townebankmortgage.com
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 0d:45:91:1b:8f:7f:62:fa:53:96:30:d4:98:84:4c:08 was issued on by DigiCert, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=townebankmortgage.com
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:45:91:1b:8f:7f:62:fa:53:96:30:d4:98:84:4c:08Serial Number (int): 17641175561406084224634481034238643208
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 8f:b0:75:09:97:97:ab:63:97:d1:b5:7f:87:39:ea:b7:f6:5e:53:6c
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): bb:2c:84:84:96:eb:99:b5:cd:90:16:0f:6e:7b:ab:ed:64:30:00:62
Fingerprint (sha256): ac:fb:60:35:37:b9:98:b8:f1:34:06:33:5f:79:cd:78:98:a0:e4:12:c3:62:e7:03:dc:80:f6:51:4f:d9:ff:b7
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate townebankmortgage.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for townebankmortgage.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
townebankmortgage.com
Other certificates including the domain name townebankmortgage.com
(limited to 100 certificates)
www.townebankmortgage.com
*.townebankmortgage.com
www.townebankmortgage.com
www.townebankmortgage.com
townebankmortgage.com
*.townebankmortgage.com
*.townebankmortgage.com
www.townebankmortgage.com
www.townebankmortgage.com
townebankmortgage.com
townebankmortgage.com
townebankmortgage.com
*.townebankmortgage.com
apply.townebankmortgage.com
www.townebankmortgage.com
*.townebankmortgage.com
*.townebankmortgage.com
*.townebankmortgage.com
a.townebank.net
townebankmortgage.com
www.townebankmortgage.com
*.townebankmortgage.com
www.townebankmortgage.com
www.townebankmortgage.com
*.townebankmortgage.com
www.townebankmortgage.com
www.townebankmortgage.com
townebankmortgage.com
*.townebankmortgage.com
*.townebankmortgage.com
www.townebankmortgage.com
www.townebankmortgage.com
townebankmortgage.com
townebankmortgage.com
townebankmortgage.com
*.townebankmortgage.com
apply.townebankmortgage.com
www.townebankmortgage.com
*.townebankmortgage.com
*.townebankmortgage.com
*.townebankmortgage.com
a.townebank.net
townebankmortgage.com
www.townebankmortgage.com
*.townebankmortgage.com
www.townebankmortgage.com
www.townebankmortgage.com
Certificate
The complete raw certificate details for townebankmortgage.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHmDCCBYCgAwIBAgIQDUWRG49/YvpTljDUmIRMCDANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMxMDMxMDAwMDAwWhcNMjQwNDMwMjM1OTU5WjAgMR4wHAYDVQQDExV0b3duZWJh bmttb3J0Z2FnZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl oKgk3AM5RaswgX6leNOtFdEF6pBsG6AZR+uNrLYrnUzJ8/v7PES3yQOE8jjCCVw7 N+BJT60Lyj13G4UFV3ECuJoMfc+UiTXbfSM3K2mCd9YTalewPNUuLo+55FZboXPK sst1ygEDGWoSkyXZbMhLgDSlftcbVk9qLmNisPq6nY9V0sy5S3AAlLj2amLNovF7 cei5eJCUa3PAF5euc24VRu1V5kB/DGDZk+nh2IudNKXun+EIwLxpf6/aFlGykQlh xrF7ucayViRh+rNuXeEY7aZQ0I7TSGTdwlwgZE5hnt5DqCiFH5jTbF5lH65zLROJ N1vQozIpUAX+Ju5Dn4zhAgMBAAGjggOQMIIDjDAfBgNVHSMEGDAWgBSltNbrNsTn a6bfxGQLASogBLhmIzAdBgNVHQ4EFgQUj7B1CZeXq2OX0bV/hznqt/ZeU2wwIAYD VR0RBBkwF4IVdG93bmViYW5rbW9ydGdhZ2UuY29tMD4GA1UdIAQ3MDUwMwYGZ4EM AQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGf BgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9U cnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0 cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNI QTI1NjIwMjJDQTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0 dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2Vy dHMuZGlnaWNlcnQuY29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIw MjJDQTEuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkB ZwB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi4NlwhIAAAQD AEYwRAIgBjpcS+8o1iZzfRMesCHXHwnq3iRYGfR6A0bUvd/NPmECIDdi9MgzTGh+ kx2w3BpRJHM8hXPyB30vzuBp2LYmoMFRAHUASLDja9qmRzQP5WoC+p0w6xxSActW 3SyB2bu/qznYhHMAAAGLg2XCDwAABAMARjBEAiBlJKbay8V5r5HpWPlR9Tx0cGN1 HwKaWS4EVS2LnZjtiQIgOYBIYS2iyedF4mONijhj4eRt71gzMmyzbv3BqHUzInQA dwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYuDZcHwAAAEAwBI