sis-schwerin.de

Issued by R3

About this certificate

This digital certificate with serial number 03:01:14:ca:c3:ac:71:ab:6e:14:cc:f4:2a:25:85:47:4a:a4 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=sis-schwerin.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:01:14:ca:c3:ac:71:ab:6e:14:cc:f4:2a:25:85:47:4a:a4
Serial Number (int): 261704777534815096472772293719206056643236
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: ed:6d:12:3f:ce:ba:6c:6b:c6:f6:ca:dc:52:0b:a5:0f:b8:8f:b1:34
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 43:ed:43:b5:bc:70:f6:21:45:b5:58:20:67:a5:c0:61:6f:69:2b:8b
Fingerprint (sha256): bb:30:97:9a:7e:cc:44:81:0f:56:c7:9a:4f:92:0d:0a:e4:d6:39:30:ae:2a:e0:fa:f5:24:85:f9:70:a3:2c:e3

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate sis-schwerin.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sis-schwerin.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sis-schwerin.de
www.sis-schwerin.de

Other certificates including the domain name sis-schwerin.de

(limited to 100 certificates)
cag3.sis-schwerin.de
mobil.sis-schwerin.de
sis-schwerin.de
emmtest.sis-schwerin.de
sis-schwerin.de
sslvpn.sis-schwerin.de
sslvpn.sis-schwerin.de
sis-schwerin.de
mgw2.sis-schwerin.de
cag1.sis-schwerin.de
sis-schwerin.de
sis-schwerin.de
sslvpn.sis-schwerin.de
sis-schwerin.de
piwik.sis-schwerin.de
ssl-vpn.sis-schwerin.de
sslvpn.sis-schwerin.de
www.sis-schwerin.de
www.sis-schwerin.de
www.sis-schwerin.de
webmail.sis-schwerin.de
mgw1.sis-schwerin.de
*.sis-schwerin.de
www.sis-schwerin.de
sslvpn.sis-schwerin.de
*.sis-schwerin.de
sslvpn.sis-schwerin.de
sis-schwerin.de
sis-schwerin.de
*.sis-schwerin.de
sis-schwerin.de
mobil.sis-schwerin.de
cag3.sis-schwerin.de
emm.sis-schwerin.de
piwik.sis-schwerin.de
www.sis-schwerin.de
sslvpn.sis-schwerin.de
mgw1.sis-schwerin.de
mgw1.sis-schwerin.de
piwik.sis-schwerin.de
webmail.sis-schwerin.de
cag3.sis-schwerin.de
wlanportal.sis-schwerin.de
webmail.sis-schwerin.de
webmail.sis-schwerin.de
sis-ksm-wlanportal.sis-schwerin.de
www.sis-schwerin.de
sis-schwerin.de
cag3.sis-schwerin.de
sis-schwerin.de
sis-schwerin.de
webmail.sis-schwerin.de
www.sis-schwerin.de
sis-schwerin.de
wlanportal.sis-schwerin.de
analytics.sis-schwerin.de
*.sis-schwerin.de
webmail.sis-schwerin.de
piwik.sis-schwerin.de

