demo-ursus.bayesimpact.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:a9:86:c8:51:b4:0d:f1:f9:1b:ef:0c:ac:6b:0d:f1:ff:8b was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=demo-ursus.bayesimpact.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:a9:86:c8:51:b4:0d:f1:f9:1b:ef:0c:ac:6b:0d:f1:ff:8b
Serial Number (int): 319023734472866788938664454783782412746635
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 7e:61:cd:40:21:18:85:7b:ab:bc:75:33:29:bf:34:f8:e8:dd:b1:6b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 8f:ff:ff:f5:2c:18:65:80:8e:ce:2a:20:d7:c4:8b:91:7a:66:7b:7d
Fingerprint (sha256): 74:67:c2:e3:66:03:41:8d:dd:47:44:f9:dd:3e:56:2f:14:15:82:a8:a3:cf:c7:17:57:8b:34:3c:57:7e:af:5c

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate demo-ursus.bayesimpact.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for demo-ursus.bayesimpact.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

demo-bridge-uof.bayesimpact.org
demo-ursus.bayesimpact.org

Other certificates including the domain name bayesimpact.org

(limited to 100 certificates)
www.bayesimpact.org
bayes.org
go.bayesimpact.org
www.bayes.org
go.bayesimpact.org
demo-mygameplan.bayesimpact.org
go.bayesimpact.org
demo-ursus.bayesimpact.org
demo-ursus.bayesimpact.org
bayesimpact.org
demo-ursus.bayesimpact.org
demo-ursus.bayesimpact.org
demo-pe-lab.bayesimpact.org
demo-ursus.bayesimpact.org
www.bayes.org
www.bayesimpact.org
demo-ursus.bayesimpact.org
demo-ursus.bayesimpact.org
bayes.org
demo-mygameplan.bayesimpact.org
bayesimpact.org
email-user-test-pe.bayesimpact.org
go.bayesimpact.org
demo-bridge-uof.bayesimpact.org
demo-ursus.bayesimpact.org
go.bayesimpact.org
demo-ursus.bayesimpact.org
companion-pe.bayesimpact.org
accounts.marketplace.sohookd.com
docker.bayesimpact.org
demo-ursus.bayesimpact.org
bayesimpact.org
demo-ursus.bayesimpact.org
www.bayes.org
go.bayesimpact.org
uvmgen.com
demo-ursus.bayesimpact.org
go.bayesimpact.org
go.bayesimpact.org
bayesimpact.org
demo-ursus.bayesimpact.org
demo-ursus.bayesimpact.org
www.bayes.org
bayes.org
www.bayesimpact.org
bayesimpact.org
www.bayes.org
encompass.bayesimpact.org
www.bayesimpact.org
demo-ursus.bayesimpact.org
demo-mygameplan.bayesimpact.org
bayes.org
demo-ursus.bayesimpact.org
bayesimpact.org
www.bayes.org
www.bayes.org
www.bayes.org
www.bayesimpact.org
bayesimpact.org
www.bayes.org
demo-bridge-uof.bayesimpact.org
docker.bayesimpact.org
bayes.org
encompass.bayesimpact.org
*.encompass.bayesimpact.org
demo-ursus.bayesimpact.org
bayesimpact.org
bayesimpact.org
demo-bridge-uof.bayesimpact.org
demo-bridge-uof.bayesimpact.org
demo-ursus.bayesimpact.org
bayes.org
demo-bridge-uof.bayesimpact.org

