kastali.is
Issued by GlobalSign Domain Validation CA - SHA256 - G3
About this certificate
This digital certificate with serial number 29:7b:d5:fb:71:58:da:41:6d:0e:53:48 was issued on by GlobalSign nv-sa.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kastali.is,OU=Domain Control Validated
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 29:7b:d5:fb:71:58:da:41:6d:0e:53:48Serial Number (int): 12838593780848878840506635080
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: a5:1f:1d:66:90:d5:8e:d6:eb:18:c3:b1:b4:65:8a:e2:7d:61:f6:85
AuthorityKeyId: 3d:80:82:79:c5:48:82:a3:c3:12:ee:df:99:0f:57:35:48:9e:d0:cb
Fingerprint (sha1): 10:2c:e0:f1:b7:c0:b6:a8:d6:66:7e:e6:60:e6:b8:80:88:28:6b:95
Fingerprint (sha256): cf:b0:b8:1a:2d:79:61:79:fe:2b:2f:d0:2c:1a:ea:56:ed:f4:89:22:3c:08:1b:9e:a0:bc:10:c1:d8:1f:84:f0
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g3CRL Distribution Point: http://crl.globalsign.com/gsdomainvalsha2g3.crl
Check the revocation status for certificate kastali.is
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kastali.is
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kastali.is
Other certificates including the domain name kastali.is
(limited to 100 certificates)
kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
www.kastali.is
kastali.is
kastali.is
www.kastali.is
www.kastali.is
www.kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
kastali.is
www.kastali.is
www.kastali.is
www.kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
kastali.is
kastali.is
www.kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
www.kastali.is
www.kastali.is
www.kastali.is
sni160876.cloudflaressl.com
www.kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
www.kastali.is
kastali.is
kastali.is
www.kastali.is
www.kastali.is
www.kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
kastali.is
www.kastali.is
www.kastali.is
www.kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
kastali.is
kastali.is
www.kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
www.kastali.is
www.kastali.is
www.kastali.is
sni160876.cloudflaressl.com
www.kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
www.kastali.is
kastali.is
www.kastali.is
kastali.is
sni160876.cloudflaressl.com
kastali.is
kastali.is
Certificate
The complete raw certificate details for kastali.is in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHVTCCBj2gAwIBAgIMKXvV+3FY2kFtDlNIMA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN MTcwNzE2MDExNjE3WhcNMTgwNzE3MDExNjE3WjA4MSEwHwYDVQQLExhEb21haW4g Q29udHJvbCBWYWxpZGF0ZWQxEzARBgNVBAMTCmthc3RhbGkuaXMwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2n2AeIegIWU1+E5/VGAhZvrqXl9dSKufv l9f6a825ciRAMUHAWMPXuF1dOPQPzIhpOY3yLrnzGYfvaM3dI+6d2naBCm3opQQ7 cCqV57XpptjqQZyZplvGiOEg0cpbdzjNBODFliUbn7FIOWmCdLD18I1kv/JV9H/y uZ/V6ND3ONoX17qVJNYk9dAnvyDcMjB4Xg+3LvDdjWYqiTNAMoMDeWkhLFCJvcPT nuS+TWf7Hg6RN80keZVLUJ8MlZmgsQCZZS3vDb8bkdATevS7rojsjrMIO4ix8sS5 AZJVEl+/WADSMZBxEqeKjW8qeDBbKhGRrE2jllUQjqlrEv5IKwP7AgMBAAGjggQ1 MIIEMTAOBgNVHQ8BAf8EBAMCBaAwgZIGCCsGAQUFBwEBBIGFMIGCMEUGCCsGAQUF BzAChjlodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFp bnZhbHNoYTJnMy5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwMi5nbG9iYWxz aWduLmNvbS9nc2RvbWFpbnZhbHNoYTJnMzBWBgNVHSAETzBNMEEGCSsGAQQBoDIB CjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBv c2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIwADBABgNVHR8EOTA3MDWgM6Axhi9o dHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmczLmNybDAV BgNVHREEDjAMggprYXN0YWxpLmlzMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjAdBgNVHQ4EFgQUpR8dZpDVjtbrGMOxtGWK4n1h9oUwHwYDVR0jBBgwFoAU PYCCecVIgqPDEu7fmQ9XNUie0MswggJtBgorBgEEAdZ5AgQCBIICXQSCAlkCVwB1 AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABXUj3tNIAAAQDAEYw RAIgOl/sZoB6pdb99dVBUTisO/Y5P4rUmyVdIChw+FoQTWACIBS+M/0yDcYPXpsp 8UDebUi7oQRB5A+gOsMWpaw+qhVvAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiN PRHEzbbsvswAAAFdSPe1GAAABAMARzBFAiABzW6YF2770JVHVY9WDYPaRhd0hshf paoqg+nNT67fuQIhAOZMYI9xTGPp+hHAtIsEhvZgDC8Wf0q7TKFVHVno2licAHUA u9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFdSPe1pgAABAMARjBE AiB3pS6RS3glyC38vgKugX8j//DrkGuilIZzM5zRg0MRXAIgYwMtgF+6Aio+PziQ dX8L+krreUJo9xCE9RZ07SaDdCEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jj d80OyA3cEAAAAV1I97TSAAAEAwBIMEYCIQCn4XuaYUsKHeAfY+d9pANda0PHn815 RSg8duMMFI3d8gIhAJ8NR8lPaq2+5jta1byfBLw/tbrt7MofhhEBE0oLwZo1AHYA 7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFdSPe3wwAABAMARzBF AiBcKLVC7TpSLtP1nWxyhAl49g97W0qGGWJALvbWcZvyUwIhALk/Gs9Ms5b0xPWR I4JIhLNxlMuWfVhY/3J6KwpW0KwsMA0GCSqGSIb3DQEBCwUAA4IBAQDW+k2/AE4Q iBeo75cFVs6vsun56nlYwH2MoPodFy+cNzkcN7hOqxd6KSjf6J4j8PWfSdTih9pQ RxFv61+lz1MqEjIC4CHHETa6gr1CwThIY7XTxZbOVpdHPbVhifnXabuWyIQ4KcRT nfNM/dD3wmLDm2JeaUxZTYnQYoPn2wMXKYFo+ksB3Q3bhPl4WsMedyyPCtjqVpWE HxXJ0CEQOBqoBXTBBRBpLTMtTk4lBnrxxAa40wtLDjJInonLq2wV9MDTP1OLwikI RqWW88vopfjv/XRFIFEzDjl5pYJZqESh4cm0DQkuSrdKFwlyhvHqPD3dkg+j17NJ 6zuotSj241Wv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp9gHiHoCFlNfhOf1RgI Wb66l5fXUirn75fX+mvNuXIkQDFBwFjD17hdXTj0D8yIaTmN8i658xmH72jN3SPu ndp2gQpt6KUEO3Aqlee16abY6kGcmaZbxojhINHKW3c4zQTgxZYlG5+xSDlpgnSw 9fCNZL/yVfR/8rmf1ejQ9zjaF9e6lSTWJPXQJ78g3DIweF4Pty7w3Y1mKokzQDKD A3lpISxQib3D057kvk1n+x4OkTfNJHmVS1CfDJWZoLEAmWUt7w2/G5HQE3r0u66I 7I6zCDuIsfLEuQGSVRJfv1gA0jGQcRKnio1vKngwWyoRkaxNo5ZVEI6paxL+SCsD +wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12838593780848878840506635080 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-16 01:16:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-17 01:16:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kastali.is' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23053962472167983274548740162517237610642756387916267198807103972324524115277830268885033057856913779923844011472807049719013273156649546970313108975637069179903656282245504386964558273493384175279791404856104889456912014450201874611370315267984834584539226457187199152202380820470276434230915201320954589627725359877010190495479312672225385286443368673757493813757941599253471640668646574410407628405205107675829269654638575636792239948698855765768778274666520298252596245107890124222663830387943212052925096044992488571343137969500748617298756540109457751601151253546340040751995599649366415423981430654914987230203 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsdomainvalsha2g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kastali.is' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a51f1d6690d58ed6eb18c3b1b4658ae27d61f685 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3d808279c54882a3c312eedf990f5735489ed0cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes) 02570075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015d48f7b4d2000004030046304402203a5fec66807aa5d6fdf5d5415138ac3bf6393f8ad49b255d202870f85a104d60022014be33fd320dc60f5e9b29f140de6d48bba10441e40fa03ac316a5ac3eaa156f007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015d48f7b5180000040300473045022001cd6e98176efbd09547558f560d83da46177486c85fa5aa2a83e9cd4faedfb9022100e64c608f714c63e9fa11c0b48b0486f6600c2f167f4abb4ca1551d59e8da589c007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015d48f7b5a60000040300463044022077a52e914b7825c82dfcbe02ae817f23fff0eb906ba2948673339cd18343115c022063032d805fba022a3e3f3890757f0bfa4aeb794268f71084f51674ed26837421007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015d48f7b4d20000040300483046022100a7e17b9a614b0a1de01f63e77da4035d6b43c79fcd7945283c76e30c148dddf20221009f0d47c94f6aadbee63b5ad5bc9f04bc3fb5baedecca1f861101134a0bc19a35007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015d48f7b7c3000004030047304502205c28b542ed3a522ed3f59d6c72840978f60f7b5b4a861962402ef6d6719bf253022100b93f1acf4cb396f4c4f59123824884b37194cb967d5858ff727a2b0a56d0ac2c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00d6fa4dbf004e108817a8ef970556ceafb2e9f9ea7958c07d8ca0fa1d172f9c37391c37b84eab177a2928dfe89e23f0f59f49d4e287da5047116feb5fa5cf532a123202e021c71136ba82bd42c1384863b5d3c596ce5697473db56189f9d769bb96c8843829c4539df34cfdd0f7c262c39b625e694c594d89d06283e7db0317298168fa4b01dd0ddb84f9785ac31e772c8f0ad8ea5695841f15c9d02110381aa80574c10510692d332d4e4e25067af1c406b8d30b4b0e32489e89cbab6c15f4c0d33f538bc2290846a596f3cbe8a5f8effd74452051330e3979a58259a844a1e1c9b40d092e4ab74a17097286f1ea3c3ddd920fa3d7b349eb3ba8b528f6e355af