markusko.ch

Issued by R3

About this certificate

This digital certificate with serial number 04:d8:b5:cc:fc:be:c8:e0:07:39:69:90:c6:bb:36:20:df:4d was issued on by Let's Encrypt.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=markusko.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d8:b5:cc:fc:be:c8:e0:07:39:69:90:c6:bb:36:20:df:4d
Serial Number (int): 422191789604042644405810992773282209521485
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: ab:04:f7:b8:2d:24:27:21:96:e4:59:b2:a5:32:c9:a0:14:78:9b:5b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3d:80:c3:6f:a4:06:12:72:a8:b5:b8:56:fb:66:eb:b4:de:b1:2d:55
Fingerprint (sha256): 80:83:3e:c2:96:8e:0d:f0:0b:6a:78:52:b4:8d:1d:60:e9:a9:d0:e4:47:e4:1e:b9:ce:84:6d:f5:a7:42:f5:17

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate markusko.ch

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for markusko.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gallry.markusko.ch
markusko.ch
pastr.markusko.ch
pi.markusko.ch
q.markusko.ch
sesame.markusko.ch
stalkme.markusko.ch
world.markusko.ch
www.markusko.ch

Other certificates including the domain name markusko.ch

(limited to 100 certificates)
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
stats.moin-alex.de
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch

