*.diamond-heaven.co.uk
Issued by RapidSSL Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 0f:fa:13:f1:cc:69:a5:ed:1f:7c:e2:90:0e:32:0c:2d was issued on by DigiCert, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.diamond-heaven.co.uk
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:fa:13:f1:cc:69:a5:ed:1f:7c:e2:90:0e:32:0c:2dSerial Number (int): 21236898674439743099364031492829350957
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: e7:dd:86:c9:91:ad:95:e7:f4:e8:93:ba:88:34:16:7d:1d:d9:8b:9b
AuthorityKeyId: f0:9c:85:fd:a2:9f:7d:8f:c9:68:bb:d5:d4:89:4d:1d:be:d3:90:ff
Fingerprint (sha1): 43:ee:eb:e9:c0:2b:65:45:90:ed:6f:ec:70:ca:f7:56:31:7c:77:33
Fingerprint (sha256): d3:5b:bd:65:ff:a4:54:ae:c0:9f:08:51:c4:6c:ca:dc:e5:8e:69:53:d2:07:c7:93:fa:7c:36:0f:48:4b:d2:59
Issuing Certificate URL: http://cacerts.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate *.diamond-heaven.co.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.diamond-heaven.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.diamond-heaven.co.uk
diamond-heaven.co.uk
diamond-heaven.co.uk
Other certificates including the domain name diamond-heaven.co.uk
(limited to 100 certificates)
*.diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
directory.diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
*.diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
*.diamond-heaven.co.uk
connect.skinos.in
*.diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
directory.diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
*.diamond-heaven.co.uk
*.diamond-heaven.co.uk
diamond-heaven.co.uk
*.diamond-heaven.co.uk
connect.skinos.in
*.diamond-heaven.co.uk
Certificate
The complete raw certificate details for *.diamond-heaven.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHrjCCBZagAwIBAgIQD/oT8cxppe0ffOKQDjIMLTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K1JhcGlkU1NMIEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjMwMzA2MDAwMDAwWhcNMjQwMjE4MjM1OTU5WjAhMR8wHQYDVQQDDBYqLmRpYW1v bmQtaGVhdmVuLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA lItYL5TtJRgpWxMrgqyF3DDMRcKJcPY6EEXpCSLYObIU2xEGmQc6kuu01TwDpmwJ TpHahF0MmdowRFK4lNX+Poo8Kgz3bsMaCD+dy7iIOi6MS2+B6Fy+gM+co+pOgV7E 4zD8pTdzgwuG5RfwaUCtxpLOpXHeXd3+HbxuHgLXPkhZcqi2uSat88oX9SBgqOgS 32Cx8u12TApNC4zvpT3CPB8/HmP4Dhfl+UxtaHZZr9r5neglzyr/Jdo307XPi038 PA5rx0Iri2V4HfqnZjJNNDEoiDqtVk4WoR7esgUIat/hbpoJP3NGwItlUuFyUGS1 NNS12h9lpeOjqR13nBKdhwIDAQABo4IDpTCCA6EwHwYDVR0jBBgwFoAU8JyF/aKf fY/JaLvV1IlNHb7TkP8wHQYDVR0OBBYEFOfdhsmRrZXn9OiTuog0Fn0d2YubMDcG A1UdEQQwMC6CFiouZGlhbW9uZC1oZWF2ZW4uY28udWuCFGRpYW1vbmQtaGVhdmVu LmNvLnVrMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQu Y29tL1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMEig RqBEhkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vUmFwaWRTU0xHbG9iYWxUTFNS U0E0MDk2U0hBMjU2MjAyMkNBMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAn BggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGHBggrBgEF BQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBR BggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1JhcGlkU1NM R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3J0MAkGA1UdEwQCMAAwggF+ BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze w1FIWUZxH7WbAAABhrbHU7MAAAQDAEgwRgIhAOaCKxvJTSp8cD9g+hX18UmnsUfm VjVjiFavD53YkG2SAiEA6hIVY2uymgy8uGGE8PmYh84GK24XVvnMXwZfGCtT0AEA dQBz2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYa2x1QzAAAEAwBG MEQCID9YeOjFj1Q6a/SzWlt7gGYFofuPXQCy6Z5885bV2gutAiBC3Zl21pbf5+W7 bqhsvmvtYc78SIpw8MPyPF8y/FfdYQB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0s gdm7v6s52IRzAAABhrbHU+MAAAQDAEcwRQIgZ1Rs41eS3WGQut9HIN8jHTRD1WT6 tZf3Z94mvEVdTlMCIQCpl2/lCEflHH7fnx/5n3AwPiy0O2eXP14HtIWs2LJfFDAN BgkqhkiG9w0BAQsFAAOCAgEAKSv/SLtrOHF4hKcMBCEBL6Bmh3vROG28g14uUFal 4wCr793tBGl75pt7iGGdDexvo0lxqcX0Ac60t4Cg7BaVOSn4pcgQMqrCU6qpgRE/ pC53TzXXOAq6Xg0IQnnywjThr2E5lqEUmH3/vB6apbObZCCTV+r45WVKQiLqvvFf