*.onegovcloud.ch
Issued by SwissSign Server Silver CA 2014 - G22
About this certificate
This digital certificate with serial number 71:94:e5:46:57:66:c8:4b:f6:b1:e3:be:33:32:b3:57:0e:9d:20:6f was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.onegovcloud.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 71:94:e5:46:57:66:c8:4b:f6:b1:e3:be:33:32:b3:57:0e:9d:20:6fSerial Number (int): 648436440041896968438706583841268663103069692015
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 48:f1:c2:e9:c1:48:37:c0:7a:99:ae:53:00:28:ac:97:c9:9d:a7:cd
AuthorityKeyId: db:bc:bf:82:18:59:dc:69:fa:f8:ab:aa:83:4d:77:1d:0b:b0:8b:d8
Fingerprint (sha1): 27:b0:51:5c:32:c9:f3:10:2a:51:7b:9d:e1:7f:22:db:57:ec:6d:c8
Fingerprint (sha256): 9d:63:59:78:cb:09:44:f7:77:e9:9a:5e:ad:23:d9:47:93:79:dd:5a:31:4c:bd:36:0f:b4:7c:ab:90:9d:95:c5
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8
Revocation information
OCSP Server: http://silver-server-g2.ocsp.swisssign.net/DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8CRL Distribution Point: http://crl.swisssign.net/DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8
CRL Distribution Point: ldap://directory.swisssign.net/CN=DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate *.onegovcloud.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.onegovcloud.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.onegovcloud.ch
onegovcloud.ch
onegovcloud.ch
Other certificates including the domain name onegovcloud.ch
(limited to 100 certificates)
*.onegovcloud.ch
onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
onegovcloud.ch
docs.onegovcloud.ch
onegovcloud.ch
onegovcloud.ch
onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
docs.onegovcloud.ch
*.onegovcloud.ch
onegovcloud.ch
docs.onegovcloud.ch
onegovcloud.ch
onegovcloud.ch
Certificate
The complete raw certificate details for *.onegovcloud.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBzCCBO+gAwIBAgIUcZTlRldmyEv2seO+MzKzVw6dIG8wDQYJKoZIhvcNAQEL BQAwVDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEuMCwGA1UE AxMlU3dpc3NTaWduIFNlcnZlciBTaWx2ZXIgQ0EgMjAxNCAtIEcyMjAeFw0xOTAz MjUwOTE3NDdaFw0yMDAzMjUwOTE3NDdaMBsxGTAXBgNVBAMMECoub25lZ292Y2xv dWQuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdaWuGqfCRzVMT Kq3vX/N1LRwQdHdmJ+gJboTtfSE8DtFgyrlbEres6kNsznHHb5IuypcDV+mD5s4V KUdZA6tYjFQ9OQ+yzvWYb4jXiJAutgZvur28OodBrU6FXRaW9xWb032G0Asg6IlC aQuThS6dQUwUhjLpAH70gRFobZEOUpLbRRx3jwtTX47J880mgpqaTm6UYq+ft3R5 YyMNFJJhuYESTyuucHn+TkXYW7FPp6rZ5jDA7ar+RsHFOHTXV/kx8Y87PZQn/id9 ivhLbmR/kgJu1g9zHFJIbfRl2XptB6lAPvw3AJbMCmAFCCZNXoGZCuJBGOF7crTC CNy1l/RPAgMBAAGjggMIMIIDBDArBgNVHREEJDAighAqLm9uZWdvdmNsb3VkLmNo gg5vbmVnb3ZjbG91ZC5jaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRI8cLpwUg3wHqZrlMAKKyXyZ2nzTAf BgNVHSMEGDAWgBTbvL+CGFncafr4q6qDTXcdC7CL2DCB/wYDVR0fBIH3MIH0MEeg RaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvREJCQ0JGODIxODU5REM2OUZB RjhBQkFBODM0RDc3MUQwQkIwOEJEODCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rv cnkuc3dpc3NzaWduLm5ldC9DTj1EQkJDQkY4MjE4NTlEQzY5RkFGOEFCQUE4MzRE NzcxRDBCQjA4QkQ4JTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2 b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2lu dDB1BgNVHSAEbjBsMFYGCWCFdAFZAQMBCzBJMEcGCCsGAQUFBwIBFjtodHRwOi8v cmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbi1TaWx2ZXItQ1AtQ1BT