saintflanaganfilm.org

Issued by R3

About this certificate

This digital certificate with serial number 03:31:8e:0d:33:64:ee:00:2a:1f:ee:2c:ba:84:c0:37:d5:91 was issued on by Let's Encrypt.

With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=saintflanaganfilm.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:31:8e:0d:33:64:ee:00:2a:1f:ee:2c:ba:84:c0:37:d5:91
Serial Number (int): 278199512692066707325216074921956846589329
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: d6:02:a7:1f:d5:79:12:d9:92:5f:18:61:87:ca:b3:54:62:8f:82:fe
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): a2:ae:f8:47:2a:26:24:e8:f4:50:c8:39:42:63:61:e9:0a:fc:3d:27
Fingerprint (sha256): b7:56:e1:df:b5:07:5f:bf:1b:e0:7b:5a:98:9b:6e:b0:c9:2e:5d:91:c0:20:35:fe:1e:ee:ce:0f:22:8a:2c:f2

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate saintflanaganfilm.org

23

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for saintflanaganfilm.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bitcoinatlas.com
christmasdecorquote.com
cosperks.com
davemaher.net
dentalcover.in
filmdiamond.com
goldhunts.com
integritymedicareoptions.com
interlakenresort.com
joblooke.com
laddersup.com
lianic.com
limoconnecticut.com
lowermakefield.com
mvj.co.in
pmj.co.in
pontonlaw.com
riskarbitragefund.com
saintflanaganfilm.org
shipsheoak.com
sporthorses.net
visitcarsonvalley.com
yessirree.com

Other certificates including the domain name saintflanaganfilm.org

(limited to 100 certificates)
saintflanaganfilm.org
saintflanaganfilm.org
tam.digital
checkout.vc
saintflanaganfilm.org
saintflanaganfilm.org
peoplesrights.ca
saintflanaganfilm.org
nftpack.org
saintflanaganfilm.org

