bento.app

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:d3:fa:df:a5:43:09:8c:20:68:aa:86:f5:e3:ab:94:3d:cb was issued on by Let's Encrypt.

With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=bento.app

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:d3:fa:df:a5:43:09:8c:20:68:aa:86:f5:e3:ab:94:3d:cb
Serial Number (int): 333469905448653264224161800079705422183883
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: d0:bf:c6:c0:2c:e2:60:93:23:01:73:3b:91:a0:76:94:2e:07:0e:3c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 1c:ec:4a:2e:ad:ba:64:08:7d:c6:08:29:82:af:5e:92:5a:01:6c:d6
Fingerprint (sha256): a8:b4:08:2e:d6:ca:be:a8:fd:a6:52:ee:4b:08:a0:4e:85:de:0f:e1:ae:31:74:22:09:10:5b:14:e8:db:fe:61

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate bento.app

17

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bento.app

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bento.app
daily.spiegel.de
einestages.de
gutenberg.spiegel.de
jubilaeum.harvardbusinessmanager.de
konferenzen.spiegel.de
manager-magazin.app
managermagazin.app
spiegel-daily.com
spiegel-daily.de
spiegel-tv.app
spiegel.app
spiegeldaily.com
spiegeldaily.de
spiegeltv.app
stellensuche.karriere.spiegel.de
tippspiel.spiegel.de

Other certificates including the domain name bento.app

(limited to 100 certificates)
bento.app
barbablanca.me
bento.app
bento.app
speigel.de
speigel.de
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
poyao.wang
bento.app
bento.app
speigel.de
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
bento.app
desevedavy.speakylink.com
speigel.de
dev.presentation-upload.com