Certificate

The complete raw certificate details for demo-ursus.bayesimpact.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISA6mGyFG0DfH5G+8MrGsN8f+LMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MjQxMjU5NDdaFw0x
ODEwMjIxMjU5NDdaMCUxIzAhBgNVBAMTGmRlbW8tdXJzdXMuYmF5ZXNpbXBhY3Qu
b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0NR8Fte3ySSuSA7
H7WFez6i7nSvCL159zN6p/jY46ff0fWlhnDl+39L3PdwTPLKRHG6NLC5euDISIAI
ssJ3rzft7meuMUUw46u9VTM3UvGbbWrPopzAaDNZkbMqPwTeH0a1YAoxvTooREOp
gYbV7RdZ7gEWbzRWeEScsoPJ+33igd4qy8VjZXOf8Qu2KtBwNpUpPWfOmzjOdfeG
tAFGmDBzPr1+LI3mSIhooAc6Buoz5SiSqSZmxb2JE89eqDEaTO9Sc8Ei6bonKelP
4RRiNCdA2F8l3TE4sqTwlTc6JQZ8hp2ByZo7f5DOfDErIIG3cC6Cg8KlqmLJryVY
fsHHdwIDAQABo4IDQjCCAz4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR+Yc1AIRiF
e6u8dTMpvzT46N2xazAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv
BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s
ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s
ZXRzZW5jcnlwdC5vcmcvMEYGA1UdEQQ/MD2CH2RlbW8tYnJpZGdlLXVvZi5iYXll
c2ltcGFjdC5vcmeCGmRlbW8tdXJzdXMuYmF5ZXNpbXBhY3Qub3JnMIH+BgNVHSAE
gfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYa
aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhp
cyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5n
IFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZp
Y2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVw
b3NpdG9yeS8wggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgBvU3asMfAxGdiZAKRR
Ff93FRwR2QLBACkGjbIImjfZEwAAAWTMlrteAAAEAwBHMEUCIQCQCBSucpL+xkWl
GLvcVnqho/R/WIU5CXwA5eMjCu0L6gIgHLZkAbCM7efKFtx5DVCd2FnJVUCIawms
2e+YCr8uLj0AdQApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWTM
lr0BAAAEAwBGMEQCIHj1siuyl02f/g/b0LoBs21a2bvZ9qrKsu59JbJzD09aAiBQ
TRuDVwwS0QURCjLlLbSl3fvzavP4zNNsHxSBlR9iSDANBgkqhkiG9w0BAQsFAAOC
AQEAlW1yNcMFp4fpbOX4kuyOK4RgsufAUv4w16QO29rAQ7kCYAFY6RoOrG1nZshm
SwBkiCk3n+7n2n/CrCIHEaKNhFDvXi8wiIIuFgeuXT+MEmJI6Pkkbaq8Vb+yzdUh
1+dPyaDactWKVoIv7vtCdrvsxiYj9YwQNcJWGsntf1QKqWDVzh9He+Clbb6bGTtc
bk4n/mD0+tpQcgoZNoVWK4p9Hx7LGewJ2wPwN4Z349+EKBX9tw4j7usV6zB9Msoa
2Fmwg3palKugkM4LweZgtmydq6Kd7IlDZhayHreUrrNghg102+LboaT5eJRqiMUY
CkpxEyA3XscI1PvjwSNQ+u+VXw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0NR8Fte3ySSuSA7H7WF
ez6i7nSvCL159zN6p/jY46ff0fWlhnDl+39L3PdwTPLKRHG6NLC5euDISIAIssJ3
rzft7meuMUUw46u9VTM3UvGbbWrPopzAaDNZkbMqPwTeH0a1YAoxvTooREOpgYbV
7RdZ7gEWbzRWeEScsoPJ+33igd4qy8VjZXOf8Qu2KtBwNpUpPWfOmzjOdfeGtAFG
mDBzPr1+LI3mSIhooAc6Buoz5SiSqSZmxb2JE89eqDEaTO9Sc8Ei6bonKelP4RRi
NCdA2F8l3TE4sqTwlTc6JQZ8hp2ByZo7f5DOfDErIIG3cC6Cg8KlqmLJryVYfsHH
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 319023734472866788938664454783782412746635
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-24 12:59:47 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-22 12:59:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'demo-ursus.bayesimpact.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23639759794306847539766377710159326330630450995325849327085046856134344988067461794962236797704240342921677105302218446521529478954024265096234694361630734101554460386634165174575758467374684451637099021378306693574466606552800118865078468113525501204250085093851033558752089427544501560246932530341614280411615965612901344793513553027397559165640265721025220093242208006407851951790409553118266924224068265271596973540737863082596472418129025690023524606567379301480789352557050917739801043348385365264327273070123213206895660966917188807612577093671277177201280754813394121453697037253130708312710440602675770935159
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7e61cd402118857babbc753329bf34f8e8ddb16b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-bridge-uof.bayesimpact.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo-ursus.bayesimpact.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000164cc96bb5e0000040300473045022100900814ae7292fec645a518bbdc567aa1a3f47f588539097c00e5e3230aed0bea02201cb66401b08cede7ca16dc790d509dd859c95540886b09acd9ef980abf2e2e3d007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000164cc96bd010000040300463044022078f5b22bb2974d9ffe0fdbd0ba01b36d5ad9bbd9f6aacab2ee7d25b2730f4f5a0220504d1b83570c12d105110a32e52db4a5ddfbf36af3f8ccd36c1f1481951f6248
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00956d7235c305a787e96ce5f892ec8e2b8460b2e7c052fe30d7a40edbdac043b902600158e91a0eac6d6766c8664b00648829379feee7da7fc2ac220711a28d8450ef5e2f3088822e1607ae5d3f8c126248e8f9246daabc55bfb2cdd521d7e74fc9a0da72d58a56822feefb4276bbecc62623f58c1035c2561ac9ed7f540aa960d5ce1f477be0a56dbe9b193b5c6e4e27fe60f4fada50720a193685562b8a7d1f1ecb19ec09db03f0378677e3df842815fdb70e23eeeb15eb307d32ca1ad859b0837a5a94aba090ce0bc1e660b66c9daba29dec89436616b21eb794aeb360860d74dbe2dba1a4f978946a88c5180a4a711320375ec708d4fbe3c12350faef955f