piwik.usarmy.northplains.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0e:b3:e3:68:9b:4f:b4:38:0c:47:28:b0:36:ba:da:26 was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=piwik.usarmy.northplains.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:b3:e3:68:9b:4f:b4:38:0c:47:28:b0:36:ba:da:26Serial Number (int): 19543225473442019500764950051583351334
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: b3:a3:e5:8d:1d:77:6c:84:a5:d4:56:08:f6:c0:c5:38:85:a4:13:be
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): e5:a8:1d:5d:4f:c3:1e:24:96:88:45:f2:8f:7b:1a:e3:96:13:38:6a
Fingerprint (sha256): 9e:7d:c3:c0:54:2f:d8:21:e2:a0:92:04:1e:23:a2:e8:fe:6a:ab:e0:f7:ef:25:34:eb:ad:17:22:f4:eb:25:d6
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate piwik.usarmy.northplains.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for piwik.usarmy.northplains.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
piwik.usarmy.northplains.com
Other certificates including the domain name northplains.com
(limited to 100 certificates)
classichelp.kayako.com
support.cardinal-mark.com
*.northplains.com
*.northplains.com
support.engineyard.com
*.northplains.com
chempro.kcl.de
*.northplains.com
northplains.com
*.northplains.com
vpn.lt.northplains.com
support.infinio.com
chempro.kcl.de
chempro.kcl.de
www.northplains.com
*.northplains.com
northplains.com
www.northplains.com
support.engineyard.com
northplains.com
*.northplains.com
classichelp.kayako.com
www.northplains.com
classichelp.kayako.com
chempro.kcl.de
*.northplains.com
*.onbrand.northplains.com
classichelp.kayako.com
*.northplains.com
ssl470224.cloudflaressl.com
support.cardinal-mark.com
*.northplains.com
avolin.com
chempro.kcl.de
pg.pingfed.northplains.com
*.northplains.com
piwik.usarmy.northplains.com
www.northplains.com
chempro.kcl.de
classichelp.kayako.com
support.engineyard.com
chempro.kcl.de
chempro.kcl.de
*.northplains.com
northplains.com
northplains.com
*.northplains.com
supportsurvey.zephyrtel.com
support.cardinal-mark.com
northplains.com
chempro.kcl.de
*.northplains.com
go.northplains.com
blog.northplains.com
classichelp.kayako.com
go.northplains.com
*.northplains.com
chempro.kcl.de
northplains.com
*.northplains.com
*.northplains.com
www.northplains.com
*.northplains.com
avolin.com
northplains.com
blog.northplains.com
ssl470223.cloudflaressl.com
www.northplains.com
northplains.com
chempro.kcl.de
chempro.kcl.de
classichelp.kayako.com
northplains.com
support.cardinal-mark.com
blog.northplains.com
support.cardinal-mark.com
www.northplains.com
northplains.com
blog.northplains.com
support.engineyard.com
www.northplains.com
northplains.com
www.northplains.com
support.engineyard.com
classichelp.kayako.com
piwik.usarmy.northplains.com
northplains.com
northplains.com
go.northplains.com
northplains.com
uploader.northplains.com
avolin.com
chempro.kcl.de
piwik.usarmy.northplains.com
classichelp.kayako.com
blog.northplains.com
imports.versata.com
blog.northplains.com
northplains.com
northplains.com
support.cardinal-mark.com
*.northplains.com
*.northplains.com
support.engineyard.com
*.northplains.com
chempro.kcl.de
*.northplains.com
northplains.com
*.northplains.com
vpn.lt.northplains.com
support.infinio.com
chempro.kcl.de
chempro.kcl.de
www.northplains.com
*.northplains.com
northplains.com
www.northplains.com
support.engineyard.com
northplains.com
*.northplains.com
classichelp.kayako.com
www.northplains.com
classichelp.kayako.com
chempro.kcl.de
*.northplains.com
*.onbrand.northplains.com
classichelp.kayako.com
*.northplains.com
ssl470224.cloudflaressl.com
support.cardinal-mark.com
*.northplains.com
avolin.com
chempro.kcl.de
pg.pingfed.northplains.com
*.northplains.com
piwik.usarmy.northplains.com
www.northplains.com
chempro.kcl.de
classichelp.kayako.com
support.engineyard.com
chempro.kcl.de
chempro.kcl.de
*.northplains.com
northplains.com
northplains.com
*.northplains.com
supportsurvey.zephyrtel.com
support.cardinal-mark.com
northplains.com
chempro.kcl.de
*.northplains.com
go.northplains.com
blog.northplains.com
classichelp.kayako.com
go.northplains.com
*.northplains.com
chempro.kcl.de
northplains.com
*.northplains.com
*.northplains.com
www.northplains.com
*.northplains.com
avolin.com
northplains.com
blog.northplains.com
ssl470223.cloudflaressl.com
www.northplains.com
northplains.com
chempro.kcl.de
chempro.kcl.de
classichelp.kayako.com
northplains.com
support.cardinal-mark.com
blog.northplains.com
support.cardinal-mark.com
www.northplains.com
northplains.com
blog.northplains.com
support.engineyard.com
www.northplains.com
northplains.com
www.northplains.com
support.engineyard.com
classichelp.kayako.com
piwik.usarmy.northplains.com
