thelifechallenge.org
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number fd:07:70:7e:e7:93:73:af was issued on by GoDaddy.com, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=thelifechallenge.org
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): fd:07:70:7e:e7:93:73:afSerial Number (int): 18232665306786132911
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 1c:98:1e:af:cb:77:35:77:1d:ea:bf:d9:d7:05:d2:69:12:e0:d9:c0
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): a4:c8:31:b7:01:9d:25:64:0d:b5:91:97:d4:e7:24:43:bb:43:5c:4f
Fingerprint (sha256): a5:df:98:27:dd:96:5b:c2:fe:80:af:3c:88:74:ca:b2:dd:17:31:df:59:1a:fb:5b:37:80:8e:f2:c2:df:a3:a8
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-17957.crl
Check the revocation status for certificate thelifechallenge.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thelifechallenge.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
Other certificates including the domain name thelifechallenge.org
(limited to 100 certificates)
mail.thelifechallenge.org
mail.thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
mail.thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
www.thelifechallenge.org
thelifechallenge.org
www.thelifechallenge.org
www.thelifechallenge.org
mail.thelifechallenge.org
www.thelifechallenge.org
thelifechallenge.org
www.thelifechallenge.org
mail.thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
mail.thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
thelifechallenge.org
www.thelifechallenge.org
thelifechallenge.org
www.thelifechallenge.org
www.thelifechallenge.org
mail.thelifechallenge.org
www.thelifechallenge.org
thelifechallenge.org
www.thelifechallenge.org
Certificate
The complete raw certificate details for thelifechallenge.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGqDCCBZCgAwIBAgIJAP0HcH7nk3OvMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MDIyOTAxMzUyNloX DTI1MDMwMTAxMzUyNlowHzEdMBsGA1UEAxMUdGhlbGlmZWNoYWxsZW5nZS5vcmcw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAJmModTG+WxUR6lgJrIUM 2/39FLuTn1IwBAiVgB6bDl58nmTqmgr2mp8kco8GSQm+qiy3BceKnY57KhBD59VH vdbExykl3uuGGECp7zDIp1bjwaxAEODF4hgDMyaorZoPnXTt8cKXoEUXHsUEivJx 6Tp1hXp6CiEDHEJ5zknyUWhJf236qGVNWpDxF3IgfSPFXnKLF1X0OIAYtV0Z6/y7 Z/JmQk5P8E67nMCYLhYlFN2maRwbvTQthiHYUDMxkh55dbhaJKHxxAq1p4qBx3G6 /bJ9UOUq3w1OJ8yrZqiL4yHS8U6w6qEOp5fegiOXPdgafqsAHGBwLvKAtXcPcacd AgMBAAGjggNPMIIDSzAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwOQYDVR0fBDIwMDAuoCygKoYoaHR0 cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMxLTE3OTU3LmNybDBdBgNVHSAEVjBU MEgGC2CGSAGG/W0BBxcBMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0 ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMHYGCCsGAQUFBwEB BGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMEAGCCsG AQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRv cnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0LIDOMDkG A1UdEQQyMDCCGHd3dy50aGVsaWZlY2hhbGxlbmdlLm9yZ4IUdGhlbGlmZWNoYWxs ZW5nZS5vcmcwHQYDVR0OBBYEFByYHq/LdzV3Heq/2dcF0mkS4NnAMIIBfQYKKwYB BAHWeQIEAgSCAW0EggFpAWcAdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSx Ypo53wAAAY3ygIymAAAEAwBGMEQCIGzhHuVtzPWKbz33i9rxiV8OaSeQhNTwtgA4 3oauitu3AiBi+Q8I2px8e8g+sKK+boQLK48TYqX1MGUvl/B4EdhrjgB1AH1ZHhLh eCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjfKAjUAAAAQDAEYwRAIgc5zD 9JwXcPP/62w2gOgvDmZrWsQ82J9D6OKEOtrz37ICIE9k40wz2NDKnYeM0L6vRsPx pQG6TJCkEXOciIdczyCOAHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5M DbAAAAGN8oCNrQAABAMASDBGAiEAni2cz5e40LVkRfbUzjhSXY7+QDSbhMf9eXY6 Izz0++8CIQCSafpQu9BBnwXGmlouL1Y2Ug+xgRitTkE3BjQWC/4ezTANBgkqhkiG 9w0BAQsFAAOCAQEAN650VJyiICBeK5vXyP0rht4GMu+v8PeXCHDhgMI/UgwQ5DJJ 17XiS/7UPABc0T8xfTB+wkq++H5RiAB8t9zA+D5dYRJybceoqKy/Qx00BGGulkzy U8lSlxato9Jq4qiXUDm7F9b70VXLpHrd3Wk6cRCQNJptRtc70P8+vplclIuaAPk5 ABK1uZ+ojNKPD3PPlIUKcrUddfkGTCz458caWGJlgOwKZKNC/QknbTG99UrL1Ko3 VJlLyWoWQGBX4sKRzWVRE3c2mettJ4nLDpbCemTQiOsXcthY+FpdyShVFPfhcMGz LHzbYQDWEr89DJYT5nHmb+cUqY7if2Po5YGIRQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCZjKHUxvlsVEepYCayF DNv9/RS7k59SMAQIlYAemw5efJ5k6poK9pqfJHKPBkkJvqostwXHip2OeyoQQ+fV R73WxMcpJd7rhhhAqe8wyKdW48GsQBDgxeIYAzMmqK2aD5107fHCl6BFFx7FBIry cek6dYV6egohAxxCec5J8lFoSX9t+qhlTVqQ8RdyIH0jxV5yixdV9DiAGLVdGev8 u2fyZkJOT/BOu5zAmC4WJRTdpmkcG700LYYh2FAzMZIeeXW4WiSh8cQKtaeKgcdx uv2yfVDlKt8NTifMq2aoi+Mh0vFOsOqhDqeX3oIjlz3YGn6rABxgcC7ygLV3D3Gn HQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18232665306786132911 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 01:35:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-01 01:35:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thelifechallenge.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24256684054419861434377671152824527684007434601456813700164985212473000062725332417389277837320539645511395694688874324015406178216963051209211318348502632230043090087995403958705332645179849262485407592785217920525520494469766655889395771769513356694384573156736363047855604966714034469213599457971284169257061232929194526270077943914157856106371591836968631819508854702491070322979439762617266788097416496025512443363226524117916764162937928827516680717559783558812631582938254371539355307564974059723628061512740491036224334247988925800272113284370869060869532524641047795884695218801211080609422464018365652510493 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-17957.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thelifechallenge.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thelifechallenge.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1c981eafcb7735771deabfd9d705d26912e0d9c0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018df2808ca6000004030046304402206ce11ee56dccf58a6f3df78bdaf1895f0e69279084d4f0b60038de86ae8adbb7022062f90f08da9c7c7bc83eb0a2be6e840b2b8f1362a5f530652f97f07811d86b8e0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018df2808d4000000403004630440220739cc3f49c1770f3ffeb6c3680e82f0e666b5ac43cd89f43e8e2843adaf3dfb202204f64e34c33d8d0ca9d878cd0beaf46c3f1a501ba4c90a411739c88875ccf208e007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018df2808dad00000403004830460221009e2d9ccf97b8d0b56445f6d4ce38525d8efe40349b84c7fd79763a233cf4fbef0221009269fa50bbd0419f05c69a5a2e2f5636520fb18118ad4e41370634160bfe1ecd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0037ae74549ca220205e2b9bd7c8fd2b86de0632efaff0f7970870e180c23f520c10e43249d7b5e24bfed43c005cd13f317d307ec24abef87e5188007cb7dcc0f83e5d6112726dc7a8a8acbf431d340461ae964cf253c9529716ada3d26ae2a8975039bb17d6fbd155cba47adddd693a711090349a6d46d73bd0ff3ebe995c948b9a00f9390012b5b99fa88cd28f0f73cf94850a72b51d75f9064c2cf8e7c71a58626580ec0a64a342fd09276d31bdf54acbd4aa3754994bc96a16406057e2c291cd655113773699eb6d2789cb0e96c27a64d088eb1772d858f85a5dc9285514f7e170c1b32c7cdb6100d612bf3d0c9613e671e66fe714a98ee27f63e8e5818845