www.mihlit.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:70:57:75:d4:96:90:bd:1b:be:09:c3:71:9e:ca:45:ef:46 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.mihlit.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:70:57:75:d4:96:90:bd:1b:be:09:c3:71:9e:ca:45:ef:46Serial Number (int): 299564737536591438914242265135309035794246
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 8d:54:b6:fa:63:ac:41:d4:23:74:ed:16:b5:84:90:68:01:be:59:d7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f2:e7:52:5d:92:42:60:77:dc:17:ab:7c:d0:74:50:0f:05:e2:8a:2f
Fingerprint (sha256): 97:d6:91:b3:4e:94:14:d9:47:da:d9:67:8e:fb:25:95:ce:1c:12:cf:5d:d3:ff:46:d3:1a:e0:1f:f2:76:aa:67
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.mihlit.cz
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.mihlit.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ipv4.mihlit.cz
ipv6.mihlit.cz
mihlit.cz
www.mihlit.cz
ipv6.mihlit.cz
mihlit.cz
www.mihlit.cz
Other certificates including the domain name mihlit.cz
(limited to 100 certificates)
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
ipv4.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
ipv4.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
www.mihlit.cz
nas.ddns.mihlit.cz
Certificate
The complete raw certificate details for www.mihlit.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGMTCCBRmgAwIBAgISA3BXddSWkL0bvgnDcZ7KRe9GMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA5MzAyMTAwMjdaFw0x ODEyMjkyMTAwMjdaMBgxFjAUBgNVBAMTDXd3dy5taWhsaXQuY3owggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXMJyqXifhnAJQUcHfsCHGYl5pV+AaWzjt Z0tn1rSNIADW86Ugzx6rrARXlRCs88L6yJvkQ+slUzmdHqgrfFcB914wFTsvmqzJ DnAmtlR3m3lc+FOfIVcAN9HhHnGS78uIY3wzZon8zSLYldNVpECz35FVfFkRYK5I VNJpE5j2A+o941DK+6FJqEFAUL+52K1avb486MvH4zy9Qx/YpABtDx1ZacBJgP7j kBU2JzVg/3eWK+mAjN0DqaNHmg/KDNIgsfe2TOwlu9SvvnqoHyAfTda7+dWYdnIs hfQ+Y4Mkiv/ldr0Z9nJJ16aDLVKVtLox1igg8xw3lvmnbGX6qWelAgMBAAGjggNB MIIDPTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFI1UtvpjrEHUI3TtFrWEkGgBvlnX MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y Zy8wQwYDVR0RBDwwOoIOaXB2NC5taWhsaXQuY3qCDmlwdjYubWlobGl0LmN6gglt aWhsaXQuY3qCDXd3dy5taWhsaXQuY3owgf4GA1UdIASB9jCB8zAIBgZngQwBAgEw geYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl bmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1h eSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25s eSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3Vu ZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQUGCisG AQQB1nkCBAIEgfYEgfMA8QB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2 H79kAAABZix/OvQAAAQDAEcwRQIgCiVqMmHxoZsiPcy0KPa+tPgWJ2wKE03V5xww d8FX8tMCIQDwQCOjF+vmFSAsBnt2CLGwG3pf5iJR/wu0upT6vWm50AB3AKRQEmkF WhVUXmIRqze8ED9irlV2pF5LFxRFPhsiEGolAAABZix/SdUAAAQDAEgwRgIhAIW/ j2hhh96NeQy3bDtrVMrciPUbzVKofNCuc1Gf5MbwAiEA9qVUJ88yC8a1JbKwXfLZ tCvpMdm+o1up7mCZppmKnFswDQYJKoZIhvcNAQELBQADggEBAIT+T2Rg2SBiFHRa C2UB7s1oxNd70wJACAvX1/BM4fkiYsR9BwkF/UD5WPG+zd4W2uBdwg7usMLc4kUW tK55av7fQ4zS/pd315FWKKr7BHpMUOq9z3qq5/0yUCJaow+uxkbbBk371kulH24y KUjVHhqLwXRiDS8Ijn+/ZJAdxj2jQ0owbLI6OfrBYN8H6kSo7KxfBJV+VisZk6Yq cDHn3UJPvZ5sz906K888fL+/Kvpx5F1SHywkDCGik67lJZ36u5osWvgy2v39hJNq fPv/D9vrSHOe/G/PZw74wnmh+9cpWx4DG3EPAploGXtFl9L2lHAWnMOfxPiR3e9K APi1uvY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zCcql4n4ZwCUFHB37Ah xmJeaVfgGls47WdLZ9a0jSAA1vOlIM8eq6wEV5UQrPPC+sib5EPrJVM5nR6oK3xX AfdeMBU7L5qsyQ5wJrZUd5t5XPhTnyFXADfR4R5xku/LiGN8M2aJ/M0i2JXTVaRA s9+RVXxZEWCuSFTSaROY9gPqPeNQyvuhSahBQFC/uditWr2+POjLx+M8vUMf2KQA bQ8dWWnASYD+45AVNic1YP93livpgIzdA6mjR5oPygzSILH3tkzsJbvUr756qB8g H03Wu/nVmHZyLIX0PmODJIr/5Xa9GfZySdemgy1SlbS6MdYoIPMcN5b5p2xl+qln pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 299564737536591438914242265135309035794246 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-30 21:00:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-29 21:00:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.mihlit.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27165207025809430753852130979054974011465704078589196138863223132120698993321094349204435215611914856654628726016825333108327597697225552823468421386314691440817481594244187950475191788789069409505682656173555888962223747492952192604666135507897326982247919376543046381100199208708860149930154806655127392419993155598066541028712107735335022851743909875648741370654529998792143538661171272824588150066662296172544500975717394680143717400328682806454888784745007870196174901772398746564107084321351228075363275196666890851011068388557195534017400900193593280647644618978586244927499108308669578316459222379101172623269 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8d54b6fa63ac41d42374ed16b584906801be59d7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipv4.mihlit.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipv6.mihlit.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mihlit.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mihlit.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf64000001662c7f3af4000004030047304502200a256a3261f1a19b223dccb428f6beb4f816276c0a134dd5e71c3077c157f2d3022100f04023a317ebe615202c067b7608b1b01b7a5fe62251ff0bb4ba94fabd69b9d0007700a4501269055a15545e6211ab37bc103f62ae5576a45e4b1714453e1b22106a25000001662c7f49d5000004030048304602210085bf8f686187de8d790cb76c3b6b54cadc88f51bcd52a87cd0ae73519fe4c6f0022100f6a55427cf320bc6b525b2b05df2d9b42be931d9bea35ba9ee6099a6998a9c5b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0084fe4f6460d9206214745a0b6501eecd68c4d77bd30240080bd7d7f04ce1f92262c47d070905fd40f958f1becdde16dae05dc20eeeb0c2dce24516b4ae796afedf438cd2fe9777d7915628aafb047a4c50eabdcf7aaae7fd3250225aa30faec646db064dfbd64ba51f6e322948d51e1a8bc174620d2f088e7fbf64901dc63da3434a306cb23a39fac160df07ea44a8ecac5f04957e562b1993a62a7031e7dd424fbd9e6ccfdd3a2bcf3c7cbfbf2afa71e45d521f2c240c21a293aee5259dfabb9a2c5af832dafdfd84936a7cfbff0fdbeb48739efc6fcf670ef8c279a1fbd7295b1e031b710f029968197b4597d2f69470169cc39fc4f891ddef4a00f8b5baf6