*.mondadori.it

Issued by Sectigo RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number 1c:e6:61:1b:95:e8:02:86:86:6d:e8:26:80:f2:69:d7 was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.mondadori.it

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): 1c:e6:61:1b:95:e8:02:86:86:6d:e8:26:80:f2:69:d7
Serial Number (int): 38414581738726346072851184203139803607
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 13:fd:c9:07:a9:bc:21:79:9d:a2:b0:fd:c2:4f:6d:b7:5f:47:fb:72
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (sha1): e8:66:8b:fa:5f:0e:9b:53:9e:a3:79:2c:c1:e0:e9:42:fb:ef:1f:4f
Fingerprint (sha256): 7e:d3:f7:05:ca:5e:a4:98:35:ad:4d:1b:61:d9:e9:d0:6e:08:c4:a2:4c:f3:07:37:a2:48:c7:eb:ff:9f:84:0f

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate *.mondadori.it

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.mondadori.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.mondadori.it
mondadori.it

Other certificates including the domain name mondadori.it

(limited to 100 certificates)
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
svi-dpm.mondadori.it
ptps.stbm.it
servizioarretrati.mondadori.it
ptps.stbm.it
ptps.stbm.it
*.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
vr-voip-expe.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
arretrati.mondadori.it
ptps.stbm.it
servizioarretrati.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
*.mondadori.it
ptps.stbm.it
mondadori.it
mi-voip-expe.mondadori.it
vr-voip-expe.mondadori.it
mi-voip-expe.mondadori.it
digital.mondadori.it
cedolini.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
adfs.mondadori.it
ptps.stbm.it
gtwsap.mondadori.it
ptps.stbm.it
ptps.stbm.it
mi-voip-expe.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
wmail.mondadori.it
*.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
*.mondadori.it
*.mondadori.it
whistleblowing.mondadori.it
librimondadori.mondadori.it
mondadori.it
ptps.stbm.it
arretrati.mondadori.it
vr-voip-expe.mondadori.it
dpm.mondadori.it
mi-voip-expe.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
connect.mondadori.it
servizioarretrati.mondadori.it
adfs.mondadori.it
adfs.mondadori.it
ptps.stbm.it
ptps.stbm.it
adfs.mondadori.it
ptps.stbm.it
*.mondadori.it
*.mondadori.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
ptps.stbm.it
*.mondadori.it

