taco-group.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:bb:bb:b7:04:ad:8d:9a:96:d4:86:3b:16:63:8b:59:38:91 was issued on by Let's Encrypt.
With 20 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=taco-group.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bb:bb:b7:04:ad:8d:9a:96:d4:86:3b:16:63:8b:59:38:91Serial Number (int): 325219176329913058552022580028809231808657
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 75:b2:38:82:8f:ab:9c:39:f5:a5:78:62:9e:14:21:84:e5:15:84:10
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 1d:19:a3:dc:62:3a:ed:78:1c:94:fb:e2:bc:8e:38:53:7e:81:58:51
Fingerprint (sha256): 7b:54:73:77:bd:53:5e:08:96:11:d3:7e:36:94:10:76:35:92:e5:08:88:30:bf:4e:1d:fe:e1:c3:8d:d9:43:fe
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate taco-group.com
20
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for taco-group.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
3ashour.com
3ashour.khayalie.com
abo7adeed.com
abo7adeed.khayalie.com
boo7athegame.com
boo7athegame.khayalie.com
mail.3ashour.com
mail.abo7adeed.com
mail.boo7athegame.com
mail.taco-group.com
taco-group.com
taco-group.khayalie.com
www.3ashour.com
www.3ashour.khayalie.com
www.abo7adeed.com
www.abo7adeed.khayalie.com
www.boo7athegame.com
www.boo7athegame.khayalie.com
www.taco-group.com
www.taco-group.khayalie.com
3ashour.khayalie.com
abo7adeed.com
abo7adeed.khayalie.com
boo7athegame.com
boo7athegame.khayalie.com
mail.3ashour.com
mail.abo7adeed.com
mail.boo7athegame.com
mail.taco-group.com
taco-group.com
taco-group.khayalie.com
www.3ashour.com
www.3ashour.khayalie.com
www.abo7adeed.com
www.abo7adeed.khayalie.com
www.boo7athegame.com
www.boo7athegame.khayalie.com
www.taco-group.com
www.taco-group.khayalie.com
Other certificates including the domain name taco-group.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for taco-group.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG/DCCBeSgAwIBAgISA7u7twStjZqW1IY7FmOLWTiRMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjcxMzMxMTdaFw0x OTA4MjUxMzMxMTdaMBkxFzAVBgNVBAMTDnRhY28tZ3JvdXAuY29tMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qoz1+9pebVgQrGPHgGzWW8LKlKtoV8z /2mLsqogwOw0d+Cymsp6ZI7ZGS7b9M2t8Bvaz11wpiLyizl67QV/+p+CLEWe8W7j OqmiezHPMBDZL4B2zMvet/CIAB9vKOb6z7JE0Ove/rB6XrB+U6XFGhWEDUKlhkFg l/a9pAgG1WW7F/3Jf5GDwg9XqD6STC6H1pCXJ3w067ETcvlF9KALcbKU6CNptGce QARuVpF8fQVRfKSgVX6UjNxQcVJvChF3MabnRISkPG1SQzG2qv8X1YUNVR7oXGhe bvKeoZAVCsEtI96+QiH7YNn9l5fc9S2XIIrxiJXxGzDVFs2ZXdUJyQIDAQABo4IE CzCCBAcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR1sjiCj6ucOfWleGKeFCGE5RWE EDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj MGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v cmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v cmcvMIIBvwYDVR0RBIIBtjCCAbKCCzNhc2hvdXIuY29tghQzYXNob3VyLmtoYXlh bGllLmNvbYINYWJvN2FkZWVkLmNvbYIWYWJvN2FkZWVkLmtoYXlhbGllLmNvbYIQ Ym9vN2F0aGVnYW1lLmNvbYIZYm9vN2F0aGVnYW1lLmtoYXlhbGllLmNvbYIQbWFp bC4zYXNob3VyLmNvbYISbWFpbC5hYm83YWRlZWQuY29tghVtYWlsLmJvbzdhdGhl Z2FtZS5jb22CE21haWwudGFjby1ncm91cC5jb22CDnRhY28tZ3JvdXAuY29tghd0 YWNvLWdyb3VwLmtoYXlhbGllLmNvbYIPd3d3LjNhc2hvdXIuY29tghh3d3cuM2Fz aG91ci5raGF5YWxpZS5jb22CEXd3dy5hYm83YWRlZWQuY29tghp3d3cuYWJvN2Fk ZWVkLmtoYXlhbGllLmNvbYIUd3d3LmJvbzdhdGhlZ2FtZS5jb22CHXd3dy5ib283 YXRoZWdhbWUua2hheWFsaWUuY29tghJ3d3cudGFjby1ncm91cC5jb22CG3d3dy50 YWNvLWdyb3VwLmtoYXlhbGllLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AHR+2oMxrTMQkSGcziVPQnDC v/1eQiAIxjc1eeYQe8xWAAABavmz5vcAAAQDAEcwRQIhALC5MAKt4kfLqiAZuGYs tuiDJsioNQTP25ZjQc4dnWD/AiAT9abVv4qAEAYQq/q8/fulIKV7CNRl2St0qIe7 kEILLAB2ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABavmz5R0A AAQDAEcwRQIhAMukl8rMo0RZC1FZUPizWjqh+PelRvuOrSb9VdfJ+70jAiAxbEOE 42tf570tGDcxClcb2yZjtN6OwvM/Vh07c+9CUTANBgkqhkiG9w0BAQsFAAOCAQEA NPezMMgQDn0ckDpV86D7XbcdqnO1Y9qDumw8IGwE8yH8XC2DZVqg/Mjmc8tHbRMm HecqlyDesm2oNZnTxgGAKRSo4q1gelv3XgZ/MNftq78R9jvJWJEJJAbBZCQ0rhJL gsuPyQXrcVxZHNAPL0F4y+aY1e/lVhsTrIYGTU/hoYZgo+NBzxxgaNa0RqIvVoez