cmacan.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0c:34:2b:2e:80:98:99:22:53:cd:a7:4f:bf:51:c1:2a:4f was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=cmacan.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0c:34:2b:2e:80:98:99:22:53:cd:a7:4f:bf:51:c1:2a:4fSerial Number (int): 265489590266057007543463497853980865800783
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 60:e0:1e:39:3b:d9:da:1b:3c:66:41:b2:66:ae:10:ff:4a:a6:18:9f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 06:45:49:e4:03:b5:67:fc:61:cd:1b:f1:8e:e5:ba:d5:c2:8f:6b:67
Fingerprint (sha256): bf:70:d1:ff:80:47:ab:60:40:b6:78:ec:e3:f9:ce:fc:48:20:62:2c:ee:89:23:a5:fa:9b:41:56:3d:e6:46:45
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate cmacan.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cmacan.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cmacan.org
www.cmacan.org
www.cmacan.org
Other certificates including the domain name cmacan.org
(limited to 100 certificates)
extraordinarystories.ca
mail.cmacan.org
testlab.cmacan.org
ssotest.cmacan.org
cmacan.org
extraordinarystories.ca
cmacan.org
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
mail.cmacan.org
extraordinarystories.ca
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
reportal.cmacan.org
cmacan.org
cmacan.org
cmacan.org
www.cmacan.org
extraordinarystories.ca
sni.cloudflaressl.com
mail.cmacan.org
mail.cmacan.org
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
*.cmacan.org
cmacan.org
cmacan.org
churchfinder.cmacan.org
mail.cmacan.org
vpn.cmacan.org
defenddignity.ca
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
mail.cmacan.org
testlab.cmacan.org
ssotest.cmacan.org
cmacan.org
extraordinarystories.ca
cmacan.org
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
mail.cmacan.org
extraordinarystories.ca
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
reportal.cmacan.org
cmacan.org
cmacan.org
cmacan.org
www.cmacan.org
extraordinarystories.ca
sni.cloudflaressl.com
mail.cmacan.org
mail.cmacan.org
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
*.cmacan.org
cmacan.org
cmacan.org
churchfinder.cmacan.org
mail.cmacan.org
vpn.cmacan.org
defenddignity.ca
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
Certificate
The complete raw certificate details for cmacan.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXDCCBUSgAwIBAgISAww0Ky6AmJkiU82nT79RwSpPMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTgwMjI1MDJaFw0y MDAzMTcwMjI1MDJaMBUxEzARBgNVBAMTCmNtYWNhbi5vcmcwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQCkKdiLhntsyavHigYmCWW8ica8aebrSX3vwUmT KPTj87SwE02SgWO+ocl7WAR/gUh8woPxl3T/getEtSeRhc0pGAPdOQIDayPsZDCX q3F/qwohdvrKZnVCVtcUf+/rATNbDzz2K/0QsKFndMIcPIKr/l7AuLpi7gsmJikp 9n39cONjwqKEE/5pa/MR1D0rfGbCgz6muLSdq3efdgtEPoSdTH7E72FHPZcpvgYv zLhq7s3rrHcujq5f8mMxzNxj0zY1798BjuQ0l/YjtQRcGVkxeUA2kX5GNa4S7Nwp OiEVtzVq287td0P0Ctq8E/QDewlDAPVelfs+CWsLiK3gCwA7tv0+KxUANjqU5/N3 m4LCEzpJitRnmWkXmaMcIgGSSDk65jGY0aZybVyQIx7goonzD8/zCHEncNr0I3oY Hgi/IH/WuMsSs/V8MS5YCyKwtO9UwGc4qZWUD0M4gOZ2XTLyv7KnNMROIsQ3n4pR aZq2nFyds8tpxtW9ApROmtgDxC/qm0o1k9G45cDy0CLWKwz3A+KQeZjDrlqA550a 1bf3FICfcZChLpimOjjRFgV+F/gjJOXvObWw+eEcAnyv/Z3ePP8Euv/fdHKHLcIG FNGB0sguNPN9Y24XjbCUPPWrQitzSDelMs8bKWNLvkgwZmnln1Lbel0Uq00JZBAk 31IpFwIDAQABo4ICbzCCAmswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRg4B45O9na GzxmQbJmrhD/SqYYnzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBv BggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5s ZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMCUGA1UdEQQeMByCCmNtYWNhbi5vcmeCDnd3dy5jbWFj YW4ub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgA AAFvFwmY/AAABAMARzBFAiBaUMQekg8xh6OaGKmUNtyxNqcnUP9NVHY3suWY32gY zAIhAM4lk6tB+sl5JfrkhvB1p4CyHik+jP7nVTeyU4yDpopJAHYAB7dcG+V9aP/x sMYdIxXHuuZXfFeUt2ruvGE6GmnTohwAAAFvFwmZGwAABAMARzBFAiEAqli0mDm4 tPelXQkTn9I5zxoQeIPA/tK2PcguMGo1zJICIF7jM6+yF8LT4KSWcaBBAFU1HcE9 