nexttrucking.org
Issued by R3
About this certificate
This digital certificate with serial number 04:cf:1b:78:00:cc:ef:b7:9b:c6:3b:c3:6f:e2:cb:2b:ed:17 was issued on by Let's Encrypt.
With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nexttrucking.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:cf:1b:78:00:cc:ef:b7:9b:c6:3b:c3:6f:e2:cb:2b:ed:17Serial Number (int): 418924105927421199470603750596418961403159
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 7f:25:61:3b:b7:73:2f:bc:05:87:1a:9a:c0:38:ec:eb:29:39:1b:93
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 4b:9d:27:08:5e:9e:01:db:c6:9c:00:7f:14:4e:ff:29:b4:d1:57:f6
Fingerprint (sha256): b5:4c:d3:9e:03:d9:df:ef:7f:7e:19:92:2f:5c:12:55:53:38:55:5e:5a:2b:96:68:fa:26:71:5a:3a:82:e4:43
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate nexttrucking.org
18
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nexttrucking.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
colinmaher.com
dotetx.com
enerpactoolgroup.uk
heffelman.com
hempfencing.com
hipaainsurance.com
immigranthousing.net
joelrunyon.tv
lucidansan.com
mcdowellcounty.com
mdtemplates.statenationals.us
nessphotos.com
nexttrucking.org
nonsequitor.com
northtroy.com
sahood.com
usedcasedepot.com
whitwell.net
dotetx.com
enerpactoolgroup.uk
heffelman.com
hempfencing.com
hipaainsurance.com
immigranthousing.net
joelrunyon.tv
lucidansan.com
mcdowellcounty.com
mdtemplates.statenationals.us
nessphotos.com
nexttrucking.org
nonsequitor.com
northtroy.com
sahood.com
usedcasedepot.com
whitwell.net
Other certificates including the domain name nexttrucking.org
(limited to 100 certificates)
musicbingo.ca
5272653.ca
www.upcurve.org
ssl-66ert.epik.to
french.bible
nexttrucking.org
5272653.ca
5272653.ca
5272653.ca
5272653.ca
5272653.ca
3868.org
5272653.ca
5272653.ca
wales.healthcare
sanantonionewhomesguide.com.revivedpro.ca
5272653.ca
nexttrucking.org
5272653.ca
tgirlcanada.ca
getstaking.info.artesana.org
5272653.ca
5272653.ca
5272653.ca
5272653.ca
5272653.ca
www.upcurve.org
ssl-66ert.epik.to
french.bible
nexttrucking.org
5272653.ca
5272653.ca
5272653.ca
5272653.ca
5272653.ca
3868.org
5272653.ca
5272653.ca
wales.healthcare
sanantonionewhomesguide.com.revivedpro.ca
5272653.ca
nexttrucking.org
5272653.ca
tgirlcanada.ca
getstaking.info.artesana.org
5272653.ca
5272653.ca
5272653.ca
5272653.ca
Certificate
The complete raw certificate details for nexttrucking.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHTCCBQWgAwIBAgISBM8beADM77ebxjvDb+LLK+0XMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDkwODA3MTdaFw0yNDA4MDcwODA3MTZaMBsxGTAXBgNVBAMT EG5leHR0cnVja2luZy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClcEeGlX4YSkI56r9O3+qyYw1K4XrhW3poyNO1IPvjUpsZgMDBcgRxak497HqC tqcp1M5hOOCKWYB8byGpNqf/VBI/uQ4i8513bAKIMSnBnvO675BucG6Pm5S3kX34 eKUQ9kLg/LccuwZLU42rusi78+V/kBfhiCwpNSt0yem5DFDGC0MSwoTOb3EMvKDZ dBknW5mlGWct/jNmQ+NzcW1y5OYdrKS4JQ6KsyY0/r29BWLEU3hI6QwbOneawkVL wMAJ1glhw23II25WZXpWibAGPBLOMWwqrDTnZAMlGvw6vKmXO0UVZx7zZ+uKYBs3 7LQV1b48podrPWbsEG0z7b2rAgMBAAGjggNCMIIDPjAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFH8lYTu3cy+8BYcamsA47OspORuTMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMIIBSQYDVR0RBIIBQDCCATyCDmNvbGlubWFoZXIuY29tggpkb3RldHguY29t ghNlbmVycGFjdG9vbGdyb3VwLnVrgg1oZWZmZWxtYW4uY29tgg9oZW1wZmVuY2lu Zy5jb22CEmhpcGFhaW5zdXJhbmNlLmNvbYIUaW1taWdyYW50aG91c2luZy5uZXSC DWpvZWxydW55b24udHaCDmx1Y2lkYW5zYW4uY29tghJtY2Rvd2VsbGNvdW50eS5j b22CHW1kdGVtcGxhdGVzLnN0YXRlbmF0aW9uYWxzLnVzgg5uZXNzcGhvdG9zLmNv bYIQbmV4dHRydWNraW5nLm9yZ4IPbm9uc2VxdWl0b3IuY29tgg1ub3J0aHRyb3ku Y29tggpzYWhvb2QuY29tghF1c2VkY2FzZWRlcG90LmNvbYIMd2hpdHdlbGwubmV0 MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUA PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPXJtiPQAABAMARjBE AiAAm3KAzxkCLA1zW1vXVXSNuwh8T2ok3/4jWBFt8gkJEgIgAPlzuffQ4mHReGFo LUJIkT4UrslKeHQnVXLhc9VsQ3wAdwDf4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVq AdHBO75SXAAAAY9cm2L/AAAEAwBIMEYCIQCqu6abtFAqli/oWsZaWUc/ZmOt50VC o3p9VQJuAyxWVwIhAKjT1KN7PllZtYxNrcTM5MhPHz6Zhxp5sk7yUrAqdEIXMA0G