curlupanddye.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:de:66:50:c3:8f:8b:45:15:d9:fe:6d:c8:2b:64:41:50:9d was issued on by Let's Encrypt.
With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=curlupanddye.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:de:66:50:c3:8f:8b:45:15:d9:fe:6d:c8:2b:64:41:50:9dSerial Number (int): 424127829789250671567664458073399017689245
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 8a:65:6a:51:95:49:35:6c:19:59:98:c9:be:c3:e7:ce:52:6a:20:07
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c4:4e:33:2b:2d:6b:74:85:7b:da:05:1e:90:51:c3:dc:94:75:49:15
Fingerprint (sha256): 92:08:40:a2:f1:d6:64:77:9c:7f:72:5e:0d:df:33:b2:f3:12:d1:ad:16:6b:27:02:18:97:87:d9:ac:cb:aa:da
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate curlupanddye.ca
24
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for curlupanddye.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bancan.com
banchinese.com
bestfaithfilms.com
bhagvatgita.org
bhwiplaw.com
casinobotswana.com
curlupanddye.ca
decorumastutefashion.com
docksgrill.com
edventurekids.com
energysmartpros.com
gamdpm.com
highplainspublishing.info
houstonvape.com
joshelliott.com
militarystencil.com
nickrae.com
pestcontrolirvine.com
prowerscounty.com
sa78209.com
scriptureuntangled.com
theworldpro.com
tunica.net
wrestlingfunkmd.com
banchinese.com
bestfaithfilms.com
bhagvatgita.org
bhwiplaw.com
casinobotswana.com
curlupanddye.ca
decorumastutefashion.com
docksgrill.com
edventurekids.com
energysmartpros.com
gamdpm.com
highplainspublishing.info
houstonvape.com
joshelliott.com
militarystencil.com
nickrae.com
pestcontrolirvine.com
prowerscounty.com
sa78209.com
scriptureuntangled.com
theworldpro.com
tunica.net
wrestlingfunkmd.com
Other certificates including the domain name curlupanddye.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for curlupanddye.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGkzCCBXugAwIBAgISBN5mUMOPi0UV2f5tyCtkQVCdMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMjkxMzM5MTlaFw0yNDA1MjkxMzM5MThaMBoxGDAWBgNVBAMT D2N1cmx1cGFuZGR5ZS5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ANoHFuAvGFz0NPBA1k5hA6zRQgf314X173IGfKbgJevxZShNOIwIWiuhEtTs/piC x5gH/p1xo9cVKXkMsFW7ZMSnpbDPs4YIWaOGjBEMbh1Ya3+/mGkvNYNMqekiGSzh WKfcDlATHnf+kaGCIIlSNqVsSOM23qVNrg6f84a4J+BW1xFl7oPMJLEQclQrQ1WK VLVruOaAbwWJGCprsbk3vTPCC9YSFjO0K7ZvNItZH69C/fW2bUEFwa5+vMZZpLQg 3CIJs6xrhQij+uG4pa+zA14syzR0G4NF9g5exxUgqMb09I8KirxbMffCDY8N7a0l VoJV7nNcE86UJkh/z1FJrAsCAwEAAaOCA7kwggO1MA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUimVqUZVJNWwZWZjJvsPnzlJqIAcwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wggG/BgNVHREEggG2MIIBsoIKYmFuY2FuLmNvbYIOYmFuY2hpbmVzZS5jb22C EmJlc3RmYWl0aGZpbG1zLmNvbYIPYmhhZ3ZhdGdpdGEub3JnggxiaHdpcGxhdy5j b22CEmNhc2lub2JvdHN3YW5hLmNvbYIPY3VybHVwYW5kZHllLmNhghhkZWNvcnVt YXN0dXRlZmFzaGlvbi5jb22CDmRvY2tzZ3JpbGwuY29tghFlZHZlbnR1cmVraWRz LmNvbYITZW5lcmd5c21hcnRwcm9zLmNvbYIKZ2FtZHBtLmNvbYIZaGlnaHBsYWlu c3B1Ymxpc2hpbmcuaW5mb4IPaG91c3RvbnZhcGUuY29tgg9qb3NoZWxsaW90dC5j b22CE21pbGl0YXJ5c3RlbmNpbC5jb22CC25pY2tyYWUuY29tghVwZXN0Y29udHJv bGlydmluZS5jb22CEXByb3dlcnNjb3VudHkuY29tggtzYTc4MjA5LmNvbYIWc2Ny aXB0dXJldW50YW5nbGVkLmNvbYIPdGhld29ybGRwcm8uY29tggp0dW5pY2EubmV0 ghN3cmVzdGxpbmdmdW5rbWQuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYK KwYBBAHWeQIEAgSB9gSB8wDxAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/ qznYhHMAAAGN9U4y6wAABAMASDBGAiEApVI/ySPsPskLo/1funHZvRjszdnsRmMv BqbqI50yeqECIQDBGmWCF7Lw6QuQspp1pMR9+PFVUatFEIDqCWm3TAKDOAB2ADtT d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjfVOMucAAAQDAEcwRQIg P8hcKIrIWdj47IPKQPRnMBwInYwNw1hMmVMHeJ+SJjwCIQCoJ5JP0/2DGPy8sF49 RI4VmpuB4HYQuTRoDGtO8LlvtzANBgkqhkiG9w0BAQsFAAOCAQEAiWwMQ7vUy4TS K0T7gViBnLqcl7mZVN/Gw2O42IlRCKRmo3BCsx4WopKkJUUPBdq9z9Yc7Uwaf6zn wBAfL9qwr8DfMddA3DZD/yDncl2WDITZUQbIjedftg2hNaR746MN4uNBfTCWHqfQ l/jLGnZ0HrIuVJVJp+dgOKKPZIqXzcVyqeT2w3xddB6wbxs2GefZnIAP/X1CPAjz ZLWz9aKs8T2sNdN1MOhXFc6+QjT/+9ZAfeYlB1IrTsBCkJ7mxnvKoXz7ByRYhp7T PNFeYHtlxbX1mqDRBu2cbXlaZDSGj9iYzKjsuKY9mzlGRHZCOKYnjLUYIQORdnxH