alqimi.com
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number a6:58:5d:88:67:dc:17:7d was issued on by GoDaddy.com, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)
Certificate Subject
CN=alqimi.com
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): a6:58:5d:88:67:dc:17:7dSerial Number (int): 11986433248685987709
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 75:9e:2a:7a:05:4b:0d:62:87:9d:1c:69:21:ea:ed:55:5f:e7:12:36
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): e2:6f:20:7e:f1:e0:7d:4d:7e:34:fa:3e:2b:21:a9:1b:bb:af:e1:47
Fingerprint (sha256): b8:e7:16:ae:89:eb:df:65:69:28:22:09:ee:82:1b:30:e2:1a:55:9c:6c:30:61:6d:b5:a7:cd:80:d6:e1:f1:01
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-4418.crl
Check the revocation status for certificate alqimi.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for alqimi.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
alqimi.com
www.alqimi.com
www.alqimi.com
Other certificates including the domain name alqimi.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for alqimi.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGizCCBXOgAwIBAgIJAKZYXYhn3Bd9MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTIyMDgyOTAwNDcyMVoX DTIzMDkzMDAwNDcyMVowFTETMBEGA1UEAxMKYWxxaW1pLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBANg8ttrN8sanRWw0s0ECEzoSFK2T1f2MuUVb JcAPSEigwreSBnC/T+lYAlZU1NV5/IhRiwgrcPkNf/v3G8jZnZ5zj55tmIyHUL7V 8UZzN7arbK9cY3VdVRRCSXdhwgGuHSgIUyMe89uc9DeTitdGdxXUMApEZc7qsdi3 H7uTyo7YMK7VL+1HapCYHxbLpX0Nkvb2syk9Oh+nHZjMfCnVF3/7UsTcEP6Br4U7 GOkTERxCLUy6hPGbT2R/L2ab0vJq3xv4sWVjZ0UKHrqI4IZLWoSsqR3/GGzEEd+x nXCwYe6MQgpuQAtH3sfwjHfbrI/qwqWh5GkOrE2EN5MXHGslLW8CAwEAAaOCAzww ggM4MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MA4GA1UdDwEB/wQEAwIFoDA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLmdv ZGFkZHkuY29tL2dkaWcyczEtNDQxOC5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1t AQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku Y29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYIKwYB BQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0 cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNy dDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcggph bHFpbWkuY29tgg53d3cuYWxxaW1pLmNvbTAdBgNVHQ4EFgQUdZ4qegVLDWKHnRxp IertVV/nEjYwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB1AOg+0No+9QY1MudX KLyJa8kD08vREWvs62nhd31tBr1uAAABgucROfAAAAQDAEYwRAIgOBTGhOT8JYlU 5y2n7dOdrUNBSdz8GkGegHffqaH/fvICIGaEVBsv5fdELH0cP3W5z79kqQ3ieK+8 BskiXf7lOnavAHcANc8ZG7+xbFe/D61MbULLu7YnICZR6j/hKu+oA8M71kwAAAGC 5xE7DAAABAMASDBGAiEAiAXzjhm2YhmIZ0AT5ctKl2/8Gb8H4uBIQwt647YcH0QC IQDOoznNOmOwdXFGEavlOqAvCDdLOD5OPPUoS/tKIiqGwAB3AHoyjFTYty22IOo4 4FIe6YQWcDIThU070ivBOlejUutSAAABgucRO34AAAQDAEgwRgIhANYhyJSmFndg fYtseEMHGH2Jc2w3PAC9MW74/7NImFwYAiEA6Y9HrexE8OL1GGAdXNXRuwA7ahk6 7NG10YrYVSukP4gwDQYJKoZIhvcNAQELBQADggEBAJhs0Ad42jSgN65QnNahxaix +IyL+FaTQ/OZLDB/ZvG7rBGJQ97aDcuhcoRcNHj4PxrxPDSiJw+IilB4c0j0/wtv ELKHAcP0Mf62cwB/oS0NY7NWPtkYq0kSz3FKoZqjKS0zToVC+aNkwwkXupGBKDCU gauissfgFAlEEcghPYGQDcMFQu7DHf46el8WvcWQP17mTAAzA7wtOUI3+uaCt2BX GfvNLD5M/cM3qI5DpG65SYHdnBOTsUv1V6GvR+fCaBoQrFqA9PFQuyf2QFM+DfvW sTvvFXaApV7rwAvrDkLTBKi6tIUzLH4Ebwmc6DELGwCZwXB5wyXxGpgfPJYXw78= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dy22s3yxqdFbDSzQQIT OhIUrZPV/Yy5RVslwA9ISKDCt5IGcL9P6VgCVlTU1Xn8iFGLCCtw+Q1/+/cbyNmd nnOPnm2YjIdQvtXxRnM3tqtsr1xjdV1VFEJJd2HCAa4dKAhTIx7z25z0N5OK10Z3 FdQwCkRlzuqx2Lcfu5PKjtgwrtUv7UdqkJgfFsulfQ2S9vazKT06H6cdmMx8KdUX f/tSxNwQ/oGvhTsY6RMRHEItTLqE8ZtPZH8vZpvS8mrfG/ixZWNnRQoeuojghkta hKypHf8YbMQR37GdcLBh7oxCCm5AC0fex/CMd9usj+rCpaHkaQ6sTYQ3kxccayUt bwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11986433248685987709 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-29 00:47:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-30 00:47:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alqimi.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27297413198112628300256320966298878383440596054768285538347051365057746588068810283761827889661224096010705181757116455721774363349028635818430970599690266238630429689188305615817640087728823585919651026637198467868590849437496288120694787798367133420893771869621617728246318661161592982484987971161002741817553777526736628754240898734060261131616133611887128379976856372444800948844983798421958954577730784106148242127959153064023159240299073766464867770469140974314608329413836877188231713760726230930112304310388376547197642272058892669780658526008767678081979830410642814773630206092983278499643897598580994944367 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-4418.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alqimi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.alqimi.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 759e2a7a054b0d62879d1c6921eaed555fe71236 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000182e71139f0000004030046304402203814c684e4fc258954e72da7edd39dad434149dcfc1a419e8077dfa9a1ff7ef202206684541b2fe5f7442c7d1c3f75b9cfbf64a90de278afbc06c9225dfee53a76af00770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000182e7113b0c00000403004830460221008805f38e19b6621988674013e5cb4a976ffc19bf07e2e048430b7ae3b61c1f44022100cea339cd3a63b075714611abe53aa02f08374b383e4e3cf5284bfb4a222a86c00077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000182e7113b7e0000040300483046022100d621c894a61677607d8b6c784307187d89736c373c00bd316ef8ffb348985c18022100e98f47adec44f0e2f518601d5cd5d1bb003b6a193aecd1b5d18ad8552ba43f88 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00986cd00778da34a037ae509cd6a1c5a8b1f88c8bf8569343f3992c307f66f1bbac118943deda0dcba172845c3478f83f1af13c34a2270f888a50787348f4ff0b6f10b28701c3f431feb673007fa12d0d63b3563ed918ab4912cf714aa19aa3292d334e8542f9a364c30917ba918128309481aba2b2c7e014094411c8213d81900dc30542eec31dfe3a7a5f16bdc5903f5ee64c003303bc2d394237fae682b7605719fbcd2c3e4cfdc337a88e43a46eb94981dd9c1393b14bf557a1af47e7c2681a10ac5a80f4f150bb27f640533e0dfbd6b13bef157680a55eebc00beb0e42d304a8bab485332c7e046f099ce8310b1b0099c17079c325f11a981f3c9617c3bf