defenddignity.ca
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:93:e7:5f:30:96:87:8d:78:0f:e0:2c:dd:2e:d4:80:f1:2e was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=defenddignity.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:93:e7:5f:30:96:87:8d:78:0f:e0:2c:dd:2e:d4:80:f1:2eSerial Number (int): 398778197585128653945140266000787487912238
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ef:ea:78:b3:f0:e9:3a:4f:87:60:78:4d:64:d1:a2:b5:e7:ff:e9:26
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): da:33:f1:78:56:1c:a4:06:b7:8e:4e:1d:51:37:bf:01:38:4f:fc:94
Fingerprint (sha256): 73:f5:fe:9f:6b:24:76:4a:f1:23:c4:73:1a:46:d6:1c:e2:52:f1:ea:1c:42:f7:c9:00:fc:5b:fb:99:f8:e3:71
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate defenddignity.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for defenddignity.ca
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
Other certificates including the domain name defenddignity.ca
(limited to 100 certificates)
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
cmacan.org
defenddignity.ca
defenddignity.ca
www.defenddignity.ca
cmacan.org
defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
*.defenddignity.ca
www.defenddignity.ca
cmacan.org
defenddignity.ca
cmacan.org
defenddignity.ca
cmacan.org
defenddignity.ca
cmacan.org
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
cmacan.org
www.defenddignity.ca
cmacan.org
cmacan.org
defenddignity.ca
cmacan.org
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
cmacan.org
cmacan.org
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
cmacan.org
defenddignity.ca
defenddignity.ca
www.defenddignity.ca
cmacan.org
defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
*.defenddignity.ca
www.defenddignity.ca
cmacan.org
defenddignity.ca
cmacan.org
defenddignity.ca
cmacan.org
defenddignity.ca
cmacan.org
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
cmacan.org
www.defenddignity.ca
cmacan.org
cmacan.org
defenddignity.ca
cmacan.org
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
www.defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
defenddignity.ca
cmacan.org
cmacan.org
www.defenddignity.ca
Certificate
The complete raw certificate details for defenddignity.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbDCCBVSgAwIBAgISBJPnXzCWh414D+As3S7UgPEuMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMTUwMDM0MjZaFw0x OTA0MTUwMDM0MjZaMBsxGTAXBgNVBAMTEGRlZmVuZGRpZ25pdHkuY2EwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDa1Yr9P+D0Rdu76yG2y6IqL2Tb0PGt gTXjzFuKNBEV/YgVhVhJWHJmdwEl0vkK0wSVpSKOoYGeDoN55PgV22IGBb5Mhw2K ydP+duxeC3Jj1/fgf2CCClE6/n3TeIG86T/+6HHt5juBSJ0M3oWYJUI+/u2B7+8+ x/G3ulSzXvRxqHNy/+0rYyHID/QpEfmBUMlLVDKhFbV1qZzw5m1xRBspm9g+ttt7 wxkdsW+a8k9wWH2mpFxSlLu3r5BRqdK63NpRKH0Q2bwy2BlqnFuOKY2fTRVjz/Ha yhN7NibkQo2L5fvdhKr/XM/piqSIGQ5wQ3Jg5ttN+P0qicHIGfArBwQmOu8IXJuZ uTIM5G++5hxFYbRlTWjAxQU5dnI5Z5GMN9u8QaCLyopMPGqB/x6KyW04Isqo9VZq p3Ry0RN+mLDtmZY4xf1Wbs2XlTC0/MHbtZ3wFxmiwMsLJHtWNpWSLSwkUC/PQ93c 5vnPzUPC9xnjO5IC3+scJf6I3oBpVmr7ygi8LQLZFCKF6kcoADQ6Hrao1f77CS4A BSkqgIYInPb/xPcTrjmhSSsCC9tX7UOpKyMKBWWep5QJD+czAycDpSUNRtOVRgZH 66l/ZooTkPGwQUkXoXpLwqBAUDHDCwP4GqeCAxpwov959taRVHR3dzmVxtq7qE4L 1n5KfbI1Rc6IywIDAQABo4ICeTCCAnUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTv 6niz8Ok6T4dgeE1k0aK15//pJjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMDEGA1UdEQQqMCiCEGRlZmVuZGRpZ25pdHku Y2GCFHd3dy5kZWZlbmRkaWduaXR5LmNhMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUA4mlLribo6UAJ6IYbtjuD 1D7n/nSI+6SPKJMBnd3x2/4AAAFoTyU5qgAABAMARjBEAiBg2rAXF7FFFNxfaKDm ZDQ4QYJ7V8XKp8llSik2guflIgIgXFVjQidiBL6L8+Ltq6eKG1S+CQ5g4jZ4LWZ1 xHCUszUAdQBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWhPJTmf AAAEAwBGMEQCIAH4NJsZddQ829UoF+lUNcQ/Hat0AYZS6pRop/+ntm24AiB5LLaC omUxTN8QMoIEQCN5NKnNlLT4dORwyZDFmjC6fjANBgkqhkiG9w0BAQsFAAOCAQEA fUcNhYoW0yzDvHdBrQEMct3AYURDGe4tG87UvCGATrRYu4tsPbQiI/6SrMNX/YWy