explorecuriocity.org
Issued by R3
About this certificate
This digital certificate with serial number 04:7c:f1:d9:80:24:7b:31:62:1c:75:c1:42:7b:82:32:aa:4c was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=explorecuriocity.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:7c:f1:d9:80:24:7b:31:62:1c:75:c1:42:7b:82:32:aa:4cSerial Number (int): 390965630499678592313736684221359639931468
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 45:e5:ea:c4:ec:b3:ea:50:c5:a5:0b:7f:25:e4:67:d4:86:f4:f5:90
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c6:50:a1:c1:af:12:f6:93:bc:30:05:71:5d:6f:56:ea:fb:68:1a:55
Fingerprint (sha256): c3:c9:5a:fe:17:35:7a:eb:bd:1a:84:6e:cd:25:1e:e0:d7:6a:b6:7e:dc:c0:6a:58:a8:f9:0e:9b:77:6e:54:f3
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate explorecuriocity.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for explorecuriocity.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
explorecuriocity.org
Other certificates including the domain name explorecuriocity.org
(limited to 100 certificates)
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
pps.explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
explorecuriocity.org
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
pps.explorecuriocity.org
pps.explorecuriocity.org
pps.explorecuriocity.org
volunteer.letstalkscience.ca
explorecuriocity.org
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
pps.explorecuriocity.org
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
volunteer.letstalkscience.ca
Certificate
The complete raw certificate details for explorecuriocity.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgISBHzx2YAkezFiHHXBQnuCMqpMMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjAwMzM1NTJaFw0yNDA3MTkwMzM1NTFaMB8xHTAbBgNVBAMT FGV4cGxvcmVjdXJpb2NpdHkub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA0G9UZsb14Gesdbcgu57v0EPa20+Us9JJpvkYyZc6+0XUpqH0nIC/s2un 1smjaDE9sxwCCn9B0jIi9tJsAr6mJ3Rv61e6nIKG9D1YA3NpjmzDTr5kS0gcIjyO 2OTYrv26YaihXcXgB+aXW3w6dRFMGJdxFa7sgujOch1Sg3smffyGXKFD34vXAMA4 sSDwzL5Ua02IRyrSiC02+qhI71mE63n7NGwXJL7r5TmicE0zrWWSSCDibPohoCpQ k1VoLlxNkOr+dxOwu6rVMnVF1XRfyMTFmHJdlmfKSwgoDJxJ2V0Q0ZdXVdbsoy1C IasttDWv8HtLQkaslDSuvI+cOfiwcwIDAQABo4ICFTCCAhEwDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA MB0GA1UdDgQWBBRF5erE7LPqUMWlC38l5GfUhvT1kDAfBgNVHSMEGDAWgBQULrMX t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0 dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu Y3Iub3JnLzAfBgNVHREEGDAWghRleHBsb3JlY3VyaW9jaXR5Lm9yZzATBgNVHSAE DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AEiw42vapkc0 D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjvnKEBkAAAQDAEYwRAIgb934Cbn+ G2vrWQUJghvv7FcEAl8sRMbiG9jstKNKl74CIG7U1fS4Cknhx5m4awz2xUUGSj/Z u+eDe+GOTTBTmmGsAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsA AAGO+coQDQAABAMARzBFAiA0EyUGx/x5yOrVlBEy4CJJClnvdhUYXafXBDORjLLi 9wIhAI0YYmitUlajGR8D+m4XVlDteJ/oF8ODO6nRxI5A67tFMA0GCSqGSIb3DQEB CwUAA4IBAQCq802q1saKwNi46t8FSHhE4NV4+ytISAzhfT7C8Aais2bveSvLMlLB ydGhl1NuwK9lDMGZSPQO9Znu12W4hY4+/t5bk4GRwJNnfs4ynJOtLDccSqjU6MIt nAOEaI9kwtbsm9aiTSPhk83IKAcUqGV7Ilhq4sbUopzz0M52ZPYmTRxwMZUMLEDv ++kurlNzPLUQs14eYjQAZsAGS54DlxdRjGbt31b+arRfixJmld57VF2tKcy4F/n9 hVuQLOhgCLV4RxCGFK6SgqvZQP9OxPAduPgULlNh8PAMLlrkdIqO2eJPiSwytX2t RhlXT0Y1DVI+RE/OFyTbT91TM4dYCIu4 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G9UZsb14Gesdbcgu57v 0EPa20+Us9JJpvkYyZc6+0XUpqH0nIC/s2un1smjaDE9sxwCCn9B0jIi9tJsAr6m J3Rv61e6nIKG9D1YA3NpjmzDTr5kS0gcIjyO2OTYrv26YaihXcXgB+aXW3w6dRFM GJdxFa7sgujOch1Sg3smffyGXKFD34vXAMA4sSDwzL5Ua02IRyrSiC02+qhI71mE 63n7NGwXJL7r5TmicE0zrWWSSCDibPohoCpQk1VoLlxNkOr+dxOwu6rVMnVF1XRf yMTFmHJdlmfKSwgoDJxJ2V0Q0ZdXVdbsoy1CIasttDWv8HtLQkaslDSuvI+cOfiw cwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 390965630499678592313736684221359639931468 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-20 03:35:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-19 03:35:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'explorecuriocity.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26312466150787691339235254397173084323284464481816187049817900646428815358366807298408342345731146009901006370660389608001596473078052013300364449461256305749131300339281282659843152543004699361778054446233181307790358748077428451867865704090153867203010127510185605434328360431221386668614416053929655318783620502159858648148268287599515080779276054803007385515750356424519557081832502926558907464359696990451051599411354985132725521101431783462188366946823609850951666236347503275411313822537554474267878942477736627681485956160091956421864856340962305187660678513297701628782436130735766216243420927563864064176243 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 45e5eac4ecb3ea50c5a50b7f25e467d486f4f590 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'explorecuriocity.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ef9ca1019000004030046304402206fddf809b9fe1b6beb590509821befec5704025f2c44c6e21bd8ecb4a34a97be02206ed4d5f4b80a49e1c799b86b0cf6c545064a3fd9bbe7837be18e4d30539a61ac007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ef9ca100d0000040300473045022034132506c7fc79c8ead5941132e022490a59ef7615185da7d70433918cb2e2f70221008d186268ad5256a3191f03fa6e175650ed789fe817c3833ba9d1c48e40ebbb45 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00aaf34daad6c68ac0d8b8eadf05487844e0d578fb2b48480ce17d3ec2f006a2b366ef792bcb3252c1c9d1a197536ec0af650cc19948f40ef599eed765b8858e3efede5b938191c093677ece329c93ad2c371c4aa8d4e8c22d9c0384688f64c2d6ec9bd6a24d23e193cdc8280714a8657b22586ae2c6d4a29cf3d0ce7664f6264d1c7031950c2c40effbe92eae53733cb510b35e1e62340066c0064b9e039717518c66eddf56fe6ab45f8b126695de7b545dad29ccb817f9fd855b902ce86008b57847108614ae9282abd940ff4ec4f01db8f8142e5361f0f00c2e5ae4748a8ed9e24f892c32b57dad4619574f46350d523e444fce1724db4fdd53338758088bb8