magazine.store

Issued by Amazon

About this certificate

This digital certificate with serial number 01:47:0f:13:ca:77:d6:56:74:63:c8:c1:54:0d:1e:6b was issued on by Amazon.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=magazine.store

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:47:0f:13:ca:77:d6:56:74:63:c8:c1:54:0d:1e:6b
Serial Number (int): 1698186876880877518288182646810680939
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: dc:b7:c9:af:b5:79:a8:b5:e1:77:2f:56:38:e0:ce:59:4a:e5:61:66
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 91:eb:ad:85:e5:67:23:9d:99:e8:35:07:c8:d8:9d:06:a3:e8:2b:e6
Fingerprint (sha256): b4:ab:a1:69:0e:e0:91:38:55:a8:2b:70:bc:23:68:d6:ab:29:85:7b:64:20:be:6f:b9:04:e8:61:bb:0d:1f:91

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate magazine.store

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for magazine.store

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

magazine.store
*.magazine.store
*.staging.magazine.store

Other certificates including the domain name magazine.store

(limited to 100 certificates)
payments.meredith.com
*.secure.meredith.com
secure.meredith.com
payments.meredith.com
specialoffers.meredith.com
*.agriculture.com
dev.secure.meredith.com
secure.meredith.com
mywedding.com
secure.meredith.com
mywedding.com
payments.magazines.com
secure.meredith.com
staging.payments.magazines.com
secure.meredith.com
test.payments.meredith.com
secure.meredith.com
payments.magazines.com
test.secure.meredith.com
magazine.store
www.magazine.store
cr-iframe.magazine.store
secure.meredith.com
*.secure.meredith.com
secure.meredith.com
cr-iframe.magazine.store
payments.meredith.com
*.secure.meredith.com
secure.meredith.com
test.payments.meredith.com
secure.meredith.com
magazine.store
cr-iframe.magazine.store
secure.meredith.com
mywedding.com
*.agriculture.com
*.secure.meredith.com
magazine.store
origin-cr-iframe.magazine.store
secure.meredith.com
dev.payments.magazines.com
*.secure.meredith.com
www.magazine.store
*.secure.meredith.com
secure.meredith.com
dev.secure.meredith.com
dev.payments.magazines.com
origin-cr-iframe.magazine.store
test.payments.meredith.com
payments.meredith.com
secure.meredith.com
secure.meredith.com
origin-cr-iframe.magazine.store
test.secure.meredith.com
*.secure.meredith.com
payments.meredith.com
mywedding.com
payments.meredith.com
*.secure.meredith.com
mywedding.com
*.secure.meredith.com
test.secure.meredith.com
dev.payments.magazines.com
payments.magazines.com
secure.meredith.com
magazine.store
secure.meredith.com
secure.meredith.com
secure.meredith.com
origin-cr-iframe.magazine.store
staging.payments.magazines.com
dev.payments.magazines.com
payments.meredith.com
secure.meredith.com
www.magazine.store
origin-cr-iframe.magazine.store
test.payments.magazines.com
*.secure.meredith.com
magazine.store
secure.meredith.com
dev.payments.magazine.store
secure.meredith.com
payments.magazines.com
*.secure.meredith.com
test.secure.meredith.com
dev.payments.magazines.com
payments.meredith.com
*.secure.meredith.com
payments.meredith.com
mywedding.com
cr-iframe.magazine.store
dev.secure.meredith.com
payments.meredith.com
secure.meredith.com
secure.meredith.com
cr-iframe.magazine.store
dev.payments.magazines.com
secure.meredith.com
mywedding.com
secure.meredith.com

