projects.roanmedia.org
Issued by R3
About this certificate
This digital certificate with serial number 03:18:7d:d8:a6:c5:0f:7f:0c:af:71:b6:ea:11:1a:da:95:6a was issued on by Let's Encrypt.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=projects.roanmedia.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:18:7d:d8:a6:c5:0f:7f:0c:af:71:b6:ea:11:1a:da:95:6aSerial Number (int): 269670913019470559159991975672076656350570
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0b:ff:30:10:71:02:a0:d9:ef:2a:17:15:1b:5c:af:7b:6b:da:7d:f6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 6e:fd:db:90:ae:65:4c:0e:ab:41:5e:b8:79:3a:e5:6e:16:fa:38:8e
Fingerprint (sha256): c7:c8:ec:dc:25:8c:80:3f:9d:3b:64:6a:34:8a:49:b4:7f:0c:1e:d2:4b:84:82:a5:41:be:bb:da:34:89:bf:51
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate projects.roanmedia.org
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for projects.roanmedia.org
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gestion.tpanamericana.com
pm.lenderdock.com
pmtpoc.hkfyg.org.hk
project.genius-web.co.jp
project.roxus.io
project.stsolutions.tech
project.volls.me
projects.commercerev.com
projects.energydoctors.co.za
projects.grategy.com
projects.hostusa.us
projects.masuenconsulting.com
projects.missyrenosmith.com
projects.pqmsolutions.com.mx
projects.rent-guard.ca
projects.roanmedia.org
projects.samsoft.co
projects.socaltitle24.com
projects.teameverest.ngo
projects.tharwah.net
projects.tintype.au
projects.trilogycontracting.com
projects.vcommission.com
projects.virtualkafebykay.com
projects.vitaleengineering.com
projects.vitalipartners.com
projects.wishtreetech.com
proyectos.klamatech.com
proyectos.novacloud.pe
tracking.ninjasupply.com
pm.lenderdock.com
pmtpoc.hkfyg.org.hk
project.genius-web.co.jp
project.roxus.io
project.stsolutions.tech
project.volls.me
projects.commercerev.com
projects.energydoctors.co.za
projects.grategy.com
projects.hostusa.us
projects.masuenconsulting.com
projects.missyrenosmith.com
projects.pqmsolutions.com.mx
projects.rent-guard.ca
projects.roanmedia.org
projects.samsoft.co
projects.socaltitle24.com
projects.teameverest.ngo
projects.tharwah.net
projects.tintype.au
projects.trilogycontracting.com
projects.vcommission.com
projects.virtualkafebykay.com
projects.vitaleengineering.com
projects.vitalipartners.com
projects.wishtreetech.com
proyectos.klamatech.com
proyectos.novacloud.pe
tracking.ninjasupply.com
Other certificates including the domain name roanmedia.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for projects.roanmedia.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHFjCCBf6gAwIBAgISAxh92KbFD38Mr3G26hEa2pVqMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDgxNzQ2MjhaFw0yNDA3MDcxNzQ2MjdaMCExHzAdBgNVBAMT FnByb2plY3RzLnJvYW5tZWRpYS5vcmcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC AARJeV/Kk3fl6os5PETLjv5SaZMlva4RkGIsVQcUBx4HzF4IHsF8M39RvDWVl05k HRJm0a90FY//iiek81g77m7lo4IFADCCBPwwDgYDVR0PAQH/BAQDAgeAMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQL/zAQcQKg2e8qFxUbXK97a9p99jAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzCC AwcGA1UdEQSCAv4wggL6ghlnZXN0aW9uLnRwYW5hbWVyaWNhbmEuY29tghFwbS5s ZW5kZXJkb2NrLmNvbYITcG10cG9jLmhrZnlnLm9yZy5oa4IYcHJvamVjdC5nZW5p dXMtd2ViLmNvLmpwghBwcm9qZWN0LnJveHVzLmlvghhwcm9qZWN0LnN0c29sdXRp b25zLnRlY2iCEHByb2plY3Qudm9sbHMubWWCGHByb2plY3RzLmNvbW1lcmNlcmV2 LmNvbYIccHJvamVjdHMuZW5lcmd5ZG9jdG9ycy5jby56YYIUcHJvamVjdHMuZ3Jh dGVneS5jb22CE3Byb2plY3RzLmhvc3R1c2EudXOCHXByb2plY3RzLm1hc3VlbmNv bnN1bHRpbmcuY29tghtwcm9qZWN0cy5taXNzeXJlbm9zbWl0aC5jb22CHHByb2pl Y3RzLnBxbXNvbHV0aW9ucy5jb20ubXiCFnByb2plY3RzLnJlbnQtZ3VhcmQuY2GC FnByb2plY3RzLnJvYW5tZWRpYS5vcmeCE3Byb2plY3RzLnNhbXNvZnQuY2+CGXBy b2plY3RzLnNvY2FsdGl0bGUyNC5jb22CGHByb2plY3RzLnRlYW1ldmVyZXN0Lm5n b4IUcHJvamVjdHMudGhhcndhaC5uZXSCE3Byb2plY3RzLnRpbnR5cGUuYXWCH3By b2plY3RzLnRyaWxvZ3ljb250cmFjdGluZy5jb22CGHByb2plY3RzLnZjb21taXNz aW9uLmNvbYIdcHJvamVjdHMudmlydHVhbGthZmVieWtheS5jb22CHnByb2plY3Rz LnZpdGFsZWVuZ2luZWVyaW5nLmNvbYIbcHJvamVjdHMudml0YWxpcGFydG5lcnMu Y29tghlwcm9qZWN0cy53aXNodHJlZXRlY2guY29tghdwcm95ZWN0b3Mua2xhbWF0 ZWNoLmNvbYIWcHJveWVjdG9zLm5vdmFjbG91ZC5wZYIYdHJhY2tpbmcubmluamFz dXBwbHkuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGOvwh+ FgAABAMARzBFAiEA+AyFKr07BDEmBt9CaDbjqX62uS0aq+sulPSqMAfoTiwCICLW 2bzU9qN+uxaS2VEX/RyQhEXz4mRcR1UIIx+DoupRAHYAdv+IPwq2+5VRwmHM9Ye6 