*.magrelli.net

Issued by Actalis Domain Validation Server CA G3

About this certificate

This digital certificate with serial number 28:2a:df:8c:16:be:5a:a0:31:97:4c:90:9d:f4:6b:09 was issued on by Actalis S.p.A..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.magrelli.net

Actalis S.p.A.

Organization: Actalis S.p.A.
State / Province: Bergamo
Locality: Ponte San Pietro
Country: IT

This certificate will expire on

Certificate Details

Serial Number (hex): 28:2a:df:8c:16:be:5a:a0:31:97:4c:90:9d:f4:6b:09
Serial Number (int): 53391730375778258085894656720318524169
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: c1:9e:2f:68:4e:91:24:ac:0e:bd:b2:66:12:df:5d:3c:7c:ef:c3:b3
AuthorityKeyId: 42:83:6d:80:7c:09:84:67:fd:80:57:ab:f1:26:f5:77:c8:22:82:71

Fingerprint (sha1): a1:af:e6:df:92:79:5b:40:39:0f:3b:39:08:51:47:08:d6:26:0f:03
Fingerprint (sha256): a8:c2:99:9a:3c:be:33:e9:94:b3:2f:ec:45:d3:07:f8:fa:37:f2:a5:85:06:fe:1a:35:8e:83:cf:6c:79:09:0d

Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-autdvg3

Revocation information

OCSP Server: http://ocsp06.actalis.it/VA/AUTHDV-G3
CRL Distribution Point: http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL

Check the revocation status for certificate *.magrelli.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.magrelli.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.magrelli.net
magrelli.net

Other certificates including the domain name magrelli.net

(limited to 100 certificates)
*.magrelli.net
*.magrelli.net
*.magrelli.net
*.magrelli.net
*.magrelli.net
*.magrelli.net
*.magrelli.net
*.magrelli.net

