api2.geo-real.it

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:c2:d9:78:57:17:7b:39:d5:30:5a:93:b6:6b:ea:06:98:f1 was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=api2.geo-real.it

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:c2:d9:78:57:17:7b:39:d5:30:5a:93:b6:6b:ea:06:98:f1
Serial Number (int): 327640704295081172602761103594011922700529
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 3a:7c:22:c9:3f:0d:da:a4:95:b2:d2:12:4e:8a:d8:fd:ce:f3:26:f5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 94:17:19:ce:2c:8f:4e:d3:de:4b:79:d7:af:de:aa:26:e7:e6:31:98
Fingerprint (sha256): 84:bf:1f:e7:28:10:c0:b8:c8:5b:d0:0b:cc:1e:e7:06:fe:b2:1f:c3:ad:ce:9c:67:f1:15:6e:a6:d2:3c:b1:1a

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate api2.geo-real.it

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api2.geo-real.it

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.geo-real.it
api2.geo-real.it
forms.iib-it.de
wohnlagenkarte.de
www.wohnlagenkarte.de

Other certificates including the domain name geo-real.it

(limited to 100 certificates)
gkdev.geo-real.it
api2.geo-real.it
hdop.geo-real.it
kepler.geo-real.it
hdop.geo-real.it
kepler.geo-real.it
kepler.geo-real.it
api.geo-real.it
gauss.geo-real.it
api.geo-real.it
api2.geo-real.it
gkdev.geo-real.it
wldev.geo-real.it
api.geo-real.it
api2.geo-real.it
hdop.geo-real.it
gkdev.geo-real.it
kepler.geo-real.it
api.geo-real.it
api.geo-real.it
gkdev.geo-real.it
api.geo-real.it
api2.geo-real.it
api.geo-real.it
api2.geo-real.it
kepler.geo-real.it
kepler.geo-real.it
kepler.geo-real.it
api2.geo-real.it
api2.geo-real.it
gauss.geo-real.it
api.geo-real.it
kepler.geo-real.it
kepler.geo-real.it
kepler.geo-real.it
api2.geo-real.it
kepler.geo-real.it
api2.geo-real.it
api.geo-real.it
api.geo-real.it
hdop.geo-real.it
api.geo-real.it
hdop.geo-real.it
gkdev.geo-real.it
api2.geo-real.it
gk.geo-real.it

