vpn.sodra.com
- SodraSkogsagarna -
Issued by TeliaSonera Gateway CA v1
About this certificate
This digital certificate with serial number 92:c1:f4:03:32:04:f0:19:5d:55:fa:b6:a1:8d:52:88 was issued on by TeliaSonera.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- For certificates valid after 31 Dec 2013, all certificates using RSA public key algorithm MUST have 2048 bits of modulus (BRs: 6.1.5)
- Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
- The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
SodraSkogsagarna
Organization:
SodraSkogsagarna
Organization unit: Telia Secure Remote User
Organization unit: Telia Secure Remote User
State / Province:
Vaxjo
Locality: Vaxjo
Country: SE
Locality: Vaxjo
Country: SE
TeliaSonera
Organization:
TeliaSonera
This certificate has expire since
Certificate Details
Serial Number (hex): 92:c1:f4:03:32:04:f0:19:5d:55:fa:b6:a1:8d:52:88Serial Number (int): 195074349839402937756834432293792469640
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: a2:b3:b8:4e:8b:c3:49:4f:c3:73:f2:79:d8:db:8c:70:28:75:e7:76
AuthorityKeyId: 8f:59:95:28:26:a2:b0:6d:19:49:99:d2:fb:b0:84:47:4d:cb:95:fc
Fingerprint (sha1): 60:7f:93:f1:21:7a:5a:b1:29:60:43:d2:4f:61:35:11:25:88:97:ef
Fingerprint (sha256): 9c:4f:5b:15:bf:27:01:4b:cf:ee:1c:12:98:71:51:56:06:36:20:c6:ed:a0:da:25:6e:43:35:1a:6c:0d:da:98
Issuing Certificate URL: http://repository.trust.teliasonera.com/teliasoneragatewaycav1.cer
Revocation information
CRL Distribution Point: http://crl-3.trust.teliasonera.com/teliasoneragatewaycav1.crlCRL Distribution Point: ldap://crl-1.trust.teliasonera.com/cn=TeliaSonera%20Gateway%20CA%20v1,o=TeliaSonera?certificaterevocationlist;binary
Check the revocation status for certificate vpn.sodra.com
0
DNS Names
0
Email Addresses
2
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpn.sodra.com
Public Key Algorithm
RSA
Key Size
1024
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Content Commitment
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
194.237.208.184
194.237.208.185
194.237.208.185
Other certificates including the domain name sodra.com
(limited to 100 certificates)
webmail.sodra.com
energiprodukter.sodra.com
pptest.sodra.com
ehub.sodra.com
latvia.sodra.com
lrf.sodra.com
support.sodra.com
VPN.Sodra.com
oncemore.sodra.com
*.sodra.com
redirect.sodra.com
latvia.sodra.com
guider.sodra.com
ucexternal.sodra.com
energiprodukter.sodra.com
latvia.sodra.com
karriar.sodra.com
psol.sodra.com
skog.sodra.com
sip.sodra.com
*.og.sodra.com
*.og-test.sodra.com
energiprodukter.sodra.com
*.og-test.sodra.com
karriar.sodra.com
energiprodukter.sodra.com
*.og.sodra.com
medlem.sodra.com
el.sodra.com
oncemore.sodra.com
servicedesk.ecm.software
*.sodra.com
energiprodukter.sodra.com
career.sodra.com
webmail.sodra.com
career.sodra.com
*.sodra.com
*.sodra.com
*.sodra.com
*.sodra.com
support.sodra.com
servicedesk.ecm.software
latvia.sodra.com
support.sodra.com
pellets.sodra.com
ucexternal.sodra.com
b2bwood.sodra.com
energiprodukter.sodra.com
vpn.sodra.com
webmail.sodra.com
entreprenor.sodra.com
pellets.sodra.com
karriar.sodra.com
lc.sodra.com
latvia.sodra.com
PULPSERVICES.SODRA.COM
*.og-test.sodra.com
wood1.sodra.com
energiprodukter.sodra.com
oncemore.sodra.com
ehubtest.sodra.com
*.og-test.sodra.com
energiprodukter.sodra.com
career.sodra.com
support.sodra.com
sip.sodra.com
*.sodra.com
latvia.sodra.com
pulpit.sodra.com
workplace.sodra.com
energiprodukter.sodra.com