Certificate

The complete raw certificate details for *.magrelli.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHcjCCBVqgAwIBAgIQKCrfjBa+WqAxl0yQnfRrCTANBgkqhkiG9w0BAQsFADCB
hDELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl
IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMS8wLQYDVQQDDCZB
Y3RhbGlzIERvbWFpbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBHMzAeFw0yMzA5MjIy
MDM1NDhaFw0yNDA5MjIyMDM1NDhaMBkxFzAVBgNVBAMMDioubWFncmVsbGkubmV0
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwni6uVa5RJ/sKA8Nq6/+
V1tVPvF0s8dBJsj+YDNXJupJgwh+oImZxVISwpNze3jB6p3s4vJZ4i6ee5R0qVvz
QcTK4qOOl6KzA8rNMJf0gDv9Xv748Cxu8dujincDwV/pUOaJZSONtjAU4t7aDZLD
1jn6mO3gp9ATKcGEm5vK1pm1j+LzJIXrJnWmP/TVNG6YUOSKoMqLy+LXO79CCjpM
uH6gGl78EHUVlHRf6k2OBxN33ktcjkj/24Oi40mWrlkqJUInW1qfKlmf4DYqPWbH
ZdV7zjyVCPgmg93tkZni3D1uTnvTarXePPqiKxCDuBPY7cksEDdC+94l8RamlQrv
FwIDAQABo4IDSDCCA0QwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRCg22AfAmE
Z/2AV6vxJvV3yCKCcTB9BggrBgEFBQcBAQRxMG8wOgYIKwYBBQUHMAKGLmh0dHA6
Ly9jYWNlcnQuYWN0YWxpcy5pdC9jZXJ0cy9hY3RhbGlzLWF1dGR2ZzMwMQYIKwYB
BQUHMAGGJWh0dHA6Ly9vY3NwMDYuYWN0YWxpcy5pdC9WQS9BVVRIRFYtRzMwJwYD
VR0RBCAwHoIOKi5tYWdyZWxsaS5uZXSCDG1hZ3JlbGxpLm5ldDBRBgNVHSAESjBI
MDwGBiuBHwEXATAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlzLml0
L2FyZWEtZG93bmxvYWQwCAYGZ4EMAQIBMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
BgEFBQcDATBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDYuYWN0YWxpcy5p
dC9SZXBvc2l0b3J5L0FVVEhEVi1HMy9nZXRMYXN0Q1JMMB0GA1UdDgQWBBTBni9o
TpEkrA69smYS3108fO/DszAOBgNVHQ8BAf8EBAMCBaAwggF+BgorBgEEAdZ5AgQC
BIIBbgSCAWoBaAB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB
ir6kQQgAAAQDAEYwRAIgFQtxic36Bhd9yMpf6eJoK2rif4utJbaAO0HKHdDLliAC
ICKmTiJxSk47ojz9JfXNIYtamqouA7isBtdUny3+niJeAHcAdv+IPwq2+5VRwmHM
9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGKvqQ+7AAABAMASDBGAiEArC271gCRZ1yV
rtON3coVjBUgyc+LmN2dWoWE+/+PyHoCIQD6iOZzjUKGL0E0+dfI3oDAnFrWzMZ4
G8QcHWtSpjoXLQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB
ir6kQOwAAAQDAEcwRQIhAP04uvLMN5fgI7HN1lIDsWUBzkd/ZIY3CAS2rNPU1XLJ
AiB1ZRuZviYxhEA6lCjhGJDVZ/KkHO7x1OTgBjMqECqjeTANBgkqhkiG9w0BAQsF
AAOCAgEAgv2fTyaUjDxZRyrgcnmetYW04cVwSuJP1RcCNZ8g3q0FnTZ9w82TKscI
0nopJv9JjRTxvJko6azxuson+wsAdKnzhJ2yi5+uz7RymPjsKugURxTdfU0lEpOa
p1HpjV2VsqCcG4zjqrrF67sWWbCj25PrELGQnhAhQcCX1nmD5Y+sR8D6QMdGN+iW
14O6KavoAmSzh1T8Ytp0/+j4cmCnrdks40iCgVZbB0gTGwd0SqDnV05LXs62Ew4I
L1/+75Yku/m4PUOwIyUTFfmAD8zZMs/BB0qlcjScSovFMPZbr/K1kph7nHX8a/h2
zrps5p/ZZv0csuExIBuair4Zag/7ZCfqcIUEu9kPqDYZHNvpPl3AoFPiu0nxRvyO
qgKchA7irEU9lZ/wd7IaEkroeQsT8eNsaQenyKJDJCYSsJuGfA4jFNfVofFlP3EA
6olFsE3vM6PJBz1iMHIEPp1VzfmzEueDYKYgB0GGUXb15JwbALLHi7VyqhIP8p0p
xmuuEbq58ZHpXKRVvibT3wX4n7nZNuAzgwYoyNMhSb6j7eM96z16ALg5m4A/FvZE
UMUiRjZJV380YsZo4pNfuOBrj6G9gYS3mQIHz3sNbpmtfkg04vX7rZl1yko44AwG
L9wyeWh97b0lvNtG75nj+tzc5t76gKaAZGV3AaMkCQJd/gEc2pQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwni6uVa5RJ/sKA8Nq6/+
V1tVPvF0s8dBJsj+YDNXJupJgwh+oImZxVISwpNze3jB6p3s4vJZ4i6ee5R0qVvz
QcTK4qOOl6KzA8rNMJf0gDv9Xv748Cxu8dujincDwV/pUOaJZSONtjAU4t7aDZLD
1jn6mO3gp9ATKcGEm5vK1pm1j+LzJIXrJnWmP/TVNG6YUOSKoMqLy+LXO79CCjpM
uH6gGl78EHUVlHRf6k2OBxN33ktcjkj/24Oi40mWrlkqJUInW1qfKlmf4DYqPWbH
ZdV7zjyVCPgmg93tkZni3D1uTnvTarXePPqiKxCDuBPY7cksEDdC+94l8RamlQrv
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 53391730375778258085894656720318524169
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Domain Validation Server CA G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-22 20:35:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-22 20:35:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.magrelli.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24549765044751311216922892450460258003872652491677825631683514340413847979475820751728454716162366694366101787301968590154590125051937079784834140537643875405172200451774093425517335427189515947285703844053614397531679666676351457414137752984507358909091386156023488358009343185215050650282243377427092193004702724707466834797290998707129188056686003808379509638759421610900524770878987855896806375705357154338911002924717658696707966132402039093205100770894666806607616156189942675849522883544296433666766600367551923083452174532659489828906666634505323224085029289366649892654390351369476869880166537919964727930647
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 42836d807c098467fd8057abf126f577c8228271
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-autdvg3'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp06.actalis.it/VA/AUTHDV-G3'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.magrelli.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'magrelli.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c19e2f684e9124ac0ebdb26612df5d3c7cefc3b3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018abea4410800000403004630440220150b7189cdfa06177dc8ca5fe9e2682b6ae27f8bad25b6803b41ca1dd0cb9620022022a64e22714a4e3ba23cfd25f5cd218b5a9aaa2e03b8ac06d7549f2dfe9e225e00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018abea43eec0000040300483046022100ac2dbbd60091675c95aed38dddca158c1520c9cf8b98dd9d5a8584fbff8fc87a022100fa88e6738d42862f4134f9d7c8de80c09c5ad6ccc6781bc41c1d6b52a63a172d007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018abea440ec0000040300473045022100fd38baf2cc3797e023b1cdd65203b16501ce477f6486370804b6acd3d4d572c9022075651b99be263184403a9428e11890d567f2a41ceef1d4e4e006332a102aa379
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0082fd9f4f26948c3c59472ae072799eb585b4e1c5704ae24fd51702359f20dead059d367dc3cd932ac708d27a2926ff498d14f1bc9928e9acf1baca27fb0b0074a9f3849db28b9faecfb47298f8ec2ae8144714dd7d4d2512939aa751e98d5d95b2a09c1b8ce3aabac5ebbb1659b0a3db93eb10b1909e102141c097d67983e58fac47c0fa40c74637e896d783ba29abe80264b38754fc62da74ffe8f87260a7add92ce3488281565b0748131b07744aa0e7574e4b5eceb6130e082f5ffeef9624bbf9b83d43b023251315f9800fccd932cfc1074aa572349c4a8bc530f65baff2b592987b9c75fc6bf876ceba6ce69fd966fd1cb2e131201b9a8abe196a0ffb6427ea708504bbd90fa836191cdbe93e5dc0a053e2bb49f146fc8eaa029c840ee2ac453d959ff077b21a124ae8790b13f1e36c6907a7c8a243242612b09b867c0e2314d7d5a1f1653f7100ea8945b04def33a3c9073d623072043e9d55cdf9b312e78360a6200741865176f5e49c1b00b2c78bb572aa120ff29d29c66bae11bab9f191e95ca455be26d3df05f89fb9d936e033830628c8d32149bea3ede33deb3d7a00b8399b803f16f64450c522463649577f3462c668e2935fb8e06b8fa1bd8184b7990207cf7b0d6e99ad7e4834e2f5fbad9975ca4a38e00c062fdc3279687dedbd25bcdb46ef99e3fadcdce6defa80a68064657701a32409025dfe011cda94