amsurg.com
Issued by R3
About this certificate
This digital certificate with serial number 03:55:c2:2a:7f:95:b2:af:75:3a:cd:11:48:42:db:6f:c5:3a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=amsurg.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:55:c2:2a:7f:95:b2:af:75:3a:cd:11:48:42:db:6f:c5:3aSerial Number (int): 290518949878937157802118005438244054877498
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 46:91:96:1d:e2:6e:fd:5f:90:15:d5:ee:a2:62:ff:d0:d6:41:9b:a8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 52:31:05:8c:76:84:75:2b:ca:6e:af:40:27:85:15:fb:23:45:b8:d1
Fingerprint (sha256): b9:f0:6e:02:8f:24:cf:0e:eb:4a:72:0d:72:3d:54:40:d7:88:7a:02:dc:b4:1c:4b:3f:94:ad:f9:4f:72:4c:da
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate amsurg.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for amsurg.com
Public Key Algorithm
RSA
Key Size
3072
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
amsurg.com
www.amsurg.com
www.amsurg.com
Other certificates including the domain name amsurg.com
(limited to 100 certificates)
staging.amsurg.com
amsurg.com
lyncaccessdr.amsurg.com
somni.amsurg.com
provreports.amsurg.com
jss.amsurg.com
csg.amsurg.com
amsurg.com
test.invsnap.amsurg.com
somni.amsurg.com
webmail.amsurg.com
amsurg.com
evhc.amsurg.com
invsnap.amsurg.com
lyncextwsdr.amsurg.com
*.amsurg.com
csg.amsurg.com
*.2k.amsurg.com
staging.amsurg.com
staging.amsurg.com
www.amsurg.com
amsurg.com
csg.amsurg.com
somni.amsurg.com
webmail.amsurg.com
staging.amsurg.com
www.amsurg.com
www.amsurg.com
posnap.amsurg.com
evhc.amsurg.com
evhc.amsurg.com
amsurg.com
receiver.amsurg.com
exchange.amsurg.com
www.amsurg.com
*.amsurg.com
www.amsurg.com
test.invsnap.amsurg.com
staging.amsurg.com
www.amsurg.com
staging.amsurg.com
webmail.amsurg.com
Test.Posnap.amsurg.com
somni.amsurg.com
www.amsurg.com
amsurg.com
exchange.amsurg.com
*.amsurg.com
staging.amsurg.com
amsurg.com
lyncextws.amsurg.com
webmail.amsurg.com
compass.amsurg.com
somni.amsurg.com
amsurg.com
staging.amsurg.com
*.amsurg.com
somni.amsurg.com
webocs.amsurg.com
www.amsurg.com
www.amsurg.com
www.northvc.com
amsurg.com
*.amsurg.com
*.amsurg.com
staging.amsurg.com
webmail.amsurg.com
www.amsurg.com
www.amsurg.com
evhc.amsurg.com
Reports85.amsurg.com
staging.amsurg.com
cashtrax.amsurg.com
*.amsurg.com
access.amsurg.com
posnap.amsurg.com
csg.amsurg.com
invsnap.amsurg.com
staging.amsurg.com
center.amsurg.com
partner.amsurg.com
webchat.amsurg.com
amsurg.com
amsurg.com
www.vhhomecare.net
www.amsurg.com
test.invsnap.amsurg.com
reports.amsurg.com
sharepoint.amsurg.com
staging.amsurg.com
webmail.amsurg.com
www.amsurg.com
somni.amsurg.com
amsurg.com
amsurg.com
www.amsurg.com
lyncaccess.amsurg.com
staging.amsurg.com
www.amsurg.com
staging.amsurg.com
amsurg.com
lyncaccessdr.amsurg.com
somni.amsurg.com
provreports.amsurg.com
jss.amsurg.com
csg.amsurg.com
amsurg.com
test.invsnap.amsurg.com
somni.amsurg.com
webmail.amsurg.com
amsurg.com
evhc.amsurg.com
invsnap.amsurg.com
lyncextwsdr.amsurg.com
*.amsurg.com
csg.amsurg.com
*.2k.amsurg.com
staging.amsurg.com
staging.amsurg.com
www.amsurg.com
amsurg.com
csg.amsurg.com
somni.amsurg.com
webmail.amsurg.com
