kaaingaora.govt.nz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:b5:cc:f1:cc:01:d5:39:cd:39:39:6c:57:dc:09:a6:95:16 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kaaingaora.govt.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b5:cc:f1:cc:01:d5:39:cd:39:39:6c:57:dc:09:a6:95:16Serial Number (int): 323200384200410409050732781478233634149654
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 11:dd:b1:57:24:fd:5d:15:8e:da:bd:b9:62:f8:bf:10:88:37:18:e2
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f8:87:c5:d4:0c:f1:7c:64:3c:b2:d2:38:e8:6c:95:2e:76:19:74:8d
Fingerprint (sha256): 77:9e:02:69:08:2c:10:d1:ac:47:12:20:e5:62:fb:cc:96:ee:b7:51:db:c9:dd:33:15:eb:f1:3b:b3:eb:c8:13
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate kaaingaora.govt.nz
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kaaingaora.govt.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kaaingaora.govt.nz
kaingaora.govt.nz
www.kaaingaora.govt.nz
www.kaingaora.govt.nz
www.xn--kingaora-h7a.govt.nz
xn--kingaora-h7a.govt.nz
kaingaora.govt.nz
www.kaaingaora.govt.nz
www.kaingaora.govt.nz
www.xn--kingaora-h7a.govt.nz
xn--kingaora-h7a.govt.nz
Other certificates including the domain name kaaingaora.govt.nz
(limited to 100 certificates)
Certificate
The complete raw certificate details for kaaingaora.govt.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2TCCBcGgAwIBAgISA7XM8cwB1TnNOTlsV9wJppUWMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MTgyMzAxMTBaFw0x OTEyMTcyMzAxMTBaMB0xGzAZBgNVBAMTEmthYWluZ2FvcmEuZ292dC5uejCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALnOHky8jpAk5xKTOqRAuYx6diAK cd9LqDgSe8MnDfMc5Gz66ImYbiR2VDui+KbRB6CExM5k/2bVrXktDZgn1Y5I00ml cz/kJO8vxkxODL/iCXQ5wRfPP5u82DjQDVfJDNs1AA/GgWbt9hIA92JPwC86tvhT GndUqP6T6fBl089jMocEbwVhxHyZEGm162iUSJW7HG4hlFYfhA7OoIcF0Udks3ow UWjXFwjdC2akb0xA3OQfXcOWlpNwPV9T+LSzVQiUozV2TbnggnUKHXymqckuq8Qo LsjvqTihEXFhK+CwmNu7Tq6IZl1H5M6ukkT/nD/0NeiO/pFf3jU4gWuoyjYFYxuj cYGT7qrKEhwcTuh2+FTb45LtNsTrRc0zErmCytd4JSFd87QhuOWSTyVrvQDpxyup HBz++4PhPFl8OdSu6HmbQEv4a3QpaUGk76wPmSaZb+iIUFfK2UzP451lsuzM6ha4 bAXon09n8EBzTEBbkLzoHmrc5J51qo6UaaNIdJQYX3qXB2yiKXAzVILW0fJnftp+ niiHEbBbwbd8ge7heaEtVUyfmFz+cDEdOxbfxKQqxmzk7+oxfPFFQHjLpTgrLV3F 7Ns0zU1Jc5ZlqYBJiXAv6pBX/LBHr+ufjzKhrg6/tOupQgiEhA8A7Fd9VRCvaWbz 1pIgnETa1OQxO8c/AgMBAAGjggLkMIIC4DAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FBHdsVck/V0Vjtq9uWL4vxCINxjiMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wgZkGA1UdEQSBkTCBjoISa2FhaW5nYW9y YS5nb3Z0Lm56ghFrYWluZ2FvcmEuZ292dC5ueoIWd3d3LmthYWluZ2FvcmEuZ292 dC5ueoIVd3d3LmthaW5nYW9yYS5nb3Z0Lm56ghx3d3cueG4tLWtpbmdhb3JhLWg3 YS5nb3Z0Lm56ghh4bi0ta2luZ2FvcmEtaDdhLmdvdnQubnowTAYDVR0gBEUwQzAI BgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw cy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwB0ftqD Ma0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAW1G0p9LAAAEAwBIMEYCIQDF 3sOdKBYBTVHlbHI41FEyI+PtWcpfrHIEqEx7qMtD5QIhAN66tsYXK6hkNDbZrg+n ujuF98TMEcEwysU8EUa6XEGkAHUAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz0 5UVH9HgAAAFtRtKfEQAABAMARjBEAiBTc7j43FMJejuSj/vHpyruesq2Y3ov1PZ4 BaVa2/qdzgIgV8enQ2GJlTsaR5Mt45h5s9kf3bLif84ch0bSRLACouQwDQYJKoZI hvcNAQELBQADggEBAIxFx/AMvkLrAfCbiLyaYllukpBYGcEvi6aj5RzHhlLsMV9g mLjfIXSnw6VCdQiRj1Ti+WzNCeQOQSuSgm3UJvenMtdS8c4b1PFgR/lX9sK+om3f 4eMNpQcRtAp9xG8yg1ZI5wt3ONwjx9kznCS9jVAzK42wyEQUxRyucd3/l7q9/gBI fmz0s1JkUPLFE0c2jK6+ojSIBGQOw9n/qBXAVCIMlkOTJE/E9iw3KLgqjhPVLuI3 2lfiX79U/pduF5YQ2I2qSV9rCeLYD3a+H2vomHBuWM1p+XAuA3iI1X/4Ab7Ql16G CmC9045S3YxHbjOLhrcG/vMOW7MOpqtF32WOMHU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuc4eTLyOkCTnEpM6pEC5 jHp2IApx30uoOBJ7wycN8xzkbProiZhuJHZUO6L4ptEHoITEzmT/ZtWteS0NmCfV jkjTSaVzP+Qk7y/GTE4Mv+IJdDnBF88/m7zYONANV8kM2zUAD8aBZu32EgD3Yk/A