canton.de
Issued by R3
About this certificate
This digital certificate with serial number 03:44:da:4e:92:84:43:9e:1a:ea:f8:e2:bf:07:8a:dc:4d:82 was issued on by Let's Encrypt.
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=canton.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:44:da:4e:92:84:43:9e:1a:ea:f8:e2:bf:07:8a:dc:4d:82Serial Number (int): 284766238419851479050309531595037740912002
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ea:4c:b1:c9:2e:d3:54:af:30:db:68:8c:39:7f:d0:6f:5b:23:55:b8
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8c:00:31:4f:77:cb:71:2d:87:2f:1f:af:fb:a9:12:46:f8:1c:ef:6a
Fingerprint (sha256): c7:66:54:9c:a5:e3:d5:5c:88:c3:38:51:3e:bb:06:ff:f8:09:8c:a1:39:6c:40:79:8e:a3:6d:c7:e1:95:4c:62
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate canton.de
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for canton.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
backupcanton.canton.de
canton.at
canton.ch
canton.de
canton.eu
canton.us
hifi.canton.de
homecinema.canton.de
prohouse.canton.de
reference.canton.de
shop.canton-server.de
www.canton.at
www.canton.ch
www.canton.de
www.canton.eu
www.canton.us
canton.at
canton.ch
canton.de
canton.eu
canton.us
hifi.canton.de
homecinema.canton.de
prohouse.canton.de
reference.canton.de
shop.canton-server.de
www.canton.at
www.canton.ch
www.canton.de
www.canton.eu
www.canton.us
Other certificates including the domain name canton.de
(limited to 100 certificates)
canton.de
canton.de
download.canton.de
www.canton.de
canton.de
download.canton.de
www.canton.de
download.canton.de
download.canton.de
*.canton.de
www.canton.de
download.canton.de
canton.de
canton.nl
canton.de
canton.de
download.canton.de
canton.de
www.canton.de
www.canton.de
www.canton.de
*.canton.de
canton.nl
canton.de
download.canton.de
www.canton.de
canton.de
download.canton.de
www.canton.de
download.canton.de
download.canton.de
*.canton.de
www.canton.de
download.canton.de
canton.de
canton.nl
canton.de
canton.de
download.canton.de
canton.de
www.canton.de
www.canton.de
www.canton.de
*.canton.de
canton.nl
Certificate
The complete raw certificate details for canton.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2TCCBcGgAwIBAgISA0TaTpKEQ54a6vjivweK3E2CMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMjkxMjQ4MDJaFw0yNDAyMjcxMjQ4MDFaMBQxEjAQBgNVBAMT CWNhbnRvbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZo7T7H jhzuhBulge0IMD4xqvjjEkGxNLSkusn+IKYkZsjzf2Zd0zn/HXypSBSYrd/qAr3U tGbFlT/Rvb+mNcRg+Z6/iiNESoWAJs0TXt0WYXtSbOjdWxlxOWt/8j55ceEqcT0D Vts9HxyQnbhgBNDx457oXcjjCMEuADZ0lJKbTQuhDIDnwQRvGUu1vDVk0tpS/6vh t/VbOCYZlkvysuM6UnTVyOhtCBNa+EM43FhcGg/K0md7xdkj1eeFIwv0dvkUKASe 8VoOYyhyZSPWd7KBS0D6erode6bqYb3sC8zbe9BDqJ6/97c49uIUAHUz5bqHK+O+ qpTbRZgMDMc/SRr/boZms5N0W5qVzRvkkokad3BQD2u43HLAB5af9i89O2hNzG5b R4nueSzdnZ2x7XUY8MSEDR+2nTL2PqYeOm5ptE0e008c6lYWD1YVm1YzEmtmUzxh 4cJh8EC2ul5MhxMiKkqAmumW94YNnWDl9kWgUfS8GAiVGdQk8JEHW8Nj8axT4z4Y 6KXMLrsbr+wwAHOumLOdLLTLQtvBR54Kaj4Czl6oo8L5H8kXX70J79oufbNPtwWT sUZSFHmctSWtkg4JqPX1UG+5d3C27MOQsLd28B7IpqV9EuKVe7fYyq40EKIV8F7C GNGsZndGHRlu+vYLTKnfdFBE6Xqo5HeKX6W5AgMBAAGjggMFMIIDATAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFOpMscku01SvMNtojDl/0G9bI1W4MB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMIIBDQYDVR0RBIIBBDCCAQCCFmJhY2t1cGNhbnRvbi5jYW50 b24uZGWCCWNhbnRvbi5hdIIJY2FudG9uLmNoggljYW50b24uZGWCCWNhbnRvbi5l dYIJY2FudG9uLnVzgg5oaWZpLmNhbnRvbi5kZYIUaG9tZWNpbmVtYS5jYW50b24u ZGWCEnByb2hvdXNlLmNhbnRvbi5kZYITcmVmZXJlbmNlLmNhbnRvbi5kZYIVc2hv cC5jYW50b24tc2VydmVyLmRlgg13d3cuY2FudG9uLmF0gg13d3cuY2FudG9uLmNo gg13d3cuY2FudG9uLmRlgg13d3cuY2FudG9uLmV1gg13d3cuY2FudG9uLnVzMBMG A1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAO1N3 dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGMG1YwZQAABAMARzBFAiA+ iyNqses5JDSP+xgLhqriRtepFImXwW5S3AlelP7nDwIhAMuwSidYhKsoD9ACiApD uRWJ7fa4Yc/ecKQ1+EUzMy6UAHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZ RnEftZsAAAGMG1YwYAAABAMARjBEAiAXBwzY1xwqTaC73t5vXjhpcKLWlBSgeRLp oeSPM91nqgIgClvgNbWQwEF5hjsRqwFSrcsT4xlQXB2KUpMIeEIg/d8wDQYJKoZI hvcNAQELBQADggEBACXzWKC8uSnpxfM5QN+5ngmrLnpY9Wj4cf1v4v3SJGWkbjbG 7HXq8ZNHEo2edDh9XD8DbT+bcKYZcY833HM6nP9s3qZCYQtRGAgfapFpsx4QM2VQ r+xqPy2ivY/txQxoINxSX12ybHO3bEHyphXQQwyM6vGUpB+kAdejTpu6JupTw6MO uS182oKPiBVc/0NLiAtHZyYIRGHxXRTnTBg5RyYkrR3k9F5ddZcd5oxmtrIdE6E2 a8SoKhd7bAdxh4iODO0OhFRY7hWN7sZXdbgHk5elM+SXazi4JIDCizxxfKr0mM3/ d3lS2BHToIKPh/bhhlOWhWrRtSxZvgh/quSGIkE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxmjtPseOHO6EG6WB7Qgw PjGq+OMSQbE0tKS6yf4gpiRmyPN/Zl3TOf8dfKlIFJit3+oCvdS0ZsWVP9G9v6Y1 xGD5nr+KI0RKhYAmzRNe3RZhe1Js6N1bGXE5a3/yPnlx4SpxPQNW2z0fHJCduGAE 0PHjnuhdyOMIwS4ANnSUkptNC6EMgOfBBG8ZS7W8NWTS2lL/q+G39Vs4JhmWS/Ky 4zpSdNXI6G0IE1r4QzjcWFwaD8rSZ3vF2SPV54UjC/R2+RQoBJ7xWg5jKHJlI9Z3 soFLQPp6uh17puphvewLzNt70EOonr/3tzj24hQAdTPluocr476qlNtFmAwMxz9J Gv9uhmazk3RbmpXNG+SSiRp3cFAPa7jccsAHlp/2Lz07aE3MbltHie55LN2dnbHt dRjwxIQNH7adMvY+ph46bmm0TR7TTxzqVhYPVhWbVjMSa2ZTPGHhwmHwQLa6XkyH EyIqSoCa6Zb3hg2dYOX2RaBR9LwYCJUZ1CTwkQdbw2PxrFPjPhjopcwuuxuv7DAA c66Ys50stMtC28FHngpqPgLOXqijwvkfyRdfvQnv2i59s0+3BZOxRlIUeZy1Ja2S Dgmo9fVQb7l3cLbsw5Cwt3bwHsimpX0S4pV7t9jKrjQQohXwXsIY0axmd0YdGW76 9gtMqd90UETpeqjkd4pfpbkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 284766238419851479050309531595037740912002 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-29 12:48:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-27 12:48:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canton.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 809441649487947889065648417674218540868451749100512933341745075532312708920703702826114786034437507481538346664859534225524486708353199828866385890178587112751823029321458763903590278714435417555093935134167684144638430256991596093226883109270743876941364696520533351749287322147209640058683299243661861229086280548561932873244377927390792590218637357382411735119665828898658433213875479144018565207904369299238312604351318542685780087169576006209549200562185845189496666245256535156129772919283201181762669058634589158297950936545088895265906376614330980097168031768243144282132464723152970765341127864060758657009123375155049425698622820273523887404150922420222451993419503428662627032312706387596549061245434880641408983655458201610560737785150852349611651330791990989655158124724686937193108154542967423256647744530330234708868219258369791364247063813443124765668864218073042978968127660434141415643827582743727893468283608365220004297188001032791862317905455263380494311746528089311113742770552725859904769818026483184302330703600680275113687083996045227783839477990626829114836104993118941016148432711386449690641794257331753047751379343901029699263711589557153867390196074954595716550568277332775168150307255753111131507369401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ea4cb1c92ed354af30db688c397fd06f5b2355b8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (260 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'backupcanton.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canton.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hifi.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homecinema.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prohouse.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reference.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.canton-server.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canton.us' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c1b563065000004030047304502203e8b236ab1eb3924348ffb180b86aae246d7a9148997c16e52dc095e94fee70f022100cbb04a275884ab280fd002880a43b91589edf6b861cfde70a435f84533332e94007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c1b5630600000040300463044022017070cd8d71c2a4da0bbdede6f5e386970a2d69414a07912e9a1e48f33dd67aa02200a5be035b590c04179863b11ab0152adcb13e319505c1d8a529308784220fddf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0025f358a0bcb929e9c5f33940dfb99e09ab2e7a58f568f871fd6fe2fdd22465a46e36c6ec75eaf19347128d9e74387d5c3f036d3f9b70a619718f37dc733a9cff6cdea642610b5118081f6a9169b31e10336550afec6a3f2da2bd8fedc50c6820dc525f5db26c73b76c41f2a615d0430c8ceaf194a41fa401d7a34e9bba26ea53c3a30eb92d7cda828f88155cff434b880b476726084461f15d14e74c1839472624ad1de4f45e5d75971de68c66b6b21d13a1366bc4a82a177b6c077187888e0ced0e845458ee158deec65775b8079397a533e4976b38b82480c28b3c717caaf498cdff777952d811d3a0828f87f6e1865396856ad1b52c59be087faae4862241