staging.amsurg.com
www.amsurg.com
www.amsurg.com
posnap.amsurg.com
evhc.amsurg.com
evhc.amsurg.com
amsurg.com
receiver.amsurg.com
exchange.amsurg.com
www.amsurg.com
*.amsurg.com
www.amsurg.com
test.invsnap.amsurg.com
staging.amsurg.com
www.amsurg.com
staging.amsurg.com
webmail.amsurg.com
Test.Posnap.amsurg.com
somni.amsurg.com
www.amsurg.com
amsurg.com
exchange.amsurg.com
*.amsurg.com
staging.amsurg.com
amsurg.com
lyncextws.amsurg.com
webmail.amsurg.com
compass.amsurg.com
somni.amsurg.com
amsurg.com
staging.amsurg.com
*.amsurg.com
somni.amsurg.com
webocs.amsurg.com
www.amsurg.com
www.amsurg.com
www.northvc.com
amsurg.com
*.amsurg.com
*.amsurg.com
staging.amsurg.com
webmail.amsurg.com
www.amsurg.com
www.amsurg.com
evhc.amsurg.com
Reports85.amsurg.com
staging.amsurg.com
cashtrax.amsurg.com
*.amsurg.com
access.amsurg.com
posnap.amsurg.com
csg.amsurg.com
invsnap.amsurg.com
staging.amsurg.com
center.amsurg.com
partner.amsurg.com
webchat.amsurg.com
amsurg.com
amsurg.com
www.vhhomecare.net
www.amsurg.com
test.invsnap.amsurg.com
reports.amsurg.com
sharepoint.amsurg.com
staging.amsurg.com
webmail.amsurg.com
www.amsurg.com
somni.amsurg.com
amsurg.com
amsurg.com
www.amsurg.com
lyncaccess.amsurg.com
staging.amsurg.com
www.amsurg.com
staging.amsurg.com
Certificate
The complete raw certificate details for amsurg.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgISA1XCKn+Vsq91Os0RSELbb8U6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMDIxNDAxMTJaFw0yMzEyMzExNDAxMTFaMBUxEzARBgNVBAMT CmFtc3VyZy5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCHIbfI Hs8ck/EDiBRhCKuNSZYY9zSdZIVgUwee4sGQ5/+bjKXmfyxy9U9fvzmDrLsbRe/q 0NLgojcfPeXdjyCxHztu1DFKI9MtjhVTbmUQ2VMT7KP876GeB3OZHssJTe3zDH/R LlGPPIf3JjttIjtoUBxX5OCsHGUTITqQO8VcqkSgGCoGmN7+yH0cgrUKgH9sJVMD 2zxu7n+bRSJ71DVMMpL2469Dee+Hz2KPcOa6LaazAvEL8n9G/H6abOyGT7J++YlA lC9YlaRhxKAh7ZQQOBJNhBg4IIUJ6oOiJ6rCEVIQtev9DImhuWte7BNC7eTu2qcC xWTUINiDubq29noh8p2j4Nv780z+2k4OZfAIwzW6FIvTyIJ/fYVUvLH1FFhvSJ+o P96MGnbosiY90NNtfDJdjuSwJnAjIfmzpfSvrnAtfoMNolzy/4WwPi46ncgbnZ30 wUbCB4w1wNOSL+RDO7yx17fibecw4L4PrgzOsU/0r1naJriOSjcVshSEks0CAwEA AaOCAhwwggIYMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURpGWHeJu/V+QFdXuomL/ 0NZBm6gwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUH AQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYB BQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wJQYDVR0RBB4wHIIKYW1zdXJn LmNvbYIOd3d3LmFtc3VyZy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgor BgEEAdZ5AgQCBIH1BIHyAPAAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpX o1LrUgAAAYrw6FWOAAAEAwBGMEQCIF9Ss+dIgEDkLEleWUJroTexOzeHIqyoAUPu IVp5j3uZAiAJPMV5INgHdNk1esNkM97iUUBEeK+r61tPQZLGRJpTgAB3AOg+0No+ 9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABivDoVhoAAAQDAEgwRgIhAMu8 V6ftJnDzyqryQvue5FIUrDnD5Mv6ZP8oRSCBu5uRAiEAo5HmxmfXWxIxkq4W0bxc Ka/6I4KuOl5dpi+MzHYy7FYwDQYJKoZIhvcNAQELBQADggEBAGtSy1l9CcMYK/0F hFhGGQMAK48oz7rV6xtpeA6EbLVc92CWeP+coK4lWZXhvfGkk8xhE8rZqvT29B5V vVak23/p719KUR+x0E6eG1qfZsRFMP5wlHM/933X55qjd7V4NW/KT7t2atKS31g0 lKtZNq/huQa0hZwjrdqclqTjY5diMfjud9j1WukZ6wS2oRJO9F5RIunWWmIKg3Be OKaMRblA2+Fj82IQmhe9tIynh7ls9/gt0sZ1VdNcrJDWfmOImrNqBF29nETVOk1m 