umiprecepts.org
Issued by R3
About this certificate
This digital certificate with serial number 03:88:d7:12:48:b7:6d:83:c8:36:10:d4:0f:a3:ff:50:55:25 was issued on by Let's Encrypt.
With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=umiprecepts.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:88:d7:12:48:b7:6d:83:c8:36:10:d4:0f:a3:ff:50:55:25Serial Number (int): 307901138651831719894316450983252251923749
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0f:d7:fc:19:6b:d5:17:cc:83:2c:5f:38:5a:51:d6:f4:b2:a7:48:6f
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fd:9d:42:14:63:cb:d0:d4:50:c0:1e:b2:e2:b4:51:7f:6a:f6:56:0f
Fingerprint (sha256): b3:05:43:f1:7f:ef:30:26:10:14:dc:f5:1c:ce:10:85:e6:63:78:07:4c:be:1d:6a:0f:6d:92:dd:ae:77:08:04
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate umiprecepts.org
23
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for umiprecepts.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
4songs.com
7v7eliteshowcase.com
actualiteamericaine.com
ad-maiora.com
akaushisteak.com
beaconlights.com
cialiisensf.com
cityofdecatur.com
earinjuryattorney.com
einsiedeln.com
eroticpodcasts.com
fortjefferson.com
hialeah.net
houstontxhomeremodeling.com
ohiosoftwarecompany.com
orlandoroofrenewal.com
passionforpaleo.com
rentacarforvip.com
showexpo.com
sunglocto.com
traversecounty.com
umiprecepts.org
wellnessblogs.com
7v7eliteshowcase.com
actualiteamericaine.com
ad-maiora.com
akaushisteak.com
beaconlights.com
cialiisensf.com
cityofdecatur.com
earinjuryattorney.com
einsiedeln.com
eroticpodcasts.com
fortjefferson.com
hialeah.net
houstontxhomeremodeling.com
ohiosoftwarecompany.com
orlandoroofrenewal.com
passionforpaleo.com
rentacarforvip.com
showexpo.com
sunglocto.com
traversecounty.com
umiprecepts.org
wellnessblogs.com
Other certificates including the domain name umiprecepts.org
(limited to 100 certificates)
celebratechristian.org
umiprecepts.org
diskjockeys.ca
librti.ca
candles.cool.umiprecepts.org
umiprecepts.org
watermarkfarm.org
brilliantscience.org
umiprecepts.org
aquatic-tribes.org
yeshivocation.org.bdutv.com.umiprecepts.org
umiprecepts.org
biospace.one
umiprecepts.org
leadership.bible
exchanged.media
hydratight.ca
umiprecepts.org
umiprecepts.org
umiprecepts.org
diskjockeys.ca
librti.ca
candles.cool.umiprecepts.org
umiprecepts.org
watermarkfarm.org
brilliantscience.org
umiprecepts.org
aquatic-tribes.org
yeshivocation.org.bdutv.com.umiprecepts.org
umiprecepts.org
biospace.one
umiprecepts.org
leadership.bible
exchanged.media
hydratight.ca
umiprecepts.org
umiprecepts.org
Certificate
The complete raw certificate details for umiprecepts.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGmTCCBYGgAwIBAgISA4jXEki3bYPINhDUD6P/UFUlMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTYwMjI4MTVaFw0yNDA3MTUwMjI4MTRaMBoxGDAWBgNVBAMT D3VtaXByZWNlcHRzLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ANqvnd3FyYshaBFGlB9QMwCbr9xjsTjtgGRrPW72lmXVPrw4Jtoun5uMna1B6VZw gFLh/p6Sc/tmiCdpw1pzB6NV4im1wLQEELu5Kzkw9Ma2Llzzju9O5mMh1tCgl8ch fXJp3p8AC4O53OzY9rPnRqpxabeQanXhwNb2mKnpckp30OVbRBjdX1KFAcGw+p5z E9BTfsloNuDRkEoQbcZnl9+27ZlthUOnHEdvfEp2NjBr7KkTi/IAsO/Inn1k81SC wljaIP+jiQpaECIGL5OwXtgfkJGZ0xcMdaW8wbe/uCVOHIPRdT61mWD4utqTdtAl RTkRE2HaB+Ci0ud2PGIy4bUCAwEAAaOCA78wggO7MA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUD9f8GWvVF8yDLF84WlHW9LKnSG8wHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wggHGBgNVHREEggG9MIIBuYIKNHNvbmdzLmNvbYIUN3Y3ZWxpdGVzaG93Y2Fz ZS5jb22CF2FjdHVhbGl0ZWFtZXJpY2FpbmUuY29tgg1hZC1tYWlvcmEuY29tghBh a2F1c2hpc3RlYWsuY29tghBiZWFjb25saWdodHMuY29tgg9jaWFsaWlzZW5zZi5j b22CEWNpdHlvZmRlY2F0dXIuY29tghVlYXJpbmp1cnlhdHRvcm5leS5jb22CDmVp bnNpZWRlbG4uY29tghJlcm90aWNwb2RjYXN0cy5jb22CEWZvcnRqZWZmZXJzb24u Y29tggtoaWFsZWFoLm5ldIIbaG91c3RvbnR4aG9tZXJlbW9kZWxpbmcuY29tghdv aGlvc29mdHdhcmVjb21wYW55LmNvbYIWb3JsYW5kb3Jvb2ZyZW5ld2FsLmNvbYIT cGFzc2lvbmZvcnBhbGVvLmNvbYIScmVudGFjYXJmb3J2aXAuY29tggxzaG93ZXhw by5jb22CDXN1bmdsb2N0by5jb22CEnRyYXZlcnNlY291bnR5LmNvbYIPdW1pcHJl Y2VwdHMub3JnghF3ZWxsbmVzc2Jsb2dzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAEC ATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHL Vt0sgdm7v6s52IRzAAABjuTyuDUAAAQDAEcwRQIhAKeKSRW1qEN4ViKUep2twrMZ tzs6fC5v7dmlerZgHJ5+AiAuJXyxU+cgP7OFUdqY5wnhcSz71+r7nfKJF+8kLphN 5gB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjuTyuJAAAAQD AEcwRQIhAPYxMPRGqPUIVnCfSR1P+/TESjpJ4+Qu8t/c/TdU5ocZAiAjddC4bpmX NI7LVaha7y8S6wcTrDgllfMlVUoXCuwmyTANBgkqhkiG9w0BAQsFAAOCAQEAN++c