*.roseninspection.net
Issued by GlobalSign GCC R3 DV TLS CA 2020
About this certificate
This digital certificate with serial number 19:48:96:2d:87:e1:ac:dc:42:3e:49:a2 was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.roseninspection.net
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate will expire on
Certificate Details
Serial Number (hex): 19:48:96:2d:87:e1:ac:dc:42:3e:49:a2Serial Number (int): 7824877099413090909294578082
Serial Number lenght: 93 bits, 12 octets
SubjectKeyId: c7:03:e2:b7:aa:6d:c4:84:dc:54:b8:a6:bd:6c:7e:38:65:3c:ba:ec
AuthorityKeyId: 0d:98:c0:73:7f:ab:bd:bd:d9:47:4b:49:ad:0a:4a:0c:ac:3e:c7:7c
Fingerprint (sha1): 16:cf:2c:35:0d:c3:82:d3:b9:6a:72:75:08:39:0b:02:07:50:8b:16
Fingerprint (sha256): ae:1e:b6:9b:a6:f0:f5:46:70:29:1d:04:d9:25:8a:0f:75:62:20:91:da:c6:fa:1f:8c:b0:0c:e0:db:8f:8b:06
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsgccr3dvtlsca2020.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/gsgccr3dvtlsca2020CRL Distribution Point: http://crl.globalsign.com/gsgccr3dvtlsca2020.crl
Check the revocation status for certificate *.roseninspection.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.roseninspection.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.roseninspection.net
roseninspection.net
roseninspection.net
Other certificates including the domain name roseninspection.net
(limited to 100 certificates)
tfs.roseninspection.net
sip.roseninspection.net
sip.roseninspection.net
*.roseninspection.net
*.roseninspection.net
*.roseninspection.net
*.roseninspection.net
sip.roseninspection.net
sip.roseninspection.net
*.roseninspection.net
*.roseninspection.net
*.roseninspection.net
view-uag.roseninspection.net
sip.roseninspection.net
*.roseninspection.net
*.roseninspection.net
sip.roseninspection.net
sip.roseninspection.net
*.roseninspection.net
*.roseninspection.net
*.roseninspection.net
*.roseninspection.net
sip.roseninspection.net
sip.roseninspection.net
*.roseninspection.net
*.roseninspection.net
*.roseninspection.net
view-uag.roseninspection.net
sip.roseninspection.net
*.roseninspection.net
*.roseninspection.net
Certificate
The complete raw certificate details for *.roseninspection.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHYzCCBkugAwIBAgIMGUiWLYfhrNxCPkmiMA0GCSqGSIb3DQEBCwUAMFMxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSkwJwYDVQQDEyBH bG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAyMDAeFw0yMzEyMTEwODAzMjBa Fw0yNTAxMTEwODAzMTlaMCAxHjAcBgNVBAMMFSoucm9zZW5pbnNwZWN0aW9uLm5l dDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAO2eFd2xVeVvwaRD8G2I xrT62LbtEXCHdlf5SVG7NEFlZOKgXKd1TPNJE9Ud7jxaM4tCBrCw89/VYnfnfl8I jL7+0ykb26AWsfQksPFPM1V4xAZ+rNfhoXDeCoT0BEPQcRlKIycgMVAKIIGTc8q6 OsACrtVKsv13y/Si7sDBnHu859YwZTbkZLgLle+p61cNXkMmSsrbWsSpgDEdraad wZYMsL/6IiOAwlJ3lqXDHS1ZsKNTQ7Z+3zw6RTvxS9hPUr/rbCTmhYg6OhM2Jh+6 4hmGRX/CI6fBI2qTBLJpT2ZXIv1bdNVdTvS/NNWRK2mRVunJYiESvzfoSU6wGiTb 1WBky2UT3Se9H7cWupSoo0OQN9XAzLBYYPdUswj2oDjmvVh4pL8p0uK56StWNYUi zsb5cYsY0tRQfM+b8l+nHzm36L0k51naiGKAnv1WxMQIJQlRvOZXwzrVjcoFEC/H