shop.tokidoki.it
Issued by GlobalSign Domain Validation CA - SHA256 - G3
About this certificate
This digital certificate with serial number 58:46:37:c6:62:52:a6:6a:86:f2:48:b9 was issued on by GlobalSign nv-sa.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=shop.tokidoki.it,OU=Domain Control Validated
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 58:46:37:c6:62:52:a6:6a:86:f2:48:b9Serial Number (int): 27319569061348182655256119481
Serial Number lenght: 95 bits, 12 octets
SubjectKeyId: 69:24:c7:98:3d:6d:6d:54:69:97:44:01:41:0a:0b:e3:ae:1e:8a:d7
AuthorityKeyId: 3d:80:82:79:c5:48:82:a3:c3:12:ee:df:99:0f:57:35:48:9e:d0:cb
Fingerprint (sha1): 3f:ab:46:b0:bd:a9:e4:dd:e8:29:c2:bf:80:66:52:b7:b1:e5:25:1a
Fingerprint (sha256): d6:38:a7:dd:54:17:fc:fc:8a:b9:46:44:7a:22:f5:2b:ef:b0:51:aa:e7:e1:0b:4b:79:d9:25:be:19:94:75:89
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g3CRL Distribution Point: http://crl.globalsign.com/gsdomainvalsha2g3.crl
Check the revocation status for certificate shop.tokidoki.it
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for shop.tokidoki.it
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
shop.tokidoki.it
Other certificates including the domain name tokidoki.it
(limited to 100 certificates)
tokidoki.it
tokidoki.it
www.tokidoki.it
tokidoki.it
www.tokidoki.it
www.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
citrix.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
www.tokidoki.it
tokidoki.it
shop.tokidoki.it
shop.tokidoki.it
tokidoki.it
shop.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
tokidoki.it
www.tokidoki.it
shop.tokidoki.it
tokidoki.it
tokidoki.it
tokidoki.it
shop.tokidoki.it
mail.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
www.tokidoki.it
tokidoki.it
tokidoki.it
tokidoki.it
www.tokidoki.it
mail.tokidoki.it
shop.tokidoki.it
www.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
tokidoki.it
tokidoki.it
mail.tokidoki.it
www.tokidoki.it
www.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
shop.tokidoki.it
shop.tokidoki.it
www.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
shop.tokidoki.it
mail.tokidoki.it
tokidoki.it
www.tokidoki.it
tokidoki.it
tokidoki.it
www.tokidoki.it
mail.tokidoki.it
tokidoki.it
www.tokidoki.it
tokidoki.it
www.tokidoki.it
www.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
citrix.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
www.tokidoki.it
tokidoki.it
shop.tokidoki.it
shop.tokidoki.it
tokidoki.it
shop.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
tokidoki.it
www.tokidoki.it
shop.tokidoki.it
tokidoki.it
tokidoki.it
tokidoki.it
shop.tokidoki.it
mail.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
www.tokidoki.it
tokidoki.it
tokidoki.it
tokidoki.it
www.tokidoki.it
mail.tokidoki.it
shop.tokidoki.it
www.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
tokidoki.it
tokidoki.it
mail.tokidoki.it
www.tokidoki.it
www.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
shop.tokidoki.it
tokidoki.it
shop.tokidoki.it
shop.tokidoki.it
www.tokidoki.it
www.tokidoki.it
shop.tokidoki.it
shop.tokidoki.it
mail.tokidoki.it
tokidoki.it
www.tokidoki.it
tokidoki.it
tokidoki.it
www.tokidoki.it
mail.tokidoki.it
Certificate
