my.mazars.co.uk

Issued by GeoTrust DV SSL CA - G3

About this certificate

This digital certificate with serial number 29:0b:ce:f0:16:1d:ba:c9:2c:df:6c:f8:f2:6c:86:44 was issued on by GeoTrust Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=my.mazars.co.uk

GeoTrust Inc.

Organization: GeoTrust Inc.
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 29:0b:ce:f0:16:1d:ba:c9:2c:df:6c:f8:f2:6c:86:44
Serial Number (int): 54559660290607400696551491717020026436
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: ad:65:22:85:90:d0:3b:e3:a1:49:8b:37:f9:f1:0b:1d:5f:17:a0:77

Fingerprint (sha1): 3e:dc:8b:54:00:3f:51:b8:0c:9a:4d:0a:5f:48:82:a2:32:db:aa:52
Fingerprint (sha256): 80:17:ff:8e:ab:19:ad:30:10:8d:50:bf:72:6b:e5:10:5b:3c:cb:9b:27:74:c3:33:9e:80:2a:1c:c3:b6:1d:a0

Issuing Certificate URL: http://gt.symcb.com/gt.crt

Revocation information

OCSP Server: http://gt.symcd.com
CRL Distribution Point: http://gt.symcb.com/gt.crl

Check the revocation status for certificate my.mazars.co.uk

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for my.mazars.co.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

my.mazars.co.uk

Other certificates including the domain name mazars.co.uk

(limited to 100 certificates)
mail.mazars.co.uk
forms.mazars.co.uk
*.mazars.co.uk
my.mazars.co.uk
www.mazars.nl
access01.mazars.co.uk
mail.mazars.co.uk
www.mazars.fr
graduates.mazars.co.uk
www.mazars.fr
pavpn.mazars.co.uk
investment.mazars.co.uk
schoolleavers.mazars.co.uk
*.mazars.co.uk
secure.mazars.co.uk
investment.mazars.co.uk
mail.mazars.co.uk
www.mazars.fr
investment.mazars.co.uk
mazars-proposals.co.uk
jobs.mazars.co.uk
www.mazars.fr
investment.mazars.co.uk
investment.mazars.co.uk
Citrix.mazars.co.uk
my.mazars.co.uk
secure.mazars.co.uk
mail.mazars.co.uk
mvd.mazars.co.uk
investment.mazars.co.uk
alumni.mazars.co.uk
access01.mazars.co.uk
Csg.mazars.co.uk
www.mazars.fr
graduates.mazars.co.uk
www.mazars.fr
*.mazars.co.uk
sftp.mazars.co.uk
investment.mazars.co.uk
webmail.mazars.co.uk
lyweb01.mazars.co.uk
*.mazars.co.uk
www.mazars.com
access01.mazars.co.uk
pavpn.mazars.co.uk
my.mazars.co.uk
access02.mazars.co.uk
www.mazars.fr
schoolleavers.mazars.co.uk
www.mazars.fr
mazars.co.uk
www.mazars.fr
*.mazars.co.uk
lyweb01.mazars.co.uk
access01.mazars.co.uk