Certificate

The complete raw certificate details for magazine.store in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIQAUcPE8p31lZ0Y8jBVA0eazANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA4MjcwMDAwMDBaFw0xOTA5Mjcx
MjAwMDBaMBkxFzAVBgNVBAMTDm1hZ2F6aW5lLnN0b3JlMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAvTEYPkqw7vzPGGvMAWtsvIl+YmLL1eVo+/98Kppf
PgM8jIkjI07IMSBbRwyrg2iSo8Q0dRRlPWzdvgLgKDzloKvEusO1gE9m+4sAFmq1
EbVIuRYVUsfbbYdjhop3ATEK+399JVoXjOt7WqwYupXN7pB6vgDs8IThpwwCmYzO
H1BpgZBJtQG2yTrsgV8VPGUmMm3f8/ZWNqiuPrUN0eVzTDik/EXeWro7xmkBKu7M
fnl+KqE07r6nTDpaN5Uyb+3DLpPati8zV95ZasPwr7Z+cyAPv4BZ0eumkbZZtxp3
YCOp+RQ7gGEJ1/DPrFlyjbnjNZfX+fyYnfF0FrWN/AMQZwIDAQABo4ICpzCCAqMw
HwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFNy3ya+1
eai14XcvVjjgzllK5WFmMEUGA1UdEQQ+MDyCDm1hZ2F6aW5lLnN0b3JlghAqLm1h
Z2F6aW5lLnN0b3JlghgqLnN0YWdpbmcubWFnYXppbmUuc3RvcmUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAy
MDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5j
cmwwIAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUGCCsGAQUFBwEB
BGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3Qu
Y29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNv
bS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA
8QB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZXv5sPkAAAQD
AEcwRQIhALH+6SiYlbDqVEZFBgxC6o//idORPtW5c3tliBRQbdbDAiAxJh8pCoLV
N6geGjOVrCft/t7OdwMqX53pqQjG7XSgwAB3AId1v+dZfPiMQ5lfvfNu/1aNR1Y2
/0q1YMG06v9eoIMPAAABZXv5sbMAAAQDAEgwRgIhAOgbmCSUmkoS/trl8k1EMv6E
X+W7+lmSylYrgASDujd+AiEAibM+I7rj3lkRHBo3uvt7i42qIC+eC2759/Z+NMLn
CEcwDQYJKoZIhvcNAQELBQADggEBAFdIGm8KC2/ZxEp2qLiFJw7uXyUyooEV94bz
OnUpH/HKEFCTsc83bwT/zVuVn7QiwisbHkzAJA+JsffaCUlRsvDnCdiberuJBWL3
lkUwHsiThP8kVKjyTHPMgjQHl3DPwtB8rxDw+unnbsi+ZFSzA+swIeMx0oM9KgHk
2U9K9TeUHe+4qk1dI4OKgHShce+k4W3KzRapIyqMRa7YQTVa9vcfhaztW30OOUf6
b5w53+0wlWyvuOQrklLFsDPjQETkmloNnWAFzrbykABwxfcFa6p73wSEyBpAd5h+
oICZYM3XFWMbSA+OnlayhZjLud6ODuiuIrge5p9Scfraegi/2u8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTEYPkqw7vzPGGvMAWts
vIl+YmLL1eVo+/98KppfPgM8jIkjI07IMSBbRwyrg2iSo8Q0dRRlPWzdvgLgKDzl
oKvEusO1gE9m+4sAFmq1EbVIuRYVUsfbbYdjhop3ATEK+399JVoXjOt7WqwYupXN
7pB6vgDs8IThpwwCmYzOH1BpgZBJtQG2yTrsgV8VPGUmMm3f8/ZWNqiuPrUN0eVz
TDik/EXeWro7xmkBKu7Mfnl+KqE07r6nTDpaN5Uyb+3DLpPati8zV95ZasPwr7Z+
cyAPv4BZ0eumkbZZtxp3YCOp+RQ7gGEJ1/DPrFlyjbnjNZfX+fyYnfF0FrWN/AMQ
ZwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1698186876880877518288182646810680939
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-27 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'magazine.store'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23883249137700470492731291263187879607232302098948976043774195238880399343544839706634956906349454274167986176479911563093340302834032431065909347897757202726049745366215385494659060636041181395115149893417749615707315432262599678151863487096451044413896982061005656534407960861767406870891621950223307597301863112779319833915158897280913848992806500993740401486694788819881487258302222672486094288044017296081165202117188477288179167934680597541352310170759229029700398279254304941249954713375880993548819739485304990208217317833167260403855559670650681017006001696074891854337332186776103429927282377808517479469159
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dcb7c9afb579a8b5e1772f5638e0ce594ae56166
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'magazine.store'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.magazine.store'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.magazine.store'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001657bf9b0f90000040300473045022100b1fee9289895b0ea544645060c42ea8fff89d3913ed5b9737b658814506dd6c3022031261f290a82d537a81e1a3395ac27edfedece77032a5f9de9a908c6ed74a0c00077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001657bf9b1b30000040300483046022100e81b9824949a4a12fedae5f24d4432fe845fe5bbfa5992ca562b800483ba377e02210089b33e23bae3de59111c1a37bafb7b8b8daa202f9e0b6ef9f7f67e34c2e70847
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0057481a6f0a0b6fd9c44a76a8b885270eee5f2532a28115f786f33a75291ff1ca105093b1cf376f04ffcd5b959fb422c22b1b1e4cc0240f89b1f7da094951b2f0e709d89b7abb890562f79645301ec89384ff2454a8f24c73cc8234079770cfc2d07caf10f0fae9e76ec8be6454b303eb3021e331d2833d2a01e4d94f4af537941defb8aa4d5d23838a8074a171efa4e16dcacd16a9232a8c45aed841355af6f71f85aced5b7d0e3947fa6f9c39dfed30956cafb8e42b9252c5b033e34044e49a5a0d9d6005ceb6f2900070c5f7056baa7bdf0484c81a4077987ea0809960cdd715631b480f8e9e56b28598cbb9de8e0ee8ae22b81ee69f5271fada7a08bfdaef