*.onescm.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0c:98:98:09:b5:f1:c4:75:d4:a8:2e:dc:e6:d6:f2:e0 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.onescm.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:98:98:09:b5:f1:c4:75:d4:a8:2e:dc:e6:d6:f2:e0Serial Number (int): 16743048767538567614279629892694242016
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 35:55:8b:a4:6a:22:b0:64:df:09:97:0d:32:07:99:da:e9:d6:84:52
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): ea:45:55:39:7c:2a:f7:5e:14:7b:d2:fa:32:09:49:64:96:40:b4:75
Fingerprint (sha256): c5:75:e5:fb:f3:48:e6:83:9e:02:6a:23:68:f8:6f:71:3c:22:08:0f:bf:43:fc:af:08:aa:73:59:73:d1:ff:b1
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate *.onescm.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.onescm.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.onescm.com
onescm.com
onescm.com
Other certificates including the domain name onescm.com
(limited to 100 certificates)
www.onescm.com
support.engineyard.com
status.biznessapps.com
classichelp.kayako.com
support.engineyard.com
support.cardinal-mark.com
status.accept360.com
support.engineyard.com
onescm.com
imports.versata.com
www.onescm.com
support.crossover.com
onescm.com
*.onescm.com
support.infinio.com
www.onescm.com
*.onescm.com
*.onescm.com
demo.onescm.com
WWW.ONESCM.COM
support.engineyard.com
onescm.com
classichelp.kayako.com
classichelp.kayako.com
onescm.com
demo.onescm.com
classichelp.kayako.com
www.onescm.com
status.biznessapps.com
imports.versata.com
support.cardinal-mark.com
avolin.com
support.engineyard.com
dnnsupport.dnnsoftware.com
classichelp.kayako.com
support.engineyard.com
*.onescm.com
demo.onescm.com
*.onescm.com
support.cardinal-mark.com
WWW.ONESCM.COM
classichelp.kayako.com
*.onescm.com
avolin.com
onescm.com
onescm.com
imports.versata.com
status.biznessapps.com
classichelp.kayako.com
www.onescm.com
support.cardinal-mark.com
support.cardinal-mark.com
onescm.com
www.onescm.com
imports.versata.com
support.engineyard.com
www.onescm.com
support.engineyard.com
status.biznessapps.com
classichelp.kayako.com
support.engineyard.com
WWW.ONESCM.COM
imports.versata.com
avolin.com
demo.onescm.com
copilot.onescm.com
classichelp.kayako.com
imports.versata.com
*.onescm.com
status.accept360.com
classichelp.kayako.com
avolin.com
demo.onescm.com
support.engineyard.com
*.onescm.com
classichelp.kayako.com
onescm.com
www.onescm.com
status.accept360.com
*.onescm.com
*.onescm.com
imports.versata.com
support.engineyard.com
support.cardinal-mark.com
onescm.com
objectstore.com
support.engineyard.com
onescm.com
onescm.com
status.biznessapps.com
support.engineyard.com
WWW.ONESCM.COM
onescm.com
*.onescm.com
WWW.ONESCM.COM
support.engineyard.com
status.biznessapps.com
classichelp.kayako.com
support.engineyard.com
support.cardinal-mark.com
status.accept360.com
support.engineyard.com
onescm.com
imports.versata.com
www.onescm.com
support.crossover.com
onescm.com
*.onescm.com
support.infinio.com
www.onescm.com
*.onescm.com
*.onescm.com
demo.onescm.com
WWW.ONESCM.COM
support.engineyard.com
onescm.com
classichelp.kayako.com
classichelp.kayako.com
onescm.com
demo.onescm.com
classichelp.kayako.com
www.onescm.com
status.biznessapps.com
imports.versata.com
support.cardinal-mark.com
avolin.com
support.engineyard.com
dnnsupport.dnnsoftware.com
classichelp.kayako.com
support.engineyard.com
*.onescm.com
demo.onescm.com
*.onescm.com
support.cardinal-mark.com
WWW.ONESCM.COM
classichelp.kayako.com
*.onescm.com
avolin.com
onescm.com
onescm.com
imports.versata.com
status.biznessapps.com
classichelp.kayako.com
www.onescm.com
support.cardinal-mark.com
support.cardinal-mark.com
onescm.com
www.onescm.com
imports.versata.com
support.engineyard.com
www.onescm.com
support.engineyard.com
status.biznessapps.com
classichelp.kayako.com
support.engineyard.com
WWW.ONESCM.COM
imports.versata.com
avolin.com
demo.onescm.com
copilot.onescm.com
classichelp.kayako.com
imports.versata.com
*.onescm.com
status.accept360.com
classichelp.kayako.com
avolin.com
demo.onescm.com
support.engineyard.com
*.onescm.com
classichelp.kayako.com
onescm.com
www.onescm.com
status.accept360.com
*.onescm.com
*.onescm.com
imports.versata.com
support.engineyard.com
support.cardinal-mark.com
onescm.com
objectstore.com
support.engineyard.com
onescm.com
onescm.com
status.biznessapps.com
support.engineyard.com
WWW.ONESCM.COM
onescm.com
*.onescm.com
WWW.ONESCM.COM
Certificate
