a-rosa.de

Issued by R3

About this certificate

This digital certificate with serial number 04:5f:c1:67:f3:d1:4e:e4:64:5d:d0:2d:ff:b2:2f:9a:32:87 was issued on by Let's Encrypt.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=a-rosa.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:5f:c1:67:f3:d1:4e:e4:64:5d:d0:2d:ff:b2:2f:9a:32:87
Serial Number (int): 381033049339501694058889652159843877401223
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 75:6a:12:0f:02:eb:51:7d:bd:fb:ad:26:06:fd:98:db:58:8f:80:62
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): a2:bf:bb:0b:93:ee:08:9c:f8:14:e6:c1:0a:2b:48:65:e6:c0:74:cb
Fingerprint (sha256): 81:13:2a:0d:4a:55:62:f0:f3:30:a0:d0:0b:46:fc:9b:8f:d8:ad:ac:8e:75:cb:37:72:e8:05:7d:b0:ba:15:4d

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate a-rosa.de

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for a-rosa.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

a-rosa.de
arosa-cruises.com
arosacruises.com
extranet.arosa-cruises.com
jobs.arosa-cruises.com
karriere.a-rosa.de
www.a-rosa.de
www.arosa-cruises.com
www.arosacruises.com

Other certificates including the domain name a-rosa.de

(limited to 100 certificates)
www.a-rosa.de
kurs.a-rosa.de
webmail.a-rosa.de
webmail.a-rosa.de
sslvpn.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
mx01.a-rosa.de
mail.a-rosa.de
kurs.a-rosa.de
m.a-rosa.de
afleet.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
booking.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
webmail.a-rosa.de
a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
old.a-rosa.de
mail.a-rosa.de
a-rosa.de
booking.a-rosa.de
mail.a-rosa.de
webmail.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
a-rosa.de
a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
resort.a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
a-rosa.de
a-rosa.de
webmail.a-rosa.de
www.a-rosa.de
m.a-rosa.de
www.kurs.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
a-rosa.de
www.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
blog.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de