TbWY20ug45qnA5y5E6JLRvqTIftk5d/NBunZStveqOBwJ+C0tdESw/dd6ihCFRXk rQ6z4V0QStDwNvsNGL8iPA3hpgfAIYZOYj3eoN5+VyvifCCuhbdRMg/LD92H95z1 eoavUjINc6VqteflmE6sdywk+oQrIf2h4yEZmeI5LKiHUlFmmyUf612PVkHzssm2 OzXbmcE/CpFrfwfZGgp7Iud/80yUjS7UA6OSAm2J5epI6L50cvJdaBkB9WwPKXBa lWzAqqtU8D0xCzGd4qw7ZcHnuxJolplYD35bKTKQVMLYhhraRQLwWVlyg8vEAadY HtgzqTRQiHwNXkOHJA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q+d3cXJiyFoEUaUH1Az AJuv3GOxOO2AZGs9bvaWZdU+vDgm2i6fm4ydrUHpVnCAUuH+npJz+2aIJ2nDWnMH o1XiKbXAtAQQu7krOTD0xrYuXPOO707mYyHW0KCXxyF9cmnenwALg7nc7Nj2s+dG qnFpt5BqdeHA1vaYqelySnfQ5VtEGN1fUoUBwbD6nnMT0FN+yWg24NGQShBtxmeX 37btmW2FQ6ccR298SnY2MGvsqROL8gCw78iefWTzVILCWNog/6OJCloQIgYvk7Be 2B+QkZnTFwx1pbzBt7+4JU4cg9F1PrWZYPi62pN20CVFORETYdoH4KLS53Y8YjLh tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 307901138651831719894316450983252251923749 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-16 02:28:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-15 02:28:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'umiprecepts.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27606550287845336851708831565550457784523102206616144991251071843423065477239668964954208012050694420774036765612171570435202789852808311629226850145419108344322897239948331502511254248799507172329333925904160037417954533634886228620784057011092838924887132435609139692491016827431111641605726928961260114688807144486761789942490499226225751407640915943639792152263907587813411273950536119958644715442558618612045272450166566563356982752866065957273665933912583322981087814685215286136540409212379259904379033074662685985053875418822197033284803557821290194889231552455504199432504829648697930215712758118190754750901 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0fd7fc196bd517cc832c5f385a51d6f4b2a7486f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (445 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '4songs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '7v7eliteshowcase.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'actualiteamericaine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ad-maiora.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'akaushisteak.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beaconlights.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cialiisensf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cityofdecatur.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'earinjuryattorney.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'einsiedeln.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eroticpodcasts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fortjefferson.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hialeah.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'houstontxhomeremodeling.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohiosoftwarecompany.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orlandoroofrenewal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'passionforpaleo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rentacarforvip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'showexpo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sunglocto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'traversecounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'umiprecepts.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wellnessblogs.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ee4f2b8350000040300473045022100a78a4915b5a843785622947a9dadc2b319b73b3a7c2e6fedd9a57ab6601c9e7e02202e257cb153e7203fb38551da98e709e1712cfbd7eafb9df28917ef242e984de600760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ee4f2b8900000040300473045022100f63130f446a8f50856709f491d4ffbf4c44a3a49e3e42ef2dfdcfd3754e6871902202375d0b86e9997348ecb55a85aef2f12eb0713ac382595f325554a170aec26c9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0037ef9c4db598db4ba0e39aa7039cb913a24b46fa9321fb64e5dfcd06e9d94adbdea8e07027e0b4b5d112c3f75dea28421515e4ad0eb3e15d104ad0f036fb0d18bf223c0de1a607c021864e623ddea0de7e572be27c20ae85b751320fcb0fdd87f79cf57a86af52320d73a56ab5e7e5984eac772c24fa842b21fda1e3211999e2392ca8875251669b251feb5d8f5641f3b2c9b63b35db99c13f0a916b7f07d91a0a7b22e77ff34c948d2ed403a392026d89e5ea48e8be7472f25d681901f56c0f29705a956cc0aaab54f03d310b319de2ac3b65c1e7bb12689699580f7e5b29329054c2d8861ada4502f059597283cbc401a7581ed833a93450887c0d5e438724