NLSkzbsp3GhCCp/mZ0xaOnQAAAGOvwh+ZgAABAMARzBFAiEAvuE8uyhS5UiPkGek oOcGajbqAQVipRLWbIyBxrl4OggCID51yQ/lBgfMupS5hmFlnkRIMPafePHJO/VO mdj1/ebVMA0GCSqGSIb3DQEBCwUAA4IBAQAqOkEkAY0dyVThaTo0KDmi9yXXa3L0 xJoqAufXDTspDGvicuDwRel90AzfcfpenFZMWo293xROQ7mEWDZ+MVTAKtxPn+5X bH42HL4tPp6FHeh2IGsLnb6uY2lrZZO3YdoQuNg2MVsbqW/P8By7Hv9/PCe4VnNE fCyUfzUGo0/34e65x4YjdiKs5BVYPRSpvUGl0vrU1p8V/vUSH/mswEKqJtEId8pB lgXLFRZMFePz2YvjjNj8mcrECWai2DpFm6vu4RX4vEXiiNlh+qmZX6v3MNfokmCL 47K4aABnQwhtY/MWM7THqvMGHeksvgFN3fnPNJnSo3y9hInkzusK16iD -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESXlfypN35eqLOTxEy47+UmmTJb2u EZBiLFUHFAceB8xeCB7BfDN/Ubw1lZdOZB0SZtGvdBWP/4onpPNYO+5u5Q== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 269670913019470559159991975672076656350570 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-08 17:46:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-07 17:46:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'projects.roanmedia.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 000449795fca9377e5ea8b393c44cb8efe52699325bdae1190622c550714071e07cc5e081ec17c337f51bc3595974e641d1266d1af74158fff8a27a4f3583bee6ee5 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0bff30107102a0d9ef2a17151b5caf7b6bda7df6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (766 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gestion.tpanamericana.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pm.lenderdock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pmtpoc.hkfyg.org.hk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'project.genius-web.co.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'project.roxus.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'project.stsolutions.tech' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'project.volls.me' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.commercerev.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.energydoctors.co.za' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.grategy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.hostusa.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.masuenconsulting.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.missyrenosmith.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.pqmsolutions.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.rent-guard.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.roanmedia.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.samsoft.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.socaltitle24.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.teameverest.ngo' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.tharwah.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.tintype.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.trilogycontracting.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.vcommission.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.virtualkafebykay.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.vitaleengineering.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.vitalipartners.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'projects.wishtreetech.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proyectos.klamatech.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proyectos.novacloud.pe' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tracking.ninjasupply.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ebf087e160000040300473045022100f80c852abd3b04312606df426836e3a97eb6b92d1aabeb2e94f4aa3007e84e2c022022d6d9bcd4f6a37ebb1692d95117fd1c908445f3e2645c475508231f83a2ea5100760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ebf087e660000040300473045022100bee13cbb2852e5488f9067a4a0e7066a36ea010562a512d66c8c81c6b9783a0802203e75c90fe50607ccba94b98661659e444830f69f78f1c93bf54e99d8f5fde6d5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002a3a4124018d1dc954e1693a342839a2f725d76b72f4c49a2a02e7d70d3b290c6be272e0f045e97dd00cdf71fa5e9c564c5a8dbddf144e43b98458367e3154c02adc4f9fee576c7e361cbe2d3e9e851de876206b0b9dbeae63696b6593b761da10b8d836315b1ba96fcff01cbb1eff7f3c27b85673447c2c947f3506a34ff7e1eeb9c786237622ace415583d14a9bd41a5d2fad4d69f15fef5121ff9acc042aa26d10877ca419605cb15164c15e3f3d98be38cd8fc99cac40966a2d83a459babeee115f8bc45e288d961faa9995fabf730d7e892608be3b2b868006743086d63f31633b4c7aaf3061de92cbe014dddf9cf3499d2a37cbd8489e4ceeb0ad7a883