OV SSL/TLS Certificate for dev.palottery.pa.gov Issued to Commonwealth of Pennsylvania

Certificate is witin its validity period

Issued by SSL Corporation (Entrust OV TLS Issuing RSA CA 1)

About the dev.palottery.pa.gov OV SSL/TLS Certificate

This certificate with serial number 52:e1:f5:71:08:76:c4:66:ea:3f:44:4e:70:92:a5:60 for dev.palottery.pa.gov was issued on by SSL Corporation.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for dev.palottery.pa.gov provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

SSL Corporation

Organization: SSL Corporation
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 52:e1:f5:71:08:76:c4:66:ea:3f:44:4e:70:92:a5:60
Serial Number (int): 110169940593288157373218665557438670176
Serial Number Length: 127 bits, 16 octets

Subject Key Identifier: a4:e2:6f:99:d1:63:66:99:0c:54:c2:45:8e:da:7a:29:68:87:96:ba
Authority Key Identifier: 68:0d:45:ca:35:c2:e7:9a:1b:f0:b3:84:dd:d5:da:7f:0b:89:c1:11

Fingerprint (SHA-1): b3:c0:eb:6a:c7:80:5e:37:14:90:99:86:c2:fa:14:87:a4:d4:2c:0c
Fingerprint (SHA-256): 0e:6d:bd:16:93:2a:2c:84:a4:c2:ee:2f:e7:b3:25:1e:b0:45:1b:18:73:4c:4d:65:be:22:5b:67:f8:47:21:96

Issuing Certificate URL: http://cert.ssl.com/Entrust-OVTLS-I-R1.cer

Revocation Information

OCSP Server: http://ocsps.ssl.com
CRL Distribution Point: http://crls.ssl.com/Entrust-OVTLS-I-R1.crl

Check the revocation status for certificate dev.palottery.pa.gov
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for dev.palottery.pa.gov