Certificate

The complete raw certificate details for a-rosa.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISBF/BZ/PRTuRkXdAt/7IvmjKHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAyMDcxOTI3NDlaFw0yMzA1MDgxOTI3NDhaMBQxEjAQBgNVBAMT
CWEtcm9zYS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALncUbv8
udtKg6gekGta8XoWSkSU5BnVHqQcm8uPt0G/cFZTigW6xE756s62+o9X4VJNaosh
qYsXZn4/eWBZXuTyuYICwE8hXsJYz9W61BSkKosf+nm9lMtynxJkYt54NRvmXW46
AHTMoyepBMRVwhNKa6rU1sOgBjs/GzSHDzFbg5HkOoWD4mThpoxGoASg7XK1q/dS
S/XOunwip/F406CR/wPL+uY1FqZoCi9t6DTNbwv7ztCwLU7sxODQPPSZHx7bLHnc
C8ocCZuv5VaITWvgmXH5533mXOj8nh8RzxaAyf6X9o3Ks79ohmQhTS+ce6WPCGwa
PHoQP0vvhL9n/jUCAwEAAaOCAvAwggLsMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
dWoSDwLrUX29+60mBv2Y21iPgGIwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v
nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s
ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgb8G
A1UdEQSBtzCBtIIJYS1yb3NhLmRlghFhcm9zYS1jcnVpc2VzLmNvbYIQYXJvc2Fj
cnVpc2VzLmNvbYIaZXh0cmFuZXQuYXJvc2EtY3J1aXNlcy5jb22CFmpvYnMuYXJv
c2EtY3J1aXNlcy5jb22CEmthcnJpZXJlLmEtcm9zYS5kZYINd3d3LmEtcm9zYS5k
ZYIVd3d3LmFyb3NhLWNydWlzZXMuY29tghR3d3cuYXJvc2FjcnVpc2VzLmNvbTBM
BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB
FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUE
gfIA8AB1ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABhi2QLqIA
AAQDAEYwRAIgVuw+/d5sa2cv2NmRJkdE2/MMc0HDABqR+QiphNZMTbACIEI0ktM5
aKf4z1SuGdybqXQW1byrXhl1wOQm5+dpEAjqAHcArfe++nz/EMiLnT2cHj4YarRn
KV3PsQwkyoWGNOvcgooAAAGGLZAuxgAABAMASDBGAiEA9fG+UkmWWvvOp1mlIRo6
PgedILGBydmAN8p2wPZ5PgkCIQCgJ2JTHTPGOsuKBtM+OSyx3BQmHf4TL8C3bEo9
H6u6XDANBgkqhkiG9w0BAQsFAAOCAQEAgbiFRK94UbWeUk1p3FSQdTevyhNnBex5
Dx0L9oZPEGkFEGvJ7GLjCpYL/9iOn/4f3IhmY0tcYG7xtzmvyw4mh1Gdbnnw+Mzj
A8ub9H9X4d+ELJtGIwtNccVE6CiwHsgMBUDRuHl1Vk0GjMZpGkRtA+n7fvy/+9v8
7uGiH9I2l+aAwjfB+RQDKW20nuEVhkEGu+pFf9X1zr8k4X11PACHwpGrDTmtU0qg
yIZpcJBnMO88pV6ynwNUBx1ZxnuGqKn6mWozXB6afVozouLVnlAwGJlEvie/G43D
BdpfNHIkQQpS5BdjpZ7/80w/2ANSwJeWQkKz1wDhLXsrGgKRphWIOg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudxRu/y520qDqB6Qa1rx
ehZKRJTkGdUepByby4+3Qb9wVlOKBbrETvnqzrb6j1fhUk1qiyGpixdmfj95YFle
5PK5ggLATyFewljP1brUFKQqix/6eb2Uy3KfEmRi3ng1G+ZdbjoAdMyjJ6kExFXC
E0prqtTWw6AGOz8bNIcPMVuDkeQ6hYPiZOGmjEagBKDtcrWr91JL9c66fCKn8XjT
oJH/A8v65jUWpmgKL23oNM1vC/vO0LAtTuzE4NA89JkfHtssedwLyhwJm6/lVohN
a+CZcfnnfeZc6PyeHxHPFoDJ/pf2jcqzv2iGZCFNL5x7pY8IbBo8ehA/S++Ev2f+
NQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 381033049339501694058889652159843877401223
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-07 19:27:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-08 19:27:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'a-rosa.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23462729902277048803063431632329911214722055721029248079174761502628178358947436444638637782586410502012947169276666611212388652202777321259310476230930928939805209754138764744516732403079996705126304608888156449784758210078256869370857737413378775770824901077406119569346191766359985104822382927887204078497334597602321952511767900803171084773706169166046185372389844210303827250303630996038698391331111108915824949754166068822598456664152391145886681172205831304726019536260800629615360696973680187048868373405967953754362136178896747934187912118554428408556833151368330847794061344318711796616455435454785939570229
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							756a120f02eb517dbdfbad2606fd98db588f8062
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (183 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a-rosa.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arosacruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jobs.arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karriere.a-rosa.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.a-rosa.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arosacruises.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001862d902ea20000040300463044022056ec3efdde6c6b672fd8d991264744dbf30c7341c3001a91f908a984d64c4db00220423492d33968a7f8cf54ae19dc9ba97416d5bcab5e1975c0e426e7e7691008ea007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001862d902ec60000040300483046022100f5f1be5249965afbcea759a5211a3a3e079d20b181c9d98037ca76c0f6793e09022100a02762531d33c63acb8a06d33e392cb1dc14261dfe132fc0b76c4a3d1fabba5c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0081b88544af7851b59e524d69dc54907537afca136705ec790f1d0bf6864f106905106bc9ec62e30a960bffd88e9ffe1fdc8866634b5c606ef1b739afcb0e2687519d6e79f0f8cce303cb9bf47f57e1df842c9b46230b4d71c544e828b01ec80c0540d1b87975564d068cc6691a446d03e9fb7efcbffbdbfceee1a21fd23697e680c237c1f91403296db49ee115864106bbea457fd5f5cebf24e17d753c0087c291ab0d39ad534aa0c8866970906730ef3ca55eb29f0354071d59c67b86a8a9fa996a335c1e9a7d5a33a2e2d59e5030189944be27bf1b8dc305da5f347224410a52e41763a59efff34c3fd80352c097964242b3d700e12d7b2b1a0291a615883a