mail.csi-va.org

Issued by Go Daddy Secure Certificate Authority - G2

About this certificate

This digital certificate with serial number 94:87:f0:2c:a9:ba:d9:46 was issued on by GoDaddy.com, Inc..

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=mail.csi-va.org,OU=Domain Control Validated

GoDaddy.com, Inc.

Organization: GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 94:87:f0:2c:a9:ba:d9:46
Serial Number (int): 10702787114086095174
Serial Number lenght: 64 bits, 8 octets

SubjectKeyId: e8:b5:7d:c2:15:5c:cb:0e:b4:45:33:95:af:47:49:5e:33:2d:4c:b2
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce

Fingerprint (sha1): 98:e7:90:bc:cb:48:eb:74:bf:63:d2:b8:c4:14:dd:9d:06:e5:96:cb
Fingerprint (sha256): b2:f5:56:f8:8f:3c:13:85:0e:8f:fc:27:33:0f:bc:b7:56:42:de:2f:93:eb:ef:13:ea:ad:ef:17:2d:b2:59:df

Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt

Revocation information

OCSP Server: http://ocsp.godaddy.com/
CRL Distribution Point: http://crl.godaddy.com/gdig2s1-1184.crl

Check the revocation status for certificate mail.csi-va.org

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mail.csi-va.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mail.csi-va.org
www.mail.csi-va.org
autodiscover.csi-va.org

Other certificates including the domain name csi-va.org

(limited to 100 certificates)
mail.csi-va.org
portal.csi-va.org
mail.csi-va.org
mail.csi-va.org
mail.csi-va.org