The complete raw certificate details for *.onescm.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIQDJiYCbXxxHXUqC7c5tby4DANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAzMzEwMDAwMDBaFw0yMTA0MzAx MjAwMDBaMBcxFTATBgNVBAMMDCoub25lc2NtLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM+nZ7VRtQkTjocRkLwO5+WlQgY9r3m5I0cOK/zB3tVp +07T4//4NoxuByRsn/2BLT9apo6/iH8rDki3XH+47ahYV3nTzWBht8CtZPyTJ0w4 Qb9jRx0Dzdw4IGEVYzyNDQNif3dWBPBj8AavJEe5YOxcu7lFORoov2X0/adWigaV 6D+OJEQ/lWyyb9ylnzRfvO/14sTz0wWrb2lkMpmVVl+dYi0cFzMjwcvr0EdCGg0b sDfdBsenqGZZJMLCEDMtNUVItWnuK1fnLbqtPeFLYFUGoPl3HuJyghyk5T7RV0KV gCTnz/FTBC/CeNP9Iq7o7MydhiaJrPwpwFJf7oDGQ58CAwEAAaOCAoQwggKAMB8G A1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBQ1VYukaiKw ZN8Jlw0yB5na6daEUjAjBgNVHREEHDAaggwqLm9uZXNjbS5jb22CCm9uZXNjbS5j b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0 LmNvbS9zY2ExYi5jcmwwIAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIB MHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIu YW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFt YXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAQQGCisGAQQB 1nkCBAIEgfUEgfIA8AB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTj AAABcS30FysAAAQDAEgwRgIhALVoCjhWvl+STl1enrInJIrjro8XADxspPNcWPHT V97PAiEAsImRrB2PGs2ft7acj93c59T39I0FrcDXD090+JVzOqoAdQBc3EOS/uar RUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXEt9Bd7AAAEAwBGMEQCIDrUL7Ea UaY4x7wTEkXHdDS1ANEAei2Dxmh0HuJa6G3IAiBq9nDGDsyUEU2jNfhvY5Ve8B+D /+G8DYsRhNm7+5GJ7TANBgkqhkiG9w0BAQsFAAOCAQEAkjDqPaphTeAX3WezL1IO /asEyl9TDb3CCKBcImUMCpIyQSIFukrTAQVj8wYmYCVrcY83mI0I1P6viskJ0nWd 0ImkjKOFcKWuDdq/1DVEelKoe+ioWG8O8Ixf3eURqdL5dDSvsQJZaCRIMUW1LiQ7 l8Fw9azzsErw0auNFnxQndhKA3/qzn3X/I71ocKf6AR+Qd530mG2ju7Ac0AgfMDk 0WPRWthiIhzUCAsCLNuw7gOJUQal8R/0F3fpXLGixKyamkawKZk85FSiFan/zkvS 8+zbttIl350S/QKQ1SVqP3zlhg2ZwZdl3vCHdg8fZNDkzyGXbs5NXrxqETmL39R+ JA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6dntVG1CROOhxGQvA7n 5aVCBj2vebkjRw4r/MHe1Wn7TtPj//g2jG4HJGyf/YEtP1qmjr+IfysOSLdcf7jt qFhXedPNYGG3wK1k/JMnTDhBv2NHHQPN3DggYRVjPI0NA2J/d1YE8GPwBq8kR7lg 7Fy7uUU5Gii/ZfT9p1aKBpXoP44kRD+VbLJv3KWfNF+87/XixPPTBatvaWQymZVW X51iLRwXMyPBy+vQR0IaDRuwN90Gx6eoZlkkwsIQMy01RUi1ae4rV+ctuq094Utg VQag+Xce4nKCHKTlPtFXQpWAJOfP8VMEL8J40/0irujszJ2GJoms/CnAUl/ugMZD nwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16743048767538567614279629892694242016 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-31 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-30 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.onescm.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26213879664643063620707892062331434805927898598741611566206805297230520628480844918072744313788833516692859329869256768701209859591951044250250113253082373725046660294885060630561325189450095860054473070083868484356681561768347352214367766560351146627144004593284610928578228342220078812679707442782466297468363156231615487606981587278053462520536968671997216757174775822730363142809461028794452839391943204861024302223370706933420963517934232787134804704717388956492616228284011930726995129720260331926057359750653994689163508490230396362737001211607769430345589479619230827541624753430421565881699883014979108357023 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 35558ba46a22b064df09970d320799dae9d68452 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.onescm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onescm.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e3000001712df4172b0000040300483046022100b5680a3856be5f924e5d5e9eb227248ae3ae8f17003c6ca4f35c58f1d357decf022100b08991ac1d8f1acd9fb7b69c8fdddce7d4f7f48d05adc0d70f4f74f895733aaa0075005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca000001712df4177b000004030046304402203ad42fb11a51a638c7bc131245c77434b500d1007a2d83c668741ee25ae86dc802206af670c60ecc94114da335f86f63955ef01f83ffe1bc0d8b1184d9bbfb9189ed . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009230ea3daa614de017dd67b32f520efdab04ca5f530dbdc208a05c22650c0a9232412205ba4ad3010563f3062660256b718f37988d08d4feaf8ac909d2759dd089a48ca38570a5ae0ddabfd435447a52a87be8a8586f0ef08c5fdde511a9d2f97434afb102596824483145b52e243b97c170f5acf3b04af0d1ab8d167c509dd84a037feace7dd7fc8ef5a1c29fe8047e41de77d261b68eeec07340207cc0e4d163d15ad862221cd4080b022cdbb0ee03895106a5f11ff41777e95cb1a2c4ac9a9a46b029993ce454a215a9ffce4bd2f3ecdbb6d225df9d12fd0290d5256a3f7ce5860d99c19765def087760f1f64d0e4cf21976ece4d5ebc6a11398bdfd47e24