*.prod.ohchr.un-icc.cloud
Issued by Amazon
About this certificate
This digital certificate with serial number 0a:02:47:6e:dd:2b:c5:6b:1f:9e:38:9f:1d:9c:2b:db was issued on by Amazon.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.prod.ohchr.un-icc.cloud
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0a:02:47:6e:dd:2b:c5:6b:1f:9e:38:9f:1d:9c:2b:dbSerial Number (int): 13304113386195067485010118307399609307
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: a9:7f:e2:95:a7:d9:19:7c:46:ba:e3:b7:36:f8:1a:a5:39:cf:7a:65
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 3f:db:98:82:12:9e:db:5d:76:ca:ad:c7:e6:3c:74:55:ce:d8:71:89
Fingerprint (sha256): a9:3e:fa:5f:91:47:48:9e:59:7d:56:07:9d:7c:51:1c:d0:3a:ea:34:18:58:44:cd:3a:4c:2a:0d:57:71:35:73
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate *.prod.ohchr.un-icc.cloud
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.prod.ohchr.un-icc.cloud
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.prod.ohchr.un-icc.cloud
waps.ohchr.org
www.ohchr.org
www.unhrcouncil.org
unhrcouncil.org
ohchr.org
waps.ohchr.org
www.ohchr.org
www.unhrcouncil.org
unhrcouncil.org
ohchr.org
Other certificates including the domain name un-icc.cloud
(limited to 100 certificates)
*.prod.ohchr.un-icc.cloud
*.test.ohchr.un-icc.cloud
*.cwh-poc.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.parana.un-icc.cloud
*.prod.unhcr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.cwh-poc.un-icc.cloud
ieo-dev.un-icc.cloud
jenkins-iati-unrwa.un-icc.cloud
*.prod.unhcr.un-icc.cloud
*.cwh-poc.un-icc.cloud
*.fao.un-icc.cloud
kibana.observ.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.parana.un-icc.cloud
*.core.un-icc.cloud
jenkins-iati-unrwa.un-icc.cloud
*.leman.un-icc.cloud
ieo-test.un-icc.cloud
cwh-docs.un-icc.cloud
*.rhone.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.parana.un-icc.cloud
*.test.ohchr.un-icc.cloud
*.cwh-poc.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.parana.un-icc.cloud
*.prod.unhcr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.cwh-poc.un-icc.cloud
ieo-dev.un-icc.cloud
jenkins-iati-unrwa.un-icc.cloud
*.prod.unhcr.un-icc.cloud
*.cwh-poc.un-icc.cloud
*.fao.un-icc.cloud
kibana.observ.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.parana.un-icc.cloud
*.core.un-icc.cloud
jenkins-iati-unrwa.un-icc.cloud
*.leman.un-icc.cloud
ieo-test.un-icc.cloud
cwh-docs.un-icc.cloud
*.rhone.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.prod.ohchr.un-icc.cloud
*.parana.un-icc.cloud
Certificate
The complete raw certificate details for *.prod.ohchr.un-icc.cloud in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGODCCBSCgAwIBAgIQCgJHbt0rxWsfnjifHZwr2zANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAzMjQwMDAwMDBaFw0yMzA0MjIy MzU5NTlaMCQxIjAgBgNVBAMMGSoucHJvZC5vaGNoci51bi1pY2MuY2xvdWQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf/W0m1VSdhQmxL4bCpTPFxpCm /SlfFKW9aFlevITdK28MUoMuayJnjPX5OFEnfDn2FCT1MeKd60MKXvPe7KJmOueA ECnbb2aSEtU8B0rtFeDw9b/5/rlxPLvQkCbLIsvm0Iv9xmoY+LW2dCldm1YByELK 58A3r+JgQrtCY34kluad0dGV6TZ8LevLDxWmjp6OIjQqheRpbo5AozIejyfeAGq+ tA7cwAO7WZNJALiP+OB4W69pFT/EcfDap7YUiszfR4Av0ZDf+AFktfC5iPO31aKD w3OIcXe8A7o8MQk6GZevsEv1EQ78UUwaQdSotI/3U1HzgZn29JcO7EcXrnR1AgMB AAGjggNCMIIDPjAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNV HQ4EFgQUqX/ilafZGXxGuuO3NvgapTnPemUwdAYDVR0RBG0wa4IZKi5wcm9kLm9o Y2hyLnVuLWljYy5jbG91ZIIOd2Fwcy5vaGNoci5vcmeCDXd3dy5vaGNoci5vcmeC E3d3dy51bmhyY291bmNpbC5vcmeCD3VuaHJjb3VuY2lsLm9yZ4IJb2hjaHIub3Jn MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw PQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5j b20vc2NhMWItMS5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29t L3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFo AWYAdgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX+7qvwxAAAE