limitlessdenver.com
Issued by StartCom Class 1 DV Server CA
About this certificate
This digital certificate with serial number 5d:e0:80:88:01:ec:c0:c7:9c:e5:82:b1:cc:f7:d2:c3 was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=limitlessdenver.com
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 5d:e0:80:88:01:ec:c0:c7:9c:e5:82:b1:cc:f7:d2:c3Serial Number (int): 124783885028364048802431831087739556547
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 1b:c8:1a:40:77:5f:7c:fd:e2:02:bc:21:b4:f9:5f:f6:23:00:9e:21
AuthorityKeyId: d7:91:4e:01:c4:b0:bf:f8:c8:67:93:44:9c:e7:33:fa:ad:93:0c:af
Fingerprint (sha1): af:87:88:e6:0e:2b:16:e6:09:e2:93:85:a8:01:01:79:7c:f6:ab:35
Fingerprint (sha256): c2:c8:cc:c2:42:ab:b6:f7:39:f8:c9:bf:3f:cb:ab:82:c6:70:a5:3d:50:77:fb:e3:2f:8b:c6:b4:5a:cb:66:82
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server1.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server1.crl
Check the revocation status for certificate limitlessdenver.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for limitlessdenver.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
limitlessdenver.com
www.limitlessdenver.com
www.limitlessdenver.com
Other certificates including the domain name limitlessdenver.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for limitlessdenver.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGfTCCBWWgAwIBAgIQXeCAiAHswMec5YKxzPfSwzANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE2MDMyMzIyMzIzN1oXDTE3MDMy MzIyMzIzN1owHjEcMBoGA1UEAwwTbGltaXRsZXNzZGVudmVyLmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANoLLKQqBw1JUS0J8k0PFJbkhzokbwu1 QUEQ8Zl3P4pi4dYcFODDk6oaafZMgRjlQJFYvryT5nvc7DnCv83ArHAzpbJoB8KI yq596Cw2NZvv8zYXL76KfytN69bEmXFwvUNt4mbK9jEd+n6P8L76p7/Vu4tS9Vj4 wlFZeUdBkQ9GX1DMBYevkJ1LLk/HK3JTQ4MQTvNnxQfoXV8j0unuMKEPSr/UAcUQ 5lTBJRXny6/1Ai/0e9CW8cukUmr/yUmBiBKshj3HTwI3WYJ4k3oZk4xjxa6ahV2u J2aC4GIuWq7N4+1hNtxMvW1s+XRPhETDSxCbPqleZtw9z4DrP49GLvsCAwEAAaOC A1swggNXMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB BQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUG8gaQHdffP3iArwhtPlf9iMAniEw HwYDVR0jBBgwFoAU15FOAcSwv/jIZ5NEnOcz+q2TDK8wbwYIKwYBBQUHAQEEYzBh MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5zdGFydHNzbC5jb20wOQYIKwYBBQUH MAKGLWh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL3NjYS5zZXJ2ZXIxLmNy dDA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9zY2Et c2VydmVyMS5jcmwwNwYDVR0RBDAwLoITbGltaXRsZXNzZGVudmVyLmNvbYIXd3d3 LmxpbWl0bGVzc2RlbnZlci5jb20wIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFy dHNzbC5jb20vMFAGA1UdIARJMEcwCAYGZ4EMAQIBMDsGCysGAQQBgbU3AQIEMCww KgYIKwYBBQUHAgEWHmh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeTCCAX4G CisGAQQB1nkCBAIEggFuBIIBagFoAHcAzbUXm3/BwEb+6jETaj+PAC5hgvr4iW/s yLL1tatgSQAAAAFTpbMLNAAABAMASDBGAiEAwneOksIBqcjkgS101znGFAFDK75V x2uhEp8kBsMMpu8CIQDC76pzCoXW1mSKPq4W+sZ5h4F7lNZzUPdF6VMLHVYqGgB1 AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vEAAABU6WzEIUAAAQDAEYw RAIgRujKUzbI30eGWO/HYVdceDBtYcDfpyaKNq1HJadFHhcCIBJH6d+Gggu1vuH4 RzuvtqJb7i82jKknWz2L4rM9SBb+AHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiD AMR7iXqo/csAAAFTpbMTkwAABAMARzBFAiBZBOp33VesCz4Ex/Z6l7Yw14VXNau6 KVykhThodR+C8wIhAIBUnjrYNH4HyydTEjGpikFRRPL00/e9pWC78v5wH8DAMA0G CSqGSIb3DQEBCwUAA4IBAQDATZ7aNQsNQF2rJ4tIuKXI8hyeHFB7Ch9d5gLyDen0 