hommage-leipzig.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ad:48:6d:2c:af:a3:27:87:32:1a:e4:87:8b:e3:75:f7:0d was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=hommage-leipzig.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ad:48:6d:2c:af:a3:27:87:32:1a:e4:87:8b:e3:75:f7:0dSerial Number (int): 320301978554998633201917441688885301475085
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b0:47:ea:09:66:a6:1c:7b:48:ef:39:cf:2d:30:8b:1d:2c:4a:e8:db
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e3:93:1b:26:61:27:dc:a3:f1:29:1b:52:1a:4d:f7:5a:0e:8c:0b:df
Fingerprint (sha256): 73:ba:9d:84:99:b2:fb:71:fd:9d:89:58:30:25:bc:a5:b0:ca:e6:73:65:32:84:4e:c1:78:8c:a4:c4:d7:a4:60
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate hommage-leipzig.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hommage-leipzig.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hommage-leipzig.de
hommage.isp-vhost04.domservice.de
www.hommage-leipzig.de
hommage.isp-vhost04.domservice.de
www.hommage-leipzig.de
Other certificates including the domain name hommage-leipzig.de
(limited to 100 certificates)
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
hommage-leipzig.de
Certificate
The complete raw certificate details for hommage-leipzig.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGljCCBX6gAwIBAgISA61IbSyvoyeHMhrkh4vjdfcNMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMDYwMTExNDFaFw0y MDA2MDQwMTExNDFaMB0xGzAZBgNVBAMTEmhvbW1hZ2UtbGVpcHppZy5kZTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3hIrhWewJ9rpOLkgUheFbWAS2P 2EFWWzyccCbxur7hEbjlQOX8F1tOURT4RXB4LyFSV+NRgrknh1+muSjHiPwp6WEz pAcMcnl1xB/mX5ydKNHbw+maJNeYyzjXCsoW+ZFV9ckC7Kon6OUVoGhCjjM3mBeZ 542Resl9YJk5Ud2x60QlHZ9YmlAzXODcnTj/NAh+/E31aLWC5ok9f4GdWpR/W/2q 0i5w1kfKBdEt/XAR9s9paomACC3YEIM4g0ymgwoY5RdEPUKx+lurGXI9lEbWb6UB 5YV/NdhzF87oK2oxSNoMIkLvPtWuaBre+spJm94gKCF9awiyA6tg+r8DrQZfnK91 bBSBQx2LkasKC4fKeoTAiR5wPH250VtAXbFhkeSdjz0v2R0aKu8m5M1VCZChfMr0 2E/p5PaqfCmm830xzMYbss0oyWTvpEdBQzgArGFegWZQpY5DXE1zb0FSR5XQz0Qu sSf/fjziLHylirI2uP9t7VLhSAftquO7dJBl8nHz3G4hBkkMgtMel6JieGu1dB1/ 0kB0yvqA3OJUVJZggJeP1RmGPPXthwWH1XHOiL4gcxMTg+R07tKrO1HN8VXyu9Vc 0cnvtB/KTtPwhjhV/smObq2LQ77zwrN2+f06b8RSuzX82lf+QXaEzTTE82MrqSXk xG8nXF3alG/wpXp3AgMBAAGjggKhMIICnTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FLBH6glmphx7SO85zy0wix0sSujbMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wWAYDVR0RBFEwT4ISaG9tbWFnZS1sZWlw emlnLmRlgiFob21tYWdlLmlzcC12aG9zdDA0LmRvbXNlcnZpY2UuZGWCFnd3dy5o b21tYWdlLWxlaXB6aWcuZGUwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC 3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcw ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQBep3P531bA57U2SH3QSeAyepGaDISh EhKEGHWWgXFFWAAAAXCtnNbBAAAEAwBGMEQCIEvAFGicI2QA8+TmF8EAwAuWbK22 9PzmWZ9EL7MBcot1AiBkKneq5VdXjdAosdVozeq93cM+z0+6AmaLLVfIXMXQ6QB2 AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABcK2c1w0AAAQDAEcw RQIgf5emUQJm81QtQH7Ava6ilRxjkni5J1kbY/wmzhMNMPMCIQDh7xSNUwTCjywe c+uxHLVtv+G0+cedkm3smnrN4xn03TANBgkqhkiG9w0BAQsFAAOCAQEAMOk6OhSH 4nVXqWzf2sWb6X2X5pKq/fo8IR80HBONei8gv1FF8yHWk+45ce86aZBANJxUyZzx cTebLBBvvZe6zemidZiWoY/lCE3oNGYtamz3b3OQJdV6y0SaKcKzgnjD/n5g+zpH nKZNfWRSF5ETmNlXRpgOgQcbxpCFAIz5gbEei/yTgy44zJ+7ifJ0sILN/KUAZtzW Y8mxLhtx9iebx3WM4xWmb+pN2M5nlQNbc31CORPFKVcpLRp2YyUmt1/tsAnxJYak i0z+t0BAWEYIjNvNe4muvMt6DEQz+h/YCC6qOpUEBOy6a++unKMXM9BMPmIuYUNG BRfOgDgRUwGgxA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAreEiuFZ7An2uk4uSBSF4 VtYBLY/YQVZbPJxwJvG6vuERuOVA5fwXW05RFPhFcHgvIVJX41GCuSeHX6a5KMeI /CnpYTOkBwxyeXXEH+ZfnJ0o0dvD6Zok15jLONcKyhb5kVX1yQLsqifo5RWgaEKO MzeYF5nnjZF6yX1gmTlR3bHrRCUdn1iaUDNc4NydOP80CH78TfVotYLmiT1/gZ1a lH9b/arSLnDWR8oF0S39cBH2z2lqiYAILdgQgziDTKaDChjlF0Q9QrH6W6sZcj2U RtZvpQHlhX812HMXzugrajFI2gwiQu8+1a5oGt76ykmb3iAoIX1rCLIDq2D6vwOt Bl+cr3VsFIFDHYuRqwoLh8p6hMCJHnA8fbnRW0BdsWGR5J2PPS/ZHRoq7ybkzVUJ kKF8yvTYT+nk9qp8KabzfTHMxhuyzSjJZO+kR0FDOACsYV6BZlCljkNcTXNvQVJH ldDPRC6xJ/9+POIsfKWKsja4/23tUuFIB+2q47t0kGXycfPcbiEGSQyC0x6XomJ4 a7V0HX/SQHTK+oDc4lRUlmCAl4/VGYY89e2HBYfVcc6IviBzExOD5HTu0qs7Uc3x VfK71VzRye+0H8pO0/CGOFX+yY5urYtDvvPCs3b5/TpvxFK7NfzaV/5BdoTNNMTz YyupJeTEbydcXdqUb/ClencCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 320301978554998633201917441688885301475085 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-06 01:11:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-04 01:11:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hommage-leipzig.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 709366209775842173585608175657465533832083402685392774921291209759818486693525805364700769991615881062447885568538046818977036129082921325216429688742244622729163357279387990935893778331578842194393201009151836539771633963997419446652642567261642728548532817053358806437810022851674380528195999707026992076358319542628552823944517017565883299626613582820085996970320083444517093431862297237189495758121506745750320592587920120367657903097120637980947487772166510929533168733984280900645256772448825237703533366010601938425867090626883034725947843097796195445963646667494421726985517245659299484390161311451563963096296433738452804767377514063882187787232054422977150094306724572484216667928074472892819837527242400234103018847923927888238700129388684601653592330814539089878111698229342292417602160514961919198032989581429446918111747526184854991999109968592304730072224014289898556490112857343734621747691455531717362944588911868498590809605513895360266772066242040634402455291150751104006359349001922169913641904831979518672929605118126912911801201156769403690823356630461572868515368657766644327722633267276401606770510669582919347985407733018300538678315531296503654295248991180949341752036480591451640379399636966095649874737783 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b047ea0966a61c7b48ef39cf2d308b1d2c4ae8db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (81 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hommage-leipzig.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hommage.isp-vhost04.domservice.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hommage-leipzig.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000170ad9cd6c1000004030046304402204bc014689c236400f3e4e617c100c00b966cadb6f4fce6599f442fb301728b750220642a77aae557578dd028b1d568cdeabdddc33ecf4fba02668b2d57c85cc5d0e900760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000170ad9cd70d000004030047304502207f97a6510266f3542d407ec0bdaea2951c639278b927591b63fc26ce130d30f3022100e1ef148d5304c28f2c1e73ebb11cb56dbfe1b4f9c79d926dec9a7acde319f4dd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0030e93a3a1487e27557a96cdfdac59be97d97e692aafdfa3c211f341c138d7a2f20bf5145f321d693ee3971ef3a699040349c54c99cf171379b2c106fbd97bacde9a2759896a18fe5084de834662d6a6cf76f739025d57acb449a29c2b38278c3fe7e60fb3a479ca64d7d645217911398d95746980e81071bc69085008cf981b11e8bfc93832e38cc9fbb89f274b082cdfca50066dcd663c9b12e1b71f6279bc7758ce315a66fea4dd8ce6795035b737d423913c52957292d1a76632526b75fedb009f12586a48b4cfeb740405846088cdbcd7b89aebccb7a0c4433fa1fd8082eaa3a950404ecba6befae9ca31733d04c3e622e6143460517ce8038115301a0c4