Certificate

The complete raw certificate details for saintflanaganfilm.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgISAzGODTNk7gAqH+4suoTAN9WRMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MDQxMzEwNThaFw0yNDA3MDMxMzEwNTdaMCAxHjAcBgNVBAMT
FXNhaW50ZmxhbmFnYW5maWxtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAK1Gys51muWwBoIqvm3a90G1cqTLS2BgxMSf4oFxofqH9MLkMfha3UBy
TsJYkI9XW3aqRKQN4jQ+BcHfz9t6g3vgWIjJbTtnjDvph+5v5lraSPGzopJeKhfn
6L/1PKN1UOkINXP5yLknqvxpSJ5DSYxasrNtyt3iZl9gspCn1TuwH5oF2gmA7V7U
jyBY+78vljOM1J31qj4128SrC3NzNhei653BjAzSQkp2i6vEkoJzv1YSbaQSQQ4S
hj1xxp5+QLidroQBLRKGsmfnzKlUQ6y5HLtTSu/ZoPg73zSXIOsz1II3qZ34zkI0
I3u+sYO3LSo+6WxhXJA689EOBDu4ttcCAwEAAaOCA54wggOaMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADAdBgNVHQ4EFgQU1gKnH9V5EtmSXxhhh8qzVGKPgv4wHwYDVR0jBBgwFoAUFC6z
F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo
dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl
bmNyLm9yZy8wggGlBgNVHREEggGcMIIBmIIQYml0Y29pbmF0bGFzLmNvbYIXY2hy
aXN0bWFzZGVjb3JxdW90ZS5jb22CDGNvc3BlcmtzLmNvbYINZGF2ZW1haGVyLm5l
dIIOZGVudGFsY292ZXIuaW6CD2ZpbG1kaWFtb25kLmNvbYINZ29sZGh1bnRzLmNv
bYIcaW50ZWdyaXR5bWVkaWNhcmVvcHRpb25zLmNvbYIUaW50ZXJsYWtlbnJlc29y
dC5jb22CDGpvYmxvb2tlLmNvbYINbGFkZGVyc3VwLmNvbYIKbGlhbmljLmNvbYIT
bGltb2Nvbm5lY3RpY3V0LmNvbYISbG93ZXJtYWtlZmllbGQuY29tggltdmouY28u
aW6CCXBtai5jby5pboINcG9udG9ubGF3LmNvbYIVcmlza2FyYml0cmFnZWZ1bmQu
Y29tghVzYWludGZsYW5hZ2FuZmlsbS5vcmeCDnNoaXBzaGVvYWsuY29tgg9zcG9y
dGhvcnNlcy5uZXSCFXZpc2l0Y2Fyc29udmFsbGV5LmNvbYINeWVzc2lycmVlLmNv
bTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2
ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjqly1F4AAAQDAEcw
RQIhAOmov2HOzCJGnGGm2Ed+qyhjqkUR9uWTv/Vv0oATn2iNAiAUBfexqo/7I+eF
KCcgcSJUZNOfZgHtV58dCrNQAzZ1WAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze
w1FIWUZxH7WbAAABjqly1GwAAAQDAEcwRQIhAOjMeBCK+JJrOT40iwwaYoiqAuEi
FPh3dIyIL6gAOBjjAiBdeGbISa3aPreJiAhZ3grS04m9PRqutAacaT5eQv0zqjAN
BgkqhkiG9w0BAQsFAAOCAQEAr3KpxyMn7GW+mAE9DA7qAYHGPnO9gDw7fOXNPlwY
ce3dRtJz9LzxTB17GoRtG9HYCoQFSSA6fTJ8RLldVqDYNL2sABfsxbuu+V4rsKeI
Uttxb9SVqIWE4X4sjICJ5/kFyXepmy/X17qzuFyemn1/ihxnvOcNInUjQV4JDK49
xZx+4LM+qeEXphIClBZ6TEHs8O2Har+p5985iGA8PUPhWG1oi+4zGxqMHcZ4IpkN
cCiXxFzYn9UpFEqQehbkaCnF75mISbmFGjlX5VAn5r+G3+huuJiFaUNmorK/AhTk
AcLSyvmfZw5jYgxGUWTLR42j3URO+F4jF/DHUq/ysG2wew==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUbKznWa5bAGgiq+bdr3
QbVypMtLYGDExJ/igXGh+of0wuQx+FrdQHJOwliQj1dbdqpEpA3iND4Fwd/P23qD
e+BYiMltO2eMO+mH7m/mWtpI8bOikl4qF+fov/U8o3VQ6Qg1c/nIuSeq/GlInkNJ
jFqys23K3eJmX2CykKfVO7AfmgXaCYDtXtSPIFj7vy+WM4zUnfWqPjXbxKsLc3M2
F6LrncGMDNJCSnaLq8SSgnO/VhJtpBJBDhKGPXHGnn5AuJ2uhAEtEoayZ+fMqVRD
rLkcu1NK79mg+DvfNJcg6zPUgjepnfjOQjQje76xg7ctKj7pbGFckDrz0Q4EO7i2
1wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 278199512692066707325216074921956846589329
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-04 13:10:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-03 13:10:57 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'saintflanaganfilm.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21874135700343915543798772838098021483334136658073165851272596712690165567522418349199579012404978280681423277371513663902483015917852315666084083320890073355503555153629402661775307703073542662725615228480524364660703993082517439134295143454540143777549235343168860494338883695679178538306129369451974149378439835522842297938969413816602307300306027211867815084767797865952900390289493504287014249059424023381925860395958616527335299933297190536296107792583243732531052829142297505303844909735468416880441786096135165321398524548946613060490994863310045107792806898253490145846814416916315553453517625120193385117399
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d602a71fd57912d9925f186187cab354628f82fe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (412 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bitcoinatlas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'christmasdecorquote.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cosperks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'davemaher.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dentalcover.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'filmdiamond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goldhunts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'integritymedicareoptions.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'interlakenresort.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'joblooke.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'laddersup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lianic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'limoconnecticut.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lowermakefield.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mvj.co.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pmj.co.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pontonlaw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riskarbitragefund.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saintflanaganfilm.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shipsheoak.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporthorses.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'visitcarsonvalley.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yessirree.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ea972d45e0000040300473045022100e9a8bf61cecc22469c61a6d8477eab2863aa4511f6e593bff56fd280139f688d02201405f7b1aa8ffb23e78528272071225464d39f6601ed579f1d0ab35003367558007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ea972d46c0000040300473045022100e8cc78108af8926b393e348b0c1a6288aa02e12214f877748c882fa8003818e302205d7866c849adda3eb789880859de0ad2d389bd3d1aaeb4069c693e5e42fd33aa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00af72a9c72327ec65be98013d0c0eea0181c63e73bd803c3b7ce5cd3e5c1871eddd46d273f4bcf14c1d7b1a846d1bd1d80a840549203a7d327c44b95d56a0d834bdac0017ecc5bbaef95e2bb0a78852db716fd495a88584e17e2c8c8089e7f905c977a99b2fd7d7bab3b85c9e9a7d7f8a1c67bce70d227523415e090cae3dc59c7ee0b33ea9e117a6120294167a4c41ecf0ed876abfa9e7df3988603c3d43e1586d688bee331b1a8c1dc67822990d702897c45cd89fd529144a907a16e46829c5ef998849b9851a3957e55027e6bf86dfe86eb89885694366a2b2bf0214e401c2d2caf99f670e63620c465164cb478da3dd444ef85e2317f0c752aff2b06db07b