cafeyano.com

Issued by R3

About this certificate

This digital certificate with serial number 03:4a:9f:ab:db:4a:18:09:6b:51:f2:dc:56:89:f7:43:26:52 was issued on by Let's Encrypt.

With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=cafeyano.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:4a:9f:ab:db:4a:18:09:6b:51:f2:dc:56:89:f7:43:26:52
Serial Number (int): 286729992529240823568621976029113081865810
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 34:3f:4e:27:5d:44:87:78:dc:23:a3:69:f6:60:e8:a7:45:8e:5a:e1
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 50:ee:a2:04:a0:fb:72:ac:f4:d1:50:10:2c:d5:e4:52:64:7f:d7:52
Fingerprint (sha256): 9e:38:f0:7d:71:e6:aa:19:c8:d8:4e:a9:aa:c0:a1:37:85:a4:a7:7e:c5:5e:50:15:88:e0:2c:06:17:6f:cb:a4

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate cafeyano.com

24

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cafeyano.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.anathothgroup.com
*.cafeyano.com
*.castillodewoods.com
*.com.metafond.com
*.doqle.com
*.kkma.net
*.premierwoodsuae.com
*.woksen.in
anathothgroup.com
cafeyano.com
castillodewoods.com
doqle.com
kkma.net
kkma.net.metafond.com
premierwoodsuae.com
woksen.in
woksen.in.metafond.com
www.anathothgroup.com.metafond.com
www.cafeyano.com.metafond.com
www.castillodewoods.com.metafond.com
www.doqle.com.metafond.com
www.kkma.net.metafond.com
www.premierwoodsuae.com.metafond.com
www.woksen.in.metafond.com

Other certificates including the domain name cafeyano.com

(limited to 100 certificates)
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
cafeyano.com
doqle.com

