rivera.me

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:a1:0b:e8:ba:bd:bc:50:81:e5:1c:dd:6a:3c:15:3a:a1:38 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=rivera.me

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:a1:0b:e8:ba:bd:bc:50:81:e5:1c:dd:6a:3c:15:3a:a1:38
Serial Number (int): 403250434709697482862440972080552496243000
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 6a:3f:04:37:5e:f9:98:64:6f:0d:be:14:f1:e9:72:30:34:f2:d2:46
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 38:05:d9:fa:51:76:ad:cc:75:ff:74:b4:74:ec:36:2d:17:e2:c7:f5
Fingerprint (sha256): d6:3b:07:6c:9a:30:4b:b4:a5:98:ca:75:a4:6c:67:fc:2f:72:31:54:47:1d:79:a0:b5:0b:a4:2d:43:d0:55:a9

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate rivera.me

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rivera.me

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rivera.me

Other certificates including the domain name rivera.me

(limited to 100 certificates)
rivera.me
www.littlejollypolitics.org
rivera.me
rivera.me
footballer.me
rivera.me
www.rivera.me
rivera.me
rivera.me

Certificate

The complete raw certificate details for rivera.me in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG/DCCBeSgAwIBAgISBKEL6Lq9vFCB5RzdajwVOqE4MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMDcyMjM5NDhaFw0x
OTAyMDUyMjM5NDhaMBQxEjAQBgNVBAMTCXJpdmVyYS5tZTCCAiIwDQYJKoZIhvcN
AQEBBQADggIPADCCAgoCggIBALAUVKtA/cDE9W44mZahtQxxp0Bx6vG715g8nVMV
AJU4CRIKjuvMZRjNANP3BDVX5hYCSncBC/OtQVRCMNTISM41+mVdggtcdI2Nzhpn
bZuE2l0nAQu/pon2n7uOiCJmuXDLELNIcBYB9aGEzHyPy0GOrm0zQzA/LPmvYTFD
V4tmqzrdMhXawC6ehBXIx0cMjLvzF+DSqS1DVbezqCX8VRhm9wa8ysViIr19klkb
SacQQRRd89y4BIzfeoMEy2aaYMVtu8hz5vHhfX9PyG7MrY3mvblhvwKPGpJn+d0d
8Ws23QfeBLQgUzAFRvsKTshOwXdXeAx1pwrYUn/fXauyaK4xU7zLTsrN9XRCwdiE
gZHzANzFJHNj08LKnLx/hwVBYmw3UD7bSNVvdVIGbbuUESXjXhueDQQSfeoXNerA
GvOgrTWVu8WKjdFI+ZLsdu3N0yHtH7BawiZZ7ehcsfpSzj9BIM203G6Bhp86IJL5
TGCpFMMZBadrPDokAC7GIDy4gPGUqOicOaH5s6uGGXnKbYg5ndVmsB+upl6MC+dC
N4DmU32BHCIKeDo+DJ58JAQCUhbVBnZUs4tdsX24vz7QIXgQ00qlUbcZhA2bsMVU
LAKroQoKQiiTk6NFUV7C0HoVtq9Zjw4ZjrjXv7c3mnSmZzA360I80lC+yV6p+ugS
+KYtAgMBAAGjggMQMIIDDDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGo/BDde+Zhk
bw2+FPHpcjA08tJGMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G
CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl
dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl
dHNlbmNyeXB0Lm9yZy8wFAYDVR0RBA0wC4IJcml2ZXJhLm1lMIH+BgNVHSAEgfYw
gfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0
cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBD
ZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBh
cnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0
ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3Np
dG9yeS8wggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQDiaUuuJujpQAnohhu2O4PU
Puf+dIj7pI8okwGd3fHb/gAAAWbwi9gdAAAEAwBGMEQCIFUQaqcNQlO7QrnACjA5
D2pkBSvmnL6RtnvBs5IgqUfxAiB0+8+Oi9kpE1KWfBDMeraCX3gDlAqZVsgBznz4
VQ1DIgB2ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABZvCL2BIA
AAQDAEcwRQIhAMsNd+IFIWOC7zic7H08joaBmZ78GouVI03k9+eCOGXfAiBfDEYe
Uw6chELv3esCY3yUolRVwjR6ZhssMGHH/POT2zANBgkqhkiG9w0BAQsFAAOCAQEA
UAylZz4WUW/btGhlKWiZafXmKK/KtilpMMEXLLwBxweCP+X2uA5+E+ZjyOsh/E80
33QQDRxC7Dd7O91qATpxvr+XmBsuVMNoGXDYWy7MRjF7SWC/9GksYb0zt0OZPi6e
Hmchqau3tg/IQwcNG27QtvQFfXtLECI0LZWXI5OgL5VGZrRvHvUTJQOZPKsqk6IA
9/topKUts/Bshs70hSzSIGmcMIM8tad3zbJ78I2LEqL55qHhty/VmzkAahw5JRbS
e1yYITCP38++oNyqZNbH6O2ceeetdQsPAIsIoo3yeb1Au5VkhX5i4N/jQBFHVV/F