PDo7HX8NQQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gcW4C8YXPQ08EDWTmED rNFCB/fXhfXvcgZ8puAl6/FlKE04jAhaK6ES1Oz+mILHmAf+nXGj1xUpeQywVbtk xKelsM+zhghZo4aMEQxuHVhrf7+YaS81g0yp6SIZLOFYp9wOUBMed/6RoYIgiVI2 pWxI4zbepU2uDp/zhrgn4FbXEWXug8wksRByVCtDVYpUtWu45oBvBYkYKmuxuTe9 M8IL1hIWM7Qrtm80i1kfr0L99bZtQQXBrn68xlmktCDcIgmzrGuFCKP64bilr7MD XizLNHQbg0X2Dl7HFSCoxvT0jwqKvFsx98INjw3trSVWglXuc1wTzpQmSH/PUUms CwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 424127829789250671567664458073399017689245 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 13:39:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-29 13:39:18 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'curlupanddye.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27523446375460307935984756939171239341265247167208472513338998284610547367876361736885263669348613007132193263377700164496185848981517270057045033335673003793052278756318146875516225104882446944724160993258088270183761777062481045272229386055478418324021604094983404943360713286674323920550851069805447469361687775071491120667775886254323365758351575400901988244932842308378781229530178896422142186777231267114114330122959278334475695517824998427668779677137776736825778336386731306941791273847883346841274914426918234621101625276290513300616724801766955130632301660528848486342208448399045454268147972194533894630411 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8a656a519549356c195998c9bec3e7ce526a2007 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (438 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bancan.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banchinese.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bestfaithfilms.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bhagvatgita.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bhwiplaw.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'casinobotswana.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'curlupanddye.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'decorumastutefashion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docksgrill.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edventurekids.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'energysmartpros.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gamdpm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highplainspublishing.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'houstonvape.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'joshelliott.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'militarystencil.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nickrae.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pestcontrolirvine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prowerscounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sa78209.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scriptureuntangled.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theworldpro.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tunica.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wrestlingfunkmd.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018df54e32eb0000040300483046022100a5523fc923ec3ec90ba3fd5fba71d9bd18eccdd9ec46632f06a6ea239d327aa1022100c11a658217b2f0e90b90b29a75a4c47df8f15551ab451080ea0969b74c0283380076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018df54e32e7000004030047304502203fc85c288ac859d8f8ec83ca40f467301c089d8c0dc3584c995307789f92263c022100a827924fd3fd8318fcbcb05e3d448e159a9b81e07610b934680c6b4ef0b96fb7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00896c0c43bbd4cb84d22b44fb8158819cba9c97b99954dfc6c363b8d8895108a466a37042b31e16a292a425450f05dabdcfd61ced4c1a7face7c0101f2fdab0afc0df31d740dc3643ff20e7725d960c84d95106c88de75fb60da135a47be3a30de2e3417d30961ea7d097f8cb1a76741eb22e549549a7e76038a28f648a97cdc572a9e4f6c37c5d741eb06f1b3619e7d99c800ffd7d423c08f364b5b3f5a2acf13dac35d37530e85715cebe4234fffbd6407de62507522b4ec042909ee6c67bcaa17cfb072458869ed33cd15e607b65c5b5f59aa0d106ed9c6d795a6434868fd898cca8ecb8a63d9b394644764238a6278cb518210391767c473c3a3b1d7f0d41