o2.lk

Issued by GlobalSign Domain Validation CA - SHA256 - G3

About this certificate

This digital certificate with serial number 37:dd:1c:1b:e0:5c:1b:68:f0:ba:ca:12 was issued on by GlobalSign nv-sa.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=o2.lk,OU=Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 37:dd:1c:1b:e0:5c:1b:68:f0:ba:ca:12
Serial Number (int): 17288980886799249067579460114
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: 5a:c6:2c:d2:68:8b:27:e0:0f:5e:e1:96:26:07:ef:89:b5:21:ec:ff
AuthorityKeyId: 3d:80:82:79:c5:48:82:a3:c3:12:ee:df:99:0f:57:35:48:9e:d0:cb

Fingerprint (sha1): e5:95:57:20:78:c5:0d:a0:69:42:42:71:09:74:40:f0:9a:a2:1a:7c
Fingerprint (sha256): 8c:ea:0b:7d:91:d3:6d:cb:a7:e0:93:a1:4b:8c:ba:7c:92:0e:82:ab:9a:8c:a3:99:c8:86:6e:cd:99:6d:81:9a

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g3
CRL Distribution Point: http://crl.globalsign.com/gsdomainvalsha2g3.crl

Check the revocation status for certificate o2.lk

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for o2.lk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

o2.lk

Other certificates including the domain name o2.lk

(limited to 100 certificates)
abc.3pm.app
o2.lk
www.o2.lk
o2.lk
o2.lk
www.o2.lk
referralportal.smeyegroup.com
app.o2.lk
o2.lk
demo.traceit.live
pay.o2.lk
www.o2.lk
www.o2.lk
connect.thrivexcel.com
o2.lk
ivf.curocura.com
www.o2.lk
hrm.senate.gov.so
www.o2.lk
o2.lk
o2.lk
o2.lk
pay.o2.lk
o2.lk
www.o2.lk
www.o2.lk
b2b.o2.lk
assistance.follosoft.com
o2.lk
www.o2.lk
www.o2.lk
o2.lk
support.cyrillcase.com
print.o2.lk
o2.lk
www.support.templogic.biz
o2.lk
www.o2.lk
o2.lk
helpdesk.verowave.com
o2.lk
www.o2.lk
o2.lk
pay.o2.lk
o2.lk
support.firstpagelife.com
pay.o2.lk
www.myzylkerportal.online
o2.lk
referralportal.smeyegroup.com
www.o2.lk
teamxhub.xtremesnowpros.com
o2.lk
www.o2.lk
o2.lk
o2.lk
o2.lk
o2.lk
www.o2.lk
www.myzylkerportal.online
pay.o2.lk
careers.avlc.llc
o2.lk
support.hsbintel.com
www.o2.lk
www.o2.lk
www.o2.lk
o2.lk
www.o2.lk
support.atklass.com
www.o2.lk
o2.lk
assistance.follosoft.com
pay.o2.lk
o2.lk
o2.lk
o2.lk
www.o2.lk
www.o2.lk

Certificate

The complete raw certificate details for o2.lk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHTDCCBjSgAwIBAgIMN90cG+BcG2jwusoSMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN
MTYxMDI5MTEwNTA0WhcNMTcxMDMwMTEwNTA0WjAzMSEwHwYDVQQLExhEb21haW4g
Q29udHJvbCBWYWxpZGF0ZWQxDjAMBgNVBAMTBW8yLmxrMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAzBIyKpPqaZW7FOXz/0ojh58wwmUcO+khQIzp/p+R
gJXG7RfRQJvpb94Zb/tVr1pl+tmqZjt88JqdD14ffhejWnfTIWBSd4/cPlvdqpiG
R1lz9so2YTaj2PhRawA6N4AT/P2t4CNKFDzbf56hYnRWNROLkAA4JC9iIOP6byxn
LlyEfiHWnelMsZo3WFqiwU8+A+FykVf+InKOSw4obLsPq/OLJFondQyakpWlcKVW
rDTSfyNNmoB3y5/xPDsKyo+8js1uRgh0KSJR9yuxCFFiN+gh8/bqrU2BFksbhn9F
ergUXDt+Xx3+jKZyKkIhEf3mqLlKsRYobPVaecQ1RpqLIQIDAQABo4IEMTCCBC0w
DgYDVR0PAQH/BAQDAgWgMIGSBggrBgEFBQcBAQSBhTCBgjBFBggrBgEFBQcwAoY5
aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nkb21haW52YWxz
aGEyZzMuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5j
b20vZ3Nkb21haW52YWxzaGEyZzMwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDov
L2NybC5nbG9iYWxzaWduLmNvbS9nc2RvbWFpbnZhbHNoYTJnMy5jcmwwEAYDVR0R
BAkwB4IFbzIubGswHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
DgQWBBRaxizSaIsn4A9e4ZYmB++JtSHs/zAfBgNVHSMEGDAWgBQ9gIJ5xUiCo8MS
7t+ZD1c1SJ7QyzCCAm4GCisGAQQB1nkCBAIEggJeBIICWgJYAHYAVhQGmi/XwuzT
9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFYEB1ROAAABAMARzBFAiA2oOGAra27
UfiggZqj4bJN+Hkhmpy33vbMdj1eeI5gDwIhANBOgQPojp+fOd/TM58mX8AsZnYB
pC655KR9K85EFFMYAHcA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswA
AAFYEB1SUQAABAMASDBGAiEA9BdjXAePVeEwjSqIxC7KMLjkCJJ8JUttD/8+QWGQ
pS4CIQD9bsF1d7op48M6MSoYbMkHfN/U66iANOvg6BbBZidvegB3AGj2mPgfZIK+
OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vEAAABWBAdUdEAAAQDAEgwRgIhAMaTfoSm
GLGdzAvWPFKegf0nXrdFbIZdUs0nzmqrudllAiEArRNTH8K0mCh07WXpQhUS7NRG
DiSbuTpifYUjikFhKs0AdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3c
EAAAAVgQHVGlAAAEAwBGMEQCIGKuBxGIu73PVRSbnl9JPZRofU4Cunc7RM7ZTuac
ZfH1AiBUZhlJfFjPXeBXvN4rTZ9PsW7XZ8ZW6+JHtojjAaeejwB1AO5Lvbd1zmC6
4UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABWBAdVIwAAAQDAEYwRAIgMDfftdbg
5jZzLL2SJ/vbwgemjvnbJrPg+fOJu+C1g7cCIAZ5bO9HtLKWqXP22n4bQ6RYcutG
KXM2oFO0c5aeKepLMA0GCSqGSIb3DQEBCwUAA4IBAQDeTuyexbYZpKFrOx+uFszb
62MZ4kZ7JBZ56WQ+UOmcrwErUjniiXTCHF6qNhJvgJNHSnrVKV5Rn+G4Nttu2BnF
iGM54Whnc14IeUR3wjotCs2mXpHrsqQ5GhdWgnJZHgRHxNIfWHBKTF9fXOHca+gO
wPS2aL6uPXPwcL3XM9xZ4xWFbqvR1HQIyvYCuK1tQXOSzo/5XhVZh7U5FmHOj4Qr
QjjVWps8ryV7TvaE3AWB5ggaUgJa3mxrHeepKXcwJVqQItC9B+EzVHKf32X1X0ig
OwnQ9RAZnUIuH3iqhJjqWvSaQMQb/ac/gM9s3uLfOsnqdDzhb+EYMfg8+SplJVbV
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBIyKpPqaZW7FOXz/0oj
h58wwmUcO+khQIzp/p+RgJXG7RfRQJvpb94Zb/tVr1pl+tmqZjt88JqdD14ffhej
WnfTIWBSd4/cPlvdqpiGR1lz9so2YTaj2PhRawA6N4AT/P2t4CNKFDzbf56hYnRW
NROLkAA4JC9iIOP6byxnLlyEfiHWnelMsZo3WFqiwU8+A+FykVf+InKOSw4obLsP
q/OLJFondQyakpWlcKVWrDTSfyNNmoB3y5/xPDsKyo+8js1uRgh0KSJR9yuxCFFi
N+gh8/bqrU2BFksbhn9FergUXDt+Xx3+jKZyKkIhEf3mqLlKsRYobPVaecQ1RpqL
IQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17288980886799249067579460114
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-29 11:05:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-30 11:05:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'o2.lk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25761586976449149846783429082515225222668474320668203893521510146531351102268174203865284778273473488196274203424934907985475788694042964723565270074069533233386378642566348583983526690725562121403453315704972730740570532403765530448707403741570984884652415382695171640819001765048329112636490464526440766318707145575224934618822066417500531053975665330751411349007660051709656695763319518304756360919790577955822344034649368940012570202567362026950548862806255235897761466587268376321765080858215431651452214223445327128087634546856927239446086084547840647176254240873022266513720819452815437181046927549544080771873
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g3'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsdomainvalsha2g3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (9 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'o2.lk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5ac62cd2688b27e00f5ee1962607ef89b521ecff
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3d808279c54882a3c312eedf990f5735489ed0cb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes)
							02580076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000158101d51380000040300473045022036a0e180adadbb51f8a0819aa3e1b24df879219a9cb7def6cc763d5e788e600f022100d04e8103e88e9f9f39dfd3339f265fc02c667601a42eb9e4a47d2bce44145318007700ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000158101d52510000040300483046022100f417635c078f55e1308d2a88c42eca30b8e408927c254b6d0fff3e416190a52e022100fd6ec17577ba29e3c33a312a186cc9077cdfd4eba88034ebe0e816c166276f7a00770068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000158101d51d10000040300483046022100c6937e84a618b19dcc0bd63c529e81fd275eb7456c865d52cd27ce6aabb9d965022100ad13531fc2b4982874ed65e9421512ecd4460e249bb93a627d85238a41612acd007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000158101d51a50000040300463044022062ae071188bbbdcf55149b9e5f493d94687d4e02ba773b44ced94ee69c65f1f50220546619497c58cf5de057bcde2b4d9f4fb16ed767c656ebe247b688e301a79e8f007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000158101d548c000004030046304402203037dfb5d6e0e636732cbd9227fbdbc207a68ef9db26b3e0f9f389bbe0b583b7022006796cef47b4b296a973f6da7e1b43a45872eb46297336a053b473969e29ea4b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00de4eec9ec5b619a4a16b3b1fae16ccdbeb6319e2467b241679e9643e50e99caf012b5239e28974c21c5eaa36126f8093474a7ad5295e519fe1b836db6ed819c5886339e16867735e08794477c23a2d0acda65e91ebb2a4391a17568272591e0447c4d21f58704a4c5f5f5ce1dc6be80ec0f4b668beae3d73f070bdd733dc59e315856eabd1d47408caf602b8ad6d417392ce8ff95e155987b5391661ce8f842b4238d55a9b3caf257b4ef684dc0581e6081a52025ade6c6b1de7a9297730255a9022d0bd07e13354729fdf65f55f48a03b09d0f510199d422e1f78aa8498ea5af49a40c41bfda73f80cf6cdee2df3ac9ea743ce16fe11831f83cf92a652556d5