Lzq2+FMad1So/pPp8GXTz2MyhwRvBWHEfJkQabXraJRIlbscbiGUVh+EDs6ghwXR R2SzejBRaNcXCN0LZqRvTEDc5B9dw5aWk3A9X1P4tLNVCJSjNXZNueCCdQodfKap yS6rxCguyO+pOKERcWEr4LCY27tOrohmXUfkzq6SRP+cP/Q16I7+kV/eNTiBa6jK NgVjG6NxgZPuqsoSHBxO6Hb4VNvjku02xOtFzTMSuYLK13glIV3ztCG45ZJPJWu9 AOnHK6kcHP77g+E8WXw51K7oeZtAS/hrdClpQaTvrA+ZJplv6IhQV8rZTM/jnWWy 7MzqFrhsBeifT2fwQHNMQFuQvOgeatzknnWqjpRpo0h0lBhfepcHbKIpcDNUgtbR 8md+2n6eKIcRsFvBt3yB7uF5oS1VTJ+YXP5wMR07Ft/EpCrGbOTv6jF88UVAeMul OCstXcXs2zTNTUlzlmWpgEmJcC/qkFf8sEev65+PMqGuDr+066lCCISEDwDsV31V EK9pZvPWkiCcRNrU5DE7xz8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 323200384200410409050732781478233634149654 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-18 23:01:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-17 23:01:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kaaingaora.govt.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 758018877342256658936542442224730660750598901365345893291915896200152079946572469510473017504961630414484025677000066090027915919890183435467901408561308317166517390962606050828924430626412473209581174115585760480853158603855903559188934358032988884289926030046672714678451821686935148710669429389177131996710131278392633464251465407310823275624576165637839072534825496349332058461657094987109956960942680927648558093025237566989403189796704265752517675022460258060721548718701291318193619095610463347249628322118905730999793196558432801337932377019899858232466676560192378189730249083135152658838397215236656433621507893204935407314769300452762348472208587161076952640334885864888126212363956162266903803529594811953602581581113215009087952312830732433047896438993517944940620954790313087699893691594829660737807898405059140235076680108128046508463205591749923724703741358913738939180234059021506522897302586887633844231474869349419018095885445631989762697240402617243151890712398473276318811219568839725741003861134276022540379240127142363038595401142269400234918478910178276406722489786828778978669304308110054990428799008741195610985808887309708729115930029908185440746000103070020424772734873381476401137807149845070340918331199 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 11ddb15724fd5d158edabdb962f8bf10883718e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (145 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaaingaora.govt.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaingaora.govt.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kaaingaora.govt.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kaingaora.govt.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.xn--kingaora-h7a.govt.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xn--kingaora-h7a.govt.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016d46d29f4b0000040300483046022100c5dec39d2816014d51e56c7238d4513223e3ed59ca5fac7204a84c7ba8cb43e5022100debab6c6172ba8643436d9ae0fa7ba3b85f7c4cc11c130cac53c1146ba5c41a4007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016d46d29f11000004030046304402205373b8f8dc53097a3b928ffbc7a72aee7acab6637a2fd4f67805a55adbfa9dce022057c7a7436189953b1a47932de39879b3d91fddb2e27fce1c8746d244b002a2e4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008c45c7f00cbe42eb01f09b88bc9a62596e92905819c12f8ba6a3e51cc78652ec315f6098b8df2174a7c3a5427508918f54e2f96ccd09e40e412b92826dd426f7a732d752f1ce1bd4f16047f957f6c2bea26ddfe1e30da50711b40a7dc46f32835648e70b7738dc23c7d9339c24bd8d50332b8db0c84414c51cae71ddff97babdfe00487e6cf4b3526450f2c51347368caebea2348804640ec3d9ffa815c054220c964393244fc4f62c3728b82a8e13d52ee237da57e25fbf54fe976e179610d88daa495f6b09e2d80f76be1f6be898706e58cd69f9702e037888d57ff801bed0975e860a60bdd38e52dd8c476e338b86b706fef30e5bb30ea6ab45df658e3075