printmagic.org
Issued by R3
About this certificate
This digital certificate with serial number 04:cd:db:0e:5b:b4:da:a8:6b:b9:a3:e6:f6:77:cc:b9:ef:b6 was issued on by Let's Encrypt.
With 26 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=printmagic.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:cd:db:0e:5b:b4:da:a8:6b:b9:a3:e6:f6:77:cc:b9:ef:b6Serial Number (int): 418498204429094302185506135254269794316214
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 82:24:fe:6b:09:45:15:45:02:39:bb:1c:81:1c:b7:8f:82:21:c2:86
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): d0:9d:50:78:57:04:54:35:10:59:30:c7:5c:66:14:5d:5d:bb:98:3f
Fingerprint (sha256): a9:f8:72:26:53:b3:4c:63:6b:8d:db:30:b9:f3:34:1d:7f:8f:0e:2a:ca:48:ad:7d:d0:c5:03:ec:b2:27:15:c5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate printmagic.org
26
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for printmagic.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
23hrs.com
autonomouswarfaresimulation.com
bear-paw.com
bunkerpublishing.us
easyadsubmitter.com
faqaboutreligion.org
gaycorporate.com
heatertreaters.com
hippainhouston.com
hoardershotline.com
immeasurablymoreministries.com
iomcommunity.org
jourdren.com
kgg.co.in
longfellowshydroseeding.com
michaeltrimshow.com
oklahomaheatingandcooling.com
parkchapel.com
phoenixvault.org
printmagic.org
reginaangelorum-press.org
uslegalsolutions.com
vegandietbooks.com
wexel.com
wodumedia.co.uk
www.aprisamail.com
autonomouswarfaresimulation.com
bear-paw.com
bunkerpublishing.us
easyadsubmitter.com
faqaboutreligion.org
gaycorporate.com
heatertreaters.com
hippainhouston.com
hoardershotline.com
immeasurablymoreministries.com
iomcommunity.org
jourdren.com
kgg.co.in
longfellowshydroseeding.com
michaeltrimshow.com
oklahomaheatingandcooling.com
parkchapel.com
phoenixvault.org
printmagic.org
reginaangelorum-press.org
uslegalsolutions.com
vegandietbooks.com
wexel.com
wodumedia.co.uk
www.aprisamail.com
Other certificates including the domain name printmagic.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for printmagic.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG6jCCBdKgAwIBAgISBM3bDlu02qhruaPm9nfMue+2MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTcyMTM0NDFaFw0yNDA1MTcyMTM0NDBaMBkxFzAVBgNVBAMT DnByaW50bWFnaWMub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 6Iryl4om/fBxIn5+T16c2QucicceFNnrNmmsDbqwnuTfLcEvwznLu+CCMlTyjw8r 6pGF58CbjspZboh4hfXHWP/C1U3lD+siQ342sMbv21HD0CaBFwz/DRw8/gYSOl0f Tcr4/JtSjCHYZanOWgs70syBJTYZJKXm+YxfHigslZRolM8fy5Y50nKREDEPUJ/R Bst5PoWYGxcqQdN0pYtEbcV9He6CVOMVbTF/i9Fko5Xe6Txf32u3FyhD6ced4+VY m50Wjf2IkHrT3Lv/lkfYwfXVPabsXb8kX1wRSqqtycIvuZYpiPX5n4zw0j47tUII kBRD9yHAwiq4G8zjXcNUlQIDAQABo4IEETCCBA0wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBSCJP5rCUUVRQI5uxyBHLePgiHChjAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzCCAhkGA1UdEQSCAhAwggIMggkyM2hycy5jb22CH2F1dG9ub21vdXN3YXJmYXJl c2ltdWxhdGlvbi5jb22CDGJlYXItcGF3LmNvbYITYnVua2VycHVibGlzaGluZy51 c4ITZWFzeWFkc3VibWl0dGVyLmNvbYIUZmFxYWJvdXRyZWxpZ2lvbi5vcmeCEGdh eWNvcnBvcmF0ZS5jb22CEmhlYXRlcnRyZWF0ZXJzLmNvbYISaGlwcGFpbmhvdXN0 b24uY29tghNob2FyZGVyc2hvdGxpbmUuY29tgh5pbW1lYXN1cmFibHltb3JlbWlu aXN0cmllcy5jb22CEGlvbWNvbW11bml0eS5vcmeCDGpvdXJkcmVuLmNvbYIJa2dn LmNvLmlughtsb25nZmVsbG93c2h5ZHJvc2VlZGluZy5jb22CE21pY2hhZWx0cmlt c2hvdy5jb22CHW9rbGFob21haGVhdGluZ2FuZGNvb2xpbmcuY29tgg5wYXJrY2hh cGVsLmNvbYIQcGhvZW5peHZhdWx0Lm9yZ4IOcHJpbnRtYWdpYy5vcmeCGXJlZ2lu YWFuZ2Vsb3J1bS1wcmVzcy5vcmeCFHVzbGVnYWxzb2x1dGlvbnMuY29tghJ2ZWdh bmRpZXRib29rcy5jb22CCXdleGVsLmNvbYIPd29kdW1lZGlhLmNvLnVrghJ3d3cu YXByaXNhbWFpbC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5 AgQCBIH0BIHxAO8AdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AY25NRrpAAAEAwBGMEQCIBbpFeoM1wjyRePym9JwLgelsWWOYDErOvdJtPvQJFc4 AiBogLsJHbT8brCvY9wFXKKRruDZ9gooPbkkCq4Qog87WAB2AO7N0GTV2xrOxVy3 nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjbk1Gu8AAAQDAEcwRQIgHgZekZABc27K WGkoNKtCm1y0Tn0ydTBNUdBrKJ7h0tICIQDj6lEOK9J59eJqv93t6xF+sN/NvSLG cQeSdVFiFvENlTANBgkqhkiG9w0BAQsFAAOCAQEAHd+BPWvlI28/SwXNaNdV9y7d cjpc9wtybWHWB8YfgpkyybZpuyqwno4KKTxk6LiTZx3sHtR+qMvy+lZG58eMxafx xoWZ49zPLda+KQJM5L75nYE7JYVqz5eOWtXNfTAPxZJziAe78It3MXSfn53/1f9I Tb9Q0r5DTtEJwscO5oCSO8/nHwNFSFC1YXEzgSPHr801e2dqw9/HUsLGigBqmhpF UZgdfXCgaU6MzHGH9ORXihPRjsR8iTg6Mh14cO5r7g8Zpma98xYUXOTG19OC6jtZ AJKMmVC/Z6TkJxcbxPLUcE5oSXtmWRMwRKgyQdMYTVvkzMw+y40UW2N3anNMTQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Iryl4om/fBxIn5+T16c 2QucicceFNnrNmmsDbqwnuTfLcEvwznLu+CCMlTyjw8r6pGF58CbjspZboh4hfXH WP/C1U3lD+siQ342sMbv21HD0CaBFwz/DRw8/gYSOl0fTcr4/JtSjCHYZanOWgs7 0syBJTYZJKXm+YxfHigslZRolM8fy5Y50nKREDEPUJ/RBst5PoWYGxcqQdN0pYtE bcV9He6CVOMVbTF/i9Fko5Xe6Txf32u3FyhD6ced4+VYm50Wjf2IkHrT3Lv/lkfY wfXVPabsXb8kX1wRSqqtycIvuZYpiPX5n4zw0j47tUIIkBRD9yHAwiq4G8zjXcNU lQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 418498204429094302185506135254269794316214 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-17 21:34:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-17 21:34:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'printmagic.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29355804379607181736641876072680204314136933520170841415916270478310663850987477175892197771603609480915345717958046032030733118806757350730769800707352038879258628868962794936928659979410104863085053863348304693987334218734225704859069497520108411351966419000918066575075579024328329593658303254800149979837392415666936643639861232665747260470927492777289677585374310595615808087972470967001015663518880914816130271330472151095763312345624771262599440951883413568324678827274408067976686457333588804243467529481496631253053777399387680735717018517301768967654651862540055974211885078408478749344853380150889229276309 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8224fe6b094515450239bb1c811cb78f8221c286 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (528 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '23hrs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autonomouswarfaresimulation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bear-paw.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bunkerpublishing.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'easyadsubmitter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'faqaboutreligion.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gaycorporate.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heatertreaters.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hippainhouston.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hoardershotline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'immeasurablymoreministries.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iomcommunity.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jourdren.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kgg.co.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'longfellowshydroseeding.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'michaeltrimshow.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oklahomaheatingandcooling.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parkchapel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phoenixvault.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'printmagic.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reginaangelorum-press.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uslegalsolutions.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vegandietbooks.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wexel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wodumedia.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aprisamail.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018db9351ae90000040300463044022016e915ea0cd708f245e3f29bd2702e07a5b1658e60312b3af749b4fbd024573802206880bb091db4fc6eb0af63dc055ca291aee0d9f60a283db9240aae10a20f3b58007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018db9351aef000004030047304502201e065e919001736eca58692834ab429b5cb44e7d3275304d51d06b289ee1d2d2022100e3ea510e2bd279f5e26abfddedeb117eb0dfcdbd22c671079275516216f10d95 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001ddf813d6be5236f3f4b05cd68d755f72edd723a5cf70b726d61d607c61f829932c9b669bb2ab09e8e0a293c64e8b893671dec1ed47ea8cbf2fa5646e7c78cc5a7f1c68599e3dccf2dd6be29024ce4bef99d813b25856acf978e5ad5cd7d300fc592738807bbf08b7731749f9f9dffd5ff484dbf50d2be434ed109c2c70ee680923bcfe71f03454850b56171338123c7afcd357b676ac3dfc752c2c68a006a9a1a4551981d7d70a0694e8ccc7187f4e4578a13d18ec47c89383a321d7870ee6bee0f19a666bdf316145ce4c6d7d382ea3b5900928c9950bf67a4e427171bc4f2d4704e68497b6659133044a83241d3184d5be4cccc3ecb8d145b63776a734c4d