aovpn.cma.gov.uk
Issued by GeoTrust TLS RSA CA G1
About this certificate
This digital certificate with serial number 0c:8a:35:3d:90:e1:fb:14:83:53:81:60:f3:b6:75:83 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=aovpn.cma.gov.uk
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:8a:35:3d:90:e1:fb:14:83:53:81:60:f3:b6:75:83Serial Number (int): 16668352761362739012312068338553877891
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ba:a3:1e:8d:b0:5a:0e:30:69:16:2d:9b:3b:1b:b3:f6:8d:f3:26:e2
AuthorityKeyId: 94:4f:d4:5d:8b:e4:a4:e2:a6:80:fe:fd:d8:f9:00:ef:a3:be:02:57
Fingerprint (sha1): 9c:c4:4e:2f:a5:7e:84:5c:d4:53:97:97:c1:24:0b:2e:23:e2:5d:f6
Fingerprint (sha256): ca:97:c5:47:8d:9b:d4:62:55:31:68:c9:4c:30:54:c6:11:c8:82:71:55:81:93:2a:d8:45:b4:96:c3:17:24:ea
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl
Check the revocation status for certificate aovpn.cma.gov.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aovpn.cma.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aovpn.cma.gov.uk
Other certificates including the domain name cma.gov.uk
(limited to 100 certificates)
access01.cma.gov.uk
*.cma.gov.uk
sts.cma.gov.uk
lyweb01.cma.gov.uk
aovpn.cma.gov.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sftp-dfis.cma.gov.uk
mail.cma.gov.uk
access01.cma.gov.uk
access02.cma.gov.uk
access02.cma.gov.uk
mail.cma.gov.uk
sts.cma.gov.uk
*.cma.gov.uk
aovpn.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
mail.cma.gov.uk
aovpn.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
data.cma.gov.uk
lyweb01.cma.gov.uk
lyweb01.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
lyweb01.cma.gov.uk
aovpn.cma.gov.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sftp-dfis.cma.gov.uk
mail.cma.gov.uk
access01.cma.gov.uk
access02.cma.gov.uk
access02.cma.gov.uk
mail.cma.gov.uk
sts.cma.gov.uk
*.cma.gov.uk
aovpn.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
mail.cma.gov.uk
aovpn.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
data.cma.gov.uk
lyweb01.cma.gov.uk
lyweb01.cma.gov.uk
vpn.cmaonline.org.uk
Certificate
The complete raw certificate details for aovpn.cma.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHTCCBQWgAwIBAgIQDIo1PZDh+xSDU4Fg87Z1gzANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx MB4XDTIzMDYzMDAwMDAwMFoXDTI0MDUwNjIzNTk1OVowGzEZMBcGA1UEAxMQYW92 cG4uY21hLmdvdi51azCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMc DpmIL7s4whYNotC2CLVfxsiqI/f12qcUjECaskcba4bnDH03Sk5422apYGxCzWPX sfvs72lG82z2ZJsglK1k1E69QoX2GBWPNa/BX0JQ9IUT63kBcwNWRtdKKi8pZ/FL z3aHBYjQJaOXi4PfZanFsXXZQk8tJMVUHNJYEHOevIpTBp4Rs8Tb3V3gzhesAzQy ARRFbtAwu1AABoNLIjrcHu89C/1w/PWnIt5nTLN7tvNMQ+U3iwT9eRofu3FJbgGE dzqYem7n1azDIN4IHmUDlCZif29Px5eJJE3aZE3Tzlk6RfRwLT5P+/arnOgHipAB JJ5deOoch5D/XuTHtl8CAwEAAaOCAxYwggMSMB8GA1UdIwQYMBaAFJRP1F2L5KTi poD+/dj5AO+jvgJXMB0GA1UdDgQWBBS6ox6NsFoOMGkWLZs7G7P2jfMm4jAbBgNV HREEFDASghBhb3Zwbi5jbWEuZ292LnVrMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov L2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNybDA+BgNVHSAE NzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0 LmNvbS9DUFMwdgYIKwYBBQUHAQEEajBoMCYGCCsGAQUFBzABhhpodHRwOi8vc3Rh dHVzLmdlb3RydXN0LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2NhY2VydHMuZ2Vv dHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcnQwCQYDVR0TBAIwADCCAX4G CisGAQQB1nkCBAIEggFuBIIBagFoAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGJC0CmQgAABAMARzBFAiBR1/cZMz7UWaC4Oo2ue4MyGuglx7eJ Bg6f1U9P+BiC4gIhAKBKgrrAx7DeETllaiVR9aLiM8oywhkycIdlrI6YfBr1AHYA SLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGJC0CmiAAABAMARzBF AiEAwjWWYcQhj0U5nS0Zn9D1aomMmL+qeJD5MNsA7T+58ZMCIFY7nMeYMaHutMKg fYv59/zhBlfE5cqBHDm2jfyatt7IAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0 vaQ9MEjX+6sAAAGJC0CmOAAABAMARzBFAiEA/vARhMPkyOzCt+W4z6gTQy6gvE0y nKUYBP+nHKnH/0kCIFhfKcesiS33OHN4JbwLJ0UNVuKF3YIxYfzissncdwI8MA0G CSqGSIb3DQEBCwUAA4IBAQARpeu/g6n8yKhyzLLD+NVIxb1CqY6Hs0h9RSmLCTP+ igiDf+jJ9/pdyXfHPIKVVdprr5suUg6niIJm18BmG0NIV/jlwlcJyt3+hDAfDTYk SR1UJ5Ry2pP9gbR3u/kLi9KpmnZS4zeeWWeNgwfrpi7nKLv7hXa7sjelMkPECaWi oRZtsdFxYmuJqdooVuV1NNFCoVOWGnNUbW88l64m2sowtzSYsWVkED6oy5uoAySO 5D0k/nfK8L+n+tGdLqIKUwpCrf/iFsNuvVV5k0HliOOf4UqMxlj4FdAHpVtwj4GN r9iOxG0bWUXx5YDOR6xE7fPAsNJRZ/yyve7ol31xFjod -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxwOmYgvuzjCFg2i0LYI tV/GyKoj9/XapxSMQJqyRxtrhucMfTdKTnjbZqlgbELNY9ex++zvaUbzbPZkmyCU rWTUTr1ChfYYFY81r8FfQlD0hRPreQFzA1ZG10oqLyln8UvPdocFiNAlo5eLg99l qcWxddlCTy0kxVQc0lgQc568ilMGnhGzxNvdXeDOF6wDNDIBFEVu0DC7UAAGg0si Otwe7z0L/XD89aci3mdMs3u280xD5TeLBP15Gh+7cUluAYR3Oph6bufVrMMg3gge ZQOUJmJ/b0/Hl4kkTdpkTdPOWTpF9HAtPk/79quc6AeKkAEknl146hyHkP9e5Me2 XwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16668352761362739012312068338553877891 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aovpn.cma.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20590679146718935942229331713202080841689197942323835032186308982147964694477359723274281035347801566742704401998224686655134966881132561940769969975492022213780298008440129055155083877656108515074205960628911481824250642361724686221813369415053748210036606375498902741650632978297258881716500919274130730231989692096144403167489410504661512912075779433172608157756494313208348427368006348314829921249792151488899065259183513408418529040342248767616004784009755449842691952566510226788986076545112208577681381727106824224503934108330359651279164084572538017117244928750681944770027304696731194567716864516555931104863 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 944fd45d8be4a4e2a680fefdd8f900efa3be0257 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) baa31e8db05a0e3069162d9b3b1bb3f68df326e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aovpn.cma.gov.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001890b40a6420000040300473045022051d7f719333ed459a0b83a8dae7b83321ae825c7b789060e9fd54f4ff81882e2022100a04a82bac0c7b0de1139656a2551f5a2e233ca32c21932708765ac8e987c1af500760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001890b40a6880000040300473045022100c2359661c4218f45399d2d199fd0f56a898c98bfaa7890f930db00ed3fb9f1930220563b9cc79831a1eeb4c2a07d8bf9f7fce10657c4e5ca811c39b68dfc9ab6dec8007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001890b40a6380000040300473045022100fef01184c3e4c8ecc2b7e5b8cfa813432ea0bc4d329ca51804ffa71ca9c7ff490220585f29c7ac892df738737825bc0b27450d56e285dd823161fce2b2c9dc77023c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011a5ebbf83a9fcc8a872ccb2c3f8d548c5bd42a98e87b3487d45298b0933fe8a08837fe8c9f7fa5dc977c73c829555da6baf9b2e520ea7888266d7c0661b434857f8e5c25709caddfe84301f0d3624491d54279472da93fd81b477bbf90b8bd2a99a7652e3379e59678d8307eba62ee728bbfb8576bbb237a53243c409a5a2a1166db1d171626b89a9da2856e57534d142a153961a73546d6f3c97ae26daca30b73498b16564103ea8cb9ba803248ee43d24fe77caf0bfa7fad19d2ea20a530a42adffe216c36ebd55799341e588e39fe14a8cc658f815d007a55b708f818dafd88ec46d1b5945f1e580ce47ac44edf3c0b0d25167fcb2bdeee8977d71163a1d