gelato.io
Issued by R3
About this certificate
This digital certificate with serial number 03:a3:40:ef:a1:0e:8e:af:01:df:5a:a9:8a:89:5e:b2:68:9d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=gelato.io
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a3:40:ef:a1:0e:8e:af:01:df:5a:a9:8a:89:5e:b2:68:9dSerial Number (int): 316889198420694432829445047817502352107677
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c9:c3:e3:4d:b1:7d:7a:20:4b:be:1f:26:86:de:74:86:f1:96:ef:d6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): dd:aa:24:88:c2:e3:84:c9:da:77:1b:2b:9e:46:3f:42:68:9a:4d:69
Fingerprint (sha256): c9:38:46:d9:48:41:a7:73:2c:b3:75:8b:c4:f8:77:be:e0:ab:79:7a:f3:2a:a6:41:11:0a:c0:84:84:59:d5:3f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate gelato.io
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gelato.io
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gelato.io
www.gelato.io
www.gelato.io
Other certificates including the domain name gelato.io
(limited to 100 certificates)
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
*.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
custom.gelato.io
Certificate
The complete raw certificate details for gelato.io in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7DCCBNSgAwIBAgISA6NA76EOjq8B31qpiolesmidMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA3MjQwOTM2NTBaFw0yMzEwMjIwOTM2NDlaMBQxEjAQBgNVBAMT CWdlbGF0by5pbzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJyXcrZt l4a7iFwtCKaPJaiuurIC8CPRlFZurvEz01xI6g1pShT0TYLkbhqhef39N78GorCV lfIwTdTZsarhzZo4cjxSVTcrb4rVTEZaajw29HZviAlx70bTjgfbMEBPDlsok1aT 3IJduFi4M/8zjAJ6GWZ6e9dsCXyWJEwRFxdXUclRAPL8aSauwvnAoU4XFEkbs1ER lAzSBfQh8Zb7MVHQryjxCNPZHmyU3uRGoITM3N6iDYw68JBosuS+iyXTvZCCLWpK 4OjjJT7mTMA1FKsmA00GgU+wlnpUytLsAIN/kpnv3yWAB5iqRZd2lhpVKh5gVx8p vZonY9nDpqxibwk3C+g7Dg3FLXUGLIM8J8tWCzRqbPzyFBlgZUes/+0EBorENaZ0 PwcwkP1YV2Lp9wYPLcWKzR0ci+4UtqzOzbQ+q2WLW16BpoidTY8rTQZiRodnnQ7z t51s0BEU+VSuYpm8UaITNWcm1yAdRQx2tJ4wMd0iaqcOctoWIc9d2Yzb8alCycZG L+Q0zqLwZrZofqjRtGDvneV8HIBVzfAoQTBv1ZlZKXnlj+ozR+9AMCVDBjUDzQdz CtelNffzAxwwQMvsGFjgXaGRpIyZx5nIVF6/ybV/NSc8cAi2j//0jEHv0ApdB0uZ tOehP/Eqk/mBHYY8QgkltCO5gyhcOcky178hAgMBAAGjggIYMIICFDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFMnD402xfXogS74fJobedIbxlu/WMB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMCMGA1UdEQQcMBqCCWdlbGF0by5pb4INd3d3LmdlbGF0by5p bzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1 AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiYd5Iv4AAAQDAEYw RAIga5JckXUdR/FYS4ljuVdfqfbax0sp442VZMrYImPaQx8CIEdPXEhrA/Sq9ERE gRS2ZLtjuygyj9wS7fPGAaWQKqTzAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zr aeF3fW0GvW4AAAGJh3ki6AAABAMARjBEAiBU/u9bEZJN/08Z6em3l5tKXCMBO2GD kaITWh92Uk+yJwIgBbyp+1j7+eK5qj6xxhAOkRCij2hmOng65EhIWXqLQWMwDQYJ KoZIhvcNAQELBQADggEBALrEqmG03q2UVQ6HvtqiKENjmaqDAoSEbLVNOE7Lw2Ex BoLELJEqrSbwkb+2Azk33rz89As+sIJvdd/vKu6J6EIxXU1zqQljeRtzzcMKFTDp +HVokyvx4WbYI08LKNQZ0/PMPrsjJZnBNkRRiEZCIoWd1GNqTtL4LWbW0sbHmex3 IgFlYpXp9LweM0cvFp9IS4/rIYw6YRi11RrnGh1pIGgQ7K6Ga7RqyYkiH2w8NcUs kuGGRaeSTxfLDnFINU2TUcHv2GQGYYkDRKG/hG9gKputnpoBv66Rf5doEjUtLoJc zZXCtIFnkQJsc7NpGCwDKctUGrwmAkrYFwGxQ2wXrWo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnJdytm2XhruIXC0Ipo8l qK66sgLwI9GUVm6u8TPTXEjqDWlKFPRNguRuGqF5/f03vwaisJWV8jBN1NmxquHN mjhyPFJVNytvitVMRlpqPDb0dm+ICXHvRtOOB9swQE8OWyiTVpPcgl24WLgz/zOM