MEYCIQDGLrcSyXhpJmmflUKp8lHqAiw/FSm3tXchYYDE9U09fQIhANZW7hrOT+Bn 8UA6Zi3VDTQvdULh93UJP5wCq02UZn7PMA0GCSqGSIb3DQEBCwUAA4ICAQBwXHPY Hj665jeMb5CGeK1A7W+LbklNgxIcTnXWJpwMiv7N43bW/BA7gtwl+zBxICusVtCV e27bNS2ou2wm/lJ+EA3U3PG4BnQ2zegm7V6k5g749wRG2UNIL2IiJ+zJ3SDk3z/l FiJ+bG4ZYmH/AOdi/hfh/VaypnAknjzgmj1wMLuHDkq3TkdQF7n7GD+uW6MtwX5m 70Dbo6Si+4vjQXKrN13IGtba5RlhbvH1AXIV+mqkTIm7Ox6T9OlcmAQ4pBeJsIPH hFyJmWOHWbukNJJrJlef6KjxG9AEavKQCOKgB5z/nj8x91EsNcuYxwyTM2W/x2bw PHJnYINMPf/Gr0BVSCzDM4A/SIdfw5IPIUb2pxxIWXl14u+YRWt6WovHTHKZ/Kt3 0qgi3NHIkNN67uzwMyec2TLomPDY16lzJx0wVkInqfrxzlS9n1hPWhgNZ9jpqRhy naL+X38O86tAN8YKSwySmf1KsSYJ81MnsZBV0DW+NmMfHZFHgtNkSPTJJ0oOnBxB NoN10UPeXvs2TwJhoLAO2XkzRxygizBqTbLmPy4IWCiv1wyxXGJedRHRjHyLShmT 8l+iuiuOTX/sRpfLGUnUEwj8h5usF3FAxpIMRhfcA1t2afSWwnofvyYD6tZzWuDy Ubu/ZAvEuWlQV3aWr+wD1+eY9JbJtFPzIfjeYQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aCoJNwDOUWrMIF+pXjT rRXRBeqQbBugGUfrjay2K51MyfP7+zxEt8kDhPI4wglcOzfgSU+tC8o9dxuFBVdx AriaDH3PlIk1230jNytpgnfWE2pXsDzVLi6PueRWW6FzyrLLdcoBAxlqEpMl2WzI S4A0pX7XG1ZPai5jYrD6up2PVdLMuUtwAJS49mpizaLxe3HouXiQlGtzwBeXrnNu FUbtVeZAfwxg2ZPp4diLnTSl7p/hCMC8aX+v2hZRspEJYcaxe7nGslYkYfqzbl3h GO2mUNCO00hk3cJcIGROYZ7eQ6gohR+Y02xeZR+ucy0TiTdb0KMyKVAF/ibuQ5+M 4QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17641175561406084224634481034238643208 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-31 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'townebankmortgage.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28987794664111939241692204505860508304639806744379377996610184111050671399049240456367988369193144808854592528582642508111099303557455308643138938330584391360076783340327024487174101580745363123624068956546926490941794108237627730551258385319940764974783748083676945123436579588215220246485034140052576350346675422628751812058079267119080116310475265726022283931243809746518056318293870368996850041880152618384468008372299324994642863538714261202449851460413152514145972746108511489275200506371686843726899551926343289473303098235426328880666228438366104177690667715032845864079716410026344641820497858282568309247201 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8fb075099797ab6397d1b57f8739eab7f65e536c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'townebankmortgage.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b8365c21200000403004630440220063a5c4bef28d626737d131eb021d71f09eade245819f47a0346d4bddfcd3e6102203762f4c8334c687e931db0dc1a5124733c8573f2077d2fcee069d8b626a0c15100750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b8365c20f000004030046304402206524a6dacbc579af91e958f951f53c747063751f029a592e04552d8b9d98ed890220398048612da2c9e745e2638d8a3863e1e46def5833326cb36efdc1a875332274007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b8365c1f00000040300483046022100c62eb712c9786926699f9542a9f251ea022c3f1529b7b577216180c4f54d3d7d022100d656ee1ace4fe067f1403a662dd50d342f7542e1f775093f9c02ab4d94667ecf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00705c73d81e3ebae6378c6f908678ad40ed6f8b6e494d83121c4e75d6269c0c8afecde376d6fc103b82dc25fb3071202bac56d0957b6edb352da8bb6c26fe527e100dd4dcf1b8067436cde826ed5ea4e60ef8f70446d943482f622227ecc9dd20e4df3fe516227e6c6e196261ff00e762fe17e1fd56b2a670249e3ce09a3d7030bb870e4ab74e475017b9fb183fae5ba32dc17e66ef40dba3a4a2fb8be34172ab375dc81ad6dae519616ef1f5017215fa6aa44c89bb3b1e93f4e95c980438a41789b083c7845c8999638759bba434926b26579fe8a8f11bd0046af29008e2a0079cff9e3f31f7512c35cb98c70c933365bfc766f03c726760834c3dffc6af4055482cc333803f48875fc3920f2146f6a71c48597975e2ef98456b7a5a8bc74c7299fcab77d2a822dcd1c890d37aeeecf033279cd932e898f0d8d7a973271d30564227a9faf1ce54bd9f584f5a180d67d8e9a918729da2fe5f7f0ef3ab4037c60a4b0c9299fd4ab12609f35327b19055d035be36631f1d914782d36448f4c9274a0e9c1c41368375d143de5efb364f0261a0b00ed97933471ca08b306a4db2e63f2e085828afd70cb15c625e7511d18c7c8b4a1993f25fa2ba2b8e4d7fec4697cb1949d41308fc879bac177140c6920c4617dc035b7669f496c27a1fbf2603ead6735ae0f251bbbf640bc4b96950577696afec03d7e798f496c9b453f321f8de61