staging.jlpit.com
- John Lewis plc -
Issued by VeriSign Class 3 International Server CA - G3
About this certificate
This digital certificate with serial number 5e:37:5b:e9:ed:26:66:c1:af:9c:31:6c:e1:28:b4:8b was issued on by VeriSign, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
John Lewis plc
Organization:
John Lewis plc
Organization unit: JLP
Organization unit: JLP
State / Province:
London
Locality: London
Country: GB
Locality: London
Country: GB
VeriSign, Inc.
Organization:
VeriSign, Inc.
Organization unit: VeriSign Trust Network
Organization unit: Terms of use at https://www.verisign.com/rpa (c)10
Organization unit: VeriSign Trust Network
Organization unit: Terms of use at https://www.verisign.com/rpa (c)10
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 5e:37:5b:e9:ed:26:66:c1:af:9c:31:6c:e1:28:b4:8bSerial Number (int): 125234872163831677461187318982942176395
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d7:9b:7c:d8:22:a0:15:f7:dd:ad:5f:ce:29:9b:58:c3:bc:46:00:b5
Fingerprint (sha1): 7c:a5:99:68:33:15:9c:a7:af:3a:b0:ec:8c:b6:8a:f6:2f:ad:87:fb
Fingerprint (sha256): a2:b4:68:94:1f:29:98:f0:39:ca:38:54:58:5b:43:4a:57:68:e3:70:1f:48:9f:d0:75:4e:88:3a:d5:4b:02:21
Issuing Certificate URL: http://SVRIntl-G3-aia.verisign.com/SVRIntlG3.cer
Revocation information
OCSP Server: http://ocsp.verisign.comCRL Distribution Point: http://SVRIntl-G3-crl.verisign.com/SVRIntlG3.crl
Check the revocation status for certificate staging.jlpit.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging.jlpit.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Netscape Server-Gated Cryptography
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging.jlpit.com
Other certificates including the domain name jlpit.com
(limited to 100 certificates)
staging.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
staging.jlpit.com
www.jlpit.com
staging.jlpit.com
staging.jlpit.com
www.jlpit.com
staging.jlpit.com
www.jlpit.com
staging.jlpit.com
staging.jlpit.com
staging.jlpit.com
staging.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
staging.jlpit.com
www.jlpit.com
staging.jlpit.com
staging.jlpit.com
www.jlpit.com
staging.jlpit.com
www.jlpit.com
staging.jlpit.com
staging.jlpit.com
staging.jlpit.com
staging.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
www.jlpit.com
Certificate
The complete raw certificate details for staging.jlpit.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIQXjdb6e0mZsGvnDFs4Si0izANBgkqhkiG9w0BAQUFADCB vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X DTEzMDExNTAwMDAwMFoXDTE1MDExNjIzNTk1OVowcjELMAkGA1UEBhMCR0IxDzAN BgNVBAgTBkxvbmRvbjEPMA0GA1UEBxQGTG9uZG9uMRcwFQYDVQQKFA5Kb2huIExl d2lzIHBsYzEMMAoGA1UECxQDSkxQMRowGAYDVQQDFBFzdGFnaW5nLmpscGl0LmNv bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMK+wcQg8SI5mSGA12pb NXpCTPxFPAxqnXsY/yp9vIwAxyvBACCVVHRKszhcu3FBucCjoqUMuW238Xm0BCK6 kaxvD/9ZmhepsDlIAN1xjB8KtDie+9mQnHtJ2MheRkj+BZIaoMRwnlLPYTOAL14s t8O+K3fh8x/84Qtfq9RRJoKv3NAykUV6LXmb+v3kyp2NXNS9a9pCk30sWRE8CI2v GXvp5PCha6aDR0iXPmsRARwBd/cXZ0Ll4LaIix2BiAMNaa0p5o73BVmGcJkIKHKy 6jNat0T78EjF9uMkDsfVk5dTBwA7uFnIgO0RbAf3mQSQBc9UlFHBFMbPWkkaVpxM uL8CAwEAAaOCAYQwggGAMBwGA1UdEQQVMBOCEXN0YWdpbmcuamxwaXQuY29tMAkG A1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFNebfNgioBX33a1f zimbWMO8RgC1MEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9TVlJJbnRsLUczLWNy bC52ZXJpc2lnbi5jb20vU1ZSSW50bEczLmNybDBDBgNVHSAEPDA6MDgGCmCGSAGG +EUBBzYwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL2Nw