AwBHMEUCIQCFNg85bkpADp2FqHKqjwTnO8T3oUlU9X8xX9NHPxl1twIgKUD+hTmC j30LQ5q8MlBs8cS8PKrp1ilyWyvOdZ+wascAdQA1zxkbv7FsV78PrUxtQsu7ticg JlHqP+Eq76gDwzvWTAAAAX+7qvwFAAAEAwBGMEQCIAOvaT2ngpxzX+7Gxpkm7pUL 5tP0piPracTq+bRmac63AiACyGNLZDtwEHb5jP0if0rjXgA9eQK0Bc/HmBZl0Axr 4gB1ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABf7uq/CoAAAQD AEYwRAIgWZ2H3R9tuqsMGZF5VSvRwc/fcLFbraMBp2k1nbCp5NkCIEH8VXdsUy6P bN3Wpmq7ydXPmI2IuNitE0EZA4/kZLs2MA0GCSqGSIb3DQEBCwUAA4IBAQAjgmYa O+qR3x03Gwbwc4w5TypDNrManhfBqhlvIBzFpmQ73nm4WgUXX3QLFKOjykKfSzx+ Mu8W9Fpj/9GhMEytSqpSLnI6CMufLNyMHqmrFBIpYxd/9uO3APGaQi66qLXm6eWq VUa8XNU2Lnkg4+ni+qSJpKPX5rEt2Rr2FwsPjxkqbT02pDNNK/V6Bd4jr4yTq10m 4Le9DBlZ8FegBREDqto79hPdHKWSQ7OW6nRFOZ/R43rqezv3Ol8cwWqeJW0LA5Q4 QV8nLCouCiFgvXGe022q72SFMCoF5fpvrWuL3UogUrKtII8Ac1eTr6onB20RV4QR GdZS/AnVgf9m48Kx -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/1tJtVUnYUJsS+GwqUz xcaQpv0pXxSlvWhZXryE3StvDFKDLmsiZ4z1+ThRJ3w59hQk9THinetDCl7z3uyi ZjrngBAp229mkhLVPAdK7RXg8PW/+f65cTy70JAmyyLL5tCL/cZqGPi1tnQpXZtW AchCyufAN6/iYEK7QmN+JJbmndHRlek2fC3ryw8Vpo6ejiI0KoXkaW6OQKMyHo8n 3gBqvrQO3MADu1mTSQC4j/jgeFuvaRU/xHHw2qe2FIrM30eAL9GQ3/gBZLXwuYjz t9Wig8NziHF3vAO6PDEJOhmXr7BL9REO/FFMGkHUqLSP91NR84GZ9vSXDuxHF650 dQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13304113386195067485010118307399609307 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.prod.ohchr.un-icc.cloud' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20196859692189807120333832606102234662197856032377070743910481433561226122953050386770008811983774592224018014854593763671043059647594689295319493130382054278149845419756765678080127542764771697454325198251664095823651286980430492207266113621926030616108900109318240303966948085434586169472337635726653377839612008987964475559018976553778677731693494384837546906149483334465257950445029111245869670215804060108448729996432773648941439351076825224564129488289902432346340924070678009010250619521501512437688782744634428418367526978824383491334813181285346449629808507563531397646480351469959817792720078081210079671413 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a97fe295a7d9197c46bae3b736f81aa539cf7a65 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (109 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prod.ohchr.un-icc.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waps.ohchr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ohchr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.unhrcouncil.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unhrcouncil.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohchr.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017fbbaafc31000004030047304502210085360f396e4a400e9d85a872aa8f04e73bc4f7a14954f57f315fd3473f1975b702202940fe8539828f7d0b439abc32506cf1c4bc3caae9d629725b2bce759fb06ac700750035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017fbbaafc050000040300463044022003af693da7829c735feec6c69926ee950be6d3f4a623eb69c4eaf9b46669ceb7022002c8634b643b701076f98cfd227f4ae35e003d7902b405cfc7981665d00c6be2007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017fbbaafc2a00000403004630440220599d87dd1f6dbaab0c199179552bd1c1cfdf70b15bada301a769359db0a9e4d9022041fc55776c532e8f6cddd6a66abbc9d5cf988d88b8d8ad134119038fe464bb36 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002382661a3bea91df1d371b06f0738c394f2a4336b31a9e17c1aa196f201cc5a6643bde79b85a05175f740b14a3a3ca429f4b3c7e32ef16f45a63ffd1a1304cad4aaa522e723a08cb9f2cdc8c1ea9ab14122963177ff6e3b700f19a422ebaa8b5e6e9e5aa5546bc5cd5362e7920e3e9e2faa489a4a3d7e6b12dd91af6170b0f8f192a6d3d36a4334d2bf57a05de23af8c93ab5d26e0b7bd0c1959f057a0051103aada3bf613dd1ca59243b396ea7445399fd1e37aea7b3bf73a5f1cc16a9e256d0b039438415f272c2a2e0a2160bd719ed36daaef6485302a05e5fa6fad6b8bdd4a2052b2ad208f00735793afaa27076d1157841119d652fc09d581ff66e3c2b1