northplains.com
northplains.com
go.northplains.com
northplains.com
uploader.northplains.com
avolin.com
chempro.kcl.de
piwik.usarmy.northplains.com
classichelp.kayako.com
blog.northplains.com
imports.versata.com
blog.northplains.com
northplains.com
northplains.com
Certificate
The complete raw certificate details for piwik.usarmy.northplains.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIQDrPjaJtPtDgMRyiwNrraJjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTEwMjIwMDAwMDBaFw0yMDExMjIx MjAwMDBaMCcxJTAjBgNVBAMTHHBpd2lrLnVzYXJteS5ub3J0aHBsYWlucy5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMbSQ8eJGZGnPLmm5cYYyH hMbeKlBOeiDw/8vLvdUM0TNuTE4NAebxxBZpXyk3Y/IPnSycGUy0P1Bn6DyxAMLz lNkwiB2Up1WiiG3xqmBPHWduVJSk+Mq/aSoXUw8Okm1I8AW6ksq1lXfws6h9SDDr bYj/oDz+iNnlNbXmL3KQR3DfdQyaPzFqW4AO1pXKT/3JrsJPWYja7QBIQHJAQ5Et SMXVg8Oj/A2eKHt3du6ru3G0PBT3Wq2ocIlp1y6OGXyBIEyfNFubhwr9DRhk2/vW dvDYKQLnRnoJTDr9hpmsHpbDav+sMf1384aJohbjyjpUiN0v4CSqusfCGz/jXmWr AgMBAAGjggKIMIIChDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAd BgNVHQ4EFgQUs6PljR13bISl1FYI9sDFOIWkE74wJwYDVR0RBCAwHoIccGl3aWsu dXNhcm15Lm5vcnRocGxhaW5zLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j cmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsG CWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzAB hiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKG Kmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNV HRMBAf8EAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUApLkJkLQYWBSHuxOi zGdwCjw1mAT5G9+443fNDsgN3BAAAAFt8ydn4gAABAMARjBEAiBI4Dq2QnW/816V WLWJpkQHGjicUfujtfU0crAO4sKmIAIgTqCsZbj4PTZpUNh+SwfwPWlRWYXL8e8z NBHKoVkR9WgAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAW3z J2h5AAAEAwBIMEYCIQCExqAouD8jD6A31Ht+e4OSLqdNIw7wQvxivIZsnLQmuwIh ALj+eBFiI0V9wqYq6txptwFmmGygexoMPCCS+TpAL5ttMA0GCSqGSIb3DQEBCwUA A4IBAQAk9DHNtC+B0VDQHh+2FX/GhYgZ6sPMHtXcgL/djpKtXfWqsjsbZ9Ck+dUF l8h7yW6wmveD33Q7JpMiv2EgsckgtFh+2vZofjA5uLZPLlS3HXhoNMxPP5fkpqcR qBBl81a5U8xNzwF4D3Qqm7jIInHFRlHooLGn8Kr3u0rrm/8U9b5cDqowNKJ7i9yp XOIAc0Fdq4R5jVOPMXXBwHzvOYxeU/aizGm7l/q/6iMvbocn173y+MPbLRqS1h0I xgSpSkJaoTsafaP65hR4XNdX4mtPXEzUMnGEACwYuvjG+1mi7i7ahEA5Gck0EMlF uqzlU+8OEw7ldRf/llgd97HVSErv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG0kPHiRmRpzy5puXGGM h4TG3ipQTnog8P/Ly73VDNEzbkxODQHm8cQWaV8pN2PyD50snBlMtD9QZ+g8sQDC 85TZMIgdlKdVooht8apgTx1nblSUpPjKv2kqF1MPDpJtSPAFupLKtZV38LOofUgw 622I/6A8/ojZ5TW15i9ykEdw33UMmj8xaluADtaVyk/9ya7CT1mI2u0ASEByQEOR LUjF1YPDo/wNnih7d3buq7txtDwU91qtqHCJadcujhl8gSBMnzRbm4cK/Q0YZNv7 1nbw2CkC50Z6CUw6/YaZrB6Ww2r/rDH9d/OGiaIW48o6VIjdL+AkqrrHwhs/415l qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19543225473442019500764950051583351334 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-22 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'piwik.usarmy.northplains.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25806433916141437166386393123891262157038922719316051577195251147491597780136781940806674973017476346493847508926700783458797465821718963156731460434266550610751948267395388222948137380849046086102657197560442963927902406084884465443693097296597526931647790123152634962169508342136763364398904439022526757163510531175528679380032728970150932950333983332695382564864928155239029937741927824041003458307292958308739495729825054606684889239612264464800822640910464050268564997877638684734670073042185379109455129515200644911071192686098332382605227695232929320788006855758023375613398817560756038617441862909945161082283 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b3a3e58d1d776c84a5d45608f6c0c53885a413be . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'piwik.usarmy.northplains.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016df32767e20000040300463044022048e03ab64275bff35e9558b589a644071a389c51fba3b5f53472b00ee2c2a62002204ea0ac65b8f83d366950d87e4b07f03d69515985cbf1ef333411caa15911f5680077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016df3276879000004030048304602210084c6a028b83f230fa037d47b7e7b83922ea74d230ef042fc62bc866c9cb426bb022100b8fe78116223457dc2a62aeadc69b70166986ca07b1a0c3c2092f93a402f9b6d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0024f431cdb42f81d150d01e1fb6157fc6858819eac3cc1ed5dc80bfdd8e92ad5df5aab23b1b67d0a4f9d50597c87bc96eb09af783df743b269322bf6120b1c920b4587edaf6687e3039b8b64f2e54b71d786834cc4f3f97e4a6a711a81065f356b953cc4dcf01780f742a9bb8c82271c54651e8a0b1a7f0aaf7bb4aeb9bff14f5be5c0eaa3034a27b8bdca95ce20073415dab84798d538f3175c1c07cef398c5e53f6a2cc69bb97fabfea232f6e8727d7bdf2f8c3db2d1a92d61d08c604a94a425aa13b1a7da3fae614785cd757e26b4f5c4cd4327184002c18baf8c6fb59a2ee2eda84403919c93410c945baace553ef0e130ee57517ff96581df7b1d5484aef