piwik.usarmy.northplains.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0e:b3:e3:68:9b:4f:b4:38:0c:47:28:b0:36:ba:da:26 was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=piwik.usarmy.northplains.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0e:b3:e3:68:9b:4f:b4:38:0c:47:28:b0:36:ba:da:26
Serial Number (int): 19543225473442019500764950051583351334
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b3:a3:e5:8d:1d:77:6c:84:a5:d4:56:08:f6:c0:c5:38:85:a4:13:be
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): e5:a8:1d:5d:4f:c3:1e:24:96:88:45:f2:8f:7b:1a:e3:96:13:38:6a
Fingerprint (sha256): 9e:7d:c3:c0:54:2f:d8:21:e2:a0:92:04:1e:23:a2:e8:fe:6a:ab:e0:f7:ef:25:34:eb:ad:17:22:f4:eb:25:d6

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate piwik.usarmy.northplains.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for piwik.usarmy.northplains.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

piwik.usarmy.northplains.com

Other certificates including the domain name northplains.com

(limited to 100 certificates)
classichelp.kayako.com
support.cardinal-mark.com
*.northplains.com
*.northplains.com
support.engineyard.com
*.northplains.com
chempro.kcl.de
*.northplains.com
northplains.com
*.northplains.com
vpn.lt.northplains.com
support.infinio.com
chempro.kcl.de
chempro.kcl.de
www.northplains.com
*.northplains.com
northplains.com
www.northplains.com
support.engineyard.com
northplains.com
*.northplains.com
classichelp.kayako.com
www.northplains.com
classichelp.kayako.com
chempro.kcl.de
*.northplains.com
*.onbrand.northplains.com
classichelp.kayako.com
*.northplains.com
ssl470224.cloudflaressl.com
support.cardinal-mark.com
*.northplains.com
avolin.com
chempro.kcl.de
pg.pingfed.northplains.com
*.northplains.com
piwik.usarmy.northplains.com
www.northplains.com
chempro.kcl.de
classichelp.kayako.com
support.engineyard.com
chempro.kcl.de
chempro.kcl.de
*.northplains.com
northplains.com
northplains.com
*.northplains.com
supportsurvey.zephyrtel.com
support.cardinal-mark.com
northplains.com
chempro.kcl.de
*.northplains.com
go.northplains.com
blog.northplains.com
classichelp.kayako.com
go.northplains.com
*.northplains.com
chempro.kcl.de
northplains.com
*.northplains.com
*.northplains.com
www.northplains.com
*.northplains.com
avolin.com
northplains.com
blog.northplains.com
ssl470223.cloudflaressl.com
www.northplains.com
northplains.com
chempro.kcl.de
chempro.kcl.de
classichelp.kayako.com
northplains.com
support.cardinal-mark.com
blog.northplains.com
support.cardinal-mark.com
www.northplains.com
northplains.com
blog.northplains.com
support.engineyard.com
www.northplains.com
northplains.com
www.northplains.com
support.engineyard.com
classichelp.kayako.com
piwik.usarmy.northplains.com
northplains.com
northplains.com
go.northplains.com
northplains.com
uploader.northplains.com
avolin.com
chempro.kcl.de
piwik.usarmy.northplains.com
classichelp.kayako.com
blog.northplains.com
imports.versata.com
blog.northplains.com
northplains.com
northplains.com

