generation-sara-foundation.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:89:fe:69:d1:2f:fd:9f:9a:74:12:53:8f:83:94:07:4b:96 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=generation-sara-foundation.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:89:fe:69:d1:2f:fd:9f:9a:74:12:53:8f:83:94:07:4b:96Serial Number (int): 308293715408374647680417825152860946910102
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fd:c1:8b:9a:bd:aa:c1:5c:e5:d1:78:21:39:b7:26:4c:4b:a2:23:e1
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 78:bd:9c:7a:d3:88:13:3b:59:50:98:f2:72:95:5a:5d:20:8f:34:04
Fingerprint (sha256): a2:17:72:93:45:56:3c:0d:82:57:57:44:34:1a:cd:8e:0c:ce:c0:49:71:de:b8:3c:25:08:b0:ff:1d:c7:9c:e2
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate generation-sara-foundation.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for generation-sara-foundation.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
generation-sara-foundation.org
www.generation-sara-foundation.org
www.generation-sara-foundation.org
Other certificates including the domain name generation-sara-foundation.org
(limited to 100 certificates)
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
generation-sara-foundation.org
Certificate
The complete raw certificate details for generation-sara-foundation.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGmTCCBYGgAwIBAgISA4n+adEv/Z+adBJTj4OUB0uWMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMTQwNzUxMDdaFw0x OTA0MTQwNzUxMDdaMCkxJzAlBgNVBAMTHmdlbmVyYXRpb24tc2FyYS1mb3VuZGF0 aW9uLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANQxy5orXGfu FnQGiTaawyhfn+i55+RQOAKQsE7az+6BVSzTAheSClkhTgV7kledPGuUGAc17YcV 3hHiEAPTMgDvGbzHuAfOuBfIPrAG5uBPM2Az4jbmnKbxC2cmhCwjwgaPFXtErDVl NQEY02Vmh+yrOqu5KNFdkj5ky9dGxA6dfEZ3anhZ5KWf/xIH8swD4VfiHYGY4Rq7 M0Oh9inNhTBBeqK+Y7QJsEDYGpba6EI2HdWOAlyJQ5vc8Q6S6X//Le1tefBU7rdl dQZ/WGKB9SFTFjsp48jObi+fC6R2r52jni/YP2ZrEuL+ZTCCrGbfW2J941P2U10A quAyH/8c4EA/Nq4hBP8r0ULywwsxLtwYIwvtR01eHCwvQzeVrSTT5VOxZRAAGdyB LE9kYOlisfZ6sWDKH3HMMNdqMh/xNWryOpvwdln+g/ps3kXARNy/0MRzdrdD7BwK iuPnvT4JJWsusoB2grgtuXz2r9RfF7Q74+/HqCQOC+Zn6XhZXqO5g4tn4m0VOfVs 9nKQw2iByGnyuXbZkFNRgAz7nRBEhZuc7OaK/N6NCbodS97fRtgQFWwLxJhhKQkQ +Jp9o3Oh++6vPvzIY96oZVMXlT5lVL/BTNodsWgj8JJFl12v68CrcJt/pBjS8M3J 7U6Gz3KIPu7FtU9Vm6NDKFV0ISF82dxJAgMBAAGjggKYMIIClDAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFP3Bi5q9qsFc5dF4ITm3JkxLoiPhMB8GA1UdIwQYMBaAFKhK amMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYi aHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYj aHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wTQYDVR0RBEYwRIIe Z2VuZXJhdGlvbi1zYXJhLWZvdW5kYXRpb24ub3JngiJ3d3cuZ2VuZXJhdGlvbi1z YXJhLWZvdW5kYXRpb24ub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQB gt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA4mlLribo6UAJ6IYbtjuD1D7n/nSI +6SPKJMBnd3x2/4AAAFoS46qeQAABAMASDBGAiEArnxmgyQE51NEifaJum9p8W2e AS2pFcWQU7oIOnPlO88CIQCkOabK2QwdA0ac8qF2zKR/FbOygQTc/Nu/P5FPPOI5 IgB2ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABaEuOrG8AAAQD AEcwRQIhAN0s9q+mGreBKmeSOp4TqnHlrsj7Z6t3U5PvXjSmY2RKAiAmbXfjsIGL Way0Gt+zyhuqSOp9lTXyYSQ6ExHzez/bAjANBgkqhkiG9w0BAQsFAAOCAQEAQiUS ZTIhu2+PkjlgyijEeiz5P3hBNOZ5Wre3tC3r/aRTgoUS90pRo8N9R5K6ZhoTt+4o puK7coq1RfSQWcfMEOjoswkqlm+Jlc/BfIWgVuDzPfeGORPJ7IT5AGtCgBllbXn2 ijQa8MMJHRX3sL9u4gCv592JBP3Ol1rdhj6E2S86pOMEl0pCB9rNFPl2YDjIZ8Oz m+Bzjsoedu3fjhb4tYAZ0QFwrtXFiRrFiIWMZfEhFifm4nCYn5fSnB3bI7MRfBGl 3itx3dS5OEE8jSlrGPAarPLdy2bTaG5bm1Y0kgdK6Z9L9YtweyQqMk/UOfQHp5fU C5HCrvRfd6BKhnh5rQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1DHLmitcZ+4WdAaJNprD