mail.dekunstwinkeldenbosch.nl
Issued by R3
About this certificate
This digital certificate with serial number 03:30:ca:7e:1f:44:e8:0c:93:ff:3b:a1:8a:62:7b:57:ed:50 was issued on by Let's Encrypt.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mail.dekunstwinkeldenbosch.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:30:ca:7e:1f:44:e8:0c:93:ff:3b:a1:8a:62:7b:57:ed:50Serial Number (int): 277939570326252543073177678651565847080272
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 8f:a9:ff:91:5a:29:af:f4:1d:dc:f7:be:91:80:bc:4d:9a:a3:34:6e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 11:01:83:97:68:77:bb:c6:d2:a5:b0:81:f1:d8:4e:92:07:5d:5a:d0
Fingerprint (sha256): 80:02:08:29:ed:b5:ae:e4:26:cf:b7:d9:3a:41:b4:f0:89:54:1b:8c:35:4f:b7:21:4d:7b:dc:8a:8b:a1:cf:1e
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mail.dekunstwinkeldenbosch.nl
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mail.dekunstwinkeldenbosch.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dekunstwinkeldenbosch.kolinc.wbkr.nl
dekunstwinkeldenbosch.nl
kaichang.kolinc.wbkr.nl
kaichang.nl
mail.dekunstwinkeldenbosch.nl
mail.kaichang.nl
www.dekunstwinkeldenbosch.kolinc.wbkr.nl
www.dekunstwinkeldenbosch.nl
www.kaichang.kolinc.wbkr.nl
www.kaichang.nl
dekunstwinkeldenbosch.nl
kaichang.kolinc.wbkr.nl
kaichang.nl
mail.dekunstwinkeldenbosch.nl
mail.kaichang.nl
www.dekunstwinkeldenbosch.kolinc.wbkr.nl
www.dekunstwinkeldenbosch.nl
www.kaichang.kolinc.wbkr.nl
www.kaichang.nl
Other certificates including the domain name dekunstwinkeldenbosch.nl
(limited to 100 certificates)
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
www.ko-soof.kolinc.wbkr.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
mail.dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
mail.stuch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
www.ko-soof.kolinc.wbkr.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
mail.dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
mail.stuch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
dekunstwinkeldenbosch.nl
Certificate
The complete raw certificate details for mail.dekunstwinkeldenbosch.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgISAzDKfh9E6AyT/zuhimJ7V+1QMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MjcyMDA3MDRaFw0yNDA4MjUyMDA3MDNaMCgxJjAkBgNVBAMT HW1haWwuZGVrdW5zdHdpbmtlbGRlbmJvc2NoLm5sMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAvtGen1PYMEj3ObuWi703JAMZBzyMVPKLSOVuRIEwfk6l zN58DssPwakHXK2QHNy7VgZ7ZUpJF0V4SOkCxDi5djBKelCt1A2ggh5EyNIkw2yo nF3za1hjdmXZWJru94IrEj4C9iYKFq4Tku6P5/4LkgYLdaaxCXnsi1upds58g2i1 2hb2jKODVmqVhjaiXABEoTqoChn7BVAzsPFUHJZUE/JtUVJsfwnUhulHBkdoTr+F S0jOuHCB+c74tH7YicF/ClqKYnVWW8XqNT0ktV1kJhH+f8e6H8aw3RkcS5KZvJ3w sKFxLhC/w9v/DaB0yQ8/ZR3QJLT5lAjwQFcn2rmxlwIDAQABo4IDEjCCAw4wDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBSPqf+RWimv9B3c976RgLxNmqM0bjAfBgNVHSME GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov L3IzLmkubGVuY3Iub3JnLzCCARoGA1UdEQSCAREwggENgiRkZWt1bnN0d2lua2Vs ZGVuYm9zY2gua29saW5jLndia3IubmyCGGRla3Vuc3R3aW5rZWxkZW5ib3NjaC5u bIIXa2FpY2hhbmcua29saW5jLndia3IubmyCC2thaWNoYW5nLm5sgh1tYWlsLmRl a3Vuc3R3aW5rZWxkZW5ib3NjaC5ubIIQbWFpbC5rYWljaGFuZy5ubIIod3d3LmRl a3Vuc3R3aW5rZWxkZW5ib3NjaC5rb2xpbmMud2Jrci5ubIIcd3d3LmRla3Vuc3R3 aW5rZWxkZW5ib3NjaC5ubIIbd3d3LmthaWNoYW5nLmtvbGluYy53YmtyLm5sgg93 d3cua2FpY2hhbmcubmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5 AgQCBIH0BIHxAO8AdgAZmBBxCfDWUi4wgNKeP2S7g24ozPkPUo7u385KPxa0ygAA AY+74NTKAAAEAwBHMEUCICKiXWoz1Ckp3Vqp59cEnvM9OVkO05kveiE6fUM4OQYp AiEA/5bSRrw7JiuxQ/sRH9izip2NvqLJaoigKYdXtVJVmpEAdQDuzdBk1dsazsVc t520zROiModGfLzs3sNRSFlGcR+1mwAAAY+74NS/AAAEAwBGMEQCIHOsUtJDPxqN