Certificate

The complete raw certificate details for markusko.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGszCCBZugAwIBAgISBNi1zPy+yOAHOWmQxrs2IN9NMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAyMTkxMjQ0MDdaFw0yMzA1MjAxMjQ0MDZaMBYxFDASBgNVBAMT
C21hcmt1c2tvLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsGwC
3BF2xiqeS8QV5d++1eUHCK7JWJupBrYoOZz5oyMp4JvKsvTHRRSVGCKTjryT0aWx
nZhCLWDrvUPKr0qS508s1sy6ocMhC9KRSzb74xCrWvWcHq5T6j7N+NQLnmEmEWiL
OB43QrQqNK03Hg6zl0zheD+N/ccG/fFER5yoHQtFZBESOeaO5bHFZ9eMZwYKXl8Q
0Q4e5DmVjMv1Jrq9oQMEfXbZtTVYZmo6umprtEy8cHWYbA5sEQzZpOULePYqIISU
dumnp1oE67wqOj+UVasqc8cK8k5E99ddrd9pOKa5aDWmRmkXnhlOMSug9vMHMVVb
ALy0Jm97XazvQDgJbmLESueCO9bypMdgmKCTJSBuhxkyWdpmoY2gUapRWOdJpIFl
ExS6DY0GnbBrrJclQ1B0wA5MoR100tjhTplYYi/bOmgkG6Br/dTCR0+8avN8enng
RTqfN+AMdsQ2EK3pNsgyF18YhnRY/3wuRmVMwOr4CFvdbvRL5N2MuNWs7UEwqkOO
0IPkIT4wv4IyFb+BreUCijpv/cJHRdVPUtU4h2PHLUhIQ/xPxMaJX3crE5ZJh+ry
J/DHDx5tM046klQ5w5HrisUg4KkHI5ou9LWr5ngybL9ycVPFS+MmDa1F9bEBwpFw
548hMmbuoCVoE5TgKc2VbwehSpX83MixytrfGmUCAwEAAaOCAt0wggLZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQUqwT3uC0kJyGW5FmypTLJoBR4m1swHwYDVR0jBBgw
FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF
BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y
My5pLmxlbmNyLm9yZy8wgasGA1UdEQSBozCBoIISZ2FsbHJ5Lm1hcmt1c2tvLmNo
ggttYXJrdXNrby5jaIIRcGFzdHIubWFya3Vza28uY2iCDnBpLm1hcmt1c2tvLmNo
gg1xLm1hcmt1c2tvLmNoghJzZXNhbWUubWFya3Vza28uY2iCE3N0YWxrbWUubWFy
a3Vza28uY2iCEXdvcmxkLm1hcmt1c2tvLmNogg93d3cubWFya3Vza28uY2gwTAYD
VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa
aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHz
APEAdwC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYZp6uhqAAAE
AwBIMEYCIQDFFumPpzPjsDY9K3su3j8XOlClOiaNxxkwW9J0iXu5HAIhANIrmUPk
3ogqhcmFi5XjcQfel+gGlVeg/l+y3iGB0o40AHYAejKMVNi3LbYg6jjgUh7phBZw
MhOFTTvSK8E6V6NS61IAAAGGaerofAAABAMARzBFAiEAshm9vy5kg6Pjkzd3Ja6s
3iJAfdO9snq7JJPLzGXE0L8CIAiRicVu1DpAT52yzMLhe75hv5nJs3MNdFJ+xLxN
pmOJMA0GCSqGSIb3DQEBCwUAA4IBAQCNX/f9KE9Ry8PIBvFVkpZDryhM5pkO+ok3
APrzr9PhM0bYzmx/Yc0OQSO2iYOfqHUqqZ7cYc30Yrr68hLxk1vHy0EV0ouC+0QC
BdPXIzNpX9TuEMFRZzprvPrNoGD6eX/drta46LdsPeJGVmlcJCk1BRErqLYSBAGW
wnvyBEEAYbSOpwxvgZWajOhIZ1UVOslscrXkZhT/5f2LVFAJ6ivDq19f9LSJcoMn
S3oELEAFrPQl83JKr4SDPi4WDXoiXI6aOFjdsRHWB7+JLklOzMV3zGCsH06K4NSn
HUMR+rNWJ5WUfHIGgTIcC7l5t1xKiKU8Wj/Q25DPSv4LJztBqSBX
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsGwC3BF2xiqeS8QV5d++
1eUHCK7JWJupBrYoOZz5oyMp4JvKsvTHRRSVGCKTjryT0aWxnZhCLWDrvUPKr0qS
508s1sy6ocMhC9KRSzb74xCrWvWcHq5T6j7N+NQLnmEmEWiLOB43QrQqNK03Hg6z
l0zheD+N/ccG/fFER5yoHQtFZBESOeaO5bHFZ9eMZwYKXl8Q0Q4e5DmVjMv1Jrq9
oQMEfXbZtTVYZmo6umprtEy8cHWYbA5sEQzZpOULePYqIISUdumnp1oE67wqOj+U
Vasqc8cK8k5E99ddrd9pOKa5aDWmRmkXnhlOMSug9vMHMVVbALy0Jm97XazvQDgJ
bmLESueCO9bypMdgmKCTJSBuhxkyWdpmoY2gUapRWOdJpIFlExS6DY0GnbBrrJcl
Q1B0wA5MoR100tjhTplYYi/bOmgkG6Br/dTCR0+8avN8enngRTqfN+AMdsQ2EK3p
NsgyF18YhnRY/3wuRmVMwOr4CFvdbvRL5N2MuNWs7UEwqkOO0IPkIT4wv4IyFb+B
reUCijpv/cJHRdVPUtU4h2PHLUhIQ/xPxMaJX3crE5ZJh+ryJ/DHDx5tM046klQ5
w5HrisUg4KkHI5ou9LWr5ngybL9ycVPFS+MmDa1F9bEBwpFw548hMmbuoCVoE5Tg
Kc2VbwehSpX83MixytrfGmUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 422191789604042644405810992773282209521485
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-19 12:44:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-20 12:44:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'markusko.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 719738633826645139717442274976207442057525498889389700735464876168355033277444812398117432548717794246374823841404177400752702639253875590976705768692526100518874204117621021165721607395972337672003885581491445811799850826442061936986324058031044261235040447675731794335108945971669168837825330185475173799153176328945451591848438499299292985620938585719033898276832960922063489567931561455727593877559302524092444524289660681701082410014141218041564521441520134407081870872278444262040597092674365337955269609811773111040725342263474900676757179750102340426083357938222539706089362147372713018020040483782370716420138697406346222771259382309230689935170991128224941812491915544673117086101475484403574110383071017714138805385258842788685736550563662518441356864636094952169796131271769901577555974863915387112805886325515397970426320879967041984922988106035832054041084803546659408902890066065793507611915535895335009436628387852461513116304367342697599900192450141656495168280707470050663998249147768719443428152246551199902495241958262889973926639670128225908845960289707042455392766519076227000988552100957507022701895595012065429350857274765759503562504373333459550557970878881977245935277427518776563057433472242943174167698021
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ab04f7b82d24272196e459b2a532c9a014789b5b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (163 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gallry.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pastr.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pi.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'q.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sesame.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stalkme.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'world.markusko.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.markusko.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018669eae86a0000040300483046022100c516e98fa733e3b0363d2b7b2ede3f173a50a53a268dc719305bd274897bb91c022100d22b9943e4de882a85c9858b95e37107de97e8069557a0fe5fb2de2181d28e340076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018669eae87c0000040300473045022100b219bdbf2e6483a3e393377725aeacde22407dd3bdb27abb2493cbcc65c4d0bf0220089189c56ed43a404f9db2ccc2e17bbe61bf99c9b3730d74527ec4bc4da66389
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008d5ff7fd284f51cbc3c806f155929643af284ce6990efa893700faf3afd3e13346d8ce6c7f61cd0e4123b689839fa8752aa99edc61cdf462bafaf212f1935bc7cb4115d28b82fb440205d3d72333695fd4ee10c151673a6bbcfacda060fa797fddaed6b8e8b76c3de24656695c24293505112ba8b612040196c27bf204410061b48ea70c6f81959a8ce8486755153ac96c72b5e46614ffe5fd8b545009ea2bc3ab5f5ff4b4897283274b7a042c4005acf425f3724aaf84833e2e160d7a225c8e9a3858ddb111d607bf892e494eccc577cc60ac1f4e8ae0d4a71d4311fab3562795947c720681321c0bb979b75c4a88a53c5a3fd0db90cf4afe0b273b41a92057