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for dev.palottery.pa.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHlTCCBX2gAwIBAgIQUuH1cQh2xGbqP0ROcJKlYDANBgkqhkiG9w0BAQsFADBR
MQswCQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSgwJgYDVQQD
DB9FbnRydXN0IE9WIFRMUyBJc3N1aW5nIFJTQSBDQSAxMB4XDTI1MDYxMzE2MjIz
MFoXDTI2MDcxMzA0MDAwMFowfzELMAkGA1UEBhMCVVMxFTATBgNVBAgMDFBlbm5z
eWx2YW5pYTETMBEGA1UEBwwKSGFycmlzYnVyZzElMCMGA1UECgwcQ29tbW9ud2Vh
bHRoIG9mIFBlbm5zeWx2YW5pYTEdMBsGA1UEAwwUZGV2LnBhbG90dGVyeS5wYS5n
b3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSS20WVz9MuxDCjYYY
v4OUBiFz5e4iT+zQY15qZutsxljTzCzx/U0KqGLFAR1tUfCaDCNLGq2ymNfLh8ql
cywDO37yGuRRPbHY+yGPpT+2ZD3aS+M0cDNGPRtAS255e0Dpk5lqj2iS6QwN6DpU
kIRv9ZukXjpSkPQE/MsMJhl8UCTnWlA+ShDohflfD4Eo2z5oXYS1jFY4zKpOR9ul
3TQyfaYi9yOeb1bwDh7gSBiUqOQ+MM0C0/iX+RmWVR+vO4Dg0RUgdsma8hs8rjpb
k55Owpzt4fKOeUr7Z9vQ5/7avcKqM/RGfq23RhApoG+ElT6luQEBaHUEgfkkwcZt
BNwZAgMBAAGjggM5MIIDNTAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFGgNRco1
wueaG/CzhN3V2n8LicERMGgGCCsGAQUFBwEBBFwwWjA2BggrBgEFBQcwAoYqaHR0
cDovL2NlcnQuc3NsLmNvbS9FbnRydXN0LU9WVExTLUktUjEuY2VyMCAGCCsGAQUF
BzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTBnBgNVHREEYDBeghRkZXYucGFsb3R0
ZXJ5LnBhLmdvdoIYd3d3LmRldi5wYWxvdHRlcnkucGEuZ292ghV1YXQxLnBhbG90
dGVyeS5wYS5nb3aCFXVhdDIucGFsb3R0ZXJ5LnBhLmdvdjAjBgNVHSAEHDAaMAgG
BmeBDAECAjAOBgwrBgEEAYKpMAEDAQIwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMBMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20vRW50
cnVzdC1PVlRMUy1JLVIxLmNybDAdBgNVHQ4EFgQUpOJvmdFjZpkMVMJFjtp6KWiH
lrowDgYDVR0PAQH/BAQDAgWgMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwCU
TkOH+uzB74HzGSQmqBhlAcfTXzgCAT9yZ31VNy4Z2AAAAZdqIr9SAAAEAwBIMEYC
IQCa68Mjj4TSKrM/bOZLZryoagTLJLVBJOCNBY8s0XR35wIhAIr2X6gSHtUHD0jH
55JxcrEL5dYbxruLG5Q1XNQt58IBAHYA2AlVO5RPev/IFhlvlE+Fq7D4/F6HVSYP
FdEucrtFSxQAAAGXaiK/OAAABAMARzBFAiEA4eRAmjdTKZuNPLFiopCoU8IF4MXY
2gcMFgQfJk4x6noCIF7XMgAyZFmtI1uPUSjqyrujbUYkARznhCXdWhAQEvmbAHYA
1219ENGn9XfCx+lf1wC/+YLJM1pl4dCzAXMXwMjFaXcAAAGXaiK/DwAABAMARzBF
AiBI4XQx/rBJXru/qHYxsONTkAzbTRzPdkM6mH+Vgq3zOwIhAPlfc6v8tNml/iPD
J3RzuefHMjJ0v/IT47e8n5THmlxtMA0GCSqGSIb3DQEBCwUAA4ICAQBCVKtHCsft
J8kzy7Zg3eQBxa7zvqEuF7GBCDzw+FDC6hjlKCSmHvMfWSIaUNTUMDLEv99yuwds
6k8Qcjl1zVdaPpoJXO/fpLLe0RsYnhlel4ubhjRiJ/oq9VPhJ976surajJdSPkPV
NgCH+pHfByUwoSIBhJCI84XP9U75zIAsIBcl9jp1ZuxWGvvhUCk1aKPaX/HwKMt/
ad7HZT+UEowJRzZ16Aj5oCtu9TPCyaTNnWemgREXblBgsWQRLfO0VuDO5vdNo2LQ
7H+3QgEZucwp+O0t58GNHZBzFVAFkOTLQlZiC0yWJFzuSYQAgIgYMTgO4r58hTLZ
R4o8awV5Wc1SqelW4RsVAAis5Fr9OlQguMyF2yDJmf+grDdArgRmTqFhw2t8kHu/
hawndWSa6IMyKrG97uwIQxoYjMD08mUyzch2xWffVZN7Y0I6DdTY24Neg2yFTco/
Jmh98f749RWZFT450ZCGWblJEBKoV4cxmgDmZ44+U/FUIujD1fBUkMoTpNuV6sFi
CRSrKPety7sRGutIuD7/QzF4SuoWLaAjmW2PS0n9lWIRFnBxF2bMruiG7z3VTGkf
Qxq28vDQ/5e1hwErX7LQrZCW3MVeYUKbgcx2ifAtz5+QgEFS++KAFQg6zsIS2yLc
2JydKoHt8xquDQCf37OTaD/7qkqbukrcJA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kttFlc/TLsQwo2GGL+D
lAYhc+XuIk/s0GNeambrbMZY08ws8f1NCqhixQEdbVHwmgwjSxqtspjXy4fKpXMs
Azt+8hrkUT2x2Pshj6U/tmQ92kvjNHAzRj0bQEtueXtA6ZOZao9okukMDeg6VJCE
b/WbpF46UpD0BPzLDCYZfFAk51pQPkoQ6IX5Xw+BKNs+aF2EtYxWOMyqTkfbpd00
Mn2mIvcjnm9W8A4e4EgYlKjkPjDNAtP4l/kZllUfrzuA4NEVIHbJmvIbPK46W5Oe
TsKc7eHyjnlK+2fb0Of+2r3CqjP0Rn6tt0YQKaBvhJU+pbkBAWh1BIH5JMHGbQTc
GQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 110169940593288157373218665557438670176
