OV SSL/TLS Certificate for medicalscoring.cardif.be Issued to BNP PARIBAS SA

Certificate is witin its validity period

Issued by Entrust, Inc. (Entrust Certification Authority - L1K)

About the medicalscoring.cardif.be OV SSL/TLS Certificate

This certificate with serial number 78:67:f7:5e:f4:cc:44:d0:23:ac:fd:8d:1d:ef:c5:90 for medicalscoring.cardif.be was issued on by Entrust, Inc..

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for medicalscoring.cardif.be provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Entrust, Inc.

Organization: Entrust, Inc.
Organizational unit: See www.entrust.net/legal-terms
Organizational unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 78:67:f7:5e:f4:cc:44:d0:23:ac:fd:8d:1d:ef:c5:90
Serial Number (int): 160047183348999658521661828977554081168
Serial Number Length: 127 bits, 16 octets

Subject Key Identifier: b0:80:b8:51:51:3a:cc:3d:59:c7:01:df:09:4f:15:38:87:70:b1:db
Authority Key Identifier: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (SHA-1): 2e:42:9f:6a:b7:2e:58:ab:cd:80:b0:1b:07:12:45:3f:50:8a:d9:a9
Fingerprint (SHA-256): 79:44:d5:3f:76:00:41:f7:8b:e7:b8:6f:24:4d:a2:f0:d3:b1:89:64:3a:15:6e:fc:2b:3d:f7:9b:c3:d1:16:a2

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation Information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate medicalscoring.cardif.be
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for medicalscoring.cardif.be