vpn.sodra.com
energiprodukter.sodra.com
energiprodukter.sodra.com
energiprodukter.sodra.com
pptest.sodra.com
ehub.sodra.com
latvia.sodra.com
lrf.sodra.com
support.sodra.com
VPN.Sodra.com
oncemore.sodra.com
*.sodra.com
redirect.sodra.com
latvia.sodra.com
guider.sodra.com
ucexternal.sodra.com
energiprodukter.sodra.com
latvia.sodra.com
karriar.sodra.com
psol.sodra.com
skog.sodra.com
sip.sodra.com
*.og.sodra.com
*.og-test.sodra.com
energiprodukter.sodra.com
*.og-test.sodra.com
karriar.sodra.com
energiprodukter.sodra.com
*.og.sodra.com
medlem.sodra.com
el.sodra.com
oncemore.sodra.com
servicedesk.ecm.software
*.sodra.com
energiprodukter.sodra.com
career.sodra.com
webmail.sodra.com
career.sodra.com
*.sodra.com
*.sodra.com
*.sodra.com
*.sodra.com
support.sodra.com
servicedesk.ecm.software
latvia.sodra.com
support.sodra.com
pellets.sodra.com
ucexternal.sodra.com
b2bwood.sodra.com
energiprodukter.sodra.com
vpn.sodra.com
webmail.sodra.com
entreprenor.sodra.com
pellets.sodra.com
karriar.sodra.com
lc.sodra.com
latvia.sodra.com
PULPSERVICES.SODRA.COM
*.og-test.sodra.com
wood1.sodra.com
energiprodukter.sodra.com
oncemore.sodra.com
ehubtest.sodra.com
*.og-test.sodra.com
energiprodukter.sodra.com
career.sodra.com
support.sodra.com
sip.sodra.com
*.sodra.com
latvia.sodra.com
pulpit.sodra.com
workplace.sodra.com
energiprodukter.sodra.com
vpn.sodra.com
energiprodukter.sodra.com
energiprodukter.sodra.com
Certificate
The complete raw certificate details for vpn.sodra.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFmzCCA4OgAwIBAgIRAJLB9AMyBPAZXVX6tqGNUogwDQYJKoZIhvcNAQEFBQAw OjEUMBIGA1UECgwLVGVsaWFTb25lcmExIjAgBgNVBAMMGVRlbGlhU29uZXJhIEdh dGV3YXkgQ0EgdjEwHhcNMTQwNTI4MDk1NjI2WhcNMTcwNTI4MDk1NjI3WjCBgzEL MAkGA1UEBhMCU0UxDjAMBgNVBAgMBVZheGpvMQ4wDAYDVQQHDAVWYXhqbzEZMBcG A1UECgwQU29kcmFTa29nc2FnYXJuYTEhMB8GA1UECwwYVGVsaWEgU2VjdXJlIFJl bW90ZSBVc2VyMRYwFAYDVQQDDA12cG4uc29kcmEuY29tMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDN6Wplb0/clf6YIxXE1vih9PRVKLabzgLjCTCNa0uA8eE5 MoeyCl2A3Z2GbXpdDmoFW8gu7tSe9oYEBuWo9n9Z9dWWyKeLBSKx/tV2fcWffiEA /mM1mtcwIFSt3WSRFq1TsDFfIAk3ja9tlk3LtgPiMnJeYzuV1X0lCkGGE3h1QQID AQABo4IB1DCCAdAwFQYDVR0RBA4wDIcEwu3QuIcEwu3QuTBeBggrBgEFBQcBAQRS MFAwTgYIKwYBBQUHMAKGQmh0dHA6Ly9yZXBvc2l0b3J5LnRydXN0LnRlbGlhc29u ZXJhLmNvbS90ZWxpYXNvbmVyYWdhdGV3YXljYXYxLmNlcjAfBgNVHSMEGDAWgBSP WZUoJqKwbRlJmdL7sIRHTcuV/DAZBgNVHSAEEjAQMA4GDCsGAQQBgg8CAwEBEDCB zAYDVR0fBIHEMIHBMEOgQaA/hj1odHRwOi8vY3JsLTMudHJ1c3QudGVsaWFzb25l cmEuY29tL3RlbGlhc29uZXJhZ2F0ZXdheWNhdjEuY3JsMHqgeKB2hnRsZGFwOi8v Y3JsLTEudHJ1c3QudGVsaWFzb25lcmEuY29tL2NuPVRlbGlhU29uZXJhJTIwR2F0 ZXdheSUyMENBJTIwdjEsbz1UZWxpYVNvbmVyYT9jZXJ0aWZpY2F0ZXJldm9jYXRp b25saXN0O2JpbmFyeTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDgYD VR0PAQH/BAQDAgTwMB0GA1UdDgQWBBSis7hOi8NJT8Nz8nnY24xwKHXndjANBgkq hkiG9w0BAQUFAAOCAgEAaJzzbsnSsT96zshSSrwWfVh+3L6/eUo0KTgdNka5qgeH pTboumCpSiqIS+kcbklYjCvCzSEtF5AklotenS4UpsW9yY97plTk5NTxcb83tbCW yAc0dgvWnxWhb1ZroCdASJY1oddq8ZbbhPm4OR+/44GroEDJ0vlxPJyatG28leyS PRWcgF8708zCAHf2WF7o3aGpwwEvR+ZEfZ0YCwxXZ1tGbh22Z8K3EUCb4yDI1lC1 OkuyBLrrDh5WJMXVaiXDrJnWVtRFpWdOhEDxxlhWW+oL5dLGaZMuPpUrVJaQOVR3 MMNegwCLjhilbfO7y9F4CuR6HQ7mRgrQcJItABMFATAWkGOV/b1lPd+G23rLeXsO zREKn586gPWRmj2TzJgr7mEK3waj4TwHw6i+OFID15n5DL+uAE+fCGg+fZLIqSvM TmAn/bDPPyYYCXI7654z8LUk1+tI5nvwUZqxpmx1icJfxK16ollDmnuFE3g4XAJl HdO96o6wbgdk9tRwvene/eFFRGILbFcIoSTE5ktZtGkXVd7s3gMQ8LwUPOo64RQD U62ZbFUsk3ZnfNJFOYFNLqKWm3n+xPq/bOIllTKwvdvBaPMYiQw3v32UI8fPxR3p