Certificate

The complete raw certificate details for sis-schwerin.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAwEUysOscatuFMz0KiWFR0qkMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MjMwOTE3MzFaFw0yMzEyMjIwOTE3MzBaMBoxGDAWBgNVBAMT
D3Npcy1zY2h3ZXJpbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AMJpT7C8Bfxq9R4A1j4Y63hVPJAaDzTfrtyhyAjRzku1f23RTKQ+Fb0c8v2OcN2s
oSbURzC2e/XpnZnRuiSpPvxQPl7/rPC3FzN6W4but6NjfzS/NAO/tnKrBYxyNOyz
9rzRVSFd7gJi+dA2KvAkU2U5w6aecuCeHr+HkaKa7z2KrvdXRV6hR8YCTUgRoLQb
alF51tgBCV/bq6ICFpkQ6h4g1VDbgKIlZha6v+c7kAyY/KoFN5Ckxq7+Pynx/A+7
yKKlqCxjdve42Jxr59j3+eDFlrIThlsGO8YiM49NYjAnhLZU0xvh6vN2VnaUyzyY
4hJdyvOm3onbn73wbcHEajkPcMqxlvJkkFwg3afCW+OSirsISX22zSxaFT9tDa3d
boDNN8ddsBCa8M893CfzxmcKUWWja7rlScVFWaBdWo3Z6pi/W7ozn+buxX8ZzP/H
NrrkQDIuH6U8CdHozbmzVeMGvA2J5h55kgieIXWaVwaU818AxhtFtL0UD2FV1c5z
FF+OSnX9PFq3Z8WNBVOgfm7ZgANT6SmXlARBfDeNkMmwJ2mYuWipkhJcuI5rZeM0
8ebwCG89ZPxlh+pq6FlxQFw9ZEmZtLFWrScnjgher83oTJpeI7rPYH7+YJWM6rZc
AuAIUC4XO/NCgPZmYAkPDNiU0zU+yAxX0Exu3niOCEurAgMBAAGjggImMIICIjAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFO1tEj/OumxrxvbK3FILpQ+4j7E0MB8GA1Ud
IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr
BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw
Oi8vcjMuaS5sZW5jci5vcmcvMC8GA1UdEQQoMCaCD3Npcy1zY2h3ZXJpbi5kZYIT
d3d3LnNpcy1zY2h3ZXJpbi5kZTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisG
AQQB1nkCBAIEgfUEgfIA8AB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlej
UutSAAABisGLYq0AAAQDAEcwRQIhANotI/PC+oiXY/jXj2D8XJUvCSSbikhCTt4U
h0zZGXOIAiBDeu6RijSB8kZ8dUoKTXxkV1bhXRx4KPr/pD/JFtl1YQB2ALc++yTf
nE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABisGLYqkAAAQDAEcwRQIgTh2L
PTZf5A50aQ0OVnEIZuNqyNX/KV8UFfuA1FV6Xw4CIQD6rEnDUACp7sFd7Rrnulpt
VhOG5gF/GCKg64xhTGNR3jANBgkqhkiG9w0BAQsFAAOCAQEAfBPSC8BqOOsy8Tnh
dI+OOko7erYGhQLg0gSYXPYKNHL0PyfmRkeLbSimaYmQ6VLug1zkyi5PJ1VrIhXl
UCXHMF195iiZyJUTS9YSEDITV6AQRRXWICULn6CqP1bzTBinqdCZh6roQ251OQW2
imKdj+4PwjaXp3BNINOE5NB3ZwO/nyr8y+Gpakcl+K1e7wxM/9Vmww87A1xRkXkK
/gOq7dF+zLse7LLMqNbN2SvKdVWyqjoUWtP9wBfbt/9CjZiave3SbqJ2HqfEtQ1s
mqQLDvGgNaAqKTbIW1ZKRNsB7g4LqKf7xQEwcWQ+azhGRjV8j3fp877xJVpxtcE9
hsexwQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwmlPsLwF/Gr1HgDWPhjr
eFU8kBoPNN+u3KHICNHOS7V/bdFMpD4VvRzy/Y5w3ayhJtRHMLZ79emdmdG6JKk+
/FA+Xv+s8LcXM3pbhu63o2N/NL80A7+2cqsFjHI07LP2vNFVIV3uAmL50DYq8CRT
ZTnDpp5y4J4ev4eRoprvPYqu91dFXqFHxgJNSBGgtBtqUXnW2AEJX9urogIWmRDq
HiDVUNuAoiVmFrq/5zuQDJj8qgU3kKTGrv4/KfH8D7vIoqWoLGN297jYnGvn2Pf5
4MWWshOGWwY7xiIzj01iMCeEtlTTG+Hq83ZWdpTLPJjiEl3K86beidufvfBtwcRq
OQ9wyrGW8mSQXCDdp8Jb45KKuwhJfbbNLFoVP20Nrd1ugM03x12wEJrwzz3cJ/PG
ZwpRZaNruuVJxUVZoF1ajdnqmL9bujOf5u7FfxnM/8c2uuRAMi4fpTwJ0ejNubNV
4wa8DYnmHnmSCJ4hdZpXBpTzXwDGG0W0vRQPYVXVznMUX45Kdf08WrdnxY0FU6B+
btmAA1PpKZeUBEF8N42QybAnaZi5aKmSEly4jmtl4zTx5vAIbz1k/GWH6mroWXFA
XD1kSZm0sVatJyeOCF6vzehMml4jus9gfv5glYzqtlwC4AhQLhc780KA9mZgCQ8M
2JTTNT7IDFfQTG7eeI4IS6sCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 261704777534815096472772293719206056643236
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-23 09:17:31 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-22 09:17:30 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sis-schwerin.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 793129201467779442880358088938696165324377664377315459421710018569368113205223895805334564806134690680431371444324771651235284223177984433728292199119136836765916726680890054382604534266058657895657229357409099145931413892151518830196533001353801781968421843554529988829368909015679372594093597774918098036131108705588679951123051979125562072417774588530634588720247439353727723310381280087045427922398423572745300394583858480352592107751235162723263908002055703199634071726245828040525363207712070950484503683986979376492914655819014615902429702761435787578041831409159270805398831248397074536557440527692897014527433489750195147537119530552014288948246454907974391933873015147083304966080436136097702355643974433547484625552755080283798075454305399692170723332218307778773863876399543172001080618871248768764152550233884730262809822623733096140885257488066582495387370086476472341469285271135697896320732717673412934607406443079244713369684152691387138937499763242357403384622664916317776336900936190974866751676563673024653812870694108162990646016915730669105477687893898724813231098027691357568764689965939064478824268550275680319399567550428763552933236051772148571466230402822057890447525458129239637486888004251297527296969643
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ed6d123fceba6c6bc6f6cadc520ba50fb88fb134
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sis-schwerin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sis-schwerin.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ac18b62ad0000040300473045022100da2d23f3c2fa889763f8d78f60fc5c952f09249b8a48424ede14874cd91973880220437aee918a3481f2467c754a0a4d7c645756e15d1c7828faffa43fc916d97561007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018ac18b62a9000004030047304502204e1d8b3d365fe40e74690d0e56710866e36ac8d5ff295f1415fb80d4557a5f0e022100faac49c35000a9eec15ded1ae7ba5a6d561386e6017f1822a0eb8c614c6351de
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007c13d20bc06a38eb32f139e1748f8e3a4a3b7ab6068502e0d204985cf60a3472f43f27e646478b6d28a6698990e952ee835ce4ca2e4f27556b2215e55025c7305d7de62899c895134bd61210321357a0104515d620250b9fa0aa3f56f34c18a7a9d09987aae8436e753905b68a629d8fee0fc23697a7704d20d384e4d0776703bf9f2afccbe1a96a4725f8ad5eef0c4cffd566c30f3b035c5191790afe03aaedd17eccbb1eecb2cca8d6cdd92bca7555b2aa3a145ad3fdc017dbb7ff428d989abdedd26ea2761ea7c4b50d6c9aa40b0ef1a035a02a2936c85b564a44db01ee0e0ba8a7fbc5013071643e6b384646357c8f77e9f3bef1255a71b5c13d86c7b1c1