explorecuriocity.org

Issued by R3

About this certificate

This digital certificate with serial number 04:92:28:64:17:5b:71:49:b0:0e:69:45:14:fe:5b:ce:1e:f2 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=explorecuriocity.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:92:28:64:17:5b:71:49:b0:0e:69:45:14:fe:5b:ce:1e:f2
Serial Number (int): 398184058120755496931710755254027437350642
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 97:78:b5:29:5e:15:75:f3:7a:fd:cd:bf:11:6d:e7:c3:cf:dd:5c:f8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 4c:78:b7:82:f0:57:48:18:6d:c1:97:43:9f:3b:d6:df:74:17:4a:f5
Fingerprint (sha256): 72:2d:07:f0:9f:a2:b9:6d:9d:02:13:71:44:f1:d1:d3:7d:6f:db:74:2c:64:ba:1f:33:42:79:d2:ea:f6:f9:ea

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate explorecuriocity.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for explorecuriocity.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

explorecuriocity.org
www.explorecuriocity.org

Other certificates including the domain name explorecuriocity.org

(limited to 100 certificates)
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
pps.explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
explorecuriocity.org
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca

Certificate

The complete raw certificate details for explorecuriocity.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISBJIoZBdbcUmwDmlFFP5bzh7yMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMjYxMTEwNThaFw0yNDAxMjQxMTEwNTdaMB8xHTAbBgNVBAMT
FGV4cGxvcmVjdXJpb2NpdHkub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEA0m+b9WP5Qec8WbwXF1LG0MO9OPUXksnIA/pd8egQQQz1ADrirA6vEzfm
pWpbdMsiy9f2uqxLGoeTMXcFWkB/SUpte2ZXx+3g0vhRutkME0TjHH+EC2XEwoRc
7Nrt0sAMTkBzCAimpuCUECSlCGoZ0fGSkrJxF2NLIzix3qEe+Y1mBAkCCkXqKyK5
kIbkCqzqKmC4NuuBOy1/2zuvtAqMIlvc5e3DPE6ThXJUfP/faCB4P+jL6kPbX2jh
pT5Z1NmzXZ0pRkpFQNcjs4i91l3YTu9Uo7Ob3dceJjdniqavw98jiBCtQZvhV1AG
bYcYKP6QmrrvoZgqX7baKW9UNY6u9rVSWPXWfw6IdaYX5rH53+EmmOnpBs7mxqxH
cJG0yH24v+/ctvrpDn+P31EGLIXggQlusWK5jwEedb0j6nqcxPFLH+RQ+gvUfFvW
jhqhmLC6x6KAMor8QdAAAVZ0QlnSgn9dvbcKyAw5jh4pcgLztF0xc92jy10hug+u
SH52hJ98MhJ9Sku0g4268Wj+HN0nTs93Yb3TkfsOArLtYLfSs1RWVlGSMtFMQesN
uslV/P65lnxXxqIEfM7005PtQqatw8bH5RXWm0ZPma5cO8dLeCG9gvYaSiYYkHw6
fHStG32e3NxfUPwehgORG2BOFhB2NMVfnFfK+wH6vG1RkxnhGAMCAwEAAaOCAi4w
ggIqMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUl3i1KV4VdfN6/c2/EW3nw8/dXPgw
HwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBH
MCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKG
Fmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wOQYDVR0RBDIwMIIUZXhwbG9yZWN1cmlv
Y2l0eS5vcmeCGHd3dy5leHBsb3JlY3VyaW9jaXR5Lm9yZzATBgNVHSAEDDAKMAgG
BmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AO7N0GTV2xrOxVy3nbTN
E6Iyh0Z8vOzew1FIWUZxH7WbAAABi2vlHHUAAAQDAEYwRAIgQ+spYcv5hiO5CaBB
aBKlZ2okXZ+0nlKVOPwxBTBXMSwCIAa6lcTAvLuRxKKpVfyvT34sybxHhw06FrPZ
acmoMSt7AHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGLa+Uc
iwAABAMARjBEAiBzccGbePyPAy/tloPwqt8AwIiF2BblN7qgdz+jom80mgIgbUm8
cKCc/RL43oUl9bWqmpPvV7i8jYD7DyoNSJF4JWowDQYJKoZIhvcNAQELBQADggEB
AHVal0/l8IKP99vScxLRrchiyOI0QlgvNYCny3+QkheWqa2JSX0+nfBjXiA/U4wE
yvEzWJU1YwX0cTkR7oiV8ESXXUefIiCQk37cFe933ZL7Q9pfxZt1ZeAKwAqhMeh/
NHgrwV7zJd1nUcgPvMGt5srlfd8sgeDYMIxGdGWosbhjIad0aGYOjB8Dd1NS1KlI
1O2ggJ5osR+QkyqPb8TndTCNIP4CJ/y+/kaJVUwIt94/zr5eJLMOG9grCLJbFIrp
aIOG1KwO3URIxy0ogyV75yNxsVb1d9S9CSpL2sOiuWqT4Db+75jnJOv10kKOTymY
8WRJK8iPvnuUMGt2DPK2ByM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0m+b9WP5Qec8WbwXF1LG
