lex.expert
Issued by R3
About this certificate
This digital certificate with serial number 04:97:30:a5:1f:95:d9:1b:f1:cd:e4:8d:86:13:59:ad:ab:4f was issued on by Let's Encrypt.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=lex.expert
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:97:30:a5:1f:95:d9:1b:f1:cd:e4:8d:86:13:59:ad:ab:4fSerial Number (int): 399896441445508914735767158795344244747087
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 1c:36:fb:fb:bf:31:95:e7:9c:80:90:2b:8e:a3:b4:c8:35:8b:89:13
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 7c:78:cf:c7:e2:67:84:fb:73:fa:f5:8e:3b:41:97:82:4a:f3:3a:9a
Fingerprint (sha256): b8:b7:ae:66:87:8e:b9:2c:01:c9:33:ca:0d:87:53:9b:28:d7:ff:25:03:59:f8:7a:a4:c2:e8:c0:69:05:02:49
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate lex.expert
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lex.expert
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
concert.company
conserve-a-lawn.com
dcg.solutions
genpege.com
lex.expert
pari.fun
siberia.online
sparks.marketing
spokane.bar
sustainable.services
threemomsoftheapocalypse.com
tickbitefirstaid.net
ur.energy
vt.baby
www.concert.company
www.conserve-a-lawn.com
www.dcg.solutions
www.genpege.com
www.lex.expert
www.pari.fun
www.siberia.online
www.sparks.marketing
www.spokane.bar
www.sustainable.services
www.threemomsoftheapocalypse.com
www.tickbitefirstaid.net
www.ur.energy
www.vt.baby
www.ximmmix.com
ximmmix.com
conserve-a-lawn.com
dcg.solutions
genpege.com
lex.expert
pari.fun
siberia.online
sparks.marketing
spokane.bar
sustainable.services
threemomsoftheapocalypse.com
tickbitefirstaid.net
ur.energy
vt.baby
www.concert.company
www.conserve-a-lawn.com
www.dcg.solutions
www.genpege.com
www.lex.expert
www.pari.fun
www.siberia.online
www.sparks.marketing
www.spokane.bar
www.sustainable.services
www.threemomsoftheapocalypse.com
www.tickbitefirstaid.net
www.ur.energy
www.vt.baby
www.ximmmix.com
ximmmix.com
Other certificates including the domain name lex.expert
(limited to 100 certificates)
Certificate
The complete raw certificate details for lex.expert in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG+TCCBeGgAwIBAgISBJcwpR+V2RvxzeSNhhNZratPMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA4MDIyMDA4NDNaFw0yMzEwMzEyMDA4NDJaMBUxEzARBgNVBAMT CmxleC5leHBlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPtnfy wtSenthqJntNdCh61jOuoF1riPkcBTFRp2Yg1UJTcYPel/zX+lAnRzgh8g9U1V0k WWwLp+wgVzK1P76dJ1WuM+KplsXqWnBShWShWc30dFIsmL4xjZznTxc4c97Rf2Pb +4DY9FarTGFfII0OzS5G6VmJ7Ms1Olhg2PWdpEf3O9Ktc6lS4B5IyiYCX5TP8R11 a3a+iw8ZH28/pItwkriURdTeEWqYW/A5kSPBCem7UK/WSFD55JqBnssymZM4wvKy bUyhWZ+aCP783b/ShbFiGs/5ATgpZ076KFPaXc8e303efgZKZ6U6qQAbEGUmXZan cChfmWNImyVwWuwNAgMBAAGjggQkMIIEIDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FBw2+/u/MZXnnICQK46jtMg1i4kTMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIC LQYDVR0RBIICJDCCAiCCD2NvbmNlcnQuY29tcGFueYITY29uc2VydmUtYS1sYXdu LmNvbYINZGNnLnNvbHV0aW9uc4ILZ2VucGVnZS5jb22CCmxleC5leHBlcnSCCHBh cmkuZnVugg5zaWJlcmlhLm9ubGluZYIQc3BhcmtzLm1hcmtldGluZ4ILc3Bva2Fu ZS5iYXKCFHN1c3RhaW5hYmxlLnNlcnZpY2Vzghx0aHJlZW1vbXNvZnRoZWFwb2Nh bHlwc2UuY29tghR0aWNrYml0ZWZpcnN0YWlkLm5ldIIJdXIuZW5lcmd5ggd2dC5i YWJ5ghN3d3cuY29uY2VydC5jb21wYW55ghd3d3cuY29uc2VydmUtYS1sYXduLmNv bYIRd3d3LmRjZy5zb2x1dGlvbnOCD3d3dy5nZW5wZWdlLmNvbYIOd3d3LmxleC5l eHBlcnSCDHd3dy5wYXJpLmZ1boISd3d3LnNpYmVyaWEub25saW5lghR3d3cuc3Bh cmtzLm1hcmtldGluZ4IPd3d3LnNwb2thbmUuYmFyghh3d3cuc3VzdGFpbmFibGUu c2VydmljZXOCIHd3dy50aHJlZW1vbXNvZnRoZWFwb2NhbHlwc2UuY29tghh3d3cu dGlja2JpdGVmaXJzdGFpZC5uZXSCDXd3dy51ci5lbmVyZ3mCC3d3dy52dC5iYWJ5 gg93d3cueGltbW1peC5jb22CC3hpbW1taXguY29tMBMGA1UdIAQMMAowCAYGZ4EM AQIBMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHYAtz77JN+cTbp18jnFulj0bF38 Qs96nzXEnh0JgSXttJkAAAGJuBTh3AAABAMARzBFAiEAoia+pwTKT62T9KvVPao5 KqOMgV2l7FX6kzyG1bmT9yQCIDmRFp80O37/xJpvphoBq15iPbcq1DR8WY9I4EwV 5AAkAHQA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGJuBTh5AAA BAMARTBDAiBsEClZv7I1paxO7P66Kfdl6TQpKdNBr7vlVblGEn2VkAIfTbg2Cd2N e0GcLm//teHyfdfEtnVtTkkGYTUTve6ZszANBgkqhkiG9w0BAQsFAAOCAQEArxYx WoWURCDwyjqekcCiCCy+YKSgj9rnuSTYKxc92xNfM8JQNFHiSWHIqtkzuKrjEs6U nACQXjWDv2ndf27jRqOeQAUFvieKfiBpesul0cFuy8BXHk6Mho3CZtlpS2gOMYhP tWDDpH0gAnF7qalG2mC4RH8pT7lToevsaix642bQjDDfUeNoy7fU0fnm69ID/ik8 tvp2rVzpcDdtBhY3rO8N6PPkbHdwV8I7feOB0VqahohB8u/Tt6QauDs1kvq4dnFv SbxDEZ9V82fYrpkTWh4QyMAP/Mde6qdLjiDDqfPtN8Dx9Bkt5PYWuOivWl9Ht5BQ jmMPbJQuWbK79ttidQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7Z38sLUnp7YaiZ7TXQo