KHW+apfhY4zKfVIbFk/kep3gLTBUCyMpAiBlttCulhZO79wsY0IGlb/S8b+tp60S UWcG5cMKsmHrIjANBgkqhkiG9w0BAQsFAAOCAQEAL+XLm3Qudo2OFwD3+9UJ64d8 Ue2Bd2crq5oa0JcLeKcFlEjZTD5Of30lzsvfFM/W6dRsST9VQmvoWbkHpNNnnusn YXlozLSTPnCoxDzetCbAkBYpYXRhuNWLWTmh241kXBKefinP/oYV4FNCQlBftTPd alWhBde+nyOFszOBRYVxq9VFDDOrhAXWU31tNR01G8UfeaDGUCczy35YDywq8u5Q sAbiXDP6+o4pJ0i4zJmFS1EMM2g0O0FvNSyhZ+MO1ujmMTIpaThAoBp2aWxpnFT+ 8EaI1DvjOm+WvnMnmBiUz7vTHGWlSK3ZdIo0reKnHxKKlpLU36hJbKflSMWswA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtGen1PYMEj3ObuWi703 JAMZBzyMVPKLSOVuRIEwfk6lzN58DssPwakHXK2QHNy7VgZ7ZUpJF0V4SOkCxDi5 djBKelCt1A2ggh5EyNIkw2yonF3za1hjdmXZWJru94IrEj4C9iYKFq4Tku6P5/4L kgYLdaaxCXnsi1upds58g2i12hb2jKODVmqVhjaiXABEoTqoChn7BVAzsPFUHJZU E/JtUVJsfwnUhulHBkdoTr+FS0jOuHCB+c74tH7YicF/ClqKYnVWW8XqNT0ktV1k JhH+f8e6H8aw3RkcS5KZvJ3wsKFxLhC/w9v/DaB0yQ8/ZR3QJLT5lAjwQFcn2rmx lwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 277939570326252543073177678651565847080272 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-27 20:07:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-25 20:07:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.dekunstwinkeldenbosch.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24088645230056505883338262387333797377593997105974304637824208446780963733122756648336537570988254865365597032333065102437491397195192854142509447035076930495181620272511264780376529552711511228056658682674121940563492203305353674103976499857064996031132695167208236637045079721612054339617173101621098208469217238343263525476541666000049406608306145302656678967313336669702011379599615469415204078180011533698059953096000335162699549896101886790910888571873511005458288413226420744361538412342617986556664986258672729175576275074527759160356766947765957031721736527833968289158093971729933798926327633842538070782359 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8fa9ff915a29aff41ddcf7be9180bc4d9aa3346e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (273 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dekunstwinkeldenbosch.kolinc.wbkr.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dekunstwinkeldenbosch.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaichang.kolinc.wbkr.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaichang.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.dekunstwinkeldenbosch.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.kaichang.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dekunstwinkeldenbosch.kolinc.wbkr.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dekunstwinkeldenbosch.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kaichang.kolinc.wbkr.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kaichang.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018fbbe0d4ca0000040300473045022022a25d6a33d42929dd5aa9e7d7049ef33d39590ed3992f7a213a7d4338390629022100ff96d246bc3b262bb143fb111fd8b38a9d8dbea2c96a88a0298757b552559a91007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018fbbe0d4bf0000040300463044022073ac52d2433f1a8d2875be6a97e1638cca7d521b164fe47a9de02d30540b2329022065b6d0ae96164eefdc2c63420695bfd2f1bfada7ad12516706e5c30ab261eb22 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002fe5cb9b742e768d8e1700f7fbd509eb877c51ed8177672bab9a1ad0970b78a7059448d94c3e4e7f7d25cecbdf14cfd6e9d46c493f55426be859b907a4d3679eeb27617968ccb4933e70a8c43cdeb426c0901629617461b8d58b5939a1db8d645c129e7e29cffe8615e0534242505fb533dd6a55a105d7be9f2385b33381458571abd5450c33ab8405d6537d6d351d351bc51f79a0c6502733cb7e580f2c2af2ee50b006e25c33fafa8e292748b8cc99854b510c3368343b416f352ca167e30ed6e8e6313229693840a01a76696c699c54fef04688d43be33a6f96be7327981894cfbbd31c65a548add9748a34ade2a71f128a9692d4dfa8496ca7e548c5acc0