Certificate

The complete raw certificate details for *.mondadori.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgIQHOZhG5XoAoaGbegmgPJp1zANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTIzMDcyNDAwMDAwMFoXDTI0MDgyMzIzNTk1OVowGTEXMBUGA1UEAwwOKi5t
b25kYWRvcmkuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEyGDV
eQwMprJwgetVBm+6tTes04bjPULjOMvegOth10dsEQCiePJWXz+tsmd1IyS0Wogd
69fzRRvhsa35D5RURFsaTCz148gUxjLH7BQorO/O+cx28G0xkDzquibNhOkvGih1
lqjQr54aPMabtgN3DBNS3akGXL+IVvjqelSVcF2AWV8GSsqr3qXz5fx781g255nI
KHv6FOI87CCZhwod4UVJ776bzdE4GsZDF+Y9Myd793Fd8SO8Hsf+4nF4gK6nTVpj
fhLKW0GWGakvyoQLlQHw1SmI5YSVfeNq9CrPFPjYcoQ7iukOuoXpdam5prpthw6k
y8JUhUiF6oD/xisxAgMBAAGjggL9MIIC+TAfBgNVHSMEGDAWgBSNjF7EVK2K4Xfp
m/mbBeG4AY1h4TAdBgNVHQ4EFgQUE/3JB6m8IXmdorD9wk9tt19H+3IwDgYDVR0P
AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcwJTAjBggrBgEFBQcCARYX
aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEFBQcBAQR4
MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JT
QURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGG
F2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMCcGA1UdEQQgMB6CDioubW9uZGFkb3Jp
Lml0ggxtb25kYWRvcmkuaXQwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AHb/
iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABiYcAqA4AAAQDAEcwRQIh
AMnP1yFf+rz7By8zemIkggRK7+vlCUOQ/pBtXMa0nkM/AiAbeODfyNQo+q32E0OY
gFiwnya5r6hh2K3dvJBLIolY8AB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k
PTBI1/urAAABiYcAqFsAAAQDAEcwRQIgBxiEhE6pLq1BcgnwZBWdWOTfo0RPmyCg
LS3B9JQwLb4CIQCygYM2b9o9ScwyieIMFD5Ta9pXFR3TcFQqzjuhms8nuAB1AO7N
0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiYcAqDoAAAQDAEYwRAIg
bLdTbF+ZEkX4KT0tLiy29j/WXH6w/lluXyofNjpOV2MCIDCmn/U20/5M52oWMtVx
JgrjrKCqlNgEW1ZQ/yCOe12FMA0GCSqGSIb3DQEBCwUAA4IBAQCyudlvte/zrkWc
JqPOSqyHFFfwSunvbROaOVbMqHgWtrWNgegkjoeuB45ijCrAJarjS9OgsWxgA7hT
O8MKRHvfQ8eCM/B03T2bTDMbVpldCcCMAYVOVsynoNC9c/pPanT1rpdBBOdS6bOu
nY46QSjGxQY0vDqWJZYRFYBgjnONxXG3Ggu7CrWXX/BhIW7vbvIYGCNdJJCCNwmb
XeB4SgUbVS8KApA5m3a8+uIZz/M2Eheat6BrCLU1KXReAHa8FdkxS0Q45pEM3QJT
EYv6TnnSHR+MpIW89xW5UI/hI+CfYoycoBNjUQ4nOS5ZQYHxjos5BrCrjXLUdNE5
gKjCp0e+
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMhg1XkMDKaycIHrVQZv
urU3rNOG4z1C4zjL3oDrYddHbBEAonjyVl8/rbJndSMktFqIHevX80Ub4bGt+Q+U
VERbGkws9ePIFMYyx+wUKKzvzvnMdvBtMZA86romzYTpLxoodZao0K+eGjzGm7YD
dwwTUt2pBly/iFb46npUlXBdgFlfBkrKq96l8+X8e/NYNueZyCh7+hTiPOwgmYcK
HeFFSe++m83ROBrGQxfmPTMne/dxXfEjvB7H/uJxeICup01aY34SyltBlhmpL8qE
C5UB8NUpiOWElX3javQqzxT42HKEO4rpDrqF6XWpuaa6bYcOpMvCVIVIheqA/8Yr
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 38414581738726346072851184203139803607
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.mondadori.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24841517974747022589620911348772901213127580374087736620517577579739377808045565056935197238363990718068209408194788814412632186144561518385103258225162149535415133749322990230647475324614925868503325540096434141092797389939760406184622379262406597019308609454727463194411534083311947440121696104911930408184179753688122483508397154627782738190582193686743408628173115814172195675707793229860971086587792917265629777632248562087132125742243079744017875543915536313234722850868393941787746217298265463763088168047944546721496692625429601704029912507364972874057586158473303699967557151039868580357251833915399763012401
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							13fdc907a9bc21799da2b0fdc24f6db75f47fb72
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mondadori.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mondadori.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001898700a80e0000040300473045022100c9cfd7215ffabcfb072f337a622482044aefebe5094390fe906d5cc6b49e433f02201b78e0dfc8d428faadf61343988058b09f26b9afa861d8adddbc904b228958f0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001898700a85b00000403004730450220071884844ea92ead417209f064159d58e4dfa3444f9b20a02d2dc1f494302dbe022100b28183366fda3d49cc3289e20c143e536bda57151dd370542ace3ba19acf27b8007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001898700a83a000004030046304402206cb7536c5f991245f8293d2d2e2cb6f63fd65c7eb0fe596e5f2a1f363a4e5763022030a69ff536d3fe4ce76a1632d571260ae3aca0aa94d8045b5650ff208e7b5d85
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b2b9d96fb5eff3ae459c26a3ce4aac871457f04ae9ef6d139a3956cca87816b6b58d81e8248e87ae078e628c2ac025aae34bd3a0b16c6003b8533bc30a447bdf43c78233f074dd3d9b4c331b56995d09c08c01854e56cca7a0d0bd73fa4f6a74f5ae974104e752e9b3ae9d8e3a4128c6c50634bc3a962596111580608e738dc571b71a0bbb0ab5975ff061216eef6ef21818235d24908237099b5de0784a051b552f0a0290399b76bcfae219cff33612179ab7a06b08b53529745e0076bc15d9314b4438e6910cdd0253118bfa4e79d21d1f8ca485bcf715b9508fe123e09f628c9ca01363510e27392e594181f18e8b3906b0ab8d72d474d13980a8c2a747be