app.bonierer.at

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:df:49:63:e3:43:10:8e:2f:7c:37:02:ae:ed:34:69:44:61 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=app.bonierer.at

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:df:49:63:e3:43:10:8e:2f:7c:37:02:ae:ed:34:69:44:61
Serial Number (int): 424429663840911948314736346438157067699297
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 1b:6a:e4:04:db:7b:7a:40:76:90:6e:a3:7e:7e:4a:6b:b6:8a:f3:2a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): e4:61:49:38:39:1d:45:d2:0f:b4:2a:bf:94:7a:14:e1:4d:e1:89:fd
Fingerprint (sha256): ba:3b:6c:7c:37:13:93:77:d9:fc:5a:bd:64:53:ef:f2:f6:e7:f4:a4:7a:af:52:08:b3:b5:2a:74:d5:2a:67:7c

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate app.bonierer.at

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for app.bonierer.at

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

app.bonierer.at

Other certificates including the domain name bonierer.at

(limited to 100 certificates)
app.bonierer.at
app.bonierer.at
omfgjojo.com
app.bonierer.at
app.bonierer.at
test.bonierer.at
app.bonierer.at
bonierer.at
www.test.bonierer.at
app.bonierer.at
dev.bonierer.at
planyourvisit.today
revehiet.eirikb.no
app.bonierer.at
test.bonierer.at
app.bonierer.at
www.auronepaltrek.com.np
www.anandsreekumar.com
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
dev.bonierer.at
dev.bonierer.at
app.bonierer.at
realpeople.io
www.test.bonierer.at
cesar.app
www.koreanlist.ml
dev.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
www.bonierer.at
app.bonierer.at
playgooddarts.com
dev.bonierer.at
bonierer.at
app.bonierer.at
dev.bonierer.at
www.test.bonierer.at
dev.bonierer.at
codingchallengereddit.nghuixiong.com
www.bonierer.at
app.bonierer.at
app.bonierer.at
www.test.bonierer.at
app.bonierer.at
app.bonierer.at
clearscore-demo.carsift.co
spectacular.technology
app.bonierer.at
app.bonierer.at
test.bonierer.at
dev.bonierer.at
app.bonierer.at
www.test.bonierer.at
test.bonierer.at
www.bonierer.at
test.bonierer.at
www.bonierer.at
dev.bonierer.at
app.bonierer.at
dev.bonierer.at
www.test.bonierer.at
cryptofeelz.io
dev.bonierer.at
dev.bonierer.at
brew-watch.com
app.bonierer.at
dev.bonierer.at
app.bonierer.at
dev.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
imaginary.com.au
app.bonierer.at
app.bonierer.at
dev.aragsmartcontractsparticulares.com
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
app.bonierer.at
dev.bonierer.at
app.bonierer.at
dev.bonierer.at
app.bonierer.at
codeart.pro
bonierer.at
test.bonierer.at