Certificate

The complete raw certificate details for api2.geo-real.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISA8LZeFcXeznVMFqTtmvqBpjxMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA4MTMxMzM5MTRaFw0x
ODExMTExMzM5MTRaMBsxGTAXBgNVBAMTEGFwaTIuZ2VvLXJlYWwuaXQwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoechm6OoPt4lQyYLvqR+t3rAi2HzU
Il0gIZ6aykTS9f92k3fxVqVXqgFse7sfKrOaT0U3pK6gAgHVpY5fHH3epRuHDu0k
9cbcg07lIOiSLiLX2a7lif5vVQRR2U8NHZ4Qwd1cf0eupsVIMZOIR4xv+SLNtuMP
MZtR4iSY2bKS6LDWHgQF9p5JMGZB83JPA9bZu1kKLNELLGUT31QDaQs4LfADVbDa
QRHWybLwVd5DL50hbh0k0GgEFEAEozqNpdyaO3lrcfCvtzt8Z0OvoeM3+DDATIBh
+9X/lp1Bm0z2qOyxzInv3rSWBWILptLjrU2voxQMTUhbPDfDVx05ATx3AgMBAAGj
ggNkMIIDYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDp8Isk/DdqklbLSEk6K2P3O
8yb1MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB
BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0
Lm9yZy8wZwYDVR0RBGAwXoIPYXBpLmdlby1yZWFsLml0ghBhcGkyLmdlby1yZWFs
Lml0gg9mb3Jtcy5paWItaXQuZGWCEXdvaG5sYWdlbmthcnRlLmRlghV3d3cud29o
bmxhZ2Vua2FydGUuZGUwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQB
gt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y
ZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJl
IHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2Nv
cmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRw
czovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQQGCisGAQQB1nkCBAIE
gfUEgfIA8AB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2H79kAAABZTO6
CUcAAAQDAEcwRQIgEg3QilFe0I9vgiFbHtbznGRRyRcVbHiu1PERSoBBnqwCIQD9
MdUqSTxWLOA0QxH17puWjcEG9rPR5duq7HRdWrARNgB2ACk8UZZUyDlluqpQ/FgH
1Ldvv1h6KXLcpMMM9OVFR/R4AAABZTO6CzYAAAQDAEcwRQIhANTHUdsQ8n4Gg8Hc
X8dnCLi+cCeGTE0xxhxQZdsRG8vaAiBTy3hCYGQO70fSRRwYYNLETl0WZgMmXQa4
QTIORnSduTANBgkqhkiG9w0BAQsFAAOCAQEAHTAWHqLVq7rZlynm0xoUdW8Si1ow
i4t1bnIz0cQjkVC0ku1RV1N0pPhNzf23OV58egdk25a19P+ozQOFw0pulN0zMu2g
fit/ODOTyspP3RkuISCCDk6L9gQm3vg0HVSjqohK6kqwd2ZDMnIjhXJW6XG/BOJu
VSTpv8sEElUXuYGdILkPaHHKG/adC2oAjUz0xDBZ/BLSYKoqmjPYAZhadM7yxZsT
BIN1JjJDhvoFxf6o9HjA+6uFz93gV7kDma/W4mLDiLC4OGpR/h/R65wbvFlxJ2ao
oywLgFa9G6SwIcjJBT1KsOnFAc1c3l/TnEBBexWJnfBGT7NlzHK5qjjE2w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HnIZujqD7eJUMmC76kf
rd6wIth81CJdICGemspE0vX/dpN38ValV6oBbHu7Hyqzmk9FN6SuoAIB1aWOXxx9
3qUbhw7tJPXG3INO5SDoki4i19mu5Yn+b1UEUdlPDR2eEMHdXH9HrqbFSDGTiEeM
b/kizbbjDzGbUeIkmNmykuiw1h4EBfaeSTBmQfNyTwPW2btZCizRCyxlE99UA2kL
OC3wA1Ww2kER1smy8FXeQy+dIW4dJNBoBBRABKM6jaXcmjt5a3Hwr7c7fGdDr6Hj
N/gwwEyAYfvV/5adQZtM9qjsscyJ7960lgViC6bS461Nr6MUDE1IWzw3w1cdOQE8
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 327640704295081172602761103594011922700529
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-13 13:39:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-11 13:39:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api2.geo-real.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29347340099024193175445914163908706191974982015522044099829024697840751550393724566511612721856438066444882997262111680484420404654771804437518970272939930689343178598681754990809043251953568107097416579766273746103054437038954328767128940324183134965967159315426509277834225738171683897899838725815038236935649600661594010687268795906044484418464580600236321413190329974012505838103972782504150494967931301966667252862970019922203624024863763253423069000199386839347069330118939316866447959406854794095734374040304554411997644241223379104689631234700236026150789976715824848048666972480129106754342232762678822124663
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3a7c22c93f0ddaa495b2d2124e8ad8fdcef326f5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.geo-real.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api2.geo-real.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'forms.iib-it.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wohnlagenkarte.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wohnlagenkarte.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf640000016533ba094700000403004730450220120dd08a515ed08f6f82215b1ed6f39c6451c917156c78aed4f1114a80419eac022100fd31d52a493c562ce0344311f5ee9b968dc106f6b3d1e5dbaaec745d5ab01136007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016533ba0b360000040300473045022100d4c751db10f27e0683c1dc5fc76708b8be7027864c4d31c61c5065db111bcbda022053cb784260640eef47d2451c1860d2c44e5d166603265d06b841320e46749db9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001d30161ea2d5abbad99729e6d31a14756f128b5a308b8b756e7233d1c4239150b492ed51575374a4f84dcdfdb7395e7c7a0764db96b5f4ffa8cd0385c34a6e94dd3332eda07e2b7f383393caca4fdd192e2120820e4e8bf60426def8341d54a3aa884aea4ab0776643327223857256e971bf04e26e5524e9bfcb04125517b9819d20b90f6871ca1bf69d0b6a008d4cf4c43059fc12d260aa2a9a33d801985a74cef2c59b1304837526324386fa05c5fea8f478c0fbab85cfdde057b90399afd6e262c388b0b8386a51fe1fd1eb9c1bbc59712766a8a32c0b8056bd1ba4b021c8c9053d4ab0e9c501cd5cde5fd39c40417b15899df0464fb365cc72b9aa38c4db