Vbmxbv5zfsf0OBaQ74//aEEp1n8I+1Gdw+FhzDt+CSRxz+hgHeVlR4cOpFqHjSgD iNhpPXpkyEBMuu2gzci8LjsLQaJ/BdoUv76Q7incPGq5FghS6wPvdqViA9N6yB5V CdlJY0sei9NmoyRZG+NccfjFM3S65fBACrLJsMJqxbyGL4qnUFpuIh/xLA7xfOxz HYwjUUwoyXPDgyumEqhh5HvdAgMBAAGjggNoMIIDZDAOBgNVHQ8BAf8EBAMCBaAw DAYDVR0TAQH/BAIwADCBkwYIKwYBBQUHAQEEgYYwgYMwRgYIKwYBBQUHMAKGOmh0 dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZ2NjcjNkdnRsc2Nh MjAyMC5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29t L2dzZ2NjcjNkdnRsc2NhMjAyMDBWBgNVHSAETzBNMEEGCSsGAQQBoDIBCjA0MDIG CCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5 LzAIBgZngQwBAgEwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5nbG9iYWxz aWduLmNvbS9nc2djY3IzZHZ0bHNjYTIwMjAuY3JsMDUGA1UdEQQuMCyCFSoucm9z ZW5pbnNwZWN0aW9uLm5ldIITcm9zZW5pbnNwZWN0aW9uLm5ldDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUDZjAc3+rvb3ZR0tJrQpK DKw+x3wwHQYDVR0OBBYEFMcD4reqbcSE3FS4pr1sfjhlPLrsMIIBewYKKwYBBAHW eQIEAgSCAWsEggFnAWUAdQDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeO UAAAAYxX5vMqAAAEAwBGMEQCIG/lf/bmPbKH4wq6Rt6x2ehEJdcFHDbzxArMLSE3 OHMHAiAe3EuCnvZm32YBkDISgTys/LiKhQCDEOPpSpcNSq+zEwB1AE51oydcmhDD OFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjFfm9DAAAAQDAEYwRAIgA5cXH+M3 kkgxw1y4EgjB5rlNMbJnzaJ3ODUxV4zSZlkCIA5e8OKywesa5NE7DFeG716fKqpv sP1WBEpeBBJtbmZ/AHUA4JKz/AwdyOdoNh/eYbmWTQpSeBmKctZyxLBNpW1vVAQA AAGMV+bz+QAABAMARjBEAiBxVWJrBHk94gAvfLSqOhGdrpEr+SD0IPj+uIBWtrkI kwIgQL++jMgxV1XHF1OEj+0LwnjWy6DR+X1uNsOtO9w4RR4wDQYJKoZIhvcNAQEL BQADggEBAB2Q7/LYR01JwLD0s4VOrWBKri+nAXM+tTipF8KRR6QPvrdix4jRgD6x JWJWQTCnwqZpKZ2qcXta8q8TLP6DN/ABWRQ0j1GR39DJgBETHr3zuHzNITcbGQTZ pJ1K+qBKfNGAGvhHaBrwQXODbi9ZIcQn1XbUlQ9inN0ByASKQ5Dt2IaRatUofAJ2 qX+5yN0DUcPNIcPs9ZmdMoj++OTBu2/bQSm2chM3eG4KcydZMqL7GpHiTYh/5O+f L1lMCGQJb6hwhbbzdvxx9GtKJgGqKOePq+32WjOqzNvXD/vcSALJ46NlXQ0BWafa U59MJ/4yOqnCrYNcIEvLXWKXkWaEHDc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA7Z4V3bFV5W/BpEPwbYjG tPrYtu0RcId2V/lJUbs0QWVk4qBcp3VM80kT1R3uPFozi0IGsLDz39Vid+d+XwiM vv7TKRvboBax9CSw8U8zVXjEBn6s1+GhcN4KhPQEQ9BxGUojJyAxUAoggZNzyro6 wAKu1Uqy/XfL9KLuwMGce7zn1jBlNuRkuAuV76nrVw1eQyZKyttaxKmAMR2tpp3B lgywv/oiI4DCUneWpcMdLVmwo1NDtn7fPDpFO/FL2E9Sv+tsJOaFiDo6EzYmH7ri GYZFf8Ijp8EjapMEsmlPZlci/Vt01V1O9L801ZEraZFW6cliIRK/N+hJTrAaJNvV YGTLZRPdJ70ftxa6lKijQ5A31cDMsFhg91SzCPagOOa9WHikvynS4rnpK1Y1hSLO xvlxixjS1FB8z5vyX6cfObfovSTnWdqIYoCe/VbExAglCVG85lfDOtWNygUQL8dV ubFu/nN+x/Q4FpDvj/9oQSnWfwj7UZ3D4WHMO34JJHHP6GAd5WVHhw6kWoeNKAOI 2Gk9emTIQEy67aDNyLwuOwtBon8F2hS/vpDuKdw8arkWCFLrA+92pWID03rIHlUJ 2UljSx6L02ajJFkb41xx+MUzdLrl8EAKssmwwmrFvIYviqdQWm4iH/EsDvF87HMd jCNRTCjJc8ODK6YSqGHke90CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7824877099413090909294578082 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign GCC R3 DV TLS CA 2020' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 08:03:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-11 08:03:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.roseninspection.