*.tma149.ca
Issued by AlphaSSL CA - SHA256 - G2
About this certificate
This digital certificate with serial number 3c:ec:67:35:2a:a9:ef:ba:fa:cd:0a:20 was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.tma149.ca,OU=Domain Control Validated
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 3c:ec:67:35:2a:a9:ef:ba:fa:cd:0a:20Serial Number (int): 18854894467209179895788538400
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: d1:db:74:28:c6:13:1d:1a:19:b0:fb:8c:75:f4:3c:ee:8d:9d:b8:cc
AuthorityKeyId: f5:cd:d5:3c:08:50:f9:6a:4f:3a:b7:97:da:56:83:e6:69:d2:68:f7
Fingerprint (sha1): de:33:ac:30:6a:68:5d:e4:4d:c5:30:57:36:d5:7b:15:94:a0:48:b0
Fingerprint (sha256): ce:9b:5d:36:b7:d5:7b:0a:d5:49:59:3f:9a:27:14:1d:fd:2e:6a:b6:47:f3:59:29:a5:a9:09:29:90:ff:bf:5f
Issuing Certificate URL: http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsalphasha2g2CRL Distribution Point: http://crl2.alphassl.com/gs/gsalphasha2g2.crl
Check the revocation status for certificate *.tma149.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.tma149.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.tma149.ca
tma149.ca
tma149.ca
Other certificates including the domain name tma149.ca
(limited to 100 certificates)
www.tma149.ca
*.tma149.ca
tma149.ca
tma149.ca
torontomusicians.org
www.tma149.ca
*.tma149.ca
tma149.ca
www.tma149.ca
tma149.ca
*.tma149.ca
tma149.ca
*.tma149.ca
tma149.ca
tma149.ca
tma149.ca
mymusic150.tma149.ca
tma149.ca
mymusic150.tma149.ca
www.tma149.ca
www.tma149.ca
*.tma149.ca
mymusic150.tma149.ca
*.tma149.ca
mymusic150.tma149.ca
tma149.ca
www.tma149.ca
tma149.ca
tma149.ca
tma149.ca
*.tma149.ca
sni.cloudflaressl.com
tma149.ca
*.tma149.ca
tma149.ca
*.tma149.ca
mymusic150.tma149.ca
www.tma149.ca
www.tma149.ca
www.tma149.ca
tma149.ca
*.tma149.ca
tma149.ca
tma149.ca
torontomusicians.org
www.tma149.ca
*.tma149.ca
tma149.ca
www.tma149.ca
tma149.ca
*.tma149.ca
tma149.ca
*.tma149.ca
tma149.ca
tma149.ca
tma149.ca
mymusic150.tma149.ca
tma149.ca
mymusic150.tma149.ca
www.tma149.ca
www.tma149.ca
*.tma149.ca
mymusic150.tma149.ca
*.tma149.ca
mymusic150.tma149.ca
tma149.ca
www.tma149.ca
tma149.ca
tma149.ca
tma149.ca
*.tma149.ca
sni.cloudflaressl.com
tma149.ca
*.tma149.ca
tma149.ca
*.tma149.ca
mymusic150.tma149.ca
www.tma149.ca
www.tma149.ca
www.tma149.ca
tma149.ca
Certificate
The complete raw certificate details for *.tma149.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHRzCCBi+gAwIBAgIMPOxnNSqp77r6zQogMA0GCSqGSIb3DQEBCwUAMEwxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE3MDMyMDA1MDM1MVoXDTE4MDMy MTIxMTQxOVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQw EgYDVQQDDAsqLnRtYTE0OS5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANA0QriCFzYNIQJENzveE8SLbmM4qKExeQJdtsTqlbM62Fv5fSLEmSvvb0ZU BQv10awwUB3IoDCBwIlXDDR3edQ/DynJtvW+N2fH4g/HfOBQoruNyXifPWXi55F2 ycoI4WTqehEyejzJaXBpu55BPgSGUhbZ6G2flqqSl5zuBU5yERIholNdkxWJt836 meCv5Gtgw+1ob9N+PmVX8Hve6eFNgMU151+mKE8YhlO1/ngt6PawLQn29drW12FH bL2Aa9SLB6qOmRxwEU7hNu6NUEac81VAffaVemtiNU6UO4ejaWFrP1snAryyy8NF ScpfmViuD8s5JQoHrM4Qz9LbY3cCAwEAAaOCBDowggQ2MA4GA1UdDwEB/wQEAwIF oDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJlMi5h bHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUH MAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcyMFcG A1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3 dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIw ADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20vZ3Mv Z3NhbHBoYXNoYTJnMi5jcmwwIQYDVR0RBBowGIILKi50bWExNDkuY2GCCXRtYTE0 OS5jYTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNHb dCjGEx0aGbD7jHX0PO6NnbjMMB8GA1UdIwQYMBaAFPXN1TwIUPlqTzq3l9pWg+Zp 0mj3MIICcAYKKwYBBAHWeQIEAgSCAmAEggJcAloAdgDd6x0reg1PpiCLga2BaHB+ Lo6dAdVciI09EcTNtuy+zAAAAVrqGaFaAAAEAwBHMEUCIDq3Q3hd8IVnh8f0iQNh rD2jSkKwbfJF6d48ii1DuBWKAiEA+QSkeS1dGtMISHBvdOO7q3TKZegIcMa8GupH KO9DJ2YAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVrqGaFo AAAEAwBHMEUCIFRMROecrwBf8F7vUCjKkUVdAIKIOIyUWNYf+yfjifqCAiEAkt4M lhMhxKIMAAC5Ns1pcgv7fymNYghwQrN9W5SR4wYAdwC72d+8H4pxtZOUI5eqkntH OFeVCqtS6BqQlmQ2jh7RhQAAAVrqGaTaAAAEAwBIMEYCIQCiP/EN06kv6pznHl9n s0LQOBemALnVj26rexmwczEFEwIhALOBXA2qZ73XSlg0poihIgcZqMA7qXKzS6Ew O1Cxw9LHAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFa6hmk FAAABAMARzBFAiEAzUoJZBP9O7ssN1J7Co5LoRFgvk/m8gHhRvWTROlmMlICIEQ0 VwOuR4O7LCP06lYRBvGTMtCRlGmk2TW6wwSImlxFAHcA7ku9t3XOYLrhQmkfq+Ge