Rdgds9A1sXYrGCdXnPl7Fn/SYXEvxlIH1Lh4ysXOG53ll0HdZrG8ocnv1/OG2Lus q3+9yEenOHFwlMC0jWqRx/QFur2o//Q8kftP9VzXkJfVC29/UXxhn4fiUF2/b/rW dQnQnEZhzLfGgJHKAe8vAdr+h/tv05V+ZB8eL7enx9jBTeO33L5q8tWImggR9N87 0cvSMwUoZxuVNppgUR5e04YiDejfakAItRu5dcSwdzcjCG5Pe+X9l1hizPpVqngR tn5oDRbIZJyojsFE8mrZWkngxgFLZactB+2jhqxP0Mni -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gsspCoHDUlRLQnyTQ8U luSHOiRvC7VBQRDxmXc/imLh1hwU4MOTqhpp9kyBGOVAkVi+vJPme9zsOcK/zcCs cDOlsmgHwojKrn3oLDY1m+/zNhcvvop/K03r1sSZcXC9Q23iZsr2MR36fo/wvvqn v9W7i1L1WPjCUVl5R0GRD0ZfUMwFh6+QnUsuT8crclNDgxBO82fFB+hdXyPS6e4w oQ9Kv9QBxRDmVMElFefLr/UCL/R70Jbxy6RSav/JSYGIEqyGPcdPAjdZgniTehmT jGPFrpqFXa4nZoLgYi5ars3j7WE23Ey9bWz5dE+ERMNLEJs+qV5m3D3PgOs/j0Yu +wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 124783885028364048802431831087739556547 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 DV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-23 22:32:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-23 22:32:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'limitlessdenver.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27525460774723770709804853011889794113641468891742902152389690363698454446508094233420343218285680793939774548082156202957327496841810754760958756147525689282300871702195687776530022875409170865724758234744527277652877986824762707285975361738202241693872219677998148377243288607094899369130450106165278623285912666130618051642592480504680691470402803521575250018181294803830829057152602031983586237639761159910344796852905954576730576231686984765681307447518534645318415381925178174318132296830104217279657102506073226864336027908704957293553768249776325461095377569342181550599869745848198779711241078582642852900603 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1bc81a40775f7cfde202bc21b4f95ff623009e21 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d7914e01c4b0bff8c86793449ce733faad930caf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'limitlessdenver.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.limitlessdenver.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700cdb5179b7fc1c046feea31136a3f8f002e6182faf8896fecc8b2f5b5ab60490000000153a5b30b340000040300483046022100c2778e92c201a9c8e4812d74d739c61401432bbe55c76ba1129f2406c30ca6ef022100c2efaa730a85d6d6648a3eae16fac67987817b94d67350f745e9530b1d562a1a00750068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000153a5b310850000040300463044022046e8ca5336c8df478658efc761575c78306d61c0dfa7268a36ad4725a7451e1702201247e9df86820bb5bee1f8473bafb6a25bee2f368ca9275b3d8be2b33d4816fe007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000153a5b31393000004030047304502205904ea77dd57ac0b3e04c7f67a97b630d7855735abba295ca4853868751f82f302210080549e3ad8347e07cb27531231a98a415144f2f4d3f7bda560bbf2fe701fc0c0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00c04d9eda350b0d405dab278b48b8a5c8f21c9e1c507b0a1f5de602f20de9f445d81db3d035b1762b1827579cf97b167fd261712fc65207d4b878cac5ce1b9de59741dd66b1bca1c9efd7f386d8bbacab7fbdc847a738717094c0b48d6a91c7f405babda8fff43c91fb4ff55cd79097d50b6f7f517c619f87e2505dbf6ffad67509d09c4661ccb7c68091ca01ef2f01dafe87fb6fd3957e641f1e2fb7a7c7d8c14de3b7dcbe6af2d5889a0811f4df3bd1cbd2330528671b95369a60511e5ed386220de8df6a4008b51bb975c4b0773723086e4f7be5fd975862ccfa55aa7811b67e680d16c8649ca88ec144f26ad95a49e0c6014b65a72d07eda386ac4fd0c9e2