The complete raw certificate details for shop.tokidoki.it in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIMWEY3xmJSpmqG8ki5MA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN MTkwMjI4MTE1NjE1WhcNMjAwMjI5MTE1NjE1WjA+MSEwHwYDVQQLExhEb21haW4g Q29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMTEHNob3AudG9raWRva2kuaXQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmqbqSyGbz0bvmeRzTDcUxDAyP HXStxdVDhHwIgfOx2cRnaeUu0s59B2oMf8CYbGUNvD8Rsm4kPNYnlYHDalbe+pTn irTtZ4sWPITRVOMdOL2OHM1uFTqHdYsZ0Ehlh8T07C1uVoEyDfwiqWtMAq+pXOpg HApM6LlPgiZVClT0K5OoGv/EuZjVHFajeytHo/pRMoiB0c3oRWzxFQKH36l2Qm+W CxG8nyDcYUBYfHDC0bVocMfXjslBeIdDBNB7uJue2/ptV1nUEwdCOR2Nj4wJeLaj xUU5Us4K7AjvPPqS3GZ0fy/V8zr5oilmePeyeKfU2s1ELPdDUkh0KsJ5DHljAgMB AAGjggHfMIIB2zAOBgNVHQ8BAf8EBAMCBaAwgZIGCCsGAQUFBwEBBIGFMIGCMEUG CCsGAQUFBzAChjlodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9n c2RvbWFpbnZhbHNoYTJnMy5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwMi5n bG9iYWxzaWduLmNvbS9nc2RvbWFpbnZhbHNoYTJnMzBWBgNVHSAETzBNMEEGCSsG AQQBoDIBCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv bS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIwADBABgNVHR8EOTA3MDWg M6Axhi9odHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcz LmNybDAbBgNVHREEFDASghBzaG9wLnRva2lkb2tpLml0MB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUaSTHmD1tbVRpl0QBQQoL464eitcw HwYDVR0jBBgwFoAUPYCCecVIgqPDEu7fmQ9XNUie0MswEwYKKwYBBAHWeQIEAwEB /wQCBQAwDQYJKoZIhvcNAQELBQADggEBAI+NSv8OVUdz3uvNA2i05JmJFwxcEcyN zkoUp+6shZ2pb0EiTlneYT7nb9KN2oYHd1DBK19kEQAeYShXFHpoF3F/RKtzOd1x rc6KDsgqODClR+e3iuXdK3ZKxKCtIoRlUKVPq8X9HzS0IW7EXrc+1slg7y2/NFgh E52ps1zBYGCakpvYIL61/whsIv2WgPnkCBWerObv704B4H2ohJgiPBdqAi8qOyma 2H069N2CGH1uw4obXFA8rak/K9mpWWtHISxLKOCZUlN72u1MPtW9U1sIDKZI0zLf tftC9kCrx16VgMrf4uQHhX57eHLalCZhdIX8MXd8soY3pr4wm2GqBxk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqm6kshm89G75nkc0w3F MQwMjx10rcXVQ4R8CIHzsdnEZ2nlLtLOfQdqDH/AmGxlDbw/EbJuJDzWJ5WBw2pW 3vqU54q07WeLFjyE0VTjHTi9jhzNbhU6h3WLGdBIZYfE9OwtblaBMg38IqlrTAKv qVzqYBwKTOi5T4ImVQpU9CuTqBr/xLmY1RxWo3srR6P6UTKIgdHN6EVs8RUCh9+p dkJvlgsRvJ8g3GFAWHxwwtG1aHDH147JQXiHQwTQe7ibntv6bVdZ1BMHQjkdjY+M CXi2o8VFOVLOCuwI7zz6ktxmdH8v1fM6+aIpZnj3snin1NrNRCz3Q1JIdCrCeQx5 YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 27319569061348182655256119481 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-28 11:56:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-29 11:56:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'shop.tokidoki.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21039255016151649503230483314164571451764739716517155543407858861455696888491042257800569830082359647233077098434971749129318369713672975549853146099269261487501520848296243885858104559255133462212819665974452789097253169635863630826165258103631527275071201917340590516132612237496847811430808410008004332497251243978228627376005150594597087390296139385373941145434396030724598326966118100889247943843827767656906730958092042648349710922346038126813439984141963772397653131179195456015754544233567735815631622510111499745384817457596404080990257611793909033803673024756397311783581956385829659613266551964618847975779 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsdomainvalsha2g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.tokidoki.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6924c7983d6d6d5469974401410a0be3ae1e8ad7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3d808279c54882a3c312eedf990f5735489ed0cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008f8d4aff0e554773deebcd0368b4e49989170c5c11cc8dce4a14a7eeac859da96f41224e59de613ee76fd28dda86077750c12b5f6411001e612857147a6817717f44ab7339dd71adce8a0ec82a3830a547e7b78ae5dd2b764ac4a0ad22846550a54fabc5fd1f34b4216ec45eb73ed6c960ef2dbf345821139da9b35cc160609a929bd820beb5ff086c22fd9680f9e408159eace6efef4e01e07da88498223c176a022f2a3b299ad87d3af4dd82187d6ec38a1b5c503cada93f2bd9a9596b47212c4b28e09952537bdaed4c3ed5bd535b080ca648d332dfb5fb42f640abc75e9580cadfe2e407857e7b7872da9426617485fc31777cb28637a6be309b61aa0719