ZqMPfl+wctiDAMR7iXqo/csAAAFa6hmnEgAABAMASDBGAiEA8xYLqytEIUAU2oC9 yGSss8jlyxVcXL3SxYn/pR1IMOECIQDnyQ0Px0dYIEUpQrdocsjN+Uqb+kxPNFyX 7CE1aUp41DANBgkqhkiG9w0BAQsFAAOCAQEAyvbX7z/0iP1dlisQTu6CjPXA1Xu8 KtxYpRWs25jnvtWqwL/6XkSyXEYTspU9dvIooNoHRnH31jxUkyBbBKKV9Qe873Xg TP+H5uGB8uMfqFNUWPqO+1yi0RTazMvubWkt6csEqATDj68X2KWWLwYe0Ggof13Y 2f/O+ZH0zBgZmkqYjnUzt5IBVYVH3VWTKywuufq1opgtsAr7r4FIiBKR0peXiIcY ndHoMJcVbKwT2IJXr1YYqjIqaCa34H0XkZTaFn15U7hFrT+1E9Aq9++vLYynn/Mt nesGKRA2XRT+8WRAI/9f3uyFl+h3BWVz+csJdMmkzs497k2sPUekWW1eNg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DRCuIIXNg0hAkQ3O94T xItuYziooTF5Al22xOqVszrYW/l9IsSZK+9vRlQFC/XRrDBQHcigMIHAiVcMNHd5 1D8PKcm29b43Z8fiD8d84FCiu43JeJ89ZeLnkXbJygjhZOp6ETJ6PMlpcGm7nkE+ BIZSFtnobZ+WqpKXnO4FTnIREiGiU12TFYm3zfqZ4K/ka2DD7Whv034+ZVfwe97p 4U2AxTXnX6YoTxiGU7X+eC3o9rAtCfb12tbXYUdsvYBr1IsHqo6ZHHARTuE27o1Q RpzzVUB99pV6a2I1TpQ7h6NpYWs/WycCvLLLw0VJyl+ZWK4PyzklCgeszhDP0ttj dwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18854894467209179895788538400 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AlphaSSL CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-20 05:03:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-21 21:14:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.tma149.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26283338109029731288307520959592282067764439853534235582023726149658351216161471909068318212668544641189851777224138047942437448538030852470349104733957083099784940649858678167404256379473880280851798854622797459577203113840284567931651646280914389804603096714795578859443124305764144185886360832875274849884565523535499090268315331571801498158392183450044372076753966106311930616470725369448887857347910204782978019330459416827223571438686101064316563759704847682283542689800103680046826058895102688470857522017791498141555748747019415329604529300475000258713069265535779788937820416206474233056586597770100941218679 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (125 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsalphasha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10.10 (Domain Validation Certificates Policy - AlphaSSL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.alphassl.com/gs/gsalphasha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tma149.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tma149.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d1db7428c6131d1a19b0fb8c75f43cee8d9db8cc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f5cdd53c0850f96a4f3ab797da5683e669d268f7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (608 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (604 bytes) 025a007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015aea19a15a000004030047304502203ab743785df0856787c7f4890361ac3da34a42b06df245e9de3c8a2d43b8158a022100f904a4792d5d1ad30848706f74e3bbab74ca65e80870c6bc1aea4728ef4327660076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015aea19a16800000403004730450220544c44e79caf005ff05eef5028ca91455d008288388c9458d61ffb27e389fa8202210092de0c961321c4a20c0000b936cd69720bfb7f298d62087042b37d5b9491e306007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015aea19a4da0000040300483046022100a23ff10dd3a92fea9ce71e5f67b342d03817a600b9d58f6eab7b19b073310513022100b3815c0daa67bdd74a5834a688a1220719a8c03ba972b34ba1303b50b1c3d2c7007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015aea19a4140000040300473045022100cd4a096413fd3bbb2c37527b0a8e4ba11160be4fe6f201e146f59344e9663252022044345703ae4783bb2c23f4ea561106f19332d0919469a4d935bac304889a5c45007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015aea19a7120000040300483046022100f3160bab2b44214014da80bdc864acb3c8e5cb155c5cbdd2c589ffa51d4830e1022100e7c90d0fc7475820452942b76872c8cdf94a9bfa4c4f345c97ec2135694a78d4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00caf6d7ef3ff488fd5d962b104eee828cf5c0d57bbc2adc58a515acdb98e7bed5aac0bffa5e44b25c4613b2953d76f228a0da074671f7d63c5493205b04a295f507bcef75e04cff87e6e181f2e31fa8535458fa8efb5ca2d114dacccbee6d692de9cb04a804c38faf17d8a5962f061ed068287f5dd8d9ffcef991f4cc18199a4a988e7533b79201558547dd55932b2c2eb9fab5a2982db00afbaf8148881291d297978887189dd1e83097156cac13d88257af5618aa322a6826b7e07d179194da167d7953b845ad3fb513d02af7efaf2d8ca79ff32d9deb062910365d14fef1644023ff5fdeec8597e877056573f9cb0974c9a4cece3dee4dac3d47a4596d5e36