content.waterloo.io
Issued by Amazon
About this certificate
This digital certificate with serial number 0e:48:23:94:40:2f:2d:2e:93:39:ab:38:ac:1f:b8:4c was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=content.waterloo.io
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:48:23:94:40:2f:2d:2e:93:39:ab:38:ac:1f:b8:4cSerial Number (int): 18983758944771583237232923729341691980
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 1a:b0:2c:ff:8a:9d:96:c8:55:82:6c:66:ed:43:19:20:5a:0c:18:07
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 94:0b:ea:c8:d1:7e:bf:4d:4f:3f:3a:3b:a8:d0:f8:1a:9c:78:77:64
Fingerprint (sha256): 9b:5d:d2:44:61:1a:cb:d5:67:90:04:2c:0c:4f:88:93:3a:6b:f1:a2:56:ed:f9:01:c2:59:59:41:7e:35:69:fb
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate content.waterloo.io
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for content.waterloo.io
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
content.waterloo.io
Other certificates including the domain name waterloo.io
(limited to 100 certificates)
dev.waterloo.io
app.waterloo.io
content.waterloo.io
app.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
*.waterloo.io
waterloo.io
app.waterloo.io
demo.waterloo.io
waterloo.io
app.waterloo.io
waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
demo.waterloo.io
waterloo.io
waterloo.io
content.waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
waterloo.io
sni.cloudflaressl.com
demo.waterloo.io
sni.cloudflaressl.com
app.waterloo.io
demo.waterloo.io
dev.waterloo.io
dev.waterloo.io
app.waterloo.io
*.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
start.waterloo.io
app.waterloo.io
dev.waterloo.io
demo.waterloo.io
demo.waterloo.io
waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
*.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
waterloo.io
demo.waterloo.io
content.waterloo.io
dev.waterloo.io
waterloo.io
dev.waterloo.io
demo.waterloo.io
content.waterloo.io
dev.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
waterloo.io
app.waterloo.io
waterloo.io
app.waterloo.io
waterloo.io
content.waterloo.io
app.waterloo.io
app.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
dev.waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
dev.waterloo.io
app.waterloo.io
help.waterloo.io
app.waterloo.io
sni.cloudflaressl.com
demo.waterloo.io
waterloo.io
waterloo.io
waterloo.io
app.waterloo.io
content.waterloo.io
app.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
*.waterloo.io
waterloo.io
app.waterloo.io
demo.waterloo.io
waterloo.io
app.waterloo.io
waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
demo.waterloo.io
waterloo.io
waterloo.io
content.waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
waterloo.io
sni.cloudflaressl.com
demo.waterloo.io
sni.cloudflaressl.com
app.waterloo.io
demo.waterloo.io
dev.waterloo.io
dev.waterloo.io
app.waterloo.io
*.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
start.waterloo.io
app.waterloo.io
dev.waterloo.io
demo.waterloo.io
demo.waterloo.io
waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
*.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
waterloo.io
demo.waterloo.io
content.waterloo.io
dev.waterloo.io
waterloo.io
dev.waterloo.io
demo.waterloo.io
content.waterloo.io
dev.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
waterloo.io
app.waterloo.io
waterloo.io
app.waterloo.io
waterloo.io
content.waterloo.io
app.waterloo.io
app.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
demo.waterloo.io
dev.waterloo.io
waterloo.io
demo.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
demo.waterloo.io
app.waterloo.io
app.waterloo.io
dev.waterloo.io
app.waterloo.io
help.waterloo.io
