ata.org

Issued by R3

About this certificate

This digital certificate with serial number 04:2f:aa:5d:94:ac:50:51:d4:06:a4:97:3f:52:ee:62:07:2d was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=ata.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:2f:aa:5d:94:ac:50:51:d4:06:a4:97:3f:52:ee:62:07:2d
Serial Number (int): 364668869630665096824579325147150079362861
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: b1:c2:bd:7a:02:8e:50:b5:ad:f7:c9:f2:6f:b6:71:25:7d:33:2c:49
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): de:d3:74:e3:ff:17:6f:99:9b:cd:c8:65:a7:78:b4:97:45:44:f7:d6
Fingerprint (sha256): 9e:e5:9f:3c:69:91:2c:fb:67:f1:d1:ed:a2:ba:93:0c:33:80:c9:ab:86:26:10:72:58:13:78:c4:39:43:90:12

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate ata.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ata.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ata.org
www.ata.org

Other certificates including the domain name ata.org

(limited to 100 certificates)
donations.ata.org
www.ata.org
ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
*.ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
www.ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
donations.ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
secure.ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
ringingears.ata.org
5716646702350336-fe3.pantheonsite.io
*.ata.org
secure.ata.org
5716646702350336-fe3.pantheonsite.io
ata.org
5716646702350336-fe3.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
bike.ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
walk.ata.org
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
donations.ata.org
5716646702350336-fe3.pantheonsite.io
ringingears.ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
donations.ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
walk.ata.org
5710358266249216-fe1.pantheonsite.io
ata.org
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5710358266249216-fe1.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io
5716646702350336-fe3.pantheonsite.io

Certificate

The complete raw certificate details for ata.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISBC+qXZSsUFHUBqSXP1LuYgctMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAyMjcxMDQxMTFaFw0yMzA1MjgxMDQxMTBaMBIxEDAOBgNVBAMT
B2F0YS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4G4/tqktV
NPt192QqSRZET+9zM1Iy3KuKqQPKLEsj6zd1hL4/Gb1NKNjopy1bhDkodGvCpqMQ
aiya635IfX6dZWsXe8LnqP9x6XidXNX32Ubm8BuuIcNSv6VXV6ajZ4sNCxqe35Ir
wfBHqZF1q3LuD0P/XbtG9sKazDmTJllpLC+ItjRp0sV4Iyh96N2ErEFcNwIjPKu4
6QoGOa8zgjWjxzpvWBGk6N++7JEo139aTbnBBlAPtBHEKCO/KPuqDVZbK1zAOqNh
JKApevarH9eERiKgWMTIV3N8m0x8He5rc8y5dRw+mjjJU1TooWdQeBVch3E96oV8
7nEAYGbIrY1vAgMBAAGjggJPMIICSzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLHC
vXoCjlC1rffJ8m+2cSV9MyxJMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52L
FMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVu
Y3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMB8GA1Ud
EQQYMBaCB2F0YS5vcmeCC3d3dy5hdGEub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIB
MDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu
Y3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAtz77JN+cTbp18jnF
ulj0bF38Qs96nzXEnh0JgSXttJkAAAGGkq07igAABAMARzBFAiAsafkvB3zJkOiQ
4fFtzZyIkUV+bUlu1YzlbHmIqaRzvgIhAI7MXMPqe732NmIAsIxsAckakZZJsdIR
QA1j6oOO7RM0AHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGG
kq07oQAABAMARzBFAiEAqfp79Elr8LLD/m764Ccr8KTltBS5ysfFR+vDn8AJcoAC
ICB94OjaWYQnkrPdfHjI/hTF3EDgws9PCh7AiQE+s0NLMA0GCSqGSIb3DQEBCwUA
A4IBAQAI81F0/KnU8kHX9csDEn9jTyyeQJ+Na3YAFCVc9nt3wmTjAw5IRuQeADXI
IVCCqwKAdMxfm+HM9s+PLknNGa5BOUciT5SXKUV0ILQNsWnoo8aATS6BzpAjvuRs
GzS1SQHHEi2S29VA1WsVUjg2/B/J4pVUSbYXrt5WxSu42GJyJagcCNNpW3zAx8vd
r/O5v/9dbH96+zXRTfGXKTwNOtuxYdFtTkeZuZ+ELsq1+dKfh+swJOgduHBwhgeu
maCVB15ZXmsfw21NVoyeoXbiNs/eVDNz4sTJeo643PAcf4pB51j5oIXtZ8WIxP0I
WLHD/cGgjW+seak+DM/eZiHo9Zk/
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBuP7apLVTT7dfdkKkkW
RE/vczNSMtyriqkDyixLI+s3dYS+Pxm9TSjY6KctW4Q5KHRrwqajEGosmut+SH1+
nWVrF3vC56j/cel4nVzV99lG5vAbriHDUr+lV1emo2eLDQsant+SK8HwR6mRdaty
7g9D/127RvbCmsw5kyZZaSwviLY0adLFeCMofejdhKxBXDcCIzyruOkKBjmvM4I1
o8c6b1gRpOjfvuyRKNd/Wk25wQZQD7QRxCgjvyj7qg1WWytcwDqjYSSgKXr2qx/X
hEYioFjEyFdzfJtMfB3ua3PMuXUcPpo4yVNU6KFnUHgVXIdxPeqFfO5xAGBmyK2N
bwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 364668869630665096824579325147150079362861
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-27 10:41:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-28 10:41:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ata.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23241439551111652494066086827737635839183095981074534380311611562971133874430898729058804671846178409539408591357397439017248652880631289837701863271995732716126453075050998892522344364657430091183412748950576730577974212052065009363933521052824996358655022562491924358689766303480481717101115237106868371799468877531656292641716760700609133438939768529799087801677500231633170726475294376733654988039504476408622695156214200718662350133918414302447154795796149215594317836205581833090129554856709497547898305199011626999109280615032473572826349636843692247651422015596294126389959553280925599699592082862867720539503
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b1c2bd7a028e50b5adf7c9f26fb671257d332c49
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ata.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ata.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018692ad3b8a000004030047304502202c69f92f077cc990e890e1f16dcd9c8891457e6d496ed58ce56c7988a9a473be0221008ecc5cc3ea7bbdf6366200b08c6c01c91a919649b1d211400d63ea838eed13340076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018692ad3ba10000040300473045022100a9fa7bf4496bf0b2c3fe6efae0272bf0a4e5b414b9cac7c547ebc39fc00972800220207de0e8da59842792b3dd7c78c8fe14c5dc40e0c2cf4f0a1ec089013eb3434b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0008f35174fca9d4f241d7f5cb03127f634f2c9e409f8d6b760014255cf67b77c264e3030e4846e41e0035c8215082ab028074cc5f9be1ccf6cf8f2e49cd19ae413947224f949729457420b40db169e8a3c6804d2e81ce9023bee46c1b34b54901c7122d92dbd540d56b15523836fc1fc9e2955449b617aede56c52bb8d8627225a81c08d3695b7cc0c7cbddaff3b9bfff5d6c7f7afb35d14df197293c0d3adbb161d16d4e4799b99f842ecab5f9d29f87eb3024e81db870708607ae99a095075e595e6b1fc36d4d568c9ea176e236cfde543373e2c4c97a8eb8dcf01c7f8a41e758f9a085ed67c588c4fd0858b1c3fdc1a08d6fac79a93e0ccfde6621e8f5993f