canton.de
Issued by R3
About this certificate
This digital certificate with serial number 04:2c:4b:40:a6:e9:16:32:6d:3c:b5:be:79:b7:ea:20:e5:ba was issued on by Let's Encrypt.
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=canton.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:2c:4b:40:a6:e9:16:32:6d:3c:b5:be:79:b7:ea:20:e5:baSerial Number (int): 363521595663592119602685870891735835534778
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 2e:2d:f7:4e:4e:89:da:9e:02:c8:f7:af:b1:68:fe:56:bb:8c:6f:43
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 42:b2:e3:b7:a7:01:6a:77:64:d5:52:47:19:59:e6:45:8d:90:6f:75
Fingerprint (sha256): b7:e1:89:e3:02:2a:55:d1:04:11:ed:b7:26:83:f9:03:44:05:bb:fb:5e:1d:1a:6a:80:94:d5:6c:0b:33:f6:2b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate canton.de
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for canton.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
backupcanton.canton.de
canton.at
canton.ch
canton.de
canton.eu
canton.us
hifi.canton.de
homecinema.canton.de
prohouse.canton.de
reference.canton.de
shop.canton-server.de
www.canton.at
www.canton.ch
www.canton.de
www.canton.eu
www.canton.us
canton.at
canton.ch
canton.de
canton.eu
canton.us
hifi.canton.de
homecinema.canton.de
prohouse.canton.de
reference.canton.de
shop.canton-server.de
www.canton.at
www.canton.ch
www.canton.de
www.canton.eu
www.canton.us
Other certificates including the domain name canton.de
(limited to 100 certificates)
canton.de
canton.de
download.canton.de
www.canton.de
canton.de
download.canton.de
www.canton.de
download.canton.de
download.canton.de
*.canton.de
www.canton.de
download.canton.de
canton.de
canton.nl
canton.de
canton.de
download.canton.de
canton.de
www.canton.de
www.canton.de
www.canton.de
*.canton.de
canton.nl
canton.de
download.canton.de
www.canton.de
canton.de
download.canton.de
www.canton.de
download.canton.de
download.canton.de
*.canton.de
www.canton.de
download.canton.de
canton.de
canton.nl
canton.de
canton.de
download.canton.de
canton.de
www.canton.de
www.canton.de
www.canton.de
*.canton.de
canton.nl
Certificate
The complete raw certificate details for canton.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2zCCBcOgAwIBAgISBCxLQKbpFjJtPLW+ebfqIOW6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjgwMTQ4NDZaFw0yNDA0MjcwMTQ4NDVaMBQxEjAQBgNVBAMT CWNhbnRvbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZo7T7H jhzuhBulge0IMD4xqvjjEkGxNLSkusn+IKYkZsjzf2Zd0zn/HXypSBSYrd/qAr3U tGbFlT/Rvb+mNcRg+Z6/iiNESoWAJs0TXt0WYXtSbOjdWxlxOWt/8j55ceEqcT0D Vts9HxyQnbhgBNDx457oXcjjCMEuADZ0lJKbTQuhDIDnwQRvGUu1vDVk0tpS/6vh t/VbOCYZlkvysuM6UnTVyOhtCBNa+EM43FhcGg/K0md7xdkj1eeFIwv0dvkUKASe 8VoOYyhyZSPWd7KBS0D6erode6bqYb3sC8zbe9BDqJ6/97c49uIUAHUz5bqHK+O+ qpTbRZgMDMc/SRr/boZms5N0W5qVzRvkkokad3BQD2u43HLAB5af9i89O2hNzG5b R4nueSzdnZ2x7XUY8MSEDR+2nTL2PqYeOm5ptE0e008c6lYWD1YVm1YzEmtmUzxh 4cJh8EC2ul5MhxMiKkqAmumW94YNnWDl9kWgUfS8GAiVGdQk8JEHW8Nj8axT4z4Y 6KXMLrsbr+wwAHOumLOdLLTLQtvBR54Kaj4Czl6oo8L5H8kXX70J79oufbNPtwWT sUZSFHmctSWtkg4JqPX1UG+5d3C27MOQsLd28B7IpqV9EuKVe7fYyq40EKIV8F7C GNGsZndGHRlu+vYLTKnfdFBE6Xqo5HeKX6W5AgMBAAGjggMHMIIDAzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFC4t905OidqeAsj3r7Fo/la7jG9DMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMIIBDQYDVR0RBIIBBDCCAQCCFmJhY2t1cGNhbnRvbi5jYW50 b24uZGWCCWNhbnRvbi5hdIIJY2FudG9uLmNoggljYW50b24uZGWCCWNhbnRvbi5l dYIJY2FudG9uLnVzgg5oaWZpLmNhbnRvbi5kZYIUaG9tZWNpbmVtYS5jYW50b24u ZGWCEnByb2hvdXNlLmNhbnRvbi5kZYITcmVmZXJlbmNlLmNhbnRvbi5kZYIVc2hv cC5jYW50b24tc2VydmVyLmRlgg13d3cuY2FudG9uLmF0gg13d3cuY2FudG9uLmNo gg13d3cuY2FudG9uLmRlgg13d3cuY2FudG9uLmV1gg13d3cuY2FudG9uLnVzMBMG A1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAO1N3 dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGNTfguxAAABAMASDBGAiEA 4Co8LTe4X10jZiMdam0lAkP/g8nuuthKpSImrSMYvOUCIQCbrf80DUaDSE9blK57 1kiLzk3qLIHfHiQIJk0zfeaDWwB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI WUZxH7WbAAABjU34LwMAAAQDAEcwRQIgX//VrUE1ncWDIAJE3+5UUO1UHSdB5eu+ EAQBKXUs5poCIQDTVKow3VgOhs/pLUmrG4rxV8OndD29hdMinRw/NQCAxDANBgkq hkiG9w0BAQsFAAOCAQEAK8iHHKqlELLb5tK3j4LRnEn1rbtJY6Nk0IWRqzSGW0Xv nQ4Tzhmrhx0Yy1VHTfCrygADHNgPIY8lkqIGOSStDgfRyVhy1oxbfT3YPHsPivwo