kulturstiftung-thueringen.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:81:7a:ac:8c:d8:1b:4d:e3:e4:b2:6a:06:43:a3:da:32:95 was issued on by Let's Encrypt.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kulturstiftung-thueringen.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:81:7a:ac:8c:d8:1b:4d:e3:e4:b2:6a:06:43:a3:da:32:95Serial Number (int): 392508630807046553973181442346863375823509
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: df:9f:76:6e:f2:06:ef:87:69:35:b5:8c:e9:45:ae:63:78:cb:d0:fa
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): c7:7c:2a:c8:a7:8d:f8:a5:4f:9a:e9:dc:c9:c5:b3:16:df:8d:84:a1
Fingerprint (sha256): 73:86:7a:ba:1c:3b:d1:ac:50:93:04:41:c4:19:dd:a2:1b:8b:c7:e9:71:43:cc:f4:5d:56:50:82:64:15:54:b6
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate kulturstiftung-thueringen.de
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kulturstiftung-thueringen.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.kulturstiftung-thueringen.de
backend.kulturstiftung-thueringen.de
cron.kulturstiftung-thueringen.de
kultstift.api.itool4.net
kultstift.b01.itool4.net
kultstift.cron.itool4.net
kultstift.f01.itool4.net
kulturstiftung-thueringen.de
www.kulturstiftung-thueringen.de
backend.kulturstiftung-thueringen.de
cron.kulturstiftung-thueringen.de
kultstift.api.itool4.net
kultstift.b01.itool4.net
kultstift.cron.itool4.net
kultstift.f01.itool4.net
kulturstiftung-thueringen.de
www.kulturstiftung-thueringen.de
Other certificates including the domain name kulturstiftung-thueringen.de
(limited to 100 certificates)
www.kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
kulturstiftung-thueringen.de
Certificate
The complete raw certificate details for kulturstiftung-thueringen.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHHjCCBgagAwIBAgISBIF6rIzYG03j5LJqBkOj2jKVMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA1MjkxMTIxMjRaFw0x ODA4MjcxMTIxMjRaMCcxJTAjBgNVBAMTHGt1bHR1cnN0aWZ0dW5nLXRodWVyaW5n ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBA0RkuPBW3Jkm Id9efjX/LPTHqxxkqcuF7vcad6EFiGaRrbv0c6LctwKM93SgyPWpJQ5siSXHnvhS zRGJ9MtamDffPUqjcV7yvQTgRXVHoaPgqHr1sdXLZgSXbrKIk4wyfoUii8tveQ7j QY4V2DyzI5PBKR4DsREGu6I9m2+DKug9rX2De5E55ixJSOfyoPShU/AG8ctxe5PG Mu7P6a+FfvTvSIDhZu9T+L+tTM1PCM1HMQzSgFKXJ+haYO4G5ulOgxvDVgBXqWvU cYq455OCe67IN4WpU1Gl4glCgsifjuy9WFdyP55gI/1ylJMtazKZY4Jbxw5iJNc6 BLD2otDbAgMBAAGjggQfMIIEGzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFN+fdm7y Bu+HaTW1jOlFrmN4y9D6MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wggEhBgNVHREEggEYMIIBFIIgYXBpLmt1bHR1cnN0 aWZ0dW5nLXRodWVyaW5nZW4uZGWCJGJhY2tlbmQua3VsdHVyc3RpZnR1bmctdGh1 ZXJpbmdlbi5kZYIhY3Jvbi5rdWx0dXJzdGlmdHVuZy10aHVlcmluZ2VuLmRlghhr dWx0c3RpZnQuYXBpLml0b29sNC5uZXSCGGt1bHRzdGlmdC5iMDEuaXRvb2w0Lm5l dIIZa3VsdHN0aWZ0LmNyb24uaXRvb2w0Lm5ldIIYa3VsdHN0aWZ0LmYwMS5pdG9v bDQubmV0ghxrdWx0dXJzdGlmdHVuZy10aHVlcmluZ2VuLmRlgiB3d3cua3VsdHVy c3RpZnR1bmctdGh1ZXJpbmdlbi5kZTCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB 5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu Y3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5 IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5 IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5k IGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMIIBAwYKKwYB BAHWeQIEAgSB9ASB8QDvAHUA23Sv7ssp7LH+yj5xbSzluaq7NveEcYPHXZ1PN7Yf v2QAAAFjq9iJQgAABAMARjBEAiBQqVIb4HDqb5siRFjuOWvwZ972Mq358Xf7Jqq6 86629AIgOc07BFpYbdFJs5lb2RPG3iE5N4tIDdmt/LO6sbOQlVkAdgApPFGWVMg5 ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWOr2IlOAAAEAwBHMEUCIQDbcq7P