sokos.fi

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 06:7a:5b:dd:a1:20:88:00:f1:e1:f7:9f:c9:60:b0:1d was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=sokos.fi

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:7a:5b:dd:a1:20:88:00:f1:e1:f7:9f:c9:60:b0:1d
Serial Number (int): 8610691450015006629266129055507329053
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 4a:de:db:fe:4c:26:49:00:f0:dc:81:7d:6b:db:76:9b:e2:d8:7d:8b
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 96:32:64:10:71:48:2d:a9:ce:10:5c:5a:8a:1c:0d:9c:72:91:df:d9
Fingerprint (sha256): 75:c0:f0:74:2f:a8:db:41:df:82:b7:62:0a:92:d6:2a:03:e0:3e:8a:57:2d:c6:74:6d:df:e4:c2:ff:dc:25:0d

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate sokos.fi

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sokos.fi

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sokos.fi
*.sokos.fi

Other certificates including the domain name sokos.fi

(limited to 100 certificates)
varnish.test.sokos.fi
www.sokos.fi
backend.beta.sokos.fi
www.qa.sokos.fi
www.sokos.fi
varnish.test.sokos.fi
*.test.sokos.fi
*.test.sokos.fi
go.sokos.fi
varnish.qa.sokos.fi
test.sokos.fi
storefront-api.beta.sokos.fi
test.sokos.fi
api-storefront.beta.sokos.fi
backend.beta.sokos.fi
varnish.test.sokos.fi
varnish-perf.test.sokos.fi
www.sokos.fi
varnish-perf.test.sokos.fi
sokos.fi
*.test.sokos.fi
palautus.prisma.fi
*.sokos.fi
storefront-api.beta.sokos.fi
*.sokos.fi
www.sokos.fi
test.sokos.fi
test.sokos.fi
www.sokos.fi
api-reo.beta.sokos.fi
go.sokos.fi
sokos.fi
*.test.sokos.fi
inspiroidu.sokos.fi
www.sokos.fi
sokos.fi
palautus.prisma.fi
varnish.sokos.fi
varnish-perf.test.sokos.fi
test.sokos.fi
www.sokos.fi
*.qa.sokos.fi
www.test.sokos.fi
*.test.sokos.fi
*.test.sokos.fi
sokos.fi
beta.sokos.fi
beta.sokos.fi
www.sokos.fi
qa.sokos.fi
backend.beta.sokos.fi
varnish.test.sokos.fi
*.qa.sokos.fi
reo-api.beta.sokos.fi
varnish.sokos.fi
*.sokos.fi
go.sokos.fi
varnish.qa.sokos.fi
sokos.fi
go.sokos.fi
varnish.test.sokos.fi
www.sokos.fi
www.sokos.fi
varnish.qa.sokos.fi
palautus.prisma.fi
www.test.sokos.fi
test.sokos.fi
www.sokos.fi
varnish-perf.test.sokos.fi
varnish.test.sokos.fi
*.sokos.fi
www.sokos.fi
go.sokos.fi
varnish-perf.test.sokos.fi
palautus.prisma.fi
varnish.qa.sokos.fi
origin.backend.beta.sokos.fi
go.sokos.fi
www.sokos.fi
qa.sokos.fi
sokos.fi
open-lauri-alternate.test.sokos.fi
*.test.sokos.fi
qa.sokos.fi
*.test.sokos.fi
palautus.prisma.fi