KF+f6Lnn5FA4ApCwTtrP7oFVLNMCF5IKWSFOBXuSV508a5QYBzXthxXeEeIQA9My AO8ZvMe4B864F8g+sAbm4E8zYDPiNuacpvELZyaELCPCBo8Ve0SsNWU1ARjTZWaH 7Ks6q7ko0V2SPmTL10bEDp18RndqeFnkpZ//EgfyzAPhV+IdgZjhGrszQ6H2Kc2F MEF6or5jtAmwQNgaltroQjYd1Y4CXIlDm9zxDpLpf/8t7W158FTut2V1Bn9YYoH1 IVMWOynjyM5uL58LpHavnaOeL9g/ZmsS4v5lMIKsZt9bYn3jU/ZTXQCq4DIf/xzg QD82riEE/yvRQvLDCzEu3BgjC+1HTV4cLC9DN5WtJNPlU7FlEAAZ3IEsT2Rg6WKx 9nqxYMofccww12oyH/E1avI6m/B2Wf6D+mzeRcBE3L/QxHN2t0PsHAqK4+e9Pgkl ay6ygHaCuC25fPav1F8XtDvj78eoJA4L5mfpeFleo7mDi2fibRU59Wz2cpDDaIHI afK5dtmQU1GADPudEESFm5zs5or83o0Juh1L3t9G2BAVbAvEmGEpCRD4mn2jc6H7 7q8+/Mhj3qhlUxeVPmVUv8FM2h2xaCPwkkWXXa/rwKtwm3+kGNLwzcntTobPcog+ 7sW1T1Wbo0MoVXQhIXzZ3EkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308293715408374647680417825152860946910102 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-14 07:51:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-14 07:51:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'generation-sara-foundation.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 865678086118313422449213154082480034247080448902470992659536764528610020799650467867125037872308364149334845812793033419338902976004707025435411201206666549953173112755937924678913135381784894343260729157306584786395794273986769738618301183366713955162818657935218598753569233059285717902873828373228644544936912135502905819323069478196913191541842279771865482063507076597540608844084889613596472767580446526847031708427304775015423928059777969081269119087833113262558844089428311512830842811254603841694466709478039628667512604406494423215262777661107568706183458895542394122824631148270791233125765295573334152788449913145214262922380457826086521992455937815005431789808893720644046860569117561081967066735342250446293520221981335636000137763753251478171809151001016925008933566570535626674359068132368620933161837577005568232327628921644073729107893427652332524360246780684069617514831300403281951754930147636188792722531158192095366008071923587520692162398858905630624243970872440074686250571466511781451643653360451351919830724991277528211703304632196428584016845228307961833895154107216622737240213477621032356737901463685538850270095318684241997564399739412165298600026881063403446811482356341079341957141444141541505835326537 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fdc18b9abdaac15ce5d1782139b7264c4ba223e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'generation-sara-foundation.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generation-sara-foundation.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001684b8eaa790000040300483046022100ae7c66832404e7534489f689ba6f69f16d9e012da915c59053ba083a73e53bcf022100a439a6cad90c1d03469cf2a176cca47f15b3b28104dcfcdbbf3f914f3ce23922007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001684b8eac6f0000040300473045022100dd2cf6afa61ab7812a67923a9e13aa71e5aec8fb67ab775393ef5e34a663644a0220266d77e3b0818b59acb41adfb3ca1baa48ea7d9535f261243a1311f37b3fdb02 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00422512653221bb6f8f923960ca28c47a2cf93f784134e6795ab7b7b42debfda453828512f74a51a3c37d4792ba661a13b7ee28a6e2bb728ab545f49059c7cc10e8e8b3092a966f8995cfc17c85a056e0f33df7863913c9ec84f9006b428019656d79f68a341af0c3091d15f7b0bf6ee200afe7dd8904fdce975add863e84d92f3aa4e304974a4207dacd14f9766038c867c3b39be0738eca1e76eddf8e16f8b58019d10170aed5c5891ac588858c65f1211627e6e270989f97d29c1ddb23b3117c11a5de2b71ddd4b938413c8d296b18f01aacf2ddcb66d3686e5b9b563492074ae99f4bf58b707b242a324fd439f407a797d40b91c2aef45f77a04a867879ad