AnoZZnp712wJfJYkTBEXF1dRyVEA8vxpJq7C+cChThcUSRuzURGUDNIF9CHxlvsx UdCvKPEI09kebJTe5EaghMzc3qINjDrwkGiy5L6LJdO9kIItakrg6OMlPuZMwDUU qyYDTQaBT7CWelTK0uwAg3+Sme/fJYAHmKpFl3aWGlUqHmBXHym9midj2cOmrGJv CTcL6DsODcUtdQYsgzwny1YLNGps/PIUGWBlR6z/7QQGisQ1pnQ/BzCQ/VhXYun3 Bg8txYrNHRyL7hS2rM7NtD6rZYtbXoGmiJ1NjytNBmJGh2edDvO3nWzQERT5VK5i mbxRohM1ZybXIB1FDHa0njAx3SJqpw5y2hYhz13ZjNvxqULJxkYv5DTOovBmtmh+ qNG0YO+d5XwcgFXN8ChBMG/VmVkpeeWP6jNH70AwJUMGNQPNB3MK16U19/MDHDBA y+wYWOBdoZGkjJnHmchUXr/JtX81JzxwCLaP//SMQe/QCl0HS5m056E/8SqT+YEd hjxCCSW0I7mDKFw5yTLXvyECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316889198420694432829445047817502352107677 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-24 09:36:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-22 09:36:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gelato.io' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 638837968075971925738365420631688354539275727534208597126118606110473665201929245964671841986451068027453062718526363861591568464128945513952137235530917938052054044462577434488001453803730626168379427102615105011833721179470982159614314649002837746627454972289024794449854790484415144021656761475152953440368122219088753186267753716395084820902736209748962640200720866542744050173037109742002675587321754437353950310512021023509322158604242133410432926792503522316866219364367141862287968480991850114090726371959500085419034453013050337140131993899639498168012573645586208677395480902880243885260888376561436226290200911700090522954898037656387903681341343657546450359176941338802794062891239976939996613697977110656618054631750209820135634659219029197198405925974647014750457679036953906384176353303154725907007369261693936536586422333315765397363781064244888648158811419385575410463328760899651618203467889744897614248543087445268688083664033001485352974097896209076676840934830707939445185746218310220752066575477343362999206743549300739765674731862861905151560588507098405829900580240853874922532204845833541527217077961700948337184640877948321622198729136024712374470665971303329586181170570995323488393353267003919340091719457 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c9c3e34db17d7a204bbe1f2686de7486f196efd6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gelato.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gelato.io' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000189877922fe000004030046304402206b925c91751d47f1584b8963b9575fa9f6dac74b29e38d9564cad82263da431f0220474f5c486b03f4aaf444448114b664bb63bb28328fdc12edf3c601a5902aa4f3007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000189877922e80000040300463044022054feef5b11924dff4f19e9e9b7979b4a5c23013b618391a2135a1f76524fb227022005bca9fb58fbf9e2b9aa3eb1c6100e9110a28f68663a783ae44848597a8b4163 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bac4aa61b4dead94550e87bedaa228436399aa830284846cb54d384ecbc361310682c42c912aad26f091bfb6033937debcfcf40b3eb0826f75dfef2aee89e842315d4d73a90963791b73cdc30a1530e9f87568932bf1e166d8234f0b28d419d3f3cc3ebb232599c136445188464222859dd4636a4ed2f82d66d6d2c6c799ec772201656295e9f4bc1e33472f169f484b8feb218c3a6118b5d51ae71a1d69206810ecae866bb46ac989221f6c3c35c52c92e18645a7924f17cb0e7148354d9351c1efd8640661890344a1bf846f602a9bad9e9a01bfae917f976812352d2e825ccd95c2b4816791026c73b369182c0329cb541abc26024ad81701b1436c17ad6a