KLOlDGTiUyP58/iMsR1rKWZdTd/QIMJo8unghAIgDwb8SimmDmPItawVHgtu2Ljv dvuccAHiddr7h97morAwDQYJKoZIhvcNAQELBQADggEBADaAlaL0aRYA20QwVsfz 2DF64nQghVj1XLyI9xF5JScjU2Id1BOflUVSgzYqCoTzw4VddH9P81nrWSl+l7aW neJX/1GBo7KyVWWbs9VQZ8DuBxb2VSpeA5lhDIzvunoVUEm5IsgOPF3U6ONt5wMw VheORge+kgulqZSz9f7FmtTwXPanltKNg30g1L9fqRNwU5VYt8NEzTKKdni3MYzo 7KN45swew3A75nMgO3ukKj8o8dVKXeRTXK+izHTSRpUv9PWRiI8yJtRODamZKwmx afR0o55fox3iiuvrOWV7a7jVS9iWNDCiQuNMZ5VvbqtBfrasXuUAB3VvkLTTnPSj AnQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQNEZLjwVtyZJiHfXn41 /yz0x6scZKnLhe73GnehBYhmka279HOi3LcCjPd0oMj1qSUObIklx574Us0RifTL Wpg33z1Ko3Fe8r0E4EV1R6Gj4Kh69bHVy2YEl26yiJOMMn6FIovLb3kO40GOFdg8 syOTwSkeA7ERBruiPZtvgyroPa19g3uROeYsSUjn8qD0oVPwBvHLcXuTxjLuz+mv hX7070iA4WbvU/i/rUzNTwjNRzEM0oBSlyfoWmDuBubpToMbw1YAV6lr1HGKuOeT gnuuyDeFqVNRpeIJQoLIn47svVhXcj+eYCP9cpSTLWsymWOCW8cOYiTXOgSw9qLQ 2wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 392508630807046553973181442346863375823509 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-29 11:21:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-27 11:21:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kulturstiftung-thueringen.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24365603956029678227571877286906037120975525707780982661204824370105084056271727393724862897923541382058537405572326907650897565302354938025471601657234255696993835182202706517795319213415073892991130156348379484468927843873515949194282195635645510747937307274157345216076563749823390885725403355722055942650650304476219737957426439711670942126015718374984482259070159745292890471693385338736870589842083694703607932410361661151088770841829486800126181842425840677367638849802382503337984682525837612749662539325989691342615209846786983555901652096092654514184634500754660546262587752187922324688725042817016560537819 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) df9f766ef206ef876935b58ce945ae6378cbd0fa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (280 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'backend.kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cron.kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kultstift.api.itool4.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kultstift.b01.itool4.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kultstift.cron.itool4.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kultstift.f01.itool4.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kulturstiftung-thueringen.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000163abd889420000040300463044022050a9521be070ea6f9b224458ee396bf067def632adf9f177fb26aabaf3aeb6f4022039cd3b045a586dd149b3995bd913c6de2139378b480dd9adfcb3bab1b3909559007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000163abd8894e0000040300473045022100db72aecf28b3a50c64e25323f9f3f88cb11d6b29665d4ddfd020c268f2e9e08402200f06fc4a29a60e63c8b5ac151e0b6ed8b8ef76fb9c7001e275dafb87dee6a2b0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00368095a2f4691600db443056c7f3d8317ae274208558f55cbc88f7117925272353621dd4139f95455283362a0a84f3c3855d747f4ff359eb59297e97b6969de257ff5181a3b2b255659bb3d55067c0ee0716f6552a5e0399610c8cefba7a155049b922c80e3c5dd4e8e36de7033056178e4607be920ba5a994b3f5fec59ad4f05cf6a796d28d837d20d4bf5fa91370539558b7c344cd328a7678b7318ce8eca378e6cc1ec3703be673203b7ba42a3f28f1d54a5de4535cafa2cc74d246952ff4f591888f3226d44e0da9992b09b169f474a39e5fa31de28aebeb39657b6bb8d54bd8963430a242e34c67956f6eab417eb6ac5ee50007756f90b4d39cf4a30274