Certificate

The complete raw certificate details for sokos.fi in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIQBnpb3aEgiADx4fefyWCwHTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDEwOTAwMDAwMFoXDTI0MDIwNzIzNTk1OVowEzER
MA8GA1UEAxMIc29rb3MuZmkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtTZQKWHL2Po5Snxweor+jKRY7odwg4d2unGOi5Gb5dQnMpvlQ/T/Jz2MRzEKZ
it16LSeRky+bcWEzoaVhb6gnpGlic4uTSrq47jvIsH8ZowgkOfAx2Mk2OUJHI53U
zf4hQ7t5TKM1f9OS4Sn2AzqnEook7IJ7Ze0uZR84WTxDQ1rnhTm8LJxUBcVbNrlX
k8M3Mm8gxx/ktQoyzznMvlKJnDdcU3F7pjtVM9v2AXGLrLsXCZcFGkRPMl/JS03d
QG5YtnBuPYDqk6s3plfztzNwCxJ4dFIePxeXtlf5KPb3JKxSAQgaE5o6Uc2GoWks
lbHJwrJ/LnF/VZ0ivq223flxAgMBAAGjggLsMIIC6DAfBgNVHSMEGDAWgBSBuA5j
iokSGOX6OztQlZ/m5ZAThTAdBgNVHQ4EFgQUSt7b/kwmSQDw3IF9a9t2m+LYfYsw
HwYDVR0RBBgwFoIIc29rb3MuZmmCCiouc29rb3MuZmkwDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAs
hipodHRwOi8vY3JsLnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jcmwwEwYD
VR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFo
dHRwOi8vb2NzcC5yMm0wMS5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0
dHA6Ly9jcnQucjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNlcjAMBgNVHRMB
Af8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDuzdBk1dsazsVct520
zROiModGfLzs3sNRSFlGcR+1mwAAAYWVhPFsAAAEAwBGMEQCIEXY7zroscMoEEOZ
UZ7swuwI3anRfwXiHXBhQCkiqnB0AiAFsc0qrBqByhdWdyDa457CBa44UdkPeCIQ
hhgJlP7qXQB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABhZWE
8YcAAAQDAEcwRQIgWYX0d3fcMYT+yOV/BFyyaaAeybmQwl2dLEpg3mVNwvECIQDU
aIKphvB0un8wJ18Sx8gjoxrZK+/9KO3DaxuNAyciigB2ADtTd3U+LbmAToswWwb+
QDtn2E/D9Me9AA0tcm/h+tQXAAABhZWE8XsAAAQDAEcwRQIgZOPuTOFp8DcK1Y94
dkLX8waMesdJWkC/T4w3qJce/6YCIQCoW0kwISagi431jqE9eDJguxuvl0OFbhYj
tq4Maex7AzANBgkqhkiG9w0BAQsFAAOCAQEAX3/D9vi8rtXghMHMosB/jH5IUZ1x
286qxH0F3RzSvAqakyzSt8iOya3KBI/easJ+5kpId72798vTnexU1qBsmbVE17MF
CEA10FIv/rB1irlIwE3orLARwjDe83/lvAz8AkgrIMPZ7NrMXbdDGItWGkS9V/3/
YLAG/udIAhxB6waSIoQLMYutz6tF2k2sgiMHdEvM/6vnBu3VPtAf4zu3Hze5lGKJ
A9Z/uYVt19hwbLPS39982rpbe0za91Kr8F8jWiE8aBwhsp2AIYAz2HKgIBLfUBkg
Vmbjdyi5UIucKO6N10RdIAP45fRt4214AzVv2Y4OkpC9cJ1IjM2r6wQ+hA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU2UClhy9j6OUp8cHqK/
oykWO6HcIOHdrpxjouRm+XUJzKb5UP0/yc9jEcxCmYrdei0nkZMvm3FhM6GlYW+o
J6RpYnOLk0q6uO47yLB/GaMIJDnwMdjJNjlCRyOd1M3+IUO7eUyjNX/TkuEp9gM6
pxKKJOyCe2XtLmUfOFk8Q0Na54U5vCycVAXFWza5V5PDNzJvIMcf5LUKMs85zL5S
iZw3XFNxe6Y7VTPb9gFxi6y7FwmXBRpETzJfyUtN3UBuWLZwbj2A6pOrN6ZX87cz
cAsSeHRSHj8Xl7ZX+Sj29ySsUgEIGhOaOlHNhqFpLJWxycKyfy5xf1WdIr6ttt35
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8610691450015006629266129055507329053
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sokos.fi'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21877482036200043701866602105529312959054747228375436756122517126623017321790601815512718807182826102080442225593773704857203649333663216743125973031007575884846035055624876863416300182371146548151022367182176126378862197892303118604103027890831803053014718143138698310382552745503455512481225220625133125753449779599391775056087642502258162928722739132223941790171192951955076315670361842989773432764008458456491374074729616251045161806041204686432918260868868046200925939196735878966795027189996384209939886041868733680318867940492565434104300368930605658478833773933882516969299707585026992008598874347847263582577
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4adedbfe4c264900f0dc817d6bdb769be2d87d8b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sokos.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sokos.fi'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001859584f16c0000040300463044022045d8ef3ae8b1c328104399519eecc2ec08dda9d17f05e21d7061402922aa7074022005b1cd2aac1a81ca17567720dae39ec205ae3851d90f78221086180994feea5d00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001859584f187000004030047304502205985f47777dc3184fec8e57f045cb269a01ec9b990c25d9d2c4a60de654dc2f1022100d46882a986f074ba7f30275f12c7c823a31ad92beffd28edc36b1b8d0327228a0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad417000001859584f17b0000040300473045022064e3ee4ce169f0370ad58f787642d7f3068c7ac7495a40bf4f8c37a8971effa6022100a85b49302126a08b8df58ea13d783260bb1baf9743856e1623b6ae0c69ec7b03
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005f7fc3f6f8bcaed5e084c1cca2c07f8c7e48519d71dbceaac47d05dd1cd2bc0a9a932cd2b7c88ec9adca048fde6ac27ee64a4877bdbbf7cbd39dec54d6a06c99b544d7b305084035d0522ffeb0758ab948c04de8acb011c230def37fe5bc0cfc02482b20c3d9ecdacc5db743188b561a44bd57fdff60b006fee748021c41eb069222840b318badcfab45da4dac822307744bccffabe706edd53ed01fe33bb71f37b994628903d67fb9856dd7d8706cb3d2dfdf7cdaba5b7b4cdaf752abf05f235a213c681c21b29d80218033d872a02012df5019205666e37728b9508b9c28ee8dd7445d2003f8e5f46de36d7803356fd98e0e9290bd709d488ccdabeb043e84