markusko.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:da:24:5f:a0:a5:3b:7b:c1:74:45:fb:31:32:f0:a7:5a:ce was issued on by Let's Encrypt.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=markusko.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:da:24:5f:a0:a5:3b:7b:c1:74:45:fb:31:32:f0:a7:5a:ceSerial Number (int): 335566762518371735381074362056677494577870
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: de:64:83:7a:c6:91:3b:fb:8e:81:41:43:60:0f:b5:8c:b2:c1:f5:73
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f6:25:41:e2:ab:ce:d1:fd:6d:38:bb:e5:7c:69:b4:67:4b:c0:64:2d
Fingerprint (sha256): ce:20:4c:5a:3b:a7:a4:46:10:33:cb:66:e2:2f:fb:01:92:cb:54:64:06:97:46:ed:79:8f:c2:d2:71:ab:89:e3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate markusko.ch
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for markusko.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gallry.markusko.ch
koch.has.enough.coffee
markusko.ch
pastr.markusko.ch
pi.markusko.ch
queue.markusko.ch
sesame.markusko.ch
stalkme.markusko.ch
www.markusko.ch
koch.has.enough.coffee
markusko.ch
pastr.markusko.ch
pi.markusko.ch
queue.markusko.ch
sesame.markusko.ch
stalkme.markusko.ch
www.markusko.ch
Other certificates including the domain name markusko.ch
(limited to 100 certificates)
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
stats.moin-alex.de
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
stats.moin-alex.de
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
markusko.ch
markusko.ch
markusko.ch
markusko.ch
docker.markusko.ch
Certificate
The complete raw certificate details for markusko.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG7TCCBdWgAwIBAgISA9okX6ClO3vBdEX7MTLwp1rOMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMTExMzUyMDRaFw0x OTA2MDkxMzUyMDRaMBYxFDASBgNVBAMTC21hcmt1c2tvLmNoMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAxEmL7qRDf/e6FCjSOI0Cdr+14JlQROO8ntc8 9i9hpvsorEPChytDktvL/IArEsbNSsN3nD8i3jzkjz5qlM9/jdqu13MBh3kI7us4 LFzIK2614Q47OENhs4WnGnl9Kv5IGcEsr4p3REVWZYAm9eprbA4aUggFWELeVicK Lf5EP8weflrvOj+3WfiMYB+syqg7wvbnLGJfmAYaVW8E9GqYdUAeX9n3LePMunZm OP3f7bhOZLTfZFtsRObppjJSzeiO2vQRirPaq6OeuCKvbVw8bLAmIGYtQj31mCoJ aslxcElNXg2BqHy7EIovEXUjp2k1rqmrAEO24pwUUYR5sJA9eb9oWgd/sAZxtAFd Sc/VlKtKrGjaixWu6ZN/hGzg2sUnGbSGS9W7kyYD/GC1tDpxVFFY+pEoqfBa6Ttr pk2PU3KTXmq/YrrUaJDckkQR5pBEZu7OebgZ8MUu5OYPrWQEjQLQYtGHTQEHGdMd 0CxXe8QesImZO3U6am76oJ5M+bm7OflEs4QODoYIDkMQIM20pQ9pvJfRRqOu1m9+ MO4l8EivOvAqFCoo59RFoJAMhHzyfTxWZLj4m6T/V4dujnQenm7ylRxeJS+18c4a QHjEs46hZJEHV684IkZq9oUQ9Nu9EibeiKQZvfq453T+VdUScEQRhIF1BaUyXHU2 s/dgVOECAwEAAaOCAv8wggL7MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU3mSDesaR O/uOgUFDYA+1jLLB9XMwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzCBtAYDVR0RBIGsMIGpghJnYWxscnkubWFya3Vza28u Y2iCFmtvY2guaGFzLmVub3VnaC5jb2ZmZWWCC21hcmt1c2tvLmNoghFwYXN0ci5t YXJrdXNrby5jaIIOcGkubWFya3Vza28uY2iCEXF1ZXVlLm1hcmt1c2tvLmNoghJz ZXNhbWUubWFya3Vza28uY2iCE3N0YWxrbWUubWFya3Vza28uY2iCD3d3dy5tYXJr dXNrby5jaDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYG CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB 1nkCBAIEgfUEgfIA8AB3AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+ AAABaW09QVAAAAQDAEgwRgIhALgqD2iogflAjHcF3L6kh6L5No1Km91X5CXru68s rD4eAiEAgo6fOu6SaxRpu3Ixd6BJSM8C+oY9+FM6ohlvXClEggMAdQBj8tvN6DvM LM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWltPUOPAAAEAwBGMEQCIBBQjY8Z QquCWikeSObNqdmvIC0W75hATYFr+MDtbhTsAiAY/+PTZ0dnWpItpf0dhP7qKuYW 0i7FXwAlnW029wbuSjANBgkqhkiG9w0BAQsFAAOCAQEAVRz1XKVXT4aO/8e1h6hW JgrGLMNEgIPKhLR8Csry4LmKgGdn81fconwyIlWHJYYab/G6jXShwaYZR1fuIzI1 iF/AUalc5caf6wSN5aF+hzp5UqBZA+o0eAt+8qEEG4SfR1xoto9Bc1kt6+vVKYGg zYo/Hqdlwbv4VIYUz6IxrHH1ZrUhQ3A3fNKYbpVZqjH2LfUgY/EN3X5kIOHz4jf3 whMGOQqU+ZAf72ACHp8mqwNyE6MB8KKFxGFndCrfAanXS+F4yOhWwfgJqORJi1eo GU/8pkA7/N/kxv/Z3wIVJVpP2HgYoMdug3uw9g2+8YM6ZuizxICkf/D/nCHz2kgx TQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxEmL7qRDf/e6FCjSOI0C