*.dominionlending.ca
Issued by Sectigo RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number f4:74:4d:77:46:d4:96:24:a1:2b:27:c3:9d:6d:a1:99 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.dominionlending.ca
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): f4:74:4d:77:46:d4:96:24:a1:2b:27:c3:9d:6d:a1:99Serial Number (int): 324935508602721285361438370933989286297
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 3b:fa:d5:72:0a:67:12:5d:a4:27:b0:26:7f:65:83:9f:f9:70:2e:a1
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1
Fingerprint (sha1): 9c:f0:37:6d:a1:44:da:76:6d:27:1f:2f:28:f4:52:c5:0e:2e:e9:a4
Fingerprint (sha256): a6:ac:02:e8:a6:09:70:19:65:02:66:27:36:80:e3:a6:d2:e4:44:29:29:4c:d1:88:98:c3:7c:47:5b:5f:5b:2d
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate *.dominionlending.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.dominionlending.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.dominionlending.ca
dominionlending.ca
dominionlending.ca
Other certificates including the domain name dominionlending.ca
(limited to 100 certificates)
*.dominionlending.ca
dominionlending.ca
dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
*.dominionlending.ca
dominionlending.ca
dominionlending.ca
*.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
support.dominionlending.ca
dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
mail.dominionlending.ca
dominionlending.ca
*.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
mail.dlcgroup.ca
support.dominionlending.ca
autodiscover.dominionlending.ca
*.dominionlending.ca
dominionlending.ca
support.dominionlending.ca
*.dominionlending.ca
*.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
dominionlending.ca
dominionlending.ca
dominionlending.ca
dominionlending.ca
*.dominionlending.ca
dominionlending.ca
dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
*.dominionlending.ca
dominionlending.ca
dominionlending.ca
*.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
support.dominionlending.ca
dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
mail.dominionlending.ca
dominionlending.ca
*.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
mail.dlcgroup.ca
support.dominionlending.ca
autodiscover.dominionlending.ca
*.dominionlending.ca
dominionlending.ca
support.dominionlending.ca
*.dominionlending.ca
*.dominionlending.ca
support.dominionlending.ca
support.dominionlending.ca
dominionlending.ca
dominionlending.ca
dominionlending.ca
dominionlending.ca
dominionlending.ca
*.dominionlending.ca
Certificate
The complete raw certificate details for *.dominionlending.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgIRAPR0TXdG1JYkoSsnw51toZkwDQYJKoZIhvcNAQELBQAw gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD QTAeFw0yMDA1MjEwMDAwMDBaFw0yMTA1MjEyMzU5NTlaMB8xHTAbBgNVBAMMFCou ZG9taW5pb25sZW5kaW5nLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyqzvf1QiqkRErT6CSHwifyqiUXUXuiB4H++3D6bfNdQej8su4LJN7/0pjy4P 5T5ZEW6b71Kdbq1Udof2n/4YGEauwlwHTJmyvA/thW7JAg+lJzEY1PfE3p8lbtsS qcUHCndosv96yQEzBQI4Q9pSu5lRhpyq4Icrn4IxLxFwibUaQ+hO3vZNXLy9lKFT mjanW5/HgddGgisr2ON/2soIHMeCJPy7eIZ7gPv3XiuwFB462DpT7AuLX8LiggL4 vY+4DAgeqyrKgcFwEyS9GYnNBtPUISu1ZZQKPuGIHWlp1qnxmcNDL7M00X0BqBdS G+7oAH6JQHrSvGfpf+ewxQXyjwIDAQABo4ICkDCCAowwHwYDVR0jBBgwFoAUjYxe xFStiuF36Zv5mwXhuAGNYeEwHQYDVR0OBBYEFDv61XIKZxJdpCewJn9lg5/5cC6h MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgIHMCUwIwYIKwYB BQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBhAYIKwYB BQUHAQEEeDB2ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LnNlY3RpZ28uY29tL1Nl