gemaling.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:5e:d6:79:49:6a:e1:6e:3b:9b:ed:27:83:4c:89:c3:f2:6f was issued on by Let's Encrypt.
With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=gemaling.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5e:d6:79:49:6a:e1:6e:3b:9b:ed:27:83:4c:89:c3:f2:6fSerial Number (int): 380720770765710910546627155584819866628719
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 30:c2:1b:51:29:b2:f8:e1:9a:e2:85:77:d4:cd:9a:96:de:38:54:ea
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 1d:4e:8e:37:d1:25:7d:3a:31:d6:7f:63:e3:18:da:f8:f2:45:18:47
Fingerprint (sha256): 85:9c:be:5c:90:9e:30:c0:d5:76:69:da:dd:de:e3:6c:bf:4f:f9:40:81:2c:01:06:78:16:6a:77:56:8f:72:eb
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate gemaling.ca
24
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gemaling.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
agencyforvip.com
arbitragesense.com
badasslowrider.com
bankrelief.com
basedmedia.co
bshut.com
burnsfamily.com
fortworthnursinghomes.com
gemaling.ca
greenafricaproject.org
gtj.co.in
h4ha.net
lia.ng
lifeinashippingcontainer.com
moveceutics.com
mrimpossible.co.uk
neospheres.com
oprnsea.com
peptideactivated.com
roguemediaservices.com
rxsugarenhanced.com
sanantoniohillcountry.com
techhalloffame.net
wildrosedata.com
arbitragesense.com
badasslowrider.com
bankrelief.com
basedmedia.co
bshut.com
burnsfamily.com
fortworthnursinghomes.com
gemaling.ca
greenafricaproject.org
gtj.co.in
h4ha.net
lia.ng
lifeinashippingcontainer.com
moveceutics.com
mrimpossible.co.uk
neospheres.com
oprnsea.com
peptideactivated.com
roguemediaservices.com
rxsugarenhanced.com
sanantoniohillcountry.com
techhalloffame.net
wildrosedata.com
Other certificates including the domain name gemaling.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for gemaling.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGkjCCBXqgAwIBAgISBF7WeUlq4W47m+0ng0yJw/JvMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDEwMTQ1MTJaFw0yNDA1MzAwMTQ1MTFaMBYxFDASBgNVBAMT C2dlbWFsaW5nLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TY0 KU+2LimbNwkEYt+F2uvJfQyMF1iciZyfphhFFkmI7nzIvn/9O+YBKwGol01xicTf +xiRtExN9q39LX+z94PrAIfrOvk7fQE8rAtzT4g3N3JOUjoCFXPRmdwys2nGn7hJ D24gAEbdakFZal+NL4FEN+Rtbw/KtutZlwMJhiG5FAL/FCtl7tDmLiOc6dI0CLuS 1Q/1NOznjDCTgT8mYWmJvnoH0+vg5rufbK9zZ7SrNV1NaxcW6zFV9TdnavFxV2FT EbRJeCdeAs5f29rdcND4UrvAyOrz6Vp7h52bNK+AF8DeQZucjRmIMG+EQ/OyULTZ +dg/bQZ0827T5aYi7QIDAQABo4IDvDCCA7gwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQwwhtRKbL44ZrihXfUzZqW3jhU6jAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzCC AcMGA1UdEQSCAbowggG2ghBhZ2VuY3lmb3J2aXAuY29tghJhcmJpdHJhZ2VzZW5z ZS5jb22CEmJhZGFzc2xvd3JpZGVyLmNvbYIOYmFua3JlbGllZi5jb22CDWJhc2Vk bWVkaWEuY2+CCWJzaHV0LmNvbYIPYnVybnNmYW1pbHkuY29tghlmb3J0d29ydGhu dXJzaW5naG9tZXMuY29tggtnZW1hbGluZy5jYYIWZ3JlZW5hZnJpY2Fwcm9qZWN0 Lm9yZ4IJZ3RqLmNvLmlugghoNGhhLm5ldIIGbGlhLm5nghxsaWZlaW5hc2hpcHBp bmdjb250YWluZXIuY29tgg9tb3ZlY2V1dGljcy5jb22CEm1yaW1wb3NzaWJsZS5j by51a4IObmVvc3BoZXJlcy5jb22CC29wcm5zZWEuY29tghRwZXB0aWRlYWN0aXZh dGVkLmNvbYIWcm9ndWVtZWRpYXNlcnZpY2VzLmNvbYITcnhzdWdhcmVuaGFuY2Vk LmNvbYIZc2FuYW50b25pb2hpbGxjb3VudHJ5LmNvbYISdGVjaGhhbGxvZmZhbWUu bmV0ghB3aWxkcm9zZWRhdGEuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1y b+H61BcAAAGN9+bGMwAABAMARjBEAiAFdy7kzqX+vjKW5UkX40GuW9Esr/B2yNZK XkaKfSpzsQIgX/5rlBcVcwH7xRpAML2leI1k1SPSUa1+os/gvTdY5RcAdwCi4r/W Ht4vLweg1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY335sZCAAAEAwBIMEYCIQDH 9D3KhrzLbs2rE3D/2BFXk/coA+yy6i/K9XUY6Qmn3AIhAP884jHSnYXKbGQyyCSF Zn4IuPR3geaq1XMkHbVZlrfsMA0GCSqGSIb3DQEBCwUAA4IBAQCFB156tA3REpOx uyYXl1xnv70Gn8f4gMqiPZf7G087Nkgks8t4pv0nRdJ9dPVxPpHEwtgvCN1j6Nqn gSv+Ogcky4J09JgtASMQFt7o68WkMjAkTHA74WaYbZyyjXqKrNmLRJI5jwHlLGJy zbu1muEQMWJ3NaIdIYzQFJ5NSap5zMe1kaSZgE1M5NoCAAt6tqAF5mdjuxaXIu/v KhW5dtcS4sykpSdpdbG3CMbhL6gizMcwoFJ+8KTrQA1lcTZerd7RdJdnk6Xo12CS 4nSWWVQh8CI2nRLZXg5tz0bvtSBxiPBdBPNw9yxMqWHs+rhIcYkuxqkcYi9ONNwB zGvkPp6u -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TY0KU+2LimbNwkEYt+F 