Certificate

The complete raw certificate details for my.mazars.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIQKQvO8BYdusks32z48myGRDANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU
RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD
QSAtIEczMB4XDTE2MDkyODAwMDAwMFoXDTE3MTAyODIzNTk1OVowGjEYMBYGA1UE
AwwPbXkubWF6YXJzLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzY+q9Tu24LCS4FELQ3ZMYsyenUlpJUkASn5rRy+yepNcZURDZdGCYgljxnat
Vn+dN+bJfhj3b/iyYFPos0znMdYp/NdgMOS/JHLUEsbOMs0DzP0A20QwGXt67mH9
f5KOhUZMFRvYQWZFFj/FWvvAxaUUdAYevK0/g3iSRNLm6SUmqQs9lsk/CBX8IGsJ
okXX2hTw0vD0GOa8xoO0HF7R7kNLuOH0swEgyQgtOS4E7bnSduLYRwb9en4CV2ow
Zuj0RwNwQpr4Aa9dmwDlsrLfmZf5d23mr6WV8WRlKVsLXhz2LmSdPP+2syE5lPxv
74zLJh4O2zaeWfDgFrB/2gOKgQIDAQABo4ICqDCCAqQwGgYDVR0RBBMwEYIPbXku
bWF6YXJzLmNvLnVrMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDov
L2d0LnN5bWNiLmNvbS9ndC5jcmwwgZ0GA1UdIASBlTCBkjCBjwYGZ4EMAQIBMIGE
MD8GCCsGAQUFBwIBFjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz
L3JlcG9zaXRvcnkvbGVnYWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cuZ2Vv
dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMB8GA1UdIwQYMBaA
FK1lIoWQ0DvjoUmLN/nxCx1fF6B3MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB
hhNodHRwOi8vZ3Quc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ3Quc3lt
Y2IuY29tL2d0LmNydDCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AN3rHSt6DU+m
IIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABV3EAguwAAAQDAEcwRQIhAIgLnPuG
z1I9u9lBiHIjeoTONpMJYlcfmvIoeRW2oNIKAiAV1LdgQBxFB+UAcdI08qHoBzmt
SNzxBgZWMq1bFkw+mgB1AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vE
AAABV3EAgwkAAAQDAEYwRAIgIf7Fx6vCAsMnhsoMlzUILTAIJoVVoSqW7kEL8qBs
LvgCIEpR9livZ+iUHBUFjj8IyVq1e5qmpelnxFYfNooge1+JMA0GCSqGSIb3DQEB
CwUAA4IBAQBBy4HfPGt70zqxWeIbaOsB4T5QXx2wdwbURqRvB2vZJY9FVGdPYAqT
sg1nRMxmboq+XQQaKX6yi4EatjPflXRhtFrR9W59ELmh2mMLSRbvNzyrZHdiP8cL
VgfEgWB/tN8lWVXvqVMomfhJo/4p7rj3Y0JIOM41g//fLjdxC2yoVFGdr/tYm4Al
Ukei5o1b3TDCOdPNhqdcMy8Fd4QuiaQD60NTSFOeUXtTP+StTpQPrIVgh2HwbwsW
ANh/3z4K36Wvifne5nI3vjvEPLdAijSqQMb1HTRpIPwFXNRxUY6//ER4F4Tw5ymU
aStgL2IRW9TCDLSDRadcMUHRZBNkeKjE
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY+q9Tu24LCS4FELQ3ZM
YsyenUlpJUkASn5rRy+yepNcZURDZdGCYgljxnatVn+dN+bJfhj3b/iyYFPos0zn
MdYp/NdgMOS/JHLUEsbOMs0DzP0A20QwGXt67mH9f5KOhUZMFRvYQWZFFj/FWvvA
xaUUdAYevK0/g3iSRNLm6SUmqQs9lsk/CBX8IGsJokXX2hTw0vD0GOa8xoO0HF7R
7kNLuOH0swEgyQgtOS4E7bnSduLYRwb9en4CV2owZuj0RwNwQpr4Aa9dmwDlsrLf
mZf5d23mr6WV8WRlKVsLXhz2LmSdPP+2syE5lPxv74zLJh4O2zaeWfDgFrB/2gOK
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 54559660290607400696551491717020026436
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust DV SSL CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'my.mazars.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25949697752860574127628912204459798257554409901619017516078843273063810316877862342972605392157217134842107734149615136052770698411488958201704232443101458443132784906125366205069735507447089532423415490030467518375957776382306792565388676663714523890204818596612767968791736302161703420812949082060999517629585757635017440562522243092822651622091258183578440299570213496624288295411179380449591844856005739589223720949187615125511594556691690064977533806669678373382969523884967701893920335422119938792869252872586767002432745573234150842352091133249521843791307701018622027056157728407308891786238672543716816947841
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.mazars.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcb.com/gt.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ad65228590d03be3a1498b37f9f10b1d5f17a077
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gt.symcb.com/gt.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000157710082ec0000040300473045022100880b9cfb86cf523dbbd9418872237a84ce36930962571f9af2287915b6a0d20a022015d4b760401c4507e50071d234f2a1e80739ad48dcf106065632ad5b164c3e9a00750068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000157710083090000040300463044022021fec5c7abc202c32786ca0c9735082d3008268555a12a96ee410bf2a06c2ef802204a51f658af67e8941c15058e3f08c95ab57b9aa6a5e967c4561f368a207b5f89
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0041cb81df3c6b7bd33ab159e21b68eb01e13e505f1db07706d446a46f076bd9258f4554674f600a93b20d6744cc666e8abe5d041a297eb28b811ab633df957461b45ad1f56e7d10b9a1da630b4916ef373cab6477623fc70b5607c481607fb4df255955efa9532899f849a3fe29eeb8f763424838ce3583ffdf2e37710b6ca854519daffb589b80255247a2e68d5bdd30c239d3cd86a75c332f0577842e89a403eb435348539e517b533fe4ad4e940fac85608761f06f0b1600d87fdf3e0adfa5af89f9dee67237be3bc43cb7408a34aa40c6f51d346920fc055cd471518ebffc44781784f0e72994692b602f62115bd4c20cb48345a75c3141d164136478a8c4