UyJYUiRW7B9FG+EfMA0GCSqGSIb3DQEBCwUAA4IBAQBfIJ3bgLke4C19g7m5Qkmp 9PcT7slKzk8sFhbua4cI+nUtkMPXrZWn0y4ssB1mS3zQ7U8+V0JMU/zLMsE95f0O MfZdPVZR6OyJCNvQixvnHZNiAMBjyCOVwq8Y33NQzUmX53m+xSAc3vOFwtFabbiA mPr1cKPQDe4xifMHFnR2/dBLBrttAd5HaZvYftBqQrPQt0R1Swv29wuW9NtT2pS6 MjHuTN1hpFTuAHb9E/NTuVFY3pgjzMMUXNZm5Wdhl1KwxLL82XCjXm6WMDf5efJV s84fomXbj4kqnu9BDAJQ4Pdh12ShzsbxMAPNaelRibfoxbbqxLGI+P8ScQarP2qA -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApCnYi4Z7bMmrx4oGJgll vInGvGnm60l978FJkyj04/O0sBNNkoFjvqHJe1gEf4FIfMKD8Zd0/4HrRLUnkYXN KRgD3TkCA2sj7GQwl6txf6sKIXb6ymZ1QlbXFH/v6wEzWw889iv9ELChZ3TCHDyC q/5ewLi6Yu4LJiYpKfZ9/XDjY8KihBP+aWvzEdQ9K3xmwoM+pri0nat3n3YLRD6E nUx+xO9hRz2XKb4GL8y4au7N66x3Lo6uX/JjMczcY9M2Ne/fAY7kNJf2I7UEXBlZ MXlANpF+RjWuEuzcKTohFbc1atvO7XdD9AravBP0A3sJQwD1XpX7PglrC4it4AsA O7b9PisVADY6lOfzd5uCwhM6SYrUZ5lpF5mjHCIBkkg5OuYxmNGmcm1ckCMe4KKJ 8w/P8whxJ3Da9CN6GB4IvyB/1rjLErP1fDEuWAsisLTvVMBnOKmVlA9DOIDmdl0y 8r+ypzTETiLEN5+KUWmatpxcnbPLacbVvQKUTprYA8Qv6ptKNZPRuOXA8tAi1isM 9wPikHmYw65agOedGtW39xSAn3GQoS6Ypjo40RYFfhf4IyTl7zm1sPnhHAJ8r/2d 3jz/BLr/33Ryhy3CBhTRgdLILjTzfWNuF42wlDz1q0Irc0g3pTLPGyljS75IMGZp 5Z9S23pdFKtNCWQQJN9SKRcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 265489590266057007543463497853980865800783 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-18 02:25:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-17 02:25:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cmacan.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 669728487670856271488950683833874470430398425737450548672091422952640008319774381254367296895205104972264956574970017444647744759133901676641731613472909536723555547797682436821971109297203570550243452477004115840977138376880844201707937974922035762207891407329676275395817327859656250024402274599549350683817771040109713978358277627048339843930308774814841330130726167389377362474367786186546141919291211928479299143251823496546302110825288075857539717567878680291295179417732091169640800511393412775196987984039142060924987252961653190448753242564162857612514903074939597172079350343083256663918437397865384658043987242966876067986534743437443428399640030007185304714959912878309298948049913006174368478099945222506893621337290458398213632177074781099712621264799889786003665232260606198431688600146928956258148196250883978893006197249683576088175214356890827306981036243964685055508761053168039694028725852507258755636993071435581245826878476119518213490112577089504374999445930909094369949887783134993641282209206554574941569006738015603898576104485001168141296558318339459588111316815383571101578219103286049731760351350206607715663405823158508581949648672380213212785002795297709843986540971994778553314843228519717278881818903 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 60e01e393bd9da1b3c6641b266ae10ff4aa6189f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmacan.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmacan.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f170998fc000004030047304502205a50c41e920f3187a39a18a99436dcb136a72750ff4d547637b2e598df6818cc022100ce2593ab41fac97925fae486f075a780b21e293e8cfee75537b2538c83a68a4900760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f1709991b0000040300473045022100aa58b49839b8b4f7a55d09139fd239cf1a107883c0fed2b63dc82e306a35cc9202205ee333afb217c2d3e0a49671a0410055351dc13d532258522456ec1f451be11f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005f209ddb80b91ee02d7d83b9b94249a9f4f713eec94ace4f2c1616ee6b8708fa752d90c3d7ad95a7d32e2cb01d664b7cd0ed4f3e57424c53fccb32c13de5fd0e31f65d3d5651e8ec8908dbd08b1be71d936200c063c82395c2af18df7350cd4997e779bec5201cdef385c2d15a6db88098faf570a3d00dee3189f307167476fdd04b06bb6d01de47699bd87ed06a42b3d0b744754b0bf6f70b96f4db53da94ba3231ee4cdd61a454ee0076fd13f353b95158de9823ccc3145cd666e567619752b0c4b2fcd970a35e6e963037f979f255b3ce1fa265db8f892a9eef410c0250e0f761d764a1cec6f13003cd69e95189b7e8c5b6eac4b188f8ff127106ab3f6a80