0MO9OPUXksnIA/pd8egQQQz1ADrirA6vEzfmpWpbdMsiy9f2uqxLGoeTMXcFWkB/
SUpte2ZXx+3g0vhRutkME0TjHH+EC2XEwoRc7Nrt0sAMTkBzCAimpuCUECSlCGoZ
0fGSkrJxF2NLIzix3qEe+Y1mBAkCCkXqKyK5kIbkCqzqKmC4NuuBOy1/2zuvtAqM
Ilvc5e3DPE6ThXJUfP/faCB4P+jL6kPbX2jhpT5Z1NmzXZ0pRkpFQNcjs4i91l3Y
Tu9Uo7Ob3dceJjdniqavw98jiBCtQZvhV1AGbYcYKP6QmrrvoZgqX7baKW9UNY6u
9rVSWPXWfw6IdaYX5rH53+EmmOnpBs7mxqxHcJG0yH24v+/ctvrpDn+P31EGLIXg
gQlusWK5jwEedb0j6nqcxPFLH+RQ+gvUfFvWjhqhmLC6x6KAMor8QdAAAVZ0QlnS
gn9dvbcKyAw5jh4pcgLztF0xc92jy10hug+uSH52hJ98MhJ9Sku0g4268Wj+HN0n
Ts93Yb3TkfsOArLtYLfSs1RWVlGSMtFMQesNuslV/P65lnxXxqIEfM7005PtQqat
w8bH5RXWm0ZPma5cO8dLeCG9gvYaSiYYkHw6fHStG32e3NxfUPwehgORG2BOFhB2
NMVfnFfK+wH6vG1RkxnhGAMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 398184058120755496931710755254027437350642
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 11:10:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-24 11:10:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'explorecuriocity.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 858503870941295578729130975889832971538688030244759237590987678568812251556801653079752808252791452216405674844383679762383479728714985822758942848763405764722294318074579045862529397594081682722913237949633578033154356776917430737930191177638799218052006415666387692066751161948279349158130055863814319786913891563242939326543495744258675509235552862240180118918806031265732791313713282479667620840079546214610220588061790433958591034309644048413833862742102425283062420050203763324114763764866882648331851542803089468220394498947833841662612517067212193422965203272675984111055004578772514997996562614052693193069128877076285562772247320547226518770425951970349170080354689969707142605700617408189854285789960000867670160993185591514332389567520014823053068386003890544154078041500329089463601812925632167839241845488618711075690142736477432717330251341171108800143651066713732317154891109213023242772040530313464951193099689184724153103639642594709212382703736053916239938713689466556970650953900173926159317250239956207407870161989272045972485158550046683153607817663578227042686430605737199544629479727144146225206229794117986413179924843256463526541266852098917990315370220873360517208943883983952313244322088759661132465117187
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9778b5295e1575f37afdcdbf116de7c3cfdd5cf8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'explorecuriocity.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.explorecuriocity.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b6be51c750000040300463044022043eb2961cbf98623b909a0416812a5676a245d9fb49e529538fc31053057312c022006ba95c4c0bcbb91c4a2a955fcaf4f7e2cc9bc47870d3a16b3d969c9a8312b7b0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b6be51c8b000004030046304402207371c19b78fc8f032fed9683f0aadf00c08885d816e537baa0773fa3a26f349a02206d49bc70a09cfd12f8de8525f5b5aa9a93ef57b8bc8d80fb0f2a0d489178256a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00755a974fe5f0828ff7dbd27312d1adc862c8e23442582f3580a7cb7f90921796a9ad89497d3e9df0635e203f538c04caf1335895356305f4713911ee8895f044975d479f222090937edc15ef77dd92fb43da5fc59b7565e00ac00aa131e87f34782bc15ef325dd6751c80fbcc1ade6cae57ddf2c81e0d8308c467465a8b1b86321a77468660e8c1f03775352d4a948d4eda0809e68b11f90932a8f6fc4e775308d20fe0227fcbefe4689554c08b7de3fcebe5e24b30e1bd82b08b25b148ae9688386d4ac0edd4448c72d2883257be72371b156f577d4bd092a4bdac3a2b96a93e036feef98e724ebf5d2428e4f2998f164492bc88fbe7b94306b760cf2b60723