2uvJfQyMF1iciZyfphhFFkmI7nzIvn/9O+YBKwGol01xicTf+xiRtExN9q39LX+z 94PrAIfrOvk7fQE8rAtzT4g3N3JOUjoCFXPRmdwys2nGn7hJD24gAEbdakFZal+N L4FEN+Rtbw/KtutZlwMJhiG5FAL/FCtl7tDmLiOc6dI0CLuS1Q/1NOznjDCTgT8m YWmJvnoH0+vg5rufbK9zZ7SrNV1NaxcW6zFV9TdnavFxV2FTEbRJeCdeAs5f29rd cND4UrvAyOrz6Vp7h52bNK+AF8DeQZucjRmIMG+EQ/OyULTZ+dg/bQZ0827T5aYi 7QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 380720770765710910546627155584819866628719 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-01 01:45:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-30 01:45:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gemaling.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28430347485330514908699166196417322037533894436462516441712678000497077904364361774243864727702986031084607804574566899234547375148198946773697101324370934392660499978285360199976777025448308356202013129976144808784859429462443664562360865011055623921568539553430308900295774594811250177368012231051060505265117168887254308423349669018209621866127195365261354786530562299582338223031707361350840316121611239607099524844323084637587187124334170275092832680555834859245497384658568011995760329690670333221461183948037649133930219200565638617307938223669723564786536150733172050987483362795077868000112933339043484541677 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 30c21b5129b2f8e19ae28577d4cd9a96de3854ea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (442 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agencyforvip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitragesense.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'badasslowrider.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bankrelief.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'basedmedia.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bshut.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'burnsfamily.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fortworthnursinghomes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gemaling.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greenafricaproject.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gtj.co.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'h4ha.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lia.ng' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lifeinashippingcontainer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'moveceutics.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mrimpossible.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'neospheres.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oprnsea.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'peptideactivated.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roguemediaservices.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rxsugarenhanced.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sanantoniohillcountry.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'techhalloffame.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wildrosedata.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018df7e6c6330000040300463044022005772ee4cea5febe3296e54917e341ae5bd12caff076c8d64a5e468a7d2a73b102205ffe6b9417157301fbc51a4030bda5788d64d523d251ad7ea2cfe0bd3758e517007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018df7e6c6420000040300483046022100c7f43dca86bccb6ecdab1370ffd8115793f72803ecb2ea2fcaf57518e909a7dc022100ff3ce231d29d85ca6c6432c82485667e08b8f47781e6aad573241db55996b7ec . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0085075e7ab40dd11293b1bb2617975c67bfbd069fc7f880caa23d97fb1b4f3b364824b3cb78a6fd2745d27d74f5713e91c4c2d82f08dd63e8daa7812bfe3a0724cb8274f4982d01231016dee8ebc5a43230244c703be166986d9cb28d7a8aacd98b4492398f01e52c6272cdbbb59ae11031627735a21d218cd0149e4d49aa79ccc7b591a499804d4ce4da02000b7ab6a005e66763bb169722efef2a15b976d712e2cca4a5276975b1b708c6e12fa822ccc730a0527ef0a4eb400d6571365eadded174976793a5e8d76092e27496595421f022369d12d95e0e6dcf46efb5207188f05d04f370f72c4ca961ecfab84871892ec6a91c622f4e34dc01cc6be43e9eae