Certificate

The complete raw certificate details for piwik.usarmy.northplains.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIQDrPjaJtPtDgMRyiwNrraJjANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTEwMjIwMDAwMDBaFw0yMDExMjIx
MjAwMDBaMCcxJTAjBgNVBAMTHHBpd2lrLnVzYXJteS5ub3J0aHBsYWlucy5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMbSQ8eJGZGnPLmm5cYYyH
hMbeKlBOeiDw/8vLvdUM0TNuTE4NAebxxBZpXyk3Y/IPnSycGUy0P1Bn6DyxAMLz
lNkwiB2Up1WiiG3xqmBPHWduVJSk+Mq/aSoXUw8Okm1I8AW6ksq1lXfws6h9SDDr
bYj/oDz+iNnlNbXmL3KQR3DfdQyaPzFqW4AO1pXKT/3JrsJPWYja7QBIQHJAQ5Et
SMXVg8Oj/A2eKHt3du6ru3G0PBT3Wq2ocIlp1y6OGXyBIEyfNFubhwr9DRhk2/vW
dvDYKQLnRnoJTDr9hpmsHpbDav+sMf1384aJohbjyjpUiN0v4CSqusfCGz/jXmWr
AgMBAAGjggKIMIIChDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAd
BgNVHQ4EFgQUs6PljR13bISl1FYI9sDFOIWkE74wJwYDVR0RBCAwHoIccGl3aWsu
dXNhcm15Lm5vcnRocGxhaW5zLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j
cmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsG
CWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzAB
hiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKG
Kmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNV
HRMBAf8EAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUApLkJkLQYWBSHuxOi
zGdwCjw1mAT5G9+443fNDsgN3BAAAAFt8ydn4gAABAMARjBEAiBI4Dq2QnW/816V
WLWJpkQHGjicUfujtfU0crAO4sKmIAIgTqCsZbj4PTZpUNh+SwfwPWlRWYXL8e8z
NBHKoVkR9WgAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAW3z
J2h5AAAEAwBIMEYCIQCExqAouD8jD6A31Ht+e4OSLqdNIw7wQvxivIZsnLQmuwIh
ALj+eBFiI0V9wqYq6txptwFmmGygexoMPCCS+TpAL5ttMA0GCSqGSIb3DQEBCwUA
A4IBAQAk9DHNtC+B0VDQHh+2FX/GhYgZ6sPMHtXcgL/djpKtXfWqsjsbZ9Ck+dUF
l8h7yW6wmveD33Q7JpMiv2EgsckgtFh+2vZofjA5uLZPLlS3HXhoNMxPP5fkpqcR
qBBl81a5U8xNzwF4D3Qqm7jIInHFRlHooLGn8Kr3u0rrm/8U9b5cDqowNKJ7i9yp
XOIAc0Fdq4R5jVOPMXXBwHzvOYxeU/aizGm7l/q/6iMvbocn173y+MPbLRqS1h0I
xgSpSkJaoTsafaP65hR4XNdX4mtPXEzUMnGEACwYuvjG+1mi7i7ahEA5Gck0EMlF
uqzlU+8OEw7ldRf/llgd97HVSErv
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG0kPHiRmRpzy5puXGGM
h4TG3ipQTnog8P/Ly73VDNEzbkxODQHm8cQWaV8pN2PyD50snBlMtD9QZ+g8sQDC
85TZMIgdlKdVooht8apgTx1nblSUpPjKv2kqF1MPDpJtSPAFupLKtZV38LOofUgw
622I/6A8/ojZ5TW15i9ykEdw33UMmj8xaluADtaVyk/9ya7CT1mI2u0ASEByQEOR
LUjF1YPDo/wNnih7d3buq7txtDwU91qtqHCJadcujhl8gSBMnzRbm4cK/Q0YZNv7
1nbw2CkC50Z6CUw6/YaZrB6Ww2r/rDH9d/OGiaIW48o6VIjdL+AkqrrHwhs/415l
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19543225473442019500764950051583351334
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-22 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'piwik.usarmy.northplains.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25806433916141437166386393123891262157038922719316051577195251147491597780136781940806674973017476346493847508926700783458797465821718963156731460434266550610751948267395388222948137380849046086102657197560442963927902406084884465443693097296597526931647790123152634962169508342136763364398904439022526757163510531175528679380032728970150932950333983332695382564864928155239029937741927824041003458307292958308739495729825054606684889239612264464800822640910464050268564997877638684734670073042185379109455129515200644911071192686098332382605227695232929320788006855758023375613398817560756038617441862909945161082283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b3a3e58d1d776c84a5d45608f6c0c53885a413be
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'piwik.usarmy.northplains.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016df32767e20000040300463044022048e03ab64275bff35e9558b589a644071a389c51fba3b5f53472b00ee2c2a62002204ea0ac65b8f83d366950d87e4b07f03d69515985cbf1ef333411caa15911f5680077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016df3276879000004030048304602210084c6a028b83f230fa037d47b7e7b83922ea74d230ef042fc62bc866c9cb426bb022100b8fe78116223457dc2a62aeadc69b70166986ca07b1a0c3c2092f93a402f9b6d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0024f431cdb42f81d150d01e1fb6157fc6858819eac3cc1ed5dc80bfdd8e92ad5df5aab23b1b67d0a4f9d50597c87bc96eb09af783df743b269322bf6120b1c920b4587edaf6687e3039b8b64f2e54b71d786834cc4f3f97e4a6a711a81065f356b953cc4dcf01780f742a9bb8c82271c54651e8a0b1a7f0aaf7bb4aeb9bff14f5be5c0eaa3034a27b8bdca95ce20073415dab84798d538f3175c1c07cef398c5e53f6a2cc69bb97fabfea232f6e8727d7bdf2f8c3db2d1a92d61d08c604a94a425aa13b1a7da3fae614785cd757e26b4f5c4cd4327184002c18baf8c6fb59a2ee2eda84403919c93410c945baace553ef0e130ee57517ff96581df7b1d5484aef