xsa.co.za
Issued by R3
About this certificate
This digital certificate with serial number 03:ec:fd:54:59:b1:fb:7c:2b:f2:cb:b2:7e:dd:8a:65:e9:01 was issued on by Let's Encrypt.
With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=xsa.co.za
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ec:fd:54:59:b1:fb:7c:2b:f2:cb:b2:7e:dd:8a:65:e9:01Serial Number (int): 341980229043727588300424359683926077597953
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 3e:16:8a:0c:c6:dd:7d:50:6d:01:5d:88:76:bf:91:2b:41:df:df:47
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1c:7e:71:17:c9:9f:4a:9d:15:36:f3:e5:e8:d5:40:4c:2d:18:65:f8
Fingerprint (sha256): 7b:23:fe:fc:74:e1:e5:d6:c5:c1:8f:6a:35:b9:00:70:68:bb:07:31:b7:e6:09:fe:c1:f8:20:b0:2a:6a:a9:9b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate xsa.co.za
17
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for xsa.co.za
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
anchoredmarine.com
atmguys.com
beachblings.com
christkeystonechurch.net.estetistar.com
damoncampbell.com.getvisacard.com
debbiehenline.com.mayaixchell.com
diamondth.com
dui-schools.com
garlandhairsalon.com
helicoptertales.com
kalpika.in
klim.news
mendozafirearms.com
pinkchic.net
shipwrecksrewards.com
ultraescorts.com
xsa.co.za
atmguys.com
beachblings.com
christkeystonechurch.net.estetistar.com
damoncampbell.com.getvisacard.com
debbiehenline.com.mayaixchell.com
diamondth.com
dui-schools.com
garlandhairsalon.com
helicoptertales.com
kalpika.in
klim.news
mendozafirearms.com
pinkchic.net
shipwrecksrewards.com
ultraescorts.com
xsa.co.za
Other certificates including the domain name xsa.co.za
(limited to 100 certificates)
aqq3.arina-the-artist.com
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
aqq3.arina-the-artist.com
anri.tauns.com
xsa.co.za
xsa.co.za
xsa.co.za
phantom-immobiliser.com.shepherdingcenter.com.xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
anri.tauns.com
cenatti.com.xsa.co.za
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
anri.tauns.com
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
aqq3.arina-the-artist.com
anri.tauns.com
xsa.co.za
xsa.co.za
xsa.co.za
phantom-immobiliser.com.shepherdingcenter.com.xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
anri.tauns.com
cenatti.com.xsa.co.za
xsa.co.za
xsa.co.za
xsa.co.za
anri.tauns.com
aqq3.arina-the-artist.com
xsa.co.za
xsa.co.za
anri.tauns.com
xsa.co.za
Certificate
The complete raw certificate details for xsa.co.za in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGNDCCBRygAwIBAgISA+z9VFmx+3wr8suyft2KZekBMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMjMxNTA0MDZaFw0yNDAyMjExNTA0MDVaMBQxEjAQBgNVBAMT CXhzYS5jby56YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ1BSPUU HdWDk/y2yiBfw0sPkp5B1efMXg/SS2MW5IfrnYykK1NrYx64vOX7iDNp8acJv6Cv IDeMDxF/2/iT7WjW/2PevgogfjAjj2urEPyTLPRK2JdtGvF9lGjSF9fQGroXWCpt sk0gfCbkMcWcd4oHsTo4Ex96bOQwxk9hflIwi3Z1YcW27t5kzIGccbmwDFiRwKOI f4VzU5Ah6qMBsM9f0PRbt1U5RrWnKEdUfbfTzczV8sTzJbFVDhWi4D7nXwFBZxFT ZPayvWuY8W+3HXo4c1/xrNZA8JX3/96FFiCPgfjwRDRs83N9Q98ydNkKxoRr0odV FZe/pWourDzNSokCAwEAAaOCA2AwggNcMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU PhaKDMbdfVBtAV2Idr+RK0Hf30cwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wggFn BgNVHREEggFeMIIBWoISYW5jaG9yZWRtYXJpbmUuY29tggthdG1ndXlzLmNvbYIP YmVhY2hibGluZ3MuY29tgidjaHJpc3RrZXlzdG9uZWNodXJjaC5uZXQuZXN0ZXRp c3Rhci5jb22CIWRhbW9uY2FtcGJlbGwuY29tLmdldHZpc2FjYXJkLmNvbYIhZGVi YmllaGVubGluZS5jb20ubWF5YWl4Y2hlbGwuY29tgg1kaWFtb25kdGguY29tgg9k dWktc2Nob29scy5jb22CFGdhcmxhbmRoYWlyc2Fsb24uY29tghNoZWxpY29wdGVy dGFsZXMuY29tggprYWxwaWthLmlugglrbGltLm5ld3OCE21lbmRvemFmaXJlYXJt cy5jb22CDHBpbmtjaGljLm5ldIIVc2hpcHdyZWNrc3Jld2FyZHMuY29tghB1bHRy YWVzY29ydHMuY29tggl4c2EuY28uemEwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEE BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ u7+rOdiEcwAAAYv87JwpAAAEAwBHMEUCIGu1S8lxi6dBgSxw/8iD+5lbrgByZv6S cM3O02iJFGvlAiEA+a7MVF8yA+7yEJVJ/j3l6HhYeyCPmzQv3qrVjGlFiyMAdgA7 U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYv87JwvAAAEAwBHMEUC IQC8GTNtT+E/MMA6ITfteLe4xfgJ9BFhJR1YcAQu3HS0iQIgcjm5RdpZaMRsvPIy