Y3RpZ29SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsG AQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAzBgNVHREELDAqghQqLmRv bWluaW9ubGVuZGluZy5jYYISZG9taW5pb25sZW5kaW5nLmNhMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYAfT7y+I//iFVoJMLAyp5SiXkrxQ54CX8uapdomX4i8NcA AAFyOFyGeAAABAMARzBFAiEA+QbIxW/nOylAQyfXIv0FLd06Xvy17m0lp305qP8v htkCIBh043CIB0I9jnsSjR7+fOnKGY5jP5F0F65sjVzfTDoYAHYAlCC8Ho7VjWyI cx+CiyIsDdHaTV5sT5Q9YdtOL1hNosIAAAFyOFyGngAABAMARzBFAiBBs+jSGACT xbevysUYRKP/4QBjq54uJUg5WU98pMmEKQIhAPxSFf6BsgKYRavu1bcTdJz9/y4E lPGEcWNJQAHnrzgnMA0GCSqGSIb3DQEBCwUAA4IBAQDRSvXCTo0+KNrCQkYs3T98 bwuntTBopMB/abGbf8Nyc5nFC9hcWXRoGVBsN0bk8ME7083q0dgpchqyIM69oUiP nobmqvESeSTM12zp3DaAYfBIdsSljrbtx6LF8JLiN0D+W7Dsvkh9zdlTXIwBxWtM 6nAw0e1ZtiBVrnXUDx8cUoy6VBhTUZx9djPr6Bed6nASkTJXSXuoBmXibPLhituO L3cvFuHooU6nC/RNke+MKds2znY61SK7HK+YcgBCYnaYvwmOZrZ+6QR0nPTiLJmI VLCDhpr/ud6BbpyKS+fcTK0iCZKvLVFzM/8sSXIpuVkcvXV8Q+sgfqT8QCJWTyk3 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqzvf1QiqkRErT6CSHwi fyqiUXUXuiB4H++3D6bfNdQej8su4LJN7/0pjy4P5T5ZEW6b71Kdbq1Udof2n/4Y GEauwlwHTJmyvA/thW7JAg+lJzEY1PfE3p8lbtsSqcUHCndosv96yQEzBQI4Q9pS u5lRhpyq4Icrn4IxLxFwibUaQ+hO3vZNXLy9lKFTmjanW5/HgddGgisr2ON/2soI HMeCJPy7eIZ7gPv3XiuwFB462DpT7AuLX8LiggL4vY+4DAgeqyrKgcFwEyS9GYnN BtPUISu1ZZQKPuGIHWlp1qnxmcNDL7M00X0BqBdSG+7oAH6JQHrSvGfpf+ewxQXy jwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 324935508602721285361438370933989286297 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-05-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.dominionlending.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25585415294599710034663036223651161077363696730154787332205222722596933875513345292611258980692082403613857924786410795021910019743130137307338998060250304059405780922340946595813719037275477221932345789976512005847129208326746717595750123500825633689637012838948953770879936831597625377309385689982248095868331998822073620204036233205784404443344782419495756462020136731642874067674602739529368426790329389320834760452801279159988820277009584773679034056479755046484662163552170162581982274288639940769430299574879853016440990498699524021243507928912554420637184767114306681340243466181149862381668016693684287697551 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3bfad5720a67125da427b0267f65839ff9702ea1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dominionlending.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dominionlending.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d700000172385c86780000040300473045022100f906c8c56fe73b29404327d722fd052ddd3a5efcb5ee6d25a77d39a8ff2f86d902201874e3708807423d8e7b128d1efe7ce9ca198e633f917417ae6c8d5cdf4c3a180076009420bc1e8ed58d6c88731f828b222c0dd1da4d5e6c4f943d61db4e2f584da2c200000172385c869e0000040300473045022041b3e8d2180093c5b7afcac51844a3ffe10063ab9e2e254839594f7ca4c98429022100fc5215fe81b2029845abeed5b713749cfdff2e0494f1847163494001e7af3827 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00d14af5c24e8d3e28dac242462cdd3f7c6f0ba7b53068a4c07f69b19b7fc3727399c50bd85c59746819506c3746e4f0c13bd3cdead1d829721ab220cebda1488f9e86e6aaf1127924ccd76ce9dc368061f04876c4a58eb6edc7a2c5f092e23740fe5bb0ecbe487dcdd9535c8c01c56b4cea7030d1ed59b62055ae75d40f1f1c528cba541853519c7d7633ebe8179dea7012913257497ba80665e26cf2e18adb8e2f772f16e1e8a14ea70bf44d91ef8c29db36ce763ad522bb1caf98720042627698bf098e66b67ee904749cf4e22c998854b083869affb9de816e9c8a4be7dc4cad220992af2d517333ff2c497229b9591cbd757c43eb207ea4fc4022564f2937