nginx-latency.capstage.net

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 05:88:1e:b4:19:f6:b7:dc:67:13:ad:72:78:77:a2:04 was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=nginx-latency.capstage.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:88:1e:b4:19:f6:b7:dc:67:13:ad:72:78:77:a2:04
Serial Number (int): 7352915093078067295629025831521067524
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 44:e8:d8:c2:9e:48:c4:51:c4:a4:66:98:ac:dd:16:5a:c4:fa:7b:80
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 97:0b:14:8f:84:34:c7:f0:60:02:91:53:00:50:76:ad:f3:7b:a9:b8
Fingerprint (sha256): 7c:59:d3:0c:3e:8a:bf:e8:8e:f8:d6:8c:5c:be:4e:4a:bb:af:90:d9:e6:a6:30:83:6d:3b:98:36:4f:4d:47:fd

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate nginx-latency.capstage.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for nginx-latency.capstage.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

nginx-latency.capstage.net

Other certificates including the domain name capstage.net

(limited to 100 certificates)
pr1307.reviews.capstage.net
spotlight-ui-staging-1752.capstage.net
public-api-dev.capstage.net
sem-ui-staging-909.capstage.net
sem-ui-staging-885.capstage.net
spotlight-ui-staging-1772.capstage.net
spotlight-dev.capstage.net
spotlight-ui-staging-1759.capstage.net
spotlight-ui-staging-2057.capstage.net
pr1306.reviews.capstage.net
user-workspace-staging-2005.capstage.net
vendor-page-dev.capstage.net
compare-ui-staging-885.capstage.net
spotlight-ui-staging-1754.capstage.net
search-dev.capstage.net
spotlight-ui-staging-1741.capstage.net
main.capstage.net
pr1946.reviews.capstage.net
user-workspace-staging-2004.capstage.net
spotlight-ui-staging-1754.capstage.net
dirpa-ui-staging-2308.capstage.net
user-workspace-staging-2004.capstage.net
sem-ui-staging-895.capstage.net
search-staging-694.capstage.net
spotlight-ui-staging-2320.capstage.net
dirpa-ui-staging-2308.capstage.net
dirpa-ui-staging-2330.capstage.net
*.capstage.net
spotlight-ui-staging-2061.capstage.net
compare-ui-staging-889.capstage.net
spotlight-ui-staging-1757.capstage.net
sem-ui-staging-1429.capstage.net
compare-ui-staging-888.capstage.net
pr1286.reviews.capstage.net
spotlight-ui-staging-1756.capstage.net
dirpa-ui-staging-2325.capstage.net
reviews.capstage.net
spotlight-ui-staging-1771.capstage.net
spotlight-ui-staging-1751.capstage.net
user-workspace-staging-2016.capstage.net
search-staging-703.capstage.net
colin.capstage.net
spotlight-dev.capstage.net
spotlight-ui-staging-1766.capstage.net
vendor-page.capstage.net
spotlight-ui-staging-1745.capstage.net
compare-ui-staging-688.capstage.net
compare-ui-staging-890.capstage.net
reviews-dev.capstage.net
dirpa-ui-staging-2329.capstage.net
sa-ppl-form.capstage.net
pr1831.reviews.capstage.net
spotlight-ui-staging-1765.capstage.net
dirpa-ui-staging-2319.capstage.net
spotlight-ui-staging-2055.capstage.net
sem-ui-staging-1426.capstage.net
pr1832.reviews.capstage.net
spotlight-ui-staging-2063.capstage.net
sem-ui-staging-907.capstage.net
atlantisci.capstage.net
colin.capstage.net
spotlight-ui-staging-1763.capstage.net
spotlight-ui-staging-1746.capstage.net
homepage-ui-staging-479.capstage.net
spotlight-ui-staging-1772.capstage.net
sem-ui-staging-910.capstage.net
spotlight-ui-staging-1773.capstage.net
spotlight-ui-staging-1760.capstage.net
sem-ui-staging-1212.capstage.net
*.capstage.net
sem-ui-staging-908.capstage.net
sem-ui-staging-1191.capstage.net
user-workspace-staging-1997.capstage.net
user-workspace-staging-2008.capstage.net
search-staging-713.capstage.net
user-workspace-staging-2002.capstage.net
spotlight-ui-staging-1774.capstage.net
sem-ui-staging-912.capstage.net
spotlight-ui-staging-2085.capstage.net
*.capstage.net
search-staging-692.capstage.net
user-workspace-staging-2018.capstage.net
spotlight-ui-staging-2056.capstage.net
sem-ui-staging-1213.capstage.net
compare-ui-staging-689.capstage.net
reviews-dev.capstage.net
dirpa-ui-staging-2333.capstage.net
vp-ppl-qa.capstage.net
search.capstage.net
spotlight-ui-staging-1756.capstage.net
spotlight-ui-staging-2068.capstage.net
sem-ui-staging-1425.capstage.net
sem-ui-staging-1216.capstage.net
dirpa-ui-staging-2332.capstage.net
reviews.capstage.net
dirpa-ui-staging-2336.capstage.net
dirpa-ui-staging-2045.capstage.net
sem-ui-staging-1205.capstage.net
capterra.com
spotlight-ui-staging-1762.capstage.net