eYzXxD9Isq7bHwsL1xa5mF8rthHM5zhZZh9zBJ8iNfa0yMZzqhLROezdgdtQn4XZ FdQ5JkUsMkskyBRQiD811C6zfD9vhtMOmYOq8HD9snxcV5RhUXSDFR9aLVX2l2ym 1Xe+R060JW8Lq8Xyq1MrVkDBclM7AMssntZ7SRL7mdeYXD3bkU+KKjj6/hQ3Q53o n46JSk36BpZCskyDYOl7vjnxIelfw5dn+RocYf9KLf/jzgacGkF8RX9kr9WV1a7y uFCygWLHu8cT2XJYbjwhxQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tWK/T/g9EXbu+shtsui Ki9k29DxrYE148xbijQRFf2IFYVYSVhyZncBJdL5CtMElaUijqGBng6DeeT4Fdti BgW+TIcNisnT/nbsXgtyY9f34H9gggpROv5903iBvOk//uhx7eY7gUidDN6FmCVC Pv7tge/vPsfxt7pUs170cahzcv/tK2MhyA/0KRH5gVDJS1QyoRW1damc8OZtcUQb KZvYPrbbe8MZHbFvmvJPcFh9pqRcUpS7t6+QUanSutzaUSh9ENm8MtgZapxbjimN n00VY8/x2soTezYm5EKNi+X73YSq/1zP6YqkiBkOcENyYObbTfj9KonByBnwKwcE JjrvCFybmbkyDORvvuYcRWG0ZU1owMUFOXZyOWeRjDfbvEGgi8qKTDxqgf8eislt OCLKqPVWaqd0ctETfpiw7ZmWOMX9Vm7Nl5UwtPzB27Wd8BcZosDLCyR7VjaVki0s JFAvz0Pd3Ob5z81DwvcZ4zuSAt/rHCX+iN6AaVZq+8oIvC0C2RQihepHKAA0Oh62 qNX++wkuAAUpKoCGCJz2/8T3E645oUkrAgvbV+1DqSsjCgVlnqeUCQ/nMwMnA6Ul DUbTlUYGR+upf2aKE5DxsEFJF6F6S8KgQFAxwwsD+BqnggMacKL/efbWkVR0d3c5 lcbau6hOC9Z+Sn2yNUXOiMsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 398778197585128653945140266000787487912238 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-15 00:34:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-15 00:34:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'defenddignity.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 892765450322568063142446400266951826248320984992704533070526906366454581816280214655795107285754286335189999265320071807865799445684451119608237693315592994548738762511695910199481481382084817358846742252429115335406744027361907053159925869927681516306741694864039796160335806093429580616861561430162936174119838872227689357797353529561831347900248069158889881970435342952612561110594182466149637161359232514933408055752635096729332275266709220705453999713762255981447831612402216735210006559706443906968552218483374232492994815299677286899822067663466418961382736159332334623468005321310949444890773634214975581195340242651938008151772648574843983466225051348078373570748535356342250505482275851427127773883030052017858237222094051565176226054584850735088696505549895235040931127608645372321387025810012559869499903201908268965113572605570715313130327292665279092937759526208320980299237665249133410510013912566628948611768809245007125180352602534202407294583793938077877385136433067858430593374853162254941152658324611268211070068071774759494939806394849856035816912006447971685022224155344065987327126082888322742071215869251191736527613606688781557115667306566545545282602122580312061273030359344754132772991156259810134425766091 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) efea78b3f0e93a4f8760784d64d1a2b5e7ffe926 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'defenddignity.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.defenddignity.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001684f2539aa0000040300463044022060dab01717b14514dc5f68a0e664343841827b57c5caa7c9654a293682e7e52202205c556342276204be8bf3e2edaba78a1b54be090e60e236782d6675c47094b33500750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001684f25399f0000040300463044022001f8349b1975d43cdbd52817e95435c43f1dab74018652ea9468a7ffa7b66db80220792cb682a265314cdf1032820440237934a9cd94b4f874e470c990c59a30ba7e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007d470d858a16d32cc3bc7741ad010c72ddc061444319ee2d1bced4bc21804eb458bb8b6c3db42223fe92acc357fd85b2798cd7c43f48b2aedb1f0b0bd716b9985f2bb611cce73859661f73049f2235f6b4c8c673aa12d139ecdd81db509f85d915d43926452c324b24c81450883f35d42eb37c3f6f86d30e9983aaf070fdb27c5c579461517483151f5a2d55f6976ca6d577be474eb4256f0babc5f2ab532b5640c172533b00cb2c9ed67b4912fb99d7985c3ddb914f8a2a38fafe1437439de89f8e894a4dfa069642b24c8360e97bbe39f121e95fc39767f91a1c61ff4a2dffe3ce069c1a417c457f64afd595d5aef2b850b28162c7bbc713d972586e3c21c5