etYzrqBda4j5HAUxUadmINVCU3GD3pf81/pQJ0c4IfIPVNVdJFlsC6fsIFcytT++ nSdVrjPiqZbF6lpwUoVkoVnN9HRSLJi+MY2c508XOHPe0X9j2/uA2PRWq0xhXyCN Ds0uRulZiezLNTpYYNj1naRH9zvSrXOpUuAeSMomAl+Uz/EddWt2vosPGR9vP6SL cJK4lEXU3hFqmFvwOZEjwQnpu1Cv1khQ+eSagZ7LMpmTOMLysm1MoVmfmgj+/N2/ 0oWxYhrP+QE4KWdO+ihT2l3PHt9N3n4GSmelOqkAGxBlJl2Wp3AoX5ljSJslcFrs DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 399896441445508914735767158795344244747087 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-02 20:08:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-31 20:08:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lex.expert' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26221307722536029519032874818033470911172029101552256967997517850855182222981014650279544979908253187258855418629525972756987940172987163964835618755978352081766793349032329249391826842131595465845959473704022847447691418727711624527016931229451808936723458292637795188676627151051858148892751747692768742045894934265655016051315396689674909612136596537582297141112847065985310911233594962911847144663375198552250177738541830356599381129729758072021319534969840916575749447189568926549849708259531941285567483370393485936766527672961052938720009680373553154192190248373258911782502326884095172957768418941670373649421 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1c36fbfbbf3195e79c80902b8ea3b4c8358b8913 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (548 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'concert.company' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'conserve-a-lawn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dcg.solutions' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genpege.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lex.expert' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pari.fun' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'siberia.online' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sparks.marketing' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spokane.bar' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sustainable.services' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'threemomsoftheapocalypse.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickbitefirstaid.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ur.energy' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vt.baby' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.concert.company' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.conserve-a-lawn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dcg.solutions' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.genpege.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lex.expert' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pari.fun' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.siberia.online' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sparks.marketing' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.spokane.bar' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sustainable.services' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.threemomsoftheapocalypse.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tickbitefirstaid.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ur.energy' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vt.baby' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ximmmix.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ximmmix.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000189b814e1dc0000040300473045022100a226bea704ca4fad93f4abd53daa392aa38c815da5ec55fa933c86d5b993f72402203991169f343b7effc49a6fa61a01ab5e623db72ad4347c598f48e04c15e40024007400e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000189b814e1e4000004030045304302206c102959bfb235a5ac4eecfeba29f765e9342929d341afbbe555b946127d9590021f4db83609dd8d7b419c2e6fffb5e1f27dd7c4b6756d4e4906613513bdee99b3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00af16315a85944420f0ca3a9e91c0a2082cbe60a4a08fdae7b924d82b173ddb135f33c2503451e24961c8aad933b8aae312ce949c00905e3583bf69dd7f6ee346a39e400505be278a7e20697acba5d1c16ecbc0571e4e8c868dc266d9694b680e31884fb560c3a47d2002717ba9a946da60b8447f294fb953a1ebec6a2c7ae366d08c30df51e368cbb7d4d1f9e6ebd203fe293cb6fa76ad5ce970376d061637acef0de8f3e46c777057c23b7de381d15a9a868841f2efd3b7a41ab83b3592fab876716f49bc43119f55f367d8ae99135a1e10c8c00ffcc75eeaa74b8e20c3a9f3ed37c0f1f4192de4f616b8e8af5a5f47b790508e630f6c942e59b2bbf6db6275