g8pf2+yeCGFrbTx/wtsxC1s2batdRjdVP0K4Jjy+2pwUO8nuUl74tss2AyCv0nPH D6rIT6zhYbYTzb5Z7H3VDV6H44muvCea3F1Lo/3M6wPToXE0Fl2DPe68oCQO3H1I +V7eWYtoJEVLgmLl/kVkdHBImvfjQR2uk5kr/h3dvLOYOVK439Vw8uzAT5AkJuk6 bd3+upFkr5wf2/vRXElTEJT/SeSE3MV75C8LLo6rHw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxmjtPseOHO6EG6WB7Qgw PjGq+OMSQbE0tKS6yf4gpiRmyPN/Zl3TOf8dfKlIFJit3+oCvdS0ZsWVP9G9v6Y1 xGD5nr+KI0RKhYAmzRNe3RZhe1Js6N1bGXE5a3/yPnlx4SpxPQNW2z0fHJCduGAE 0PHjnuhdyOMIwS4ANnSUkptNC6EMgOfBBG8ZS7W8NWTS2lL/q+G39Vs4JhmWS/Ky 4zpSdNXI6G0IE1r4QzjcWFwaD8rSZ3vF2SPV54UjC/R2+RQoBJ7xWg5jKHJlI9Z3 soFLQPp6uh17puphvewLzNt70EOonr/3tzj24hQAdTPluocr476qlNtFmAwMxz9J Gv9uhmazk3RbmpXNG+SSiRp3cFAPa7jccsAHlp/2Lz07aE3MbltHie55LN2dnbHt dRjwxIQNH7adMvY+ph46bmm0TR7TTxzqVhYPVhWbVjMSa2ZTPGHhwmHwQLa6XkyH EyIqSoCa6Zb3hg2dYOX2RaBR9LwYCJUZ1CTwkQdbw2PxrFPjPhjopcwuuxuv7DAA c66Ys50stMtC28FHngpqPgLOXqijwvkfyRdfvQnv2i59s0+3BZOxRlIUeZy1Ja2S Dgmo9fVQb7l3cLbsw5Cwt3bwHsimpX0S4pV7t9jKrjQQohXwXsIY0axmd0YdGW76 9gtMqd90UETpeqjkd4pfpbkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 363521595663592119602685870891735835534778 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-28 01:48:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-27 01:48:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canton.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 809441649487947889065648417674218540868451749100512933341745075532312708920703702826114786034437507481538346664859534225524486708353199828866385890178587112751823029321458763903590278714435417555093935134167684144638430256991596093226883109270743876941364696520533351749287322147209640058683299243661861229086280548561932873244377927390792590218637357382411735119665828898658433213875479144018565207904369299238312604351318542685780087169576006209549200562185845189496666245256535156129772919283201181762669058634589158297950936545088895265906376614330980097168031768243144282132464723152970765341127864060758657009123375155049425698622820273523887404150922420222451993419503428662627032312706387596549061245434880641408983655458201610560737785150852349611651330791990989655158124724686937193108154542967423256647744530330234708868219258369791364247063813443124765668864218073042978968127660434141415643827582743727893468283608365220004297188001032791862317905455263380494311746528089311113742770552725859904769818026483184302330703600680275113687083996045227783839477990626829114836104993118941016148432711386449690641794257331753047751379343901029699263711589557153867390196074954595716550568277332775168150307255753111131507369401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2e2df74e4e89da9e02c8f7afb168fe56bb8c6f43 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (260 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'backupcanton.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hifi.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homecinema.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prohouse.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reference.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.canton-server.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.us' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d4df82ec40000040300483046022100e02a3c2d37b85f5d2366231d6a6d250243ff83c9eebad84aa52226ad2318bce50221009badff340d4683484f5b94ae7bd6488bce4dea2c81df1e2408264d337de6835b007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d4df82f03000004030047304502205fffd5ad41359dc583200244dfee5450ed541d2741e5ebbe10040129752ce69a022100d354aa30dd580e86cfe92d49ab1b8af157c3a7743dbd85d3229d1c3f350080c4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002bc8871caaa510b2dbe6d2b78f82d19c49f5adbb4963a364d08591ab34865b45ef9d0e13ce19ab871d18cb55474df0abca00031cd80f218f2592a2063924ad0e07d1c95872d68c5b7d3dd83c7b0f8afc2883ca5fdbec9e08616b6d3c7fc2db310b5b366dab5d4637553f42b8263cbeda9c143bc9ee525ef8b6cb360320afd273c70faac84face161b613cdbe59ec7dd50d5e87e389aebc279adc5d4ba3fdcceb03d3a17134165d833deebca0240edc7d48f95ede598b6824454b8262e5fe45647470489af7e3411dae93992bfe1dddbcb3983952b8dfd570f2ecc04f902426e93a6dddfeba9164af9c1fdbfbd15c49531094ff49e484dcc57be42f0b2e8eab1f