LnBkZjAIBgZngQwBAgEwCAYGBACPegEGMIHXBggrBgEFBQcBAQSByjCBxzBkBggr BgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkv ZG93bmxvYWQvREJCQ0JGODIxODU5REM2OUZBRjhBQkFBODM0RDc3MUQwQkIwOEJE ODBfBggrBgEFBQcwAYZTaHR0cDovL3NpbHZlci1zZXJ2ZXItZzIub2NzcC5zd2lz c3NpZ24ubmV0L0RCQkNCRjgyMTg1OURDNjlGQUY4QUJBQTgzNEQ3NzFEMEJCMDhC RDgwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBACnhPAHU gI3BekmRz0kmavmw6OB0i1zeS1ioF+EecQbwSdC7T59UCHnU10HJszTdISL/s1hT S4SDxyNxBTma3DROeIiq8yLb79d9z5vk8bXmvpUoJ83FvPozeij13giFkYlnmscN 6YfXEBh0ebNGSCPOSte0FT3yIhfsfUebujtQ3UE7fIPoqYva3pi41aayDODVfoTR KcD3Y3CcmapuzCoXlUzWlU/7DJWaVz7tyq4XPx07EblXT5g1vN+eGj12nQj8wxj0 Z8X2AXDZFRW7b8PqG+2p2JmFrXm1Ft0d+gGwGpTRoEvEpg7VEoX3NWxyRUvA5GQF TuOKasiGgL47QYw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Wlrhqnwkc1TEyqt71/z dS0cEHR3ZifoCW6E7X0hPA7RYMq5WxK3rOpDbM5xx2+SLsqXA1fpg+bOFSlHWQOr WIxUPTkPss71mG+I14iQLrYGb7q9vDqHQa1OhV0WlvcVm9N9htALIOiJQmkLk4Uu nUFMFIYy6QB+9IERaG2RDlKS20Ucd48LU1+OyfPNJoKamk5ulGKvn7d0eWMjDRSS YbmBEk8rrnB5/k5F2FuxT6eq2eYwwO2q/kbBxTh011f5MfGPOz2UJ/4nfYr4S25k f5ICbtYPcxxSSG30Zdl6bQepQD78NwCWzApgBQgmTV6BmQriQRjhe3K0wgjctZf0 TwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 648436440041896968438706583841268663103069692015 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Silver CA 2014 - G22' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-25 09:17:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-25 09:17:47 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.onegovcloud.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27950649948605631215911653064765537187665923478731285889293122982275552073221869417426271940135613571675606069855907179969484081533378568078990483984604900473320927401732295616386187514610751527334202141783710417237523542334650552021846818982111932236041002071616259766335093738172919172524355429178252457022285067347355212328305213186560098664054629838583009847637572472092477083906735818303449181318095059154681736661643554758744791866902087492299734400964443079022615944671702212157154593697782410305745970676496693818777181343797610596781142707455996810598937869470943821181868779135678663328867288150624681063503 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.onegovcloud.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onegovcloud.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 48f1c2e9c14837c07a99ae530028ac97c99da7cd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName dbbcbf821859dc69faf8abaa834d771d0bb08bd8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.3.1.11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Silver-CP-CPS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (202 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://silver-server-g2.ocsp.swisssign.net/DBBCBF821859DC69FAF8ABAA834D771D0BB08BD8' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0029e13c01d4808dc17a4991cf49266af9b0e8e0748b5cde4b58a817e11e7106f049d0bb4f9f540879d4d741c9b334dd2122ffb358534b8483c7237105399adc344e7888aaf322dbefd77dcf9be4f1b5e6be952827cdc5bcfa337a28f5de08859189679ac70de987d710187479b3464823ce4ad7b4153df22217ec7d479bba3b50dd413b7c83e8a98bdade98b8d5a6b20ce0d57e84d129c0f763709c99aa6ecc2a17954cd6954ffb0c959a573eedcaae173f1d3b11b9574f9835bcdf9e1a3d769d08fcc318f467c5f60170d91515bb6fc3ea1beda9d89985ad79b516dd1dfa01b01a94d1a04bc4a60ed51285f7356c72454bc0e464054ee38a6ac88680be3b418c