Certificate

The complete raw certificate details for mail.csi-va.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIJAJSH8CyputlGMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa
MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0
cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj
dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE5MDYxOTIxNDQxOFoX
DTIxMDcyNjE1MTYzOVowPTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRh
dGVkMRgwFgYDVQQDEw9tYWlsLmNzaS12YS5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUodKV1WJTCFZLXkfSycTyDP43pLSW9ESBxTPdhboNEBJ6
ZLMZ0lJ4C7G4lsKqyrrYwwQ3CjiRi2+97BQnfxevY4he+J/3bEjH26VkLxAnoSeT
yF1uJ9edSvJVNoMnH4537xmkojw2VxYGoJNnGepD3NcE6t4MaMbggPfUsd0hu7+s
Vq0FJpdLtMZaCLOn3PAhMWLA+7bC9bvOWmD0np27HvsQku8WRK7ffEZsxx5XFj95
KwScOscukVyfdZjJqqs3vee4bMmZ0FEgDzWciHNWVqIzk/8bfO9zBvvliHfyq+5X
wU6ycSKfKHxP7mInYuodpXTM5Ri2JyGS7Dw4dHl7AgMBAAGjggNeMIIDWjAMBgNV
HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B
Af8EBAMCBaAwOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5nb2RhZGR5LmNv
bS9nZGlnMnMxLTExODQuY3JsMF0GA1UdIARWMFQwSAYLYIZIAYb9bQEHFwEwOTA3
BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBv
c2l0b3J5LzAIBgZngQwBAgEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhho
dHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZXJ0
aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQwHwYDVR0j
BBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wSAYDVR0RBEEwP4IPbWFpbC5jc2kt
dmEub3JnghN3d3cubWFpbC5jc2ktdmEub3JnghdhdXRvZGlzY292ZXIuY3NpLXZh
Lm9yZzAdBgNVHQ4EFgQU6LV9whVcyw60RTOVr0dJXjMtTLIwggF+BgorBgEEAdZ5
AgQCBIIBbgSCAWoBaAB1AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQ
AAABa3GyoAwAAAQDAEYwRAIgF6A5UAW76EksfHdx0E2zW76JLjmI3eSlc1n4iXvU
V30CIAiJc25G8eQvaF22EpHS6Zie9uwOUodZ/Ke+5zu8vl53AHYA7ku9t3XOYLrh
Qmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFrcbKlIwAABAMARzBFAiAsU07y+TbE
dQjYrlZgVVBj7Lo0PNRB/BzHoIjJo4XXxQIhANmC0SJh4A68OrTQMAQTwtK+fLmA
9xeL9tBx62Sgr+q+AHcARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagA
AAFrcbKnJAAABAMASDBGAiEAnX4N0708bJMQst7tUTGChbR1J/cfpx8Y+f1SonJe
SowCIQDUCC7UhxPho08toywkddfzXnfv6tLjGQYo9jbIL3q7KjANBgkqhkiG9w0B
AQsFAAOCAQEAFgAYn5+1S9GowDmCyShZbN+8fE7vVRtHV7jDZ2O8AQFopUv3U2Tg
qAiku0Mdrog6Dl8o2A5AiVyE2Cz3slcKm3I6wQ+PBtiOols4YT31TY9Wy3QI1HZW
70YPvha2mbrzRyw6cwjZtpC9EVoymOgG2JLVOyPT7XRrhK1D2H25LZ3vJQpHa1Hc
bDc1G4yTHE9Q8H4mBrq0a9DJ4o9sdmd5h0Mp5fwKw6ZyZMniHNYctcq5RSmP/gXQ
In/f1g6jHTeqzXfppteQ1tXo9h/1D089tAAJUJvh2vjVeR8Nqp0JYSVQ/P7R5K3C
64ptXyChxukoyE0C7vujFgW7jFboc8uiGA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKHSldViUwhWS15H0snE
8gz+N6S0lvREgcUz3YW6DRASemSzGdJSeAuxuJbCqsq62MMENwo4kYtvvewUJ38X
r2OIXvif92xIx9ulZC8QJ6Enk8hdbifXnUryVTaDJx+Od+8ZpKI8NlcWBqCTZxnq
Q9zXBOreDGjG4ID31LHdIbu/rFatBSaXS7TGWgizp9zwITFiwPu2wvW7zlpg9J6d
ux77EJLvFkSu33xGbMceVxY/eSsEnDrHLpFcn3WYyaqrN73nuGzJmdBRIA81nIhz
VlaiM5P/G3zvcwb75Yh38qvuV8FOsnEinyh8T+5iJ2LqHaV0zOUYtichkuw8OHR5
ewIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10702787114086095174
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-19 21:44:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-26 15:16:39 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.csi-va.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18763066832535149507446673095399130635271085637579574026909955396200674519835576751813673778335371098888849787598029735397278303685678370591529864161097595508252026299693688541594088330023050326039688825660988044766888848819808163368661669343219136628229184186514298179856279098717740190540077291929489144543438472521451393277932205936978698293430828739048492226644878243913877678905377339514384613498152603232032991231632928047575905436766872818328595776810110661125447459618718141591636080925629005862740286723673143262789426087771698892216668224368275618737768580879299854238285692798650876452568229460862313986427
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-1184.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.csi-va.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mail.csi-va.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.csi-va.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e8b57dc2155ccb0eb4453395af47495e332d4cb2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016b71b2a00c0000040300463044022017a0395005bbe8492c7c7771d04db35bbe892e3988dde4a57359f8897bd4577d02200889736e46f1e42f685db61291d2e9989ef6ec0e528759fca7bee73bbcbe5e77007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016b71b2a523000004030047304502202c534ef2f936c47508d8ae5660555063ecba343cd441fc1cc7a088c9a385d7c5022100d982d12261e00ebc3ab4d0300413c2d2be7cb980f7178bf6d071eb64a0afeabe0077004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016b71b2a72400000403004830460221009d7e0dd3bd3c6c9310b2deed51318285b47527f71fa71f18f9fd52a2725e4a8c022100d4082ed48713e1a34f2da32c2475d7f35e77efead2e3190628f636c82f7abb2a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001600189f9fb54bd1a8c03982c928596cdfbc7c4eef551b4757b8c36763bc010168a54bf75364e0a808a4bb431dae883a0e5f28d80e40895c84d82cf7b2570a9b723ac10f8f06d88ea25b38613df54d8f56cb7408d47656ef460fbe16b699baf3472c3a7308d9b690bd115a3298e806d892d53b23d3ed746b84ad43d87db92d9def250a476b51dc6c37351b8c931c4f50f07e2606bab46bd0c9e28f6c766779874329e5fc0ac3a67264c9e21cd61cb5cab945298ffe05d0227fdfd60ea31d37aacd77e9a6d790d6d5e8f61ff50f4f3db40009509be1daf8d5791f0daa9d09612550fcfed1e4adc2eb8a6d5f20a1c6e928c84d02eefba31605bb8c56e873cba218