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 969394910611067792175628476872162834945950867646538331510896977268700855903989052680328527459407315655050332256536543575042885687101329360200738664952892680824565203359628943289783928357663136698227717007972711268466353736473347542375255228026885701374818170504035904480884167328101545789571298943921627875687237989406041182294332972072249184089005051588303572706026580438817687868040566336668428458550109361807980212445252222309201368700873441566570239625305932062139817915187864965210312179844925331648348291214411223823253419275917405536078436397716989125453515619588569775950382406486487129468752069208667348165349437419426601814261027537602787924851584435166426585581478932794572027923818852867948795757623029579937874820028022946751599777079137277378481144598233035748460337044642098150887857914241732608602315431401269254637022909525529371918614275756619942547016370880476552530332678154126667455144153493320881450867133167911099780064238765774465384599232300489259744734006853049588101388798389801424860496364834304928154337835228679928278666374341275928995328843500680952261379275077585844015680393961909099569687687192556886910938069795145701815411425869463978523730184659091170040292575476203003014316074068203242797693917 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (134 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsgccr3dvtlsca2020.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsgccr3dvtlsca2020' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsgccr3dvtlsca2020.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.roseninspection.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roseninspection.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0d98c0737fabbdbdd9474b49ad0a4a0cac3ec77c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c703e2b7aa6dc484dc54b8a6bd6c7e38653cbaec . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes) 0165007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018c57e6f32a000004030046304402206fe57ff6e63db287e30aba46deb1d9e84425d7051c36f3c40acc2d213738730702201edc4b829ef666df6601903212813cacfcb88a85008310e3e94a970d4aafb3130075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c57e6f430000004030046304402200397171fe337924831c35cb81208c1e6b94d31b267cda277383531578cd2665902200e5ef0e2b2c1eb1ae4d13b0c5786ef5e9f2aaa6fb0fd56044a5e04126d6e667f007500e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018c57e6f3f9000004030046304402207155626b04793de2002f7cb4aa3a119dae912bf920f420f8feb88056b6b90893022040bfbe8cc8315755c71753848fed0bc278d6cba0d1f97d6e36c3ad3bdc38451e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001d90eff2d8474d49c0b0f4b3854ead604aae2fa701733eb538a917c29147a40fbeb762c788d1803eb12562564130a7c2a669299daa717b5af2af132cfe8337f0015914348f5191dfd0c98011131ebdf3b87ccd21371b1904d9a49d4afaa04a7cd1801af847681af04173836e2f5921c427d576d4950f629cdd01c8048a4390edd886916ad5287c0276a97fb9c8dd0351c3cd21c3ecf5999d3288fef8e4c1bb6fdb4129b6721337786e0a73275932a2fb1a91e24d887fe4ef9f2f594c0864096fa87085b6f376fc71f46b4a2601aa28e78fabedf65a33aaccdbd70ffbdc4802c9e3a3655d0d0159a7da539f4c27fe323aa9c2ad835c204bcb5d62979166841c37