CSqGSIb3DQEBCwUAA4IBAQA6XbiAn8rUwTgSZfld8nZvui7JVVM1Wrh80MQm6bsP bDqNn/YIxGtksPW9Fc4HdD4Q1ZxqdGIRD9F9UtlRbl5P7vEFehkEY1Dlxu9+K9vw AJ2uH6fwbUnlENnA4HutH65AUITu+AeaAb0xCjKqScDGfC/YHGbQbtmCMzgjg/Ve RY4K7zRpcBYq4OpjYlGK4NrSQnfvrmYgK93wS9UfCDnMH7iGGqgyCKW5/pU+sbf+ TbnNY1YgpREdQNMtqK8FKxWpZO9HpOtQASliCWsejuM7JX740CR8s1apWy2M/Sgn sPyjEujG9Nk/kGQQjnvajVKCzSsUv7mk8i4qwP1/laJm -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXBHhpV+GEpCOeq/Tt/q smMNSuF64Vt6aMjTtSD741KbGYDAwXIEcWpOPex6granKdTOYTjgilmAfG8hqTan /1QSP7kOIvOdd2wCiDEpwZ7zuu+QbnBuj5uUt5F9+HilEPZC4Py3HLsGS1ONq7rI u/Plf5AX4YgsKTUrdMnpuQxQxgtDEsKEzm9xDLyg2XQZJ1uZpRlnLf4zZkPjc3Ft cuTmHaykuCUOirMmNP69vQVixFN4SOkMGzp3msJFS8DACdYJYcNtyCNuVmV6Vomw BjwSzjFsKqw052QDJRr8OryplztFFWce82frimAbN+y0FdW+PKaHaz1m7BBtM+29 qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 418924105927421199470603750596418961403159 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-09 08:07:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-07 08:07:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nexttrucking.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20884687353784762884845572431229485022493359276539641331037878625869005121251641448116953261206403536869755989182190770337361091176304235132578471114507077148038487358572998837950286290330153248457952549717949147532976989513898268683574206844423361117263044883851578280650383905882554388257273563674906519705630146171931838223872368500491175499109538603820492828205683573331581210231315606041027268335059959951145322844479025958779262572102901578128118251165798442395803065582917062997944040567084591078860215694848384455219748100153144379398304502856099479611366356596370545134411977333514723930143159674691438624171 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7f25613bb7732fbc05871a9ac038eceb29391b93 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (320 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colinmaher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dotetx.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enerpactoolgroup.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heffelman.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hempfencing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hipaainsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'immigranthousing.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'joelrunyon.tv' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lucidansan.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mcdowellcounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mdtemplates.statenationals.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nessphotos.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nexttrucking.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonsequitor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northtroy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sahood.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usedcasedepot.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whitwell.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f5c9b623d00000403004630440220009b7280cf19022c0d735b5bd755748dbb087c4f6a24dffe2358116df2090912022000f973b9f7d0e261d17861682d4248913e14aec94a7874275572e173d56c437c007700dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f5c9b62ff0000040300483046022100aabba69bb4502a962fe85ac65a59473f6663ade74542a37a7d55026e032c5657022100a8d3d4a37b3e5959b58c4dadc4cce4c84f1f3e99871a79b24ef252b02a744217 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003a5db8809fcad4c1381265f95df2766fba2ec95553355ab87cd0c426e9bb0f6c3a8d9ff608c46b64b0f5bd15ce07743e10d59c6a7462110fd17d52d9516e5e4feef1057a19046350e5c6ef7e2bdbf0009dae1fa7f06d49e510d9c0e07bad1fae405084eef8079a01bd310a32aa49c0c67c2fd81c66d06ed98233382383f55e458e0aef346970162ae0ea6362518ae0dad24277efae66202bddf04bd51f0839cc1fb8861aa83208a5b9fe953eb1b7fe4db9cd635620a5111d40d32da8af052b15a964ef47a4eb50012962096b1e8ee33b257ef8d0247cb356a95b2d8cfd2827b0fca312e8c6f4d93f9064108e7bda8d5282cd2b14bfb9a4f22e2ac0fd7f95a266