dr+14JlQROO8ntc89i9hpvsorEPChytDktvL/IArEsbNSsN3nD8i3jzkjz5qlM9/ jdqu13MBh3kI7us4LFzIK2614Q47OENhs4WnGnl9Kv5IGcEsr4p3REVWZYAm9epr bA4aUggFWELeVicKLf5EP8weflrvOj+3WfiMYB+syqg7wvbnLGJfmAYaVW8E9GqY dUAeX9n3LePMunZmOP3f7bhOZLTfZFtsRObppjJSzeiO2vQRirPaq6OeuCKvbVw8 bLAmIGYtQj31mCoJaslxcElNXg2BqHy7EIovEXUjp2k1rqmrAEO24pwUUYR5sJA9 eb9oWgd/sAZxtAFdSc/VlKtKrGjaixWu6ZN/hGzg2sUnGbSGS9W7kyYD/GC1tDpx VFFY+pEoqfBa6Ttrpk2PU3KTXmq/YrrUaJDckkQR5pBEZu7OebgZ8MUu5OYPrWQE jQLQYtGHTQEHGdMd0CxXe8QesImZO3U6am76oJ5M+bm7OflEs4QODoYIDkMQIM20 pQ9pvJfRRqOu1m9+MO4l8EivOvAqFCoo59RFoJAMhHzyfTxWZLj4m6T/V4dujnQe nm7ylRxeJS+18c4aQHjEs46hZJEHV684IkZq9oUQ9Nu9EibeiKQZvfq453T+VdUS cEQRhIF1BaUyXHU2s/dgVOECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 335566762518371735381074362056677494577870 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-11 13:52:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-09 13:52:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'markusko.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 800782284174721275160064856624794816559273426386710089192104572124299588744296532236826808873837156726066027083947492165109283100070795738576929333401881081292789933067235790617878437712851020027137899722161339142886159352598890153423781406288755395638281575720947608763174700526004192290494978383408474210504058197680840862674283234835429955143728195356804974467338367139050191315998641212577169829469238751031877301294461555472960771297132727314467814172980654087111179084958741397174427573367261524995925637423182547038767077946102520545799259851134847602576108315607280925165465178488276655531132874663862763924281725809147119905120843827458012246857123069484274493498840253330054354470538103284208655876965092110598157316935524613063223437411879524256625235178135804855968205906021777119806965053236022213397418645538828489867436324223813174245406522166653166545110279842399235556569782823729470814939099516484768493897383724272906967841930173843504340555615971975280295729519036285946942466463549296475700859307361476667092439049011537455386654843266633501501426670002266709193585508795183279287460726277812381319526161952043682128181479792130388280306592449458065711497344075317948666861642303576796396262766757564777855210721 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) de64837ac6913bfb8e814143600fb58cb2c1f573 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (172 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gallry.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'koch.has.enough.coffee' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pastr.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pi.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queue.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sesame.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stalkme.markusko.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.markusko.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001696d3d41500000040300483046022100b82a0f68a881f9408c7705dcbea487a2f9368d4a9bdd57e425ebbbaf2cac3e1e022100828e9f3aee926b1469bb723177a04948cf02fa863df8533aa2196f5c2944820300750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001696d3d438f0000040300463044022010508d8f1942ab825a291e48e6cda9d9af202d16ef98404d816bf8c0ed6e14ec022018ffe3d36747675a922da5fd1d84feea2ae616d22ec55f00259d6d36f706ee4a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00551cf55ca5574f868effc7b587a856260ac62cc3448083ca84b47c0acaf2e0b98a806767f357dca27c3222558725861a6ff1ba8d74a1c1a6194757ee233235885fc051a95ce5c69feb048de5a17e873a7952a05903ea34780b7ef2a1041b849f475c68b68f4173592debebd52981a0cd8a3f1ea765c1bbf8548614cfa231ac71f566b5214370377cd2986e9559aa31f62df52063f10ddd7e6420e1f3e237f7c21306390a94f9901fef60021e9f26ab037213a301f0a285c46167742adf01a9d74be178c8e856c1f809a8e4498b57a8194ffca6403bfcdfe4c6ffd9df0215255a4fd87818a0c76e837bb0f60dbef1833a66e8b3c480a47ff0ff9c21f3da48314d