y4Z9Cfo4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyouyzf8Qaj+A61e2Z4ME MC/Ph9j52NYxYLIYuT5Qzf8qW0BUBoQR1gXwh+Q8ILUlILiUmCfYzVEq/BS8pwsN yKvrtUMJE61oQVZOEhuMIqIRY5mESki4k6V5ryBT+EO7BS1l05iobhgtE1srdsL4 ALhtw8Z5IhM9QABxfYLeD+6iR7bmnbt6l6us3wQzi+uo5qR6H2+OPFf6QOASCBnX t2ZBhaZQ460zQ/kPs2h9R2i7g3cpXl95h32IpjYlmyrk3OpL2lmiXyMCO+jDCSpq SIF30rf13EsWDcVBan34ZSTXdIXfcqTn3VPZ8I/4de0lwg+Kw/qiLLzjqVitDgJk 9QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 272944278846895504402389731834280866088737 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-21 20:02:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 20:02:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'idea.org.ar' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25569025479162815777283226333345153242334329056972985998385709686866821342661414691577533540297786735373473108474124010732856051160702394123573767374364455108820873574103224936244550781120156424024755161732488324097829729629106633227767993347963320703357836631231859104497774184148393383509740457275605349239126901372288184103838567628724277751650881676918727709696577960892182360684303269038845611144227764482542611919920303032343674275411974830124921804103008504936954747456402374571159934744711321115170969461056798493825572485489843711197697196078723892199319529228327793522023135097358333755497079597591225853173 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6d82adda9520b3bd5c648fe98de8f8b7ccea23bd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idea.org.ar' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idea.org.ar' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018ab98d0c2d000004030046304402202f90466d10aec3b3572ad280709d02f66728bbe2d2c246815460c05b5ad41037022003fe8b0a41298b23632902137f58a70318af3e05736c17eced2a81d13493de55007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018ab98d0ca80000040300473045022100e14d654d9516c34b985f65bb39e42a6b60b30f28ed7271153d78d1af8ebe6c89022067a74b499d2a5075d9ac944427a6e7a1022eaf3ab2e509d9a611a3337d7509df . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003d534fb44df64b4ecbb0ea151743894870af43d21fe3d8e2ea32cc178eef6226ea587a4f90f8b2d79b1a49bd685dab491cd26ab8af94bf0be81da00b2748c3ec99c917d137f69c71c8adc1428eb98c903ac0d30d9bf667f8c42a1732294a4f740bda1baaba513e6c1afdee10bd9ecc8f85de26d998758daa9e2bbf51debf837b5b8af59b70b3a91867b6fa4315ee7b669bfb0651f31125656ef3a16f9f64b2c4d782d18d70e685bb418847eb491fdd99dacdd3ca2111959fc98380ea33ff305163aed39aa507c23ad4ff90197271c43730db202edf8b4d88feffc8f8e63a8cd9af7a0ecd78bc399c318fcdc157cb79a05bea1bb572d57abd5a5e72e19f427e8e