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for medicalscoring.cardif.be in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGnTCCBYWgAwIBAgIQeGf3XvTMRNAjrP2NHe/FkDANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDA5MTkxMzQ4MDlaFw0yNTA5MTkxMzQ4MDdaMF0xCzAJBgNVBAYTAkZSMRIwEAYD
VQQHEwlNb250cmV1aWwxFzAVBgNVBAoTDkJOUCBQQVJJQkFTIFNBMSEwHwYDVQQD
ExhtZWRpY2Fsc2NvcmluZy5jYXJkaWYuYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCygE98vtGLZgjNQTaVozduac/gVeQ+W75lFeVJOgxXjXYxR6PE
nPAIEzNcTGrK7g41DduptQZgoschcR5W2/F8tlH7OI7ywZoNjoT72ySrtz2gqs/s
tsQE+/HKtCJI6a5+Zv84iMA5BpNczuJhKpgdqMEN8vfTYch1TivcAT1XoS+RcaR3
iAyqK8wsoeM7QgZ4RvVlOKOxOQnRswFFKKCQsOdkfiJ9Y6oghtaNpK98kmtJJNPh
/FNBrkijhAYXk09nIZnrM9oUXINoY59rVQ/eTu7oGrM/L8sDcw7DlRGPqZaQfeQ+
uvmbBsCW0Lx+VytPtXcJzxwUHGPNV5dpwomBAgMBAAGjggL5MIIC9TAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBSwgLhRUTrMPVnHAd8JTxU4h3Cx2zAfBgNVHSMEGDAW
gBSConB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUH
MAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8v
YWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCag
JIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDBBBgNVHREEOjA4
ghhtZWRpY2Fsc2NvcmluZy5jYXJkaWYuYmWCHHd3dy5tZWRpY2Fsc2NvcmluZy5j
YXJkaWYuYmUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjATBgNVHSAEDDAKMAgGBmeBDAECAjCCAX0GCisGAQQB1nkCBAIEggFt
BIIBaQFnAHUA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGSCopP
DAAABAMARjBEAiA+8apZa4BpJEEf1UyK7qYawe3cXYavn9bY5zfR7DzbYAIgJXcR
4SwMXkBo+kdUkLhpUNVo8RLVsMYr4B6VrS+3o3kAdgAN4fIwK9MNwUBiEgnqVS78
R3R8sdfpMO8OQh60fk6qNAAAAZIKik8KAAAEAwBHMEUCIQDxLZTwjtMND6ThpAVc
RR2OpOZR/kfT/Ko/LnFSwRWctQIgXEQrZGypTAATewo5pYoArlClsiZHM2u0VEf1
aqTm1jkAdgAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZIKik8A
AAAEAwBHMEUCIQDbtpYLkg+lPxkSGurrGQi29jhTWN/KoHNcZJAxHaWMQAIgUtHy
9xvlFxF1N27hwQeibqNWO7a3IkWp7gMKtprPDJwwDQYJKoZIhvcNAQELBQADggEB
AJWe5jWcAL/lV4FKnQsPwkZdbgnNlKo0fr1q06k02Et2+zAxIcaQyeXjVratdK90
EgvkBWaBeCdyPcW12jL1YN2052LBApDt1E9jRzr8lhmAbIssrpjT/50kdIeLv6dZ
hdCQSd1ZQ3DLJt46BTfi1SJ1UIMsZKQ4ZCSbdF8ZhWaTKFSFPatNOsLiNVzuRCJ6
7r/RMFEvdc71gAxgWLXRPiH29r/jl491GxQafbZIT2NNkugh5My04DirgzWxYnoS
xXmRfDcDwrDN1gMGCoz3/JKO/yW96Ha2YXxOkYT9CBgEQjcKpl+zvRNPusSHCXWo
a4hpe/vgsho/vJdHotW4Ik8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoBPfL7Ri2YIzUE2laM3
bmnP4FXkPlu+ZRXlSToMV412MUejxJzwCBMzXExqyu4ONQ3bqbUGYKLHIXEeVtvx
fLZR+ziO8sGaDY6E+9skq7c9oKrP7LbEBPvxyrQiSOmufmb/OIjAOQaTXM7iYSqY
HajBDfL302HIdU4r3AE9V6EvkXGkd4gMqivMLKHjO0IGeEb1ZTijsTkJ0bMBRSig
kLDnZH4ifWOqIIbWjaSvfJJrSSTT4fxTQa5Io4QGF5NPZyGZ6zPaFFyDaGOfa1UP
3k7u6BqzPy/LA3MOw5URj6mWkH3kPrr5mwbAltC8flcrT7V3Cc8cFBxjzVeXacKJ
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 160047183348999658521661828977554081168
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-19 13:48:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-19 13:48:07 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Montreuil'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BNP PARIBAS SA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'medicalscoring.cardif.be'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22533690548324006157185812966481653196810943862486778208459693012517530399716552911929495116655534153806097998452841957396652645032970054241929596459057006044933877163474054522390425632458757387881609005967651395427264497136684512000437226635849637221522584200969608529478422740136212602491682977127140315070064653406787631614185496295656815777398173457261643767699734621999065697408473642006884612572104521973364282579905809597446598234946673505632802444900586525150099586271861357902921545019012465505125571379024118734455190449412066058993180528627732303218086510040422420078782409948355234978843792398345534867841
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b080b851513acc3d59c701df094f15388770b1db
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medicalscoring.cardif.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.medicalscoring.cardif.be'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e50000001920a8a4f0c000004030046304402203ef1aa596b806924411fd54c8aeea61ac1eddc5d86af9fd6d8e737d1ec3cdb600220257711e12c0c5e4068fa475490b86950d568f112d5b0c62be01e95ad2fb7a3790076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34000001920a8a4f0a0000040300473045022100f12d94f08ed30d0fa4e1a4055c451d8ea4e651fe47d3fcaa3f2e7152c1159cb502205c442b646ca94c00137b0a39a58a00ae50a5b22647336bb45447f56aa4e6d63900760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a000001920a8a4f000000040300473045022100dbb6960b920fa53f19121aeaeb1908b6f6385358dfcaa0735c6490311da58c40022052d1f2f71be5171175376ee1c107a26ea3563bb6b72245a9ee030ab69acf0c9c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00959ee6359c00bfe557814a9d0b0fc2465d6e09cd94aa347ebd6ad3a934d84b76fb303121c690c9e5e356b6ad74af74120be40566817827723dc5b5da32f560ddb4e762c10290edd44f63473afc9619806c8b2cae98d3ff9d2474878bbfa75985d09049dd594370cb26de3a0537e2d5227550832c64a43864249b745f198566932854853dab4d3ac2e2355cee44227aeebfd130512f75cef5800c6058b5d13e21f6f6bfe3978f751b141a7db6484f634d92e821e4ccb4e038ab8335b1627a12c579917c3703c2b0cdd603060a8cf7fc928eff25bde876b6617c4e9184fd08180442370aa65fb3bd134fbac4870975a86b88697bfbe0b21a3fbc9747a2d5b8224f