bBOg7jy8/Kxqd6LJs3FVjw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsBRUq0D9wMT1bjiZlqG1
DHGnQHHq8bvXmDydUxUAlTgJEgqO68xlGM0A0/cENVfmFgJKdwEL861BVEIw1MhI
zjX6ZV2CC1x0jY3OGmdtm4TaXScBC7+mifafu46IIma5cMsQs0hwFgH1oYTMfI/L
QY6ubTNDMD8s+a9hMUNXi2arOt0yFdrALp6EFcjHRwyMu/MX4NKpLUNVt7OoJfxV
GGb3BrzKxWIivX2SWRtJpxBBFF3z3LgEjN96gwTLZppgxW27yHPm8eF9f0/Ibsyt
jea9uWG/Ao8akmf53R3xazbdB94EtCBTMAVG+wpOyE7Bd1d4DHWnCthSf99dq7Jo
rjFTvMtOys31dELB2ISBkfMA3MUkc2PTwsqcvH+HBUFibDdQPttI1W91UgZtu5QR
JeNeG54NBBJ96hc16sAa86CtNZW7xYqN0Uj5kux27c3TIe0fsFrCJlnt6Fyx+lLO
P0EgzbTcboGGnzogkvlMYKkUwxkFp2s8OiQALsYgPLiA8ZSo6Jw5ofmzq4YZecpt
iDmd1WawH66mXowL50I3gOZTfYEcIgp4Oj4MnnwkBAJSFtUGdlSzi12xfbi/PtAh
eBDTSqVRtxmEDZuwxVQsAquhCgpCKJOTo0VRXsLQehW2r1mPDhmOuNe/tzeadKZn
MDfrQjzSUL7JXqn66BL4pi0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 403250434709697482862440972080552496243000
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-07 22:39:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-05 22:39:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rivera.me'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 718341348843406007217048003987648979005792003595893110893531932490172856752009479562886324186928646432983081250794864645734670510252536086342745702996873545080126546363964398421412482939262008414466289328856543434083710772592757313978801434237155733153864766820865768263117275598764024005067036479132209986886991784592093514284850361531110099937802984167170519696609583653686299094457360317233409767058810588464596232609971114004821306417809013817942875895560963963782928076560034144733619873314691799115845727513127935341835701058191320218008339858493911011845481665466224937528920196381296975143370040259192271130028530294189515306800099825906950360377083742147971261827396054945152573442043849248589949690147373039934001831032819639196871153475378822315311074644911011536715669127588415759799142425769754816481632831862946184653955955293422533159938679198635434160081254373143192362322161728330923672824985836623624863826800572522668307128123559962247588257799913447838337366642484819929138518300329266234974076301620798479283669358843581986997424691834904375950009286339604845275009567235636841831215204706804731064812322014574030115189557614767645961620749847159683355884718023108492598350023698089530021273975550831069142492717
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6a3f04375ef998646f0dbe14f1e9723034f2d246
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rivera.me'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000166f08bd81d0000040300463044022055106aa70d4253bb42b9c00a30390f6a64052be69cbe91b67bc1b39220a947f1022074fbcf8e8bd9291352967c10cc7ab6825f7803940a9956c801ce7cf8550d4322007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000166f08bd8120000040300473045022100cb0d77e205216382ef389cec7d3c8e8681999efc1a8b95234de4f7e7823865df02205f0c461e530e9c8442efddeb02637c94a25455c2347a661b2c3061c7fcf393db
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00500ca5673e16516fdbb4686529689969f5e628afcab6296930c1172cbc01c707823fe5f6b80e7e13e663c8eb21fc4f34df74100d1c42ec377b3bdd6a013a71bebf97981b2e54c3681970d85b2ecc46317b4960bff4692c61bd33b743993e2e9e1e6721a9abb7b60fc843070d1b6ed0b6f4057d7b4b1022342d95972393a02f954666b46f1ef5132503993cab2a93a200f7fb68a4a52db3f06c86cef4852cd220699c30833cb5a777cdb27bf08d8b12a2f9e6a1e1b72fd59b39006a1c392516d27b5c9821308fdfcfbea0dcaa64d6c7e8ed9c79e7ad750b0f008b08a28df279bd40bb9564857e62e0dfe3401147555fc56c13a0ee3cbcfcac6a77a2c9b371558f