gelato.io
Issued by Amazon
About this certificate
This digital certificate with serial number 02:d3:e1:dc:da:d7:57:54:a7:bb:0b:70:07:0b:7a:61 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=gelato.io
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:d3:e1:dc:da:d7:57:54:a7:bb:0b:70:07:0b:7a:61Serial Number (int): 3758611668805318739194356263295875681
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: a6:59:17:11:8d:b5:d0:3d:ba:70:9d:74:5d:d9:57:ff:4b:b9:ce:84
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 41:e4:ee:73:28:fa:07:0c:b0:a6:74:12:6a:25:4f:5c:2f:c2:9b:5e
Fingerprint (sha256): c1:1e:b8:c1:5d:a8:4b:b2:a8:97:00:fc:40:42:d8:71:f2:82:f3:92:18:25:46:81:00:74:0c:b9:e5:42:31:07
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate gelato.io
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gelato.io
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gelato.io
*.gelato.io
*.gelato.io
Other certificates including the domain name gelato.io
(limited to 100 certificates)
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
Certificate
The complete raw certificate details for gelato.io in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEdTCCA12gAwIBAgIQAtPh3NrXV1SnuwtwBwt6YTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA5MDMwMDAwMDBaFw0yMDEwMDMx MjAwMDBaMBQxEjAQBgNVBAMTCWdlbGF0by5pbzCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALEVDEOLs/z+vYvE11f4ZS3jzu3S7Z48Fxezcsdxz57ze3l3 Na2wYHHW83TkoEsQc/7N8BE2YQISIrh3Uwxyy0WR3PlizWs8J2XPit1wTEPSNeIo 2AXL/aqnOKDVfUsyXHZ9Pm/rsnLzGBT3k9QytaGV49rtnhuoZvxEAkYbUDXGdrW/ s1YpnRWbDpnTTKrZA58V224+dblUkPe6Iob766+w7AMEf2hlmOQVuRcXX/O7jrqs SUEZNUTLpvAe0YzMfW6N8UHuxZihnt8inAz/Xswyd9+Ya/eMEo5ngae7m+rIG/zP lpxImdAXfrLuJ+6X0i4qYT7dOUr2yBm5lKQ2LQsCAwEAAaOCAY8wggGLMB8GA1Ud IwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBSmWRcRjbXQPbpw nXRd2Vf/S7nOhDAhBgNVHREEGjAYgglnZWxhdG8uaW+CCyouZ2VsYXRvLmlvMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYD VR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20v c2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1Bggr BgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpv bnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250 cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB /wQCBQAwDQYJKoZIhvcNAQELBQADggEBAKjkETiuE2VGvDPxYDZqjWqR9N8lX1aG zsPgnSy7M7ETOY6N05uEa1WJTWaDCTqCh/L9PSh4ESuAAd5Oy99T+nAs89xBchVU 7A74mcYz5ErbfneatfjDfP3C7m+6XXr8nwfs5Qrc49fGQZpMbgyMfrF15gvFaJiF egv+pGFMrooDqdnudcuFD7US2UMv65sJE5OV3D/uYOqRk2XMSX5Xb76vjB2dTFcE sewwUUNBYGMlGWcQS+I3Axdnhnicom5ZlC3aJ5xFePSmw+8spSVhZlnmICuhdZtm dShkrCUW7/HbviHC9hLQD4rtPZiosgQlo+bnxBFg2twvcfIWPrXBLEo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRUMQ4uz/P69i8TXV/hl LePO7dLtnjwXF7Nyx3HPnvN7eXc1rbBgcdbzdOSgSxBz/s3wETZhAhIiuHdTDHLL RZHc+WLNazwnZc+K3XBMQ9I14ijYBcv9qqc4oNV9SzJcdn0+b+uycvMYFPeT1DK1 oZXj2u2eG6hm/EQCRhtQNcZ2tb+zVimdFZsOmdNMqtkDnxXbbj51uVSQ97oihvvr r7DsAwR/aGWY5BW5Fxdf87uOuqxJQRk1RMum8B7RjMx9bo3xQe7FmKGe3yKcDP9e zDJ335hr94wSjmeBp7ub6sgb/M+WnEiZ0Bd+su4n7pfSLiphPt05SvbIGbmUpDYt CwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3758611668805318739194356263295875681 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-03 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gelato.io' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22354559088110886169197975891109661564682481403987512303624248227428230153799034029116791565028200295562335427078266562525251753502239580591790599028956240881493139877463707685796733199393414519111206062069253912708302497703126155812936192550106927604625771798374101085505694800260504487989854365651652066145198457563975124173502955304234569705165484153836992032344626021147105031727107798546774148304694403085567132923840492543565579135798096729188329693260675996395345088073972216395472188296087531874464838560987916871367834972836213036091019647757701250280448948787924086893889144285643824532844190072317161123083 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a65917118db5d03dba709d745dd957ff4bb9ce84 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gelato.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gelato.io' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a8e41138ae136546bc33f160366a8d6a91f4df255f5686cec3e09d2cbb33b113398e8dd39b846b55894d6683093a8287f2fd3d2878112b8001de4ecbdf53fa702cf3dc41721554ec0ef899c633e44adb7e779ab5f8c37cfdc2ee6fba5d7afc9f07ece50adce3d7c6419a4c6e0c8c7eb175e60bc56898857a0bfea4614cae8a03a9d9ee75cb850fb512d9432feb9b09139395dc3fee60ea919365cc497e576fbeaf8c1d9d4c5704b1ec305143416063251967104be23703176786789ca26e59942dda279c4578f4a6c3ef2ca525616659e6202ba1759b66752864ac2516eff1dbbe21c2f612d00f8aed3d98a8b20425a3e6e7c41160dadc2f71f2163eb5c12c4a