7UR7O+UpZcCA4R+otaRqcs97rI7CDvMxVrW6TzpuDM42/BOmZarq/05GIqoLvCcL M6aWNcM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAhyG3yB7PHJPxA4gUYQir jUmWGPc0nWSFYFMHnuLBkOf/m4yl5n8scvVPX785g6y7G0Xv6tDS4KI3Hz3l3Y8g sR87btQxSiPTLY4VU25lENlTE+yj/O+hngdzmR7LCU3t8wx/0S5RjzyH9yY7bSI7 aFAcV+TgrBxlEyE6kDvFXKpEoBgqBpje/sh9HIK1CoB/bCVTA9s8bu5/m0Uie9Q1 TDKS9uOvQ3nvh89ij3Dmui2mswLxC/J/Rvx+mmzshk+yfvmJQJQvWJWkYcSgIe2U EDgSTYQYOCCFCeqDoieqwhFSELXr/QyJoblrXuwTQu3k7tqnAsVk1CDYg7m6tvZ6 IfKdo+Db+/NM/tpODmXwCMM1uhSL08iCf32FVLyx9RRYb0ifqD/ejBp26LImPdDT bXwyXY7ksCZwIyH5s6X0r65wLX6DDaJc8v+FsD4uOp3IG52d9MFGwgeMNcDTki/k Qzu8sde34m3nMOC+D64MzrFP9K9Z2ia4jko3FbIUhJLNAgMBAAE= -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 290518949878937157802118005438244054877498 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-02 14:01:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-31 14:01:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'amsurg.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 3066648420693172171311510407055260214818856731825542654230925405078559705176249250908183148655941077867045826591984396788500638515722551965585981344077151749914518719998764848516877873523522390946865218753139638213726531292347957253281646891203537525160025472277351639414429851360961565552808387328695120179302688987058883475995658484802405080078007791768246544506686883350322390587149345519500783034811300754971967788821184967608000941103423257574440682546454746805162028384172420582776480990783303340407884253621052452408465482524948872679150403739053042061812864619465040428861126966062435154609281709857403591288581076219267061192545270053495405478833481705678036810861733329538897773819081532040201492647605200529400373082128915226945029875828960479777405594495424612838951394064635323403485039849348789056935453433807774715728463901035052081123496606572801196974456169792430199777909376044837562363733732529453448598221 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4691961de26efd5f9015d5eea262ffd0d6419ba8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amsurg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.amsurg.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018af0e8558e000004030046304402205f52b3e7488040e42c495e59426ba137b13b378722aca80143ee215a798f7b990220093cc57920d80774d9357ac36433dee251404478afabeb5b4f4192c6449a5380007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018af0e8561a0000040300483046022100cbbc57a7ed2670f3caaaf242fb9ee45214ac39c3e4cbfa64ff28452081bb9b91022100a391e6c667d75b123192ae16d1bc5c29affa2382ae3a5e5da62f8ccc7632ec56 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006b52cb597d09c3182bfd058458461903002b8f28cfbad5eb1b69780e846cb55cf7609678ff9ca0ae255995e1bdf1a493cc6113cad9aaf4f6f41e55bd56a4db7fe9ef5f4a511fb1d04e9e1b5a9f66c44530fe7094733ff77dd7e79aa377b578356fca4fbb766ad292df583494ab5936afe1b906b4859c23adda9c96a4e363976231f8ee77d8f55ae919eb04b6a1124ef45e5122e9d65a620a83705e38a68c45b940dbe163f362109a17bdb48ca787b96cf7f82dd2c67555d35cac90d67e63889ab36a045dbd9c44d53a4d66ed447b3be52965c080e11fa8b5a46a72cf7bac8ec20ef33156b5ba4f3a6e0cce36fc13a665aaeaff4e4622aa0bbc270b33a69635c3