JnLVHKfrHlWR5jqg7xWp9lUfbAoHUnnMrcGK1w/5jaLzriAW+A1zRi9ZNV3kwrum zby6pcWa0HWnuISjwO5scKh/slPJdtty/JbeY8UjmD4QvAZHXgjQ/Bw0sU/0bpvM KlS1l6klUoNHYy01I3zI+w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qoz1+9pebVgQrGPHgGz WW8LKlKtoV8z/2mLsqogwOw0d+Cymsp6ZI7ZGS7b9M2t8Bvaz11wpiLyizl67QV/ +p+CLEWe8W7jOqmiezHPMBDZL4B2zMvet/CIAB9vKOb6z7JE0Ove/rB6XrB+U6XF GhWEDUKlhkFgl/a9pAgG1WW7F/3Jf5GDwg9XqD6STC6H1pCXJ3w067ETcvlF9KAL cbKU6CNptGceQARuVpF8fQVRfKSgVX6UjNxQcVJvChF3MabnRISkPG1SQzG2qv8X 1YUNVR7oXGhebvKeoZAVCsEtI96+QiH7YNn9l5fc9S2XIIrxiJXxGzDVFs2ZXdUJ yQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325219176329913058552022580028809231808657 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-27 13:31:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-25 13:31:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'taco-group.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29623693349656799812278162082579344348253900073855705136483544423185950915293500839182904889708335831389882013897112688819935961845513203843761362656699306003188841260628996159987351582680522557745956476015515267953665112367781869967561438535769469123308705094605047081517598984400066663146394522936440445073843939299687320107851865672716713734356330942642403542702251636167725614301692344677244023735530263914689943554599247790923665937439032844148665975283644674247896274305382321400869619526326541867231645182134591047964281866829102267188448319956134334282066342184002300013474517248804144262656793501630620568009 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 75b238828fab9c39f5a578629e142184e5158410 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (438 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3ashour.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3ashour.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abo7adeed.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abo7adeed.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'boo7athegame.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'boo7athegame.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.3ashour.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.abo7adeed.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.boo7athegame.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.taco-group.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'taco-group.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'taco-group.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.3ashour.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.3ashour.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abo7adeed.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abo7adeed.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.boo7athegame.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.boo7athegame.khayalie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.taco-group.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.taco-group.khayalie.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016af9b3e6f70000040300473045022100b0b93002ade247cbaa2019b8662cb6e88326c8a83504cfdb966341ce1d9d60ff022013f5a6d5bf8a80100610abfabcfdfba520a57b08d465d92b74a887bb90420b2c007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016af9b3e51d0000040300473045022100cba497cacca344590b515950f8b35a3aa1f8f7a546fb8ead26fd55d7c9fbbd230220316c4384e36b5fe7bd2d1837310a571bdb2663b4de8ec2f33f561d3b73ef4251 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0034f7b330c8100e7d1c903a55f3a0fb5db71daa73b563da83ba6c3c206c04f321fc5c2d83655aa0fcc8e673cb476d13261de72a9720deb26da83599d3c601802914a8e2ad607a5bf75e067f30d7edabbf11f63bc95891092406c1642434ae124b82cb8fc905eb715c591cd00f2f4178cbe698d5efe5561b13ac86064d4fe1a18660a3e341cf1c6068d6b446a22f5687b32672d51ca7eb1e5591e63aa0ef15a9f6551f6c0a075279ccadc18ad70ff98da2f3ae2016f80d73462f59355de4c2bba6cdbcbaa5c59ad075a7b884a3c0ee6c70a87fb253c976db72fc96de63c523983e10bc06475e08d0fc1c34b14ff46e9bcc2a54b597a925528347632d35237cc8fb