Certificate

The complete raw certificate details for nginx-latency.capstage.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEczCCA1ugAwIBAgIQBYgetBn2t9xnE61yeHeiBDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIxMzAwMDAwMFoXDTI1MDExMDIzNTk1OVowJTEj
MCEGA1UEAxMabmdpbngtbGF0ZW5jeS5jYXBzdGFnZS5uZXQwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDBtfVeqlJAj1AE3fFzCTtv5FWbb9LcB9JSvMYN
0z5BFyUHKvEiaDCZ08phLg2OabueVnrNGylbeCrM7i4F0f6RlL4P64QuXtb6BcDJ
4vMNGj/k1S/9E48cBn/Nr7diEAT6J0rZt0vgvcobxzemVbcT6+Po0QNJurr9tBYV
xSpKZeVvVvcKR9g5bhQmwdyj0yyys361oXL073VAwLSC9JwdV5xt+P6SxI77M9tq
yPi6dJGlMhJcUlYbIGBmGry9HEaxaRfJlurzObIVEOvy4VZQaB/u130exEx6zOx3
ir9G6x/muOiNTnfUFRBAuuECLC3SNzg4AleTgs51/ngzUq+pAgMBAAGjggGGMIIB
gjAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUROjY
wp5IxFHEpGaYrN0WWsT6e4AwJQYDVR0RBB4wHIIabmdpbngtbGF0ZW5jeS5jYXBz
dGFnZS5uZXQwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipo
dHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYB
BQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250
cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1
c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8E
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAS/j3Z+tWMJNryKjZFK1NUqV/kKpU4jsIS
+DwLrE1Wy9Is+o38/gwC12XfBm8BSFsiKJdYbD51icrEQs+fOpklOPzrY+cgA7wT
GpaHTrncmJI2Mv4yjQQo9APSGrPbdNEI1dEPWl9lJI7/NSLh6QbqVU7WnnNSbt+P
NlncbHA4KPnE4sMa+wfVCGtPZDca6MJ32y6VvleZ0U9TnAUJGlFTMwfkoQJbtD7o
3LJRKt0qHmlc7Wqm3c4K5T5qxJ6lKe2MxjtFuPyrldXLiYRXje7yye0UJnSflF7L
Zpz1wj5tcF7+u3cbk7a7ONW/zFyxOpYph5uvvUGyvtbpOXbX9VB9
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbX1XqpSQI9QBN3xcwk7
b+RVm2/S3AfSUrzGDdM+QRclByrxImgwmdPKYS4Njmm7nlZ6zRspW3gqzO4uBdH+
kZS+D+uELl7W+gXAyeLzDRo/5NUv/ROPHAZ/za+3YhAE+idK2bdL4L3KG8c3plW3
E+vj6NEDSbq6/bQWFcUqSmXlb1b3CkfYOW4UJsHco9MssrN+taFy9O91QMC0gvSc
HVecbfj+ksSO+zPbasj4unSRpTISXFJWGyBgZhq8vRxGsWkXyZbq8zmyFRDr8uFW
UGgf7td9HsRMeszsd4q/Rusf5rjojU531BUQQLrhAiwt0jc4OAJXk4LOdf54M1Kv
qQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7352915093078067295629025831521067524
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nginx-latency.capstage.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24453719927004488388103405605747746505220031418057511287783614072102883100275918059385334645805106464773544966206919335814888383346143917869274506561372571154406995538055036245141875754295455089841198281589114015577818838856064154592621896359323139944834481051440999764727531313596626569670962036086237168149835918015315784830818417345635992643580291506025507742022326775533678513784997922576302652757866122259958402959034956444878640508228145627951200318111753464637211285500464806852085995681159952254780957617182168613248722109020663630816148378041865294102345348093253822075683750691620670225394110430394872672169
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							44e8d8c29e48c451c4a46698acdd165ac4fa7b80
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nginx-latency.capstage.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0012fe3dd9fad58c24daf22a36452b5354a95fe42a95388ec212f83c0bac4d56cbd22cfa8dfcfe0c02d765df066f01485b222897586c3e7589cac442cf9f3a992538fceb63e72003bc131a96874eb9dc98923632fe328d0428f403d21ab3db74d108d5d10f5a5f65248eff3522e1e906ea554ed69e73526edf8f3659dc6c703828f9c4e2c31afb07d5086b4f64371ae8c277db2e95be5799d14f539c05091a51533307e4a1025bb43ee8dcb2512add2a1e695ced6aa6ddce0ae53e6ac49ea529ed8cc63b45b8fcab95d5cb8984578deef2c9ed1426749f945ecb669cf5c23e6d705efebb771b93b6bb38d5bfcc5cb13a9629879bafbd41b2bed6e93976d7f5507d