thermawool.com
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number ea:5d:75:5d:17:50:f6:ee was issued on by GoDaddy.com, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=thermawool.com
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): ea:5d:75:5d:17:50:f6:eeSerial Number (int): 16887783220392818414
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 86:0a:75:c7:47:1c:5e:55:b6:cd:24:2d:4c:02:6a:73:ef:99:31:b3
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): 31:81:20:f8:08:9b:ee:55:8c:a9:0e:d5:37:d7:4f:d8:3b:1a:73:3a
Fingerprint (sha256): a7:56:0c:98:35:b4:0e:e3:d2:b6:35:cd:1b:c9:60:bc:18:ad:b8:c4:11:77:f0:4f:98:0d:02:dd:3e:22:cd:8c
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-6553.crl
Check the revocation status for certificate thermawool.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thermawool.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thermawool.com
Other certificates including the domain name thermawool.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for thermawool.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHgjCCBmqgAwIBAgIJAOpddV0XUPbuMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTIzMDcwMzE0MjIxMFoX DTI0MDcwMzE0MjIxMFowGTEXMBUGA1UEAxMOdGhlcm1hd29vbC5jb20wggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDQQORSPHYEXLMES5Q8w/5hK0gULHbf uLR5ga0ZFVnMLkX6pwAalj7BpHOnU01Lk19yjaBRFCVa2vU7LMvMNtm5p1JVBiNG zjcW8GIrLOEA7Lq4A/GopmazHLbiplJprKOnV0kgFNL45EOoApvhIfbw6DjyeJpz FN51oTQzDAl9mLRKExysd+6BFCmvSJtqP0M/3R8yZ1ola1JgSC8lyk8UhZ87aTPx yAB9JuB7a5DjHY3vWqPPX2B27mcpm3hHCIPjDWh+NX3KTM9RhtptYaNhpaRHdVyl KQiNWXg7aSL1d9BxML0Y0NmHT+kYxjzAZcQCcUXKpv4oTC/BihB5A6Y0JxH7Qn7E +7g+cAJHxXoTCED9iB9Khi9MAD8xtFVCbHtgaw97guBrEcy+OnLWXnoB+uNFtGOr 1pOk9rFBlPJ39ELGpPDnBzABqSaFNabcwwbI/yttXDR2BSCq8Nw+dx2O0OPC/cxo KRQCj77QASBQCQJfpi2Zsmsvv3Rfv7nXGnXaKeb+o2XQ1XnC7zdqBoa/oYrHjeb8 c7FMZxE+OiNyTr4lFqGhRmnFjxjv8WAjuI45c3wKDOE+OKprFp4CyWSaJybx/RXv LKluOFA2X6rLL7AZSaWrpgOyXSeFctoHHwhfqleatui/e/1yEg8fXToW1XFNpjks MwOqFhDTp1PKFQIDAQABo4IDLzCCAyswDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDgGA1UdHwQxMC8w LaAroCmGJ2h0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMS02NTUzLmNybDBd BgNVHSAEVjBUMEgGC2CGSAGG/W0BBxcBMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9j ZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMHYG CCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5j b20vMEAGCCsGAQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29t L3JlcG9zaXRvcnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/ts s/C0LIDOMBkGA1UdEQQSMBCCDnRoZXJtYXdvb2wuY29tMB0GA1UdDgQWBBSGCnXH RxxeVbbNJC1MAmpz75kxszCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGJHCHmrAAABAMASDBGAiEA p7IhMfNffzqdywHB+pnV6aYVKxumCCmvixKrmy1fhzoCIQDy85CKPjUSyCSUeuIh ZzOuFQVmEmuoUT2yKhigfxKm8gB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7 v6s52IRzAAABiRwh53gAAAQDAEYwRAIgDnhczbuuQF71kqVlV7mJW5QY8LTLsAZu vCV5rtY0mGoCIGWv+Nmh8JUcmfJk/Hvuf/hKy81/F/mBY/sZGEEse+YJAHYA2ra/ az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGJHCHn2gAABAMARzBFAiEA oL4yaGV3x1bAvOkD4XzitVUiAOOPMLPdPJ3YIsreEcQCIBDEuz+IWo0ey0ebFfa+ CneTKKRCGUvwEJikQEY1n6CdMA0GCSqGSIb3DQEBCwUAA4IBAQBBxb8vW2NOmDrn wNHOy0M5rssY+3UBbHP5GdiriD+6CHZ+eqCe0kzeWJyUur0waab9BMp9SS49pYE2 yXcGVUs2Gh389Ftw8oDH9VJ3QvKCvtwDKPhBWWRCmvD0FeTwNw/cW5epaSwO9NlU 9JJ7i1Sze/HvPVxEWTLJtxfmkqbtnv06B1rGqQbHdG746alBB+ooppX0OPR4+XZx ELPdLF+a3gy9zjCgcmWpOfCu9YrLy0sGvfQ0IBZJiSVmOKSktvKe7jABxH5aNjSQ jT2DI21No5KEd3qWynZYQZkFThABgKfhrg6YyHTEwxCjm1ujfPQa2SVM/DWmytwI f8Jbt7Wx -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EDkUjx2BFyzBEuUPMP+ YStIFCx237i0eYGtGRVZzC5F+qcAGpY+waRzp1NNS5Nfco2gURQlWtr1OyzLzDbZ uadSVQYjRs43FvBiKyzhAOy6uAPxqKZmsxy24qZSaayjp1dJIBTS+ORDqAKb4SH2 8Og48niacxTedaE0MwwJfZi0ShMcrHfugRQpr0ibaj9DP90fMmdaJWtSYEgvJcpP FIWfO2kz8cgAfSbge2uQ4x2N71qjz19gdu5nKZt4RwiD4w1ofjV9ykzPUYbabWGj YaWkR3VcpSkIjVl4O2ki9XfQcTC9GNDZh0/pGMY8wGXEAnFFyqb+KEwvwYoQeQOm NCcR+0J+xPu4PnACR8V6EwhA/YgfSoYvTAA/MbRVQmx7YGsPe4LgaxHMvjpy1l56 AfrjRbRjq9aTpPaxQZTyd/RCxqTw5wcwAakmhTWm3MMGyP8rbVw0dgUgqvDcPncd jtDjwv3MaCkUAo++0AEgUAkCX6YtmbJrL790X7+51xp12inm/qNl0NV5wu83agaG v6GKx43m/HOxTGcRPjojck6+JRahoUZpxY8Y7/FgI7iOOXN8CgzhPjiqaxaeAslk micm8f0V7yypbjhQNl+qyy+wGUmlq6YDsl0nhXLaBx8IX6pXmrbov3v9chIPH106 FtVxTaY5LDMDqhYQ06dTyhUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16887783220392818414 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-03 14:22:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-03 14:22:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thermawool.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 849600090259860366220754752359334690605437443321351222322562464997569622847849103887122446078193119236705084634774108980716478680957307943120130134892194306334240283120764104329495440579456005617841688790127638006403691101115814323186366244339739016371124380756786532522628228344510389652846488467507013979677709222395487165979091662374071955215112100434584661655033647487597798229337036635859777629263817984968573997045055878786452257889960213683572769010026011549960614501428136671724745284930689977763554753138524240537614063438614498819539100019360997427923450371880507097564294450756513278642490703779689254676872089244947891981773404541810938270917574041874171733386002755134593437507689103178411356561382642696910257619557367041650915669335626065693082857365580424972538957425500974155083776983091907359303236172223453494704478516172523742279473378693543537202477103685042718035510674518497360016096773115819389894688157683811609245149660758033219089944961036318352132279799580676109525000240792818301630266173123585418598838185355807899101973355944522946358022673224946147293582864995947896075127613442494210371317241541241039467759924932313795446521735847830398803154896943112962698094608592510376580116047183578369919011349 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-6553.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thermawool.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 860a75c7471c5e55b6cd242d4c026a73ef9931b3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001891c21e6ac0000040300483046022100a7b22131f35f7f3a9dcb01c1fa99d5e9a6152b1ba60829af8b12ab9b2d5f873a022100f2f3908a3e3512c824947ae2216733ae150566126ba8513db22a18a07f12a6f200750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001891c21e778000004030046304402200e785ccdbbae405ef592a56557b9895b9418f0b4cbb0066ebc2579aed634986a022065aff8d9a1f0951c99f264fc7bee7ff84acbcd7f17f98163fb1918412c7be609007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001891c21e7da0000040300473045022100a0be32686577c756c0bce903e17ce2b5552200e38f30b3dd3c9dd822cade11c4022010c4bb3f885a8d1ecb479b15f6be0a779328a442194bf01098a44046359fa09d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0041c5bf2f5b634e983ae7c0d1cecb4339aecb18fb75016c73f919d8ab883fba08767e7aa09ed24cde589c94babd3069a6fd04ca7d492e3da58136c97706554b361a1dfcf45b70f280c7f5527742f282bedc0328f8415964429af0f415e4f0370fdc5b97a9692c0ef4d954f4927b8b54b37bf1ef3d5c445932c9b717e692a6ed9efd3a075ac6a906c7746ef8e9a94107ea28a695f438f478f9767110b3dd2c5f9ade0cbdce30a07265a939f0aef58acbcb4b06bdf43420164989256638a4a4b6f29eee3001c47e5a3634908d3d83236d4da39284777a96ca76584199054e100180a7e1ae0e98c874c4c310a39b5ba37cf41ad9254cfc35a6cadc087fc25bb7b5b1