xO6JW6BnLQdWOk+LXBl/YbG+2pJxwdPGjgnoXP6m3Mi7122UEHTjiiQc1WQXoeA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6Wplb0/clf6YIxXE1vih9PRV KLabzgLjCTCNa0uA8eE5MoeyCl2A3Z2GbXpdDmoFW8gu7tSe9oYEBuWo9n9Z9dWW yKeLBSKx/tV2fcWffiEA/mM1mtcwIFSt3WSRFq1TsDFfIAk3ja9tlk3LtgPiMnJe YzuV1X0lCkGGE3h1QQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 195074349839402937756834432293792469640 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TeliaSonera' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TeliaSonera Gateway CA v1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-05-28 09:56:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-28 09:56:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Vaxjo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Vaxjo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SodraSkogsagarna' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Secure Remote User' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'vpn.sodra.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1120 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 144596169063920195609455679473854332262814044951765202649270961534460901906183605579184971978824085249994764013499554793500777236630901391540105688070295131901318499292380716268626513653322587525367422450348137652698047185310944047836897102456760056913504896005965285267229961090643524683714258579259783673153 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:7|false] OCTET STRING '194.237.208.184' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:7|false] OCTET STRING '194.237.208.185' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://repository.trust.teliasonera.com/teliasoneragatewaycav1.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8f59952826a2b06d194999d2fbb084474dcb95fc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.271.2.3.1.1.16 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (196 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl-3.trust.teliasonera.com/teliasoneragatewaycav1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://crl-1.trust.teliasonera.com/cn=TeliaSonera%20Gateway%20CA%20v1,o=TeliaSonera?certificaterevocationlist;binary' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04f0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a2b3b84e8bc3494fc373f279d8db8c702875e776 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00689cf36ec9d2b13f7acec8524abc167d587edcbebf794a3429381d3646b9aa0787a536e8ba60a94a2a884be91c6e49588c2bc2cd212d179024968b5e9d2e14a6c5bdc98f7ba654e4e4d4f171bf37b5b096c80734760bd69f15a16f566ba02740489635a1d76af196db84f9b8391fbfe381aba040c9d2f9713c9c9ab46dbc95ec923d159c805f3bd3ccc20077f6585ee8dda1a9c3012f47e6447d9d180b0c57675b466e1db667c2b711409be320c8d650b53a4bb204baeb0e1e5624c5d56a25c3ac99d656d445a5674e8440f1c658565bea0be5d2c669932e3e952b54969039547730c35e83008b8e18a56df3bbcbd1780ae47a1d0ee6460ad070922d001305013016906395fdbd653ddf86db7acb797b0ecd110a9f9f3a80f5919a3d93cc982bee610adf06a3e13c07c3a8be385203d799f90cbfae004f9f08683e7d92c8a92bcc4e6027fdb0cf3f261809723beb9e33f0b524d7eb48e67bf0519ab1a66c7589c25fc4ad7aa259439a7b851378385c02651dd3bdea8eb06e0764f6d470bde9defde14544620b6c5708a124c4e64b59b4691755deecde0310f0bc143cea3ae1140353ad996c552c9376677cd24539814d2ea2969b79fec4fabf6ce2259532b0bddbc168f318890c37bf7d9423c7cfc51de9c4ee895ba0672d07563a4f8b5c197f61b1beda9271c1d3c68e09e85cfea6dcc8bbd76d941074e38a241cd56417a1e0