Certificate

The complete raw certificate details for app.bonierer.at in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGVjCCBT6gAwIBAgISBN9JY+NDEI4vfDcCru00aURhMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMDQxNTMwMjlaFw0x
OTA1MDUxNTMwMjlaMBoxGDAWBgNVBAMTD2FwcC5ib25pZXJlci5hdDCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBANrT8JlQm7B+y/Z1MNzXvwq/jdux8I4I
BUnDtyrC+BXpVMMCsEBC/BasFcrEjzyMMZ6bIsuxlvf4wBYkpHwoqR5RdsfqhIIR
wCzpF9vUTBicRv4JMMlgntRfmm6zwQL327SZdOl+Fvx6ji+7yzu241eR31gliKaH
HldoYSPFm4on0ToaTS3JGM4KOvmJfmsp9pZGa+9LX+IihSufXOvcjRU8b+wWif5X
vrxEil8Yt/yAvhMccoLz0GBDo/x5e/B6/uoXgHRlY5ohm2qESiOrIpDBhPi3RJnj
YuwagU3hFFR0R6+dCSeCkUteMcQ0lXpBmBVHoA3gIJRNn4hE4aBppBv8jp0CTS6p
XV/r/B5IRnePtFt9MZVdh05J1036inh4uV2/oTzoYOuwJCsmkmzQ1Do3caFiFIFf
r7OVi2B3DbZV41dxTs9GZHG5sm8VSYl1yWEbjMQxE82fQ4Y70iWuaXMS/LQQaKPq
g4EW5489spBiaBJie5uMTxNAu/53kiYhe7670csOhqXEM23VeJ7majRP/khRJzt6
EuPCoA1Hv4i6PcKQKxSGEr8ypLdWNvLxoCjtEkHWL+bU+BwHRRrVZ9Vis0GcD5CV
PicIrQ14fcvS6vHxdxrtcSB4gLm3HdDs2pZR3p6LEnmQq00k+4jfV/n+2VmilhL3
reoNFbMT8yDHAgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBtq
5ATbe3pAdpBuo35+Smu2ivMqMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z
qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPYXBwLmJvbmllcmVyLmF0
MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH
AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHYA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x2/4AAAFouVjF
rgAABAMARzBFAiEApxwKWj+gf2urldk2oVA+3SvVQt0XP1d5dsYqfHX4YnQCIEFk
ue+SJYONS/sua+rkdkSMHNXGmtY49FCV9SDlY/LPAHYAKTxRllTIOWW6qlD8WAfU
t2+/WHopctykwwz05UVH9HgAAAFouVjFogAABAMARzBFAiB4TaCunYMmWrmsnwU7
k5Tn69CBjoPbVQmfO1H/mpadmwIhAOx3jkJlPiEXuXgRwh2AQD7/lNj4fVa9rVCm
TtVOXWKwMA0GCSqGSIb3DQEBCwUAA4IBAQBjmQnjChaq0cPEj3drU6D21rgaROBg
p2ESMj1feqftRlXsZg2+tW/PSiav8WnDy8WCmhUEk5h1zHwpsG6jldOgzDR64a+Q
ULMj8n1ZWavrJk6mclPMO6Yj/7DWcu1LOIvOfdOTOE6iYPHWpD5gpBYoDL5U+okZ
RpzqhBAwjEqD+T/1oYWdcSOpIBA/8XAQWS1AHkK/wBbqmCbwqHUWiodePZQZkBtg
ryOUJ0EGQ2mkrV061qNlozTUxGG/bi/tjxEvYK/aY9sKa1GVpVpXti06iK858DY4
76SF+I/RcJeQtlk+kXRaxnwfiFawe9ZP19uc2ClZ/PzNO6ggKr6daoQN
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tPwmVCbsH7L9nUw3Ne/
Cr+N27HwjggFScO3KsL4FelUwwKwQEL8FqwVysSPPIwxnpsiy7GW9/jAFiSkfCip
HlF2x+qEghHALOkX29RMGJxG/gkwyWCe1F+abrPBAvfbtJl06X4W/HqOL7vLO7bj
V5HfWCWIpoceV2hhI8WbiifROhpNLckYzgo6+Yl+ayn2lkZr70tf4iKFK59c69yN
FTxv7BaJ/le+vESKXxi3/IC+ExxygvPQYEOj/Hl78Hr+6heAdGVjmiGbaoRKI6si
kMGE+LdEmeNi7BqBTeEUVHRHr50JJ4KRS14xxDSVekGYFUegDeAglE2fiEThoGmk
G/yOnQJNLqldX+v8HkhGd4+0W30xlV2HTknXTfqKeHi5Xb+hPOhg67AkKyaSbNDU
OjdxoWIUgV+vs5WLYHcNtlXjV3FOz0ZkcbmybxVJiXXJYRuMxDETzZ9DhjvSJa5p
cxL8tBBoo+qDgRbnjz2ykGJoEmJ7m4xPE0C7/neSJiF7vrvRyw6GpcQzbdV4nuZq
NE/+SFEnO3oS48KgDUe/iLo9wpArFIYSvzKkt1Y28vGgKO0SQdYv5tT4HAdFGtVn
1WKzQZwPkJU+JwitDXh9y9Lq8fF3Gu1xIHiAubcd0OzallHenosSeZCrTST7iN9X
+f7ZWaKWEvet6g0VsxPzIMcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 424429663840911948314736346438157067699297
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-04 15:30:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-05 15:30:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'app.bonierer.at'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 892739903346288798967374909932932658021038463792930348377596002820566755357645997738971520493914332832156807838800556666094804061298859865166905743620783625393895483164210776613898781566175025791389695998162172063071348780997201274707371562675392695445346617541402073427673968315022623616057681632406023227711216802441284323570120747920202221578761857766652581250935322970283132590664798463044797483484268709541587844957014025804469063190826814578138756893367927124100620111198841483677415494012005878755786850939369668924660378120899930628877273849772936527320946513485538596753298708313173267654627286910521605985251166891624420465904372681399143060698887051022277421226860867975305776169661294581124007658629397019633078364505547536884701628429958146012197346940291064640217429964933115845573590419211490617284632461590843773530055688145522209287785013287066137959337959184883663689820280107594252209965341250580928782812994448645687253194466685597822290863718739201337546810065612753152585339902583904357017792437770509946007831841574148474380710301258466176681028962446814327809598851257351354107699878903403688808945657821113448976976478350314358822196454147529588593478078671881757086289555621718679045107606161701836353118407
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1b6ae404db7b7a4076906ea37e7e4a6bb68af32a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.bonierer.at'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000168b958c5ae0000040300473045022100a71c0a5a3fa07f6bab95d936a1503edd2bd542dd173f577976c62a7c75f8627402204164b9ef9225838d4bfb2e6beae476448c1cd5c69ad638f45095f520e563f2cf007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000168b958c5a200000403004730450220784da0ae9d83265ab9ac9f053b9394e7ebd0818e83db55099f3b51ff9a969d9b022100ec778e42653e2117b97811c21d80403eff94d8f87d56bdad50a64ed54e5d62b0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00639909e30a16aad1c3c48f776b53a0f6d6b81a44e060a76112323d5f7aa7ed4655ec660dbeb56fcf4a26aff169c3cbc5829a1504939875cc7c29b06ea395d3a0cc347ae1af9050b323f27d5959abeb264ea67253cc3ba623ffb0d672ed4b388bce7dd393384ea260f1d6a43e60a416280cbe54fa8919469cea8410308c4a83f93ff5a1859d7123a920103ff17010592d401e42bfc016ea9826f0a875168a875e3d9419901b60af23942741064369a4ad5d3ad6a365a334d4c461bf6e2fed8f112f60afda63db0a6b5195a55a57b62d3a88af39f03638efa485f88fd1709790b6593e91745ac67c1f8856b07bd64fd7db9cd82959fcfccd3ba8202abe9d6a840d