ourhometransitional.org
Issued by R3
About this certificate
This digital certificate with serial number 04:b1:65:06:e9:8c:04:91:a3:cf:7e:21:b1:79:e7:6f:44:27 was issued on by Let's Encrypt.
With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ourhometransitional.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:b1:65:06:e9:8c:04:91:a3:cf:7e:21:b1:79:e7:6f:44:27Serial Number (int): 408813410590297316742334606237601035666471
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 98:30:b2:93:0b:89:ea:57:6d:ac:20:4f:3d:93:64:d4:65:95:1a:20
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): e3:72:ad:c9:ae:66:e5:5a:ea:c9:3c:90:84:a3:10:2f:f8:b0:1e:1c
Fingerprint (sha256): b7:31:13:41:ac:49:ac:ee:f5:c3:35:d8:7e:f2:35:0d:b9:4e:e5:32:9b:5e:f8:dd:36:71:be:d6:c2:08:4b:84
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ourhometransitional.org
17
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ourhometransitional.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bbpardee.us
codyarmstrong.net
dentalcover.in
disastermasters.org
espjazz.com
googlereview.charlottefirewood.com
handmadehemp.com
learnhowvideocourses.com
maepimbeach.com
nfteuphrasy.com
ourhometransitional.org
sanantoniowomensconnection.com
sexinart.com
stlfund.com
tannergerritsen.com
usa-precisionfirearms.com
wallakadoodle.com
codyarmstrong.net
dentalcover.in
disastermasters.org
espjazz.com
googlereview.charlottefirewood.com
handmadehemp.com
learnhowvideocourses.com
maepimbeach.com
nfteuphrasy.com
ourhometransitional.org
sanantoniowomensconnection.com
sexinart.com
stlfund.com
tannergerritsen.com
usa-precisionfirearms.com
wallakadoodle.com
Other certificates including the domain name ourhometransitional.org
(limited to 100 certificates)
insidehunting.org
liquidproductionsllc.org
efiling.org
ourhometransitional.org
sexerencontres.be
ourhometransitional.org
shiftcrm.ca
ourhometransitional.org
mail.ourhometransitional.org
ourhometransitional.org
freedomap.ca
revivedpro.ca
ourhometransitional.org
mail.ourhometransitional.org
ourhometransitional.org
www.ourhometransitional.org
ourhometransitional.org
liquidproductionsllc.org
efiling.org
ourhometransitional.org
sexerencontres.be
ourhometransitional.org
shiftcrm.ca
ourhometransitional.org
mail.ourhometransitional.org
ourhometransitional.org
freedomap.ca
revivedpro.ca
ourhometransitional.org
mail.ourhometransitional.org
ourhometransitional.org
www.ourhometransitional.org
ourhometransitional.org
Certificate
The complete raw certificate details for ourhometransitional.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRDCCBSygAwIBAgISBLFlBumMBJGjz34hsXnnb0QnMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTUxOTI1NDZaFw0yNDA3MTQxOTI1NDVaMCIxIDAeBgNVBAMT F291cmhvbWV0cmFuc2l0aW9uYWwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA9KcXRrR1bt76n0e7VZ9eReDrr9Lgl14jOzJr2Z0aqaRtlFdpp5CU x+VyFTntnOd+l15xTTTQNuH7nNHGE99A6bks2LTV6XlIpskNFlmY8VdsOXK+6+5p de0qGX223U9QSpkTl41rZpqEjgAhJClZnJbn16U1EM23ygihfqbJJNdG6sD4XGHl /QFdu7HCf7QLmm4O6xC5j7Us6T7Jlpeormune+V6PeGaqBQZWY8ATpvpPscZTjgF Acm9VO067syFGee1A1TAd1fwFVItStNQbSiPWUBqVaz2DcK0MIH2EzRfmHt4eRlc crCoaMrzRy8yL40rxYwqaXKWDEbpNUsAGQIDAQABo4IDYjCCA14wDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBSYMLKTC4nqV22sIE89k2TUZZUaIDAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzCCAWgGA1UdEQSCAV8wggFbggtiYnBhcmRlZS51c4IRY29keWFy bXN0cm9uZy5uZXSCDmRlbnRhbGNvdmVyLmlughNkaXNhc3Rlcm1hc3RlcnMub3Jn ggtlc3BqYXp6LmNvbYIiZ29vZ2xlcmV2aWV3LmNoYXJsb3R0ZWZpcmV3b29kLmNv bYIQaGFuZG1hZGVoZW1wLmNvbYIYbGVhcm5ob3d2aWRlb2NvdXJzZXMuY29tgg9t YWVwaW1iZWFjaC5jb22CD25mdGV1cGhyYXN5LmNvbYIXb3VyaG9tZXRyYW5zaXRp b25hbC5vcmeCHnNhbmFudG9uaW93b21lbnNjb25uZWN0aW9uLmNvbYIMc2V4aW5h cnQuY29tggtzdGxmdW5kLmNvbYITdGFubmVyZ2Vycml0c2VuLmNvbYIZdXNhLXBy ZWNpc2lvbmZpcmVhcm1zLmNvbYIRd2FsbGFrYWRvb2RsZS5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwAZmBBxCfDWUi4w gNKeP2S7g24ozPkPUo7u385KPxa0ygAAAY7jb+0NAAAEAwBIMEYCIQCZYDiauwB3 6AGjU+4OqY3TJOQiyeJd8hL31MnjAxBJLgIhAPCSq7hVPzejUweaBNUSFQ9Md6Kv s/h2WVJ9viK2jKmwAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcA AAGO42/02AAABAMARzBFAiAuVwJVgMgpXzMRaGtCELjnTF2WJqPejmzU8Ll5J4o7 +AIhALC+Zpy2gFHovWkFfI4zTLyPO0HNtHW4ZjdNMq/vVgldMA0GCSqGSIb3DQEB CwUAA4IBAQCq5MhvSBsSrUFzbo2O6RBIZws/gvo2KrajhZKHpwTqM29AZPOViBnI zKJC3w4Owp1veaE0NPvjEyJBIWMzlrPqy2AGaYToSRVjvJjjP3CRnQ+a+L5jRRG2 dTgUGtfxiPBdliClpd4xOTZLeuXZu9E7WZuvfFyvk5z2in6prSvv6QLR0pE71h1m nuHcSqzZbc2S/WaKBUZ4Qh6b7T2btid5LmkmhQvNl900TMJPqOiHlkfdm2sdUK4W 4igw9fRjiyfvnUlzy2zBRHLcrvWVfkABAiAgKB4E/ihBWyE48F17ZIuBMvLSBDl0 2JeMoCht8xpPbV/1m258+oYZgRiCMUiV -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9KcXRrR1bt76n0e7VZ9e ReDrr9Lgl14jOzJr2Z0aqaRtlFdpp5CUx+VyFTntnOd+l15xTTTQNuH7nNHGE99A 6bks2LTV6XlIpskNFlmY8VdsOXK+6+5pde0qGX223U9QSpkTl41rZpqEjgAhJClZ nJbn16U1EM23ygihfqbJJNdG6sD4XGHl/QFdu7HCf7QLmm4O6xC5j7Us6T7Jlpeo rmune+V6PeGaqBQZWY8ATpvpPscZTjgFAcm9VO067syFGee1A1TAd1fwFVItStNQ bSiPWUBqVaz2DcK0MIH2EzRfmHt4eRlccrCoaMrzRy8yL40rxYwqaXKWDEbpNUsA GQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 408813410590297316742334606237601035666471 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-15 19:25:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-14 19:25:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ourhometransitional.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30884542016589170900256152030384390084061366257349816896019015420302843419157500887410420836241307641630376108131043375457458189118463030708314050752282219568882178701551043468290784724066589213323370294360033083499016403210601632440777016257931878469435224103348244299428060876027932114493804861949578338517123950052200271848913535187696110855498217378677662325382378613850798549921110824558678687281522823265296732864409780271467949480990776903305547819680143831901181412501894637749346417519663833178916758764011942853958726130911143345971927202162292238057966100924218307785470461138094301761117633609719985405977 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9830b2930b89ea576dac204f3d9364d465951a20 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (351 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bbpardee.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'codyarmstrong.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dentalcover.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'disastermasters.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'espjazz.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'googlereview.charlottefirewood.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'handmadehemp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'learnhowvideocourses.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maepimbeach.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nfteuphrasy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ourhometransitional.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sanantoniowomensconnection.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sexinart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stlfund.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tannergerritsen.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usa-precisionfirearms.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wallakadoodle.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018ee36fed0d00000403004830460221009960389abb0077e801a353ee0ea98dd324e422c9e25df212f7d4c9e30310492e022100f092abb8553f37a353079a04d512150f4c77a2afb3f87659527dbe22b68ca9b00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ee36ff4d8000004030047304502202e57025580c8295f3311686b4210b8e74c5d9626a3de8e6cd4f0b979278a3bf8022100b0be669cb68051e8bd69057c8e334cbc8f3b41cdb475b866374d32afef56095d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00aae4c86f481b12ad41736e8d8ee91048670b3f82fa362ab6a3859287a704ea336f4064f3958819c8cca242df0e0ec29d6f79a13434fbe313224121633396b3eacb60066984e8491563bc98e33f70919d0f9af8be634511b67538141ad7f188f05d9620a5a5de3139364b7ae5d9bbd13b599baf7c5caf939cf68a7ea9ad2befe902d1d2913bd61d669ee1dc4aacd96dcd92fd668a054678421e9bed3d9bb627792e6926850bcd97dd344cc24fa8e8879647dd9b6b1d50ae16e22830f5f4638b27ef9d4973cb6cc14472dcaef5957e4001022020281e04fe28415b2138f05d7b648b8132f2d2043974d8978ca0286df31a4f6d5ff59b6e7cfa8619811882314895