app.waterloo.io
sni.cloudflaressl.com
demo.waterloo.io
waterloo.io
waterloo.io
waterloo.io
Certificate
The complete raw certificate details for content.waterloo.io in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEfDCCA2SgAwIBAgIQDkgjlEAvLS6TOas4rB+4TDANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDEwMDAwMDBaFw0yMDA4MDEx MjAwMDBaMB4xHDAaBgNVBAMTE2NvbnRlbnQud2F0ZXJsb28uaW8wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfV2e9NkrUCX88pPsE7sxwnss8Z8GRWxlD VZBjmf4wvCsPOx/csl0G3aIVfX7aLMRg8zVloQDsWdaW1c/pAcoVScA29Z9e/Dh+ DOebSe586N1axug9npnbhJge3qYtdDYWChi/30su1ldNb4PFD0aOXpp+KTEB8QHw bnqD7G6I5yf+NBHQUOY9yvtyyDgVD32PDpgjtBM52h34wMZuaAxf7wIG+w740CQH wHZvAaCgXYCuJBFzMmo3TBYPGXIozLiPo7kDw3kcoFLKmCife3JNvWPL38UpsT7Z M4fD4IKb8PeHPiJUKOGA5FVJNMSFk+OuPc/NjkW9F+d3T7YWQxyDAgMBAAGjggGM MIIBiDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU GrAs/4qdlshVgmxm7UMZIFoMGAcwHgYDVR0RBBcwFYITY29udGVudC53YXRlcmxv by5pbzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1 c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG/WwBAjAIBgZngQwB AgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2Ex Yi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIu YW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB 1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA25M1p+FGXsU2KJ6Q9qIDR UPT+6WDrBy5EDPiuV7lNY2rJQJSRG4z5zEbdujmvSmyinCRpyVpycXlOXRo6ljVw wpK/b0kmlJao1w83axHQW9rLz7VuYhp3Pf1E8tjFALAaON5qNlrppj50I1jcBTVc EGgcjM+tfv1RO+OANgIVIHGW57Cl4Z55UKv+O8ECKIDGMnYLpGKwuh71QBeAmjeC DINalVa31Y7+DSlkn5OqZIIY79d5cYCek6oPuF/w2WEQhX3S3pdpRvlky4qBVNFC ra37OBsWdW49Hq+c5wSc/kVu9i2FlcPk+64h3jo2nOUHZdA1a8+OTptjllWISaWJ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1dnvTZK1Al/PKT7BO7M cJ7LPGfBkVsZQ1WQY5n+MLwrDzsf3LJdBt2iFX1+2izEYPM1ZaEA7FnWltXP6QHK FUnANvWfXvw4fgznm0nufOjdWsboPZ6Z24SYHt6mLXQ2FgoYv99LLtZXTW+DxQ9G jl6afikxAfEB8G56g+xuiOcn/jQR0FDmPcr7csg4FQ99jw6YI7QTOdod+MDGbmgM X+8CBvsO+NAkB8B2bwGgoF2AriQRczJqN0wWDxlyKMy4j6O5A8N5HKBSypgon3ty Tb1jy9/FKbE+2TOHw+CCm/D3hz4iVCjhgORVSTTEhZPjrj3PzY5FvRfnd0+2FkMc gwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18983758944771583237232923729341691980 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-01 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'content.waterloo.io' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20114991615359689119299310908249986033346974824320760328305980289641502470978785797500824763067874458244657432073052463177782920297572817264144770538440207575336130775673427185920402992081988536452346162140237060627559762435633535434799949603356243329527932607489454130183060777688613970939378463307279405589566272123055234125496895646616440656917036670250054364644185401950537742841537631316700724806688969336830134574564652548445718138150477146198135688860495533346051175879175259693490247426774537703825437286819213100735787506187541662223408063356101299995304873595782691103932570520287672906102167981147910511747 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1ab02cff8a9d96c855826c66ed4319205a0c1807 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'content.waterloo.io' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0036e4cd69f85197b14d8a27a43da880d150f4fee960eb072e440cf8ae57b94d636ac94094911b8cf9cc46ddba39af4a6ca29c2469c95a7271794e5d1a3a963570c292bf6f49269496a8d70f376b11d05bdacbcfb56e621a773dfd44f2d8c500b01a38de6a365ae9a63e742358dc05355c10681c8ccfad7efd513be380360215207196e7b0a5e19e7950abfe3bc1022880c632760ba462b0ba1ef54017809a37820c835a9556b7d58efe0d29649f93aa648218efd77971809e93aa0fb85ff0d96110857dd2de976946f964cb8a8154d142adadfb381b16756e3d1eaf9ce7049cfe456ef62d8595c3e4fbae21de3a369ce50765d0356bcf8e4e9b6396558849a589