Certificate

The complete raw certificate details for cafeyano.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG5jCCBc6gAwIBAgISA0qfq9tKGAlrUfLcVon3QyZSMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA2MDQyMDE0MTJaFw0yNDA5MDIyMDE0MTFaMBcxFTATBgNVBAMT
DGNhZmV5YW5vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMHS
EOoxOyrrPWrKq30AEMKFFW5QhvIHQnzTVeu71Xq0vSHLSOVa8GW/0f61dwgevs/K
Xz+NgNju02dVJrCq6zl7pGSv+hV6Dv/aBY2ErUjuF0ij/qmIQJuRJyM9oP1odr9G
4v98cy7hjC6q333NQ5gFjsKflg2VYcWjoC2UXJDtRO/SdxkJNu/iF2FTZj453Hky
Q7+ba506J5NfHuV64OYVexsl9sHaBd/9hc0s0l9+V5yAYXbdXVs0xs29StEHQBoc
BKkscN6d1dwT57Sw4h9tM/TEVc4zJyc3xQ6P69STqDeiwVhcAaUBqKwsObrGkmfw
n3c68VIYdYm+7tHpvwECAwEAAaOCBA8wggQLMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUND9OJ11Eh3jcI6Np9mDop0WOWuEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA
5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu
by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w
ggIWBgNVHREEggINMIICCYITKi5hbmF0aG90aGdyb3VwLmNvbYIOKi5jYWZleWFu
by5jb22CFSouY2FzdGlsbG9kZXdvb2RzLmNvbYISKi5jb20ubWV0YWZvbmQuY29t
ggsqLmRvcWxlLmNvbYIKKi5ra21hLm5ldIIVKi5wcmVtaWVyd29vZHN1YWUuY29t
ggsqLndva3Nlbi5pboIRYW5hdGhvdGhncm91cC5jb22CDGNhZmV5YW5vLmNvbYIT
Y2FzdGlsbG9kZXdvb2RzLmNvbYIJZG9xbGUuY29tgghra21hLm5ldIIVa2ttYS5u
ZXQubWV0YWZvbmQuY29tghNwcmVtaWVyd29vZHN1YWUuY29tggl3b2tzZW4uaW6C
Fndva3Nlbi5pbi5tZXRhZm9uZC5jb22CInd3dy5hbmF0aG90aGdyb3VwLmNvbS5t
ZXRhZm9uZC5jb22CHXd3dy5jYWZleWFuby5jb20ubWV0YWZvbmQuY29tgiR3d3cu
Y2FzdGlsbG9kZXdvb2RzLmNvbS5tZXRhZm9uZC5jb22CGnd3dy5kb3FsZS5jb20u
bWV0YWZvbmQuY29tghl3d3cua2ttYS5uZXQubWV0YWZvbmQuY29tgiR3d3cucHJl
bWllcndvb2RzdWFlLmNvbS5tZXRhZm9uZC5jb22CGnd3dy53b2tzZW4uaW4ubWV0
YWZvbmQuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGP5Ro6
EQAABAMARzBFAiEAzD+WDXg+OWTxEHRKkBEfhkR/PNodY0uB+vxcOKpdz5cCIGn+
GQkB1uAMTHGFVu2D/MQLBw70R5EmKDXg9eMGyKLRAHYAGZgQcQnw1lIuMIDSnj9k
u4NuKMz5D1KO7t/OSj8WtMoAAAGP5Ro6bAAABAMARzBFAiEA+eWL9XeRasxJnC5T
GtdSpUFX4s/PBN2xfHoKhB9nOcwCIEMsTODTv7J5rUAfWwLUik7jBg3uccmC1XKJ
9wh+h+GeMA0GCSqGSIb3DQEBCwUAA4IBAQCsi1qicHVh+lkTe87ynbl2Tv8Xvz79
MDjLq7gA/yY2IJYSEnjIp1nan8+b22DjIxCcGveRE2r17qDAAAECm0UKjkVEURh6
68Xq3n41LkwJOVNy461MgUQ/yuvI/EsqiG25wpUIqaYVZx1korQ13d+ipbIrV2iF
WpDtCNaa72nOz8rLHrD5ykjpwQYt8PBm5pszxVyjseqxivqQmztvFq0yLJo2jECy
wKcZzdyD4Z2G++x3XrRXcHSzpnfuVDDoQmhEHFgFXf2qnRZ2AGo/BV7Txcjq56Sl
075dQhBOhshN77LSlZltnFjmK4N1vWn1GP7BASXZvbO/qv2TyqwZFVPc
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdIQ6jE7Kus9asqrfQAQ
woUVblCG8gdCfNNV67vVerS9IctI5VrwZb/R/rV3CB6+z8pfP42A2O7TZ1UmsKrr
OXukZK/6FXoO/9oFjYStSO4XSKP+qYhAm5EnIz2g/Wh2v0bi/3xzLuGMLqrffc1D
mAWOwp+WDZVhxaOgLZRckO1E79J3GQk27+IXYVNmPjnceTJDv5trnTonk18e5Xrg
5hV7GyX2wdoF3/2FzSzSX35XnIBhdt1dWzTGzb1K0QdAGhwEqSxw3p3V3BPntLDi
H20z9MRVzjMnJzfFDo/r1JOoN6LBWFwBpQGorCw5usaSZ/CfdzrxUhh1ib7u0em/
AQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 286729992529240823568621976029113081865810
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-04 20:14:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-02 20:14:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cafeyano.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24467580300044567723981045018993008722989325708352319142856022001966250986947165350208164388498704977915826108554485934655076702211678802908392770931317638400580808357900497218144692923673493586673075966216240172111171992584492523744817716779995618977407207516462281096452787844736681409749511915910010578492678643713596004345271191663184312444534133563511734349127795099064628870053458758346544239256826059966730876774220604552319604053224367711041224845513923688556757149701220329049065318859300797016871639328687632242427168285252886701043812630202477358787477342307006109106649894002475415569032038518242151087873
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							343f4e275d448778dc23a369f660e8a7458e5ae1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (525 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.anathothgroup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cafeyano.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.castillodewoods.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.com.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.doqle.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kkma.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.premierwoodsuae.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.woksen.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'anathothgroup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cafeyano.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'castillodewoods.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'doqle.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kkma.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kkma.net.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'premierwoodsuae.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'woksen.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'woksen.in.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.anathothgroup.com.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cafeyano.com.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.castillodewoods.com.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.doqle.com.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kkma.net.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.premierwoodsuae.com.metafond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.woksen.in.metafond.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018fe51a3a110000040300473045022100cc3f960d783e3964f110744a90111f86447f3cda1d634b81fafc5c38aa5dcf97022069fe190901d6e00c4c718556ed83fcc40b070ef44791262835e0f5e306c8a2d10076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018fe51a3a6c0000040300473045022100f9e58bf577916acc499c2e531ad752a54157e2cfcf04ddb17c7a0a841f6739cc0220432c4ce0d3bfb279ad401f5b02d48a4ee3060dee71c982d57289f7087e87e19e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ac8b5aa2707561fa59137bcef29db9764eff17bf3efd3038cbabb800ff26362096121278c8a759da9fcf9bdb60e323109c1af791136af5eea0c00001029b450a8e454451187aebc5eade7e352e4c09395372e3ad4c81443fcaebc8fc4b2a886db9c29508a9a615671d64a2b435dddfa2a5b22b5768855a90ed08d69aef69cecfcacb1eb0f9ca48e9c1062df0f066e69b33c55ca3b1eab18afa909b3b6f16ad322c9a368c40b2c0a719cddc83e19d86fbec775eb4577074b3a677ee5430e84268441c58055dfdaa9d1676006a3f055ed3c5c8eae7a4a5d3be5d42104e86c84defb2d295996d9c58e62b8375bd69f518fec10125d9bdb3bfaafd93caac191553dc