mIK+azPEMpXglQLB3+35BtnZSKEMzme1QbzNfsnSzUKdYwr2M+pDH1WiR7fUVLoq IZhhVGCzrCtGYjCj5BQKQ7fAwoxzCqgXk4yZUlwOh7h04llMEFJ9ltcuDIj01xBC fucv0DrXP37mPBYltVRTmTnRCZCePPtInjCeoHfH0bUqD5IERl+jVaPTOEpGdodq P5xkePfbbnhp94PgEm0QcWY7eaMwsKHNEff7HOsZRhiCIWXx38Oc7vB9m1ctPDY4 xvLB1ugQ8a3+y87IYYUqiTHMCXneqCB4515CtWiTh0dUcQ4yJ38KZ8kcRokFgS0k ykYXOu+OWx8n1Xz061cwS18BNG2/tU0dsdZD/Tu0vkiKYdizpF2IYeaNr6fq7M3o yNovO59UpKL7a5qbs/XMAyhp6/NcgJx6h13EJT+ypo364X1Zy05b2B/beRsP+N2s 0wiJsfjPEu8jXotbz3RoF+0OdssvC0D3wixgEyVFwENgPn09YFjIX9qwDlG5iv1D Hqs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlItYL5TtJRgpWxMrgqyF 3DDMRcKJcPY6EEXpCSLYObIU2xEGmQc6kuu01TwDpmwJTpHahF0MmdowRFK4lNX+ Poo8Kgz3bsMaCD+dy7iIOi6MS2+B6Fy+gM+co+pOgV7E4zD8pTdzgwuG5RfwaUCt xpLOpXHeXd3+HbxuHgLXPkhZcqi2uSat88oX9SBgqOgS32Cx8u12TApNC4zvpT3C PB8/HmP4Dhfl+UxtaHZZr9r5neglzyr/Jdo307XPi038PA5rx0Iri2V4HfqnZjJN NDEoiDqtVk4WoR7esgUIat/hbpoJP3NGwItlUuFyUGS1NNS12h9lpeOjqR13nBKd hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 21236898674439743099364031492829350957 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.diamond-heaven.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18751982457092482352100667953938982067426215453416989453673659311806833463944471572711088201021982500787412286404251983938739917188230126838040922160321813717079402456617171373476051540296003505302124862040886094665204955622286517826743894203648525107336786580313368784903371681103167212737270367893920632899402614826571491296926943508416691507959059191079045318399298274091225411824345606155782472743631590110391755081084281389979585030753589948347657755153763643814115391785095702377656489816113124583367384095255040855584511125535597432060847451486906565446688735663988526718812809760254994699942090439493457976711 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f09c85fda29f7d8fc968bbd5d4894d1dbed390ff . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e7dd86c991ad95e7f4e893ba8834167d1dd98b9b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.diamond-heaven.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diamond-heaven.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/RapidSSLGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000186b6c753b30000040300483046022100e6822b1bc94d2a7c703f60fa15f5f149a7b147e65635638856af0f9dd8906d92022100ea1215636bb29a0cbcb86184f0f99887ce062b6e1756f9cc5f065f182b53d00100750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000186b6c75433000004030046304402203f5878e8c58f543a6bf4b35a5b7b806605a1fb8f5d00b2e99e7cf396d5da0bad022042dd9976d696dfe7e5bb6ea86cbe6bed61cefc488a70f0c3f23c5f32fc57dd6100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000186b6c753e30000040300473045022067546ce35792dd6190badf4720df231d3443d564fab597f767de26bc455d4e53022100a9976fe50847e51c7edf9f1ff99f70303e2cb43b67973f5e07b485acd8b25f14 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00292bff48bb6b38717884a70c0421012fa066877bd1386dbc835e2e5056a5e300abefdded04697be69b7b88619d0dec6fa34971a9c5f401ceb4b780a0ec16953929f8a5c81032aac253aaa981113fa42e774f35d7380aba5e0d084279f2c234e1af613996a114987dffbc1e9aa5b39b64209357eaf8e5654a4222eabef15f9882be6b33c43295e09502c1dfedf906d9d948a10cce67b541bccd7ec9d2cd429d630af633ea431f55a247b7d454ba2a2198615460b3ac2b466230a3e4140a43b7c0c28c730aa817938c99525c0e87b874e2594c10527d96d72e0c88f4d710427ee72fd03ad73f7ee63c1625b554539939d109909e3cfb489e309ea077c7d1b52a0f9204465fa355a3d3384a4676876a3f9c6478f7db6e7869f783e0126d1071663b79a330b0a1cd11f7fb1ceb194618822165f1dfc39ceef07d9b572d3c3638c6f2c1d6e810f1adfecbcec861852a8931cc0979dea82078e75e42b56893874754710e32277f0a67c91c468905812d24ca46173aef8e5b1f27d57cf4eb57304b5f01346dbfb54d1db1d643fd3bb4be488a61d8b3a45d8861e68dafa7eaeccde8c8da2f3b9f54a4a2fb6b9a9bb3f5cc032869ebf35c809c7a875dc4253fb2a68dfae17d59cb4e5bd81fdb791b0ff8ddacd30889b1f8cf12ef235e8b5bcf746817ed0e76cb2f0b40f7c22c60132545c043603e7d3d6058c85fdab00e51b98afd431eab