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Entrust OV TLS Issuing RSA CA 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-13 16:22:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-07-13 04:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Harrisburg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Commonwealth of Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'dev.palottery.pa.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26547238049940997349379374842404810730595517154662102489852456285807720946563326667273338662190846690586115847485473487480776710552073610995344832276143566211035729071609347360749368081956035928527368204893199077051156915911129804547062204172478494863532294997842473382064221373572997430041524659021440525854271075296792888933793161318052282131169451778647616399066989989719321637160920342251172938715126628054939286034167921750943611372886602961681599088090243726370806994165338964762928308460045929412685946903500086251571259647294172542212044017652553459337730414954928740152969010451895466177728797275614829927449
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 680d45ca35c2e79a1bf0b384ddd5da7f0b89c111
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/Entrust-OVTLS-I-R1.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.palottery.pa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dev.palottery.pa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat1.palottery.pa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat2.palottery.pa.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/Entrust-OVTLS-I-R1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a4e26f99d16366990c54c2458eda7a29688796ba
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700944e4387faecc1ef81f3192426a8186501c7d35f3802013f72677d55372e19d8000001976a22bf5200000403004830460221009aebc3238f84d22ab33f6ce64b66bca86a04cb24b54124e08d058f2cd17477e70221008af65fa8121ed5070f48c7e7927172b10be5d61bc6bb8b1b94355cd42de7c201007600d809553b944f7affc816196f944f85abb0f8fc5e8755260f15d12e72bb454b14000001976a22bf380000040300473045022100e1e4409a3753299b8d3cb162a290a853c205e0c5d8da070c16041f264e31ea7a02205ed73200326459ad235b8f5128eacabba36d4624011ce78425dd5a101012f99b007600d76d7d10d1a7f577c2c7e95fd700bff982c9335a65e1d0b3017317c0c8c56977000001976a22bf0f0000040300473045022048e17431feb0495ebbbfa87631b0e353900cdb4d1ccf76433a987f9582adf33b022100f95f73abfcb4d9a5fe23c3277473b9e7c7323274bff213e3b7bc9f94c79a5c6d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		004254ab470ac7ed27c933cbb660dde401c5aef3bea12e17b181083cf0f850c2ea18e52824a61ef31f59221a50d4d43032c4bfdf72bb076cea4f10723975cd575a3e9a095cefdfa4b2ded11b189e195e978b9b86346227fa2af553e127defab2eada8c97523e43d5360087fa91df072530a12201849088f385cff54ef9cc802c201725f63a7566ec561afbe150293568a3da5ff1f028cb7f69dec7653f94128c09473675e808f9a02b6ef533c2c9a4cd9d67a68111176e5060b164112df3b456e0cee6f74da362d0ec7fb7420119b9cc29f8ed2de7c18d1d907315500590e4cb4256620b4c96245cee49840080881831380ee2be7c8532d9478a3c6b057959cd52a9e956e11b150008ace45afd3a5420b8cc85db20c999ffa0ac3740ae04664ea161c36b7c907bbf85ac2775649ae883322ab1bdeeec08431a188cc0f4f26532cdc876c567df55937b63423a0dd4d8db835e836c854dca3f26687df1fef8f51599153e39d1908659b9491012a85787319a00e6678e3e53f15422e8c3d5f05490ca13a4db95eac1620914ab28f7adcbbb111aeb48b83eff4331784aea162da023996d8f4b49fd9562111670711766ccaee886ef3dd54c691f431ab6f2f0d0ff97b587012b5fb2d0ad9096dcc55e61429b81cc7689f02dcf9f90804152fbe28015083acec212db22dcd89c9d2a81edf31aae0d009fdfb393683ffbaa4a9bba4adc24