Certificate

The complete raw certificate details for bento.app in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGmTCCBYGgAwIBAgISA9P636VDCYwgaKqG9eOrlD3LMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMTQxMzEzNTNaFw0y
MDA0MTMxMzEzNTNaMBQxEjAQBgNVBAMTCWJlbnRvLmFwcDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMlzCgBZspkgdtv0C/j63MrmBZyqPaK3jTtm2HR+
m6KAvj3HZDze+vxZYDTId9zArNjrQH0KdZEF67xM9gZV0c6laayS3zQNOd1wHzgY
4STEd8IL1nK5LBSar9ctd+ULFyPqlNgZhjbdd70u9n+pDpi6ww6BymdFFhhGeOQJ
KEHh1Soy2/RHD4u5WtrLYcheExqM+doGrnRhxh9fKgbikMflge36tAQmDiHZeudY
nry7BxT7jEZGKCZLKLAUIc6xMFjpeR2ee1LRgD2yu0ZRBReGeZ6BNekV4yrGpCVk
fzn58bTYGx/a11KvpOwQRoExBOPcCF8uz4dUosI+XTy1F0UCAwEAAaOCA60wggOp
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU0L/GwCziYJMjAXM7kaB2lC4HDjwwHwYD
VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G
CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G
CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzCC
AWEGA1UdEQSCAVgwggFUggliZW50by5hcHCCEGRhaWx5LnNwaWVnZWwuZGWCDWVp
bmVzdGFnZXMuZGWCFGd1dGVuYmVyZy5zcGllZ2VsLmRlgiNqdWJpbGFldW0uaGFy
dmFyZGJ1c2luZXNzbWFuYWdlci5kZYIWa29uZmVyZW56ZW4uc3BpZWdlbC5kZYIT
bWFuYWdlci1tYWdhemluLmFwcIISbWFuYWdlcm1hZ2F6aW4uYXBwghFzcGllZ2Vs
LWRhaWx5LmNvbYIQc3BpZWdlbC1kYWlseS5kZYIOc3BpZWdlbC10di5hcHCCC3Nw
aWVnZWwuYXBwghBzcGllZ2VsZGFpbHkuY29tgg9zcGllZ2VsZGFpbHkuZGWCDXNw
aWVnZWx0di5hcHCCIHN0ZWxsZW5zdWNoZS5rYXJyaWVyZS5zcGllZ2VsLmRlghR0
aXBwc3BpZWwuc3BpZWdlbC5kZTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEE
AYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y
ZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2APCVpFnyANGCQBAtL5OIjq1L/h1H
45nh0DSmsKiqjrJzAAABb6RnV8oAAAQDAEcwRQIhAKLwdRT+TTZIRCjwQ49bEqAr
pKo2eX5GSuduuKtFa2QFAiBTq8HEtUZSDdguNnaQRY3sykxibZAAY7i6C979rP54
UQB2AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABb6RnV/EAAAQD
AEcwRQIhALsoEn8NfyuhkVb4SDCSq63tgOo+HQKJMhhJBHYps3JQAiBQId8raQxF
t1G6FEuJxtFBmTdvX3yEekKzysLu9CpWCTANBgkqhkiG9w0BAQsFAAOCAQEAaRug
vQOYkbfbyCyY3+4sgI18n1Ny/MTpdi4p6ik8IGQM036m7LzAe7r1JemxFd1+j7Nr
pCLAeKpFsZg8QB3EDd1Z/M+mmiDFN0Y3hkPgwvCkqh8KuTuyuHImR2uLnuHaC05e
dg8sFXqjqsKqhqBqwOFh77isHcVyUEEApmi08tJcac8mn1jwJSDCfc0ItzwHMfLX
S6HA0YAbrIep8VFwbYDzy1LrjDZaDpBMPC8hNEpvYUk9xjn1UvwB4JXTrPcsrIdy
VtTIuqHUscQHDuBHtbk7y4GaX1jaERl8XMKo32bXRfpqJtBNmJeE4IShTnc+Y7GN
Kbm1Ou6OXIgiPBHwWg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXMKAFmymSB22/QL+Prc
yuYFnKo9oreNO2bYdH6booC+PcdkPN76/FlgNMh33MCs2OtAfQp1kQXrvEz2BlXR
zqVprJLfNA053XAfOBjhJMR3wgvWcrksFJqv1y135QsXI+qU2BmGNt13vS72f6kO
mLrDDoHKZ0UWGEZ45AkoQeHVKjLb9EcPi7la2sthyF4TGoz52gaudGHGH18qBuKQ
x+WB7fq0BCYOIdl651ievLsHFPuMRkYoJksosBQhzrEwWOl5HZ57UtGAPbK7RlEF
F4Z5noE16RXjKsakJWR/OfnxtNgbH9rXUq+k7BBGgTEE49wIXy7Ph1Siwj5dPLUX
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 333469905448653264224161800079705422183883
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-14 13:13:53 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-13 13:13:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bento.app'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25430627176809831947133244768217867625420750478951074633442706574840958454300188820345252017546994946348072422772931346846902609444771477140485378743026665264491043527469635301125723352182611407059136565603061926412252674220895369591118198173560150269965966279350943364482177593898484290247846375795729887969177931758975890880384304992916885840224137588121014096543775327143561780051831137858363716307164288660218619055645661931476856591292947023894315393803347059028921803984114845569943524789153178104101713478341303290286132805900216986220456498585293925311666988720838633172624361178371964459885305509701395748677
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d0bfc6c02ce260932301733b91a076942e070e3c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (344 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bento.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'daily.spiegel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'einestages.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gutenberg.spiegel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jubilaeum.harvardbusinessmanager.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'konferenzen.spiegel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manager-magazin.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'managermagazin.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegel-daily.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegel-daily.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegel-tv.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegel.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegeldaily.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegeldaily.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spiegeltv.app'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stellensuche.karriere.spiegel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tippspiel.spiegel.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016fa46757ca0000040300473045022100a2f07514fe4d36484428f0438f5b12a02ba4aa36797e464ae76eb8ab456b6405022053abc1c4b546520dd82e367690458decca4c626d900063b8ba0bdefdacfe785100760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016fa46757f10000040300473045022100bb28127f0d7f2ba19156f8483092abaded80ea3e1d0289321849047629b3725002205021df2b690c45b751ba144b89c6d14199376f5f7c847a42b3cac2eef42a5609
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00691ba0bd039891b7dbc82c98dfee2c808d7c9f5372fcc4e9762e29ea293c20640cd37ea6ecbcc07bbaf525e9b115dd7e8fb36ba422c078aa45b1983c401dc40ddd59fccfa69a20c53746378643e0c2f0a4aa1f0ab93bb2b87226476b8b9ee1da0b4e5e760f2c157aa3aac2aa86a06ac0e161efb8ac1dc572504100a668b4f2d25c69cf269f58f02520c27dcd08b73c0731f2d74ba1c0d1801bac87a9f151706d80f3cb52eb8c365a0e904c3c2f21344a6f61493dc639f552fc01e095d3acf72cac877256d4c8baa1d4b1c4070ee047b5b93bcb819a5f58da11197c5cc2a8df66d745fa6a26d04d989784e084a14e773e63b18d29b9b53aee8e5c88223c11f05a