czAoBgNVHSUEITAfBglghkgBhvhCBAEGCCsGAQUFBwMBBggrBgEFBQcDAjByBggr BgEFBQcBAQRmMGQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNv bTA8BggrBgEFBQcwAoYwaHR0cDovL1NWUkludGwtRzMtYWlhLnZlcmlzaWduLmNv bS9TVlJJbnRsRzMuY2VyMA0GCSqGSIb3DQEBBQUAA4IBAQBlMOL8uhk0hJMf4Fca 1Tr0k3BL5w0Rou7imTLfF+/4un4L5Zx9Xol9vX3KQlExD96lyRieFqWwp78bIXk2 K+T7oiuOmcRxoMqIgzOG/U9xJky7mSsoLUdNFzzdi4nZ87ELb+ppTLTXBF31CTCV T/IBcPuk2VAGn3MuQ5a7KQKKSYzz6/wuul5vuEulDEq6/H90cF9Hl4+RV2uoE2+/ rbEpI49Q1xPqDg4LTOZlGPZZ3fKZZMzdDiObEa9uZRXJzhdzWOpiPyQVs4zjkfAb EcPRRuv4sSE1J7sGgmJQtmQPZI8DHau9mD2QmmNRGcLGz4BU/2H0G768L4zd8HBp UGKy -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr7BxCDxIjmZIYDXals1 ekJM/EU8DGqdexj/Kn28jADHK8EAIJVUdEqzOFy7cUG5wKOipQy5bbfxebQEIrqR rG8P/1maF6mwOUgA3XGMHwq0OJ772ZCce0nYyF5GSP4FkhqgxHCeUs9hM4AvXiy3 w74rd+HzH/zhC1+r1FEmgq/c0DKRRXoteZv6/eTKnY1c1L1r2kKTfSxZETwIja8Z e+nk8KFrpoNHSJc+axEBHAF39xdnQuXgtoiLHYGIAw1prSnmjvcFWYZwmQgocrLq M1q3RPvwSMX24yQOx9WTl1MHADu4WciA7RFsB/eZBJAFz1SUUcEUxs9aSRpWnEy4 vwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 125234872163831677461187318982942176395 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign Trust Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at https://www.verisign.com/rpa (c)10' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign Class 3 International Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-01-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-16 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'John Lewis plc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'JLP' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'staging.jlpit.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24584296896158658264808261419607425389797604234913741028500141732841953705703779573371369722654688452196779127036801213802534721582711592005191835912140735316770009742401559375651575037730119688307432196304560895695535269316261025482644522964566443686372151583437439228244360549160932830146688005871694019904565964992179489964608910841929940065819888677878068369388762825206634746227663964106705037374318745624942598476380498103544861963394164112495192825417901955475652915320606791504710766488093815966879406888930928259861599175757346045426635937055081312769279072324877838643682598948748510814586982127362443622591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.jlpit.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d79b7cd822a015f7ddad5fce299b58c3bc4600b5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://SVRIntl-G3-crl.verisign.com/SVRIntlG3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.verisign.com/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.4.1 (serverGatedCrypto) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.verisign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://SVRIntl-G3-aia.verisign.com/SVRIntlG3.cer' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006530e2fcba193484931fe0571ad53af493704be70d11a2eee29932df17eff8ba7e0be59c7d5e897dbd7dca4251310fdea5c9189e16a5b0a7bf1b2179362be4fba22b8e99c471a0ca88833386fd4f71264cbb992b282d474d173cdd8b89d9f3b10b6fea694cb4d7045df50930954ff20170fba4d950069f732e4396bb29028a498cf3ebfc2eba5e6fb84ba50c4abafc7f74705f47978f91576ba8136fbfadb129238f50d713ea0e0e0b4ce66518f659ddf29964ccdd0e239b11af6e6515c9ce177358ea623f2415b38ce391f01b11c3d146ebf8b1213527bb06826250b6640f648f031dabbd983d909a635119c2c6cf8054ff61f41bbebc2f8cddf070695062b2