XqVZ3cYErGrJmYGMvE5pNX/Xml8wDQYJKoZIhvcNAQELBQADggEBAAgIJSEexdEs Qh0OjH5bV+reRiOl/e07xtcS2cphCYLsFxVdL4hhMWScoJ9fL2syRNplNszvfxyx eZ4vf0bGPserEXiQnFjNG/gNRenXHLE1Wi3L9UPjh+Or+8KehtVQWIHgjbTO8NrK VKc62sx4Q/QNOjl3Nc5nX3uYPNobNA/qxUtZ2y5pLMbr3NHiYhu1x9HpJ35M5Daw h3NtkRJLGJhEIO2XkB7lsLbxPU2cMIWJ3k/MlPCw4k7HX0j2glY7QTQt0sYzwE2n Wncoo56/dwuwM9bLSWmqxweKWyJEZmxG3uxTdQG6A/X0APecj+VTSMzx0jDaIiiU Z0wnQ1flCe4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUFI9RQd1YOT/LbKIF/D Sw+SnkHV58xeD9JLYxbkh+udjKQrU2tjHri85fuIM2nxpwm/oK8gN4wPEX/b+JPt aNb/Y96+CiB+MCOPa6sQ/JMs9ErYl20a8X2UaNIX19AauhdYKm2yTSB8JuQxxZx3 igexOjgTH3ps5DDGT2F+UjCLdnVhxbbu3mTMgZxxubAMWJHAo4h/hXNTkCHqowGw z1/Q9Fu3VTlGtacoR1R9t9PNzNXyxPMlsVUOFaLgPudfAUFnEVNk9rK9a5jxb7cd ejhzX/Gs1kDwlff/3oUWII+B+PBENGzzc31D3zJ02QrGhGvSh1UVl7+lai6sPM1K iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 341980229043727588300424359683926077597953 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-23 15:04:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-21 15:04:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'xsa.co.za' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19851607107902174880066153479533840367273580414622323994023542385203565671813622439608811297875362317867850868657691046175400408380953670747072998931515420007607067349893137646390343777163638543775078320194218664532740105753612023734796580935834342390351708717657619884471078203902940449592287081502259984132257051257356735244916604708791457250264886778663209628881343628400249483423807611016908229979066672392439462297110660217470910268416480999355840379627430664364388261781966662950605335907334211627015727987964277519231116751975192013284075793172596767371250632733659887274561828124863145375384018154649616730761 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3e168a0cc6dd7d506d015d8876bf912b41dfdf47 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (350 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'anchoredmarine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'atmguys.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beachblings.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'christkeystonechurch.net.estetistar.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'damoncampbell.com.getvisacard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'debbiehenline.com.mayaixchell.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diamondth.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dui-schools.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'garlandhairsalon.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helicoptertales.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kalpika.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'klim.news' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mendozafirearms.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pinkchic.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shipwrecksrewards.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ultraescorts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xsa.co.za' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bfcec9c29000004030047304502206bb54bc9718ba741812c70ffc883fb995bae007266fe9270cdced36889146be5022100f9aecc545f3203eef2109549fe3de5e878587b208f9b342fdeaad58c69458b230076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bfcec9c2f0000040300473045022100bc19336d4fe13f30c03a2137ed78b7b8c5f809f41161251d5870042edc74b48902207239b945da5968c46cbcf2325ea559ddc604ac6ac999818cbc4e69357fd79a5f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00080825211ec5d12c421d0e8c7e5b57eade4623a5fded3bc6d712d9ca610982ec17155d2f886131649ca09f5f2f6b3244da6536ccef7f1cb1799e2f7f46c63ec7ab1178909c58cd1bf80d45e9d71cb1355a2dcbf543e387e3abfbc29e86d5505881e08db4cef0daca54a73adacc7843f40d3a397735ce675f7b983cda1b340feac54b59db2e692cc6ebdcd1e2621bb5c7d1e9277e4ce436b087736d91124b18984420ed97901ee5b0b6f13d4d9c308589de4fcc94f0b0e24ec75f48f682563b41342dd2c633c04da75a7728a39ebf770bb033d6cb4969aac7078a5b2244666c46deec537501ba03f5f400f79c8fe55348ccf1d230da222894674c274357e509ee