digi.no
Issued by R3
About this certificate
This digital certificate with serial number 03:be:cf:c2:f9:29:33:b9:df:07:5e:a5:ad:34:1c:e9:45:6a was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=digi.no
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:be:cf:c2:f9:29:33:b9:df:07:5e:a5:ad:34:1c:e9:45:6aSerial Number (int): 326266670064561435752515860542599910212970
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: bf:d5:10:8c:0f:f5:c4:e7:c4:25:92:a2:da:f3:26:bf:85:8f:dd:bb
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): e0:65:42:32:2b:e6:ec:85:e9:9d:01:2e:d7:31:e2:80:a6:5f:32:8f
Fingerprint (sha256): d8:2c:d4:e4:1e:11:67:9f:e8:0b:dd:c6:ba:8b:ca:07:5d:43:95:a1:3a:39:f4:ee:ee:0d:3e:4e:f9:52:2e:fa
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate digi.no
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for digi.no
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digi.no
test.digi.no
www.digi.no
test.digi.no
www.digi.no
Other certificates including the domain name digi.no
(limited to 100 certificates)
wallbrand.co
dcfit.turnosweb.app
erlend2.digi.no
digi.no
digi.no
www.penguinpeople.io
groupm.beaconforce.com
www.trumpcarestories.org
digi.no
www.parrify.com
cloud.workito.co.il
digi.no
digi.no
wallbrand.co
whitepaper.digi.no
f.link.mustard.love
1j2n061x3td.www.digi.no
mysomras.com
digi.no
www.waidy.it
www.couplemonitor.app
new-adventskalender.de
admin.ugyde.io
digi.no
digi.no
digi.no
erlend2.digi.no
ymd.development.fensi.in
www.crudewiser.com
whitepaper.digi.no
erickmendoza.com
employeronboarding.keeper.co.in
www.iamtheliquor.app
static.dev.getbusy.com
www.51hint.com
www.aduug.com
digi.no
digi.no
whitepaper.digi.no
www.marktompkins.me
digital.stratton-press.linkmalloc.com
whitepaper.digi.no
hueanh.com
invertecfoods.cl
trimbo.com
digi.no
digi.no
digi.no
digi.no
www.garrettspence.dev
vedur.arnigu.info
kalk.digi.no
kalkulator.digi.no
digi.no
digi.no
digi.no
admin.job.hoikushi-go.com
f.link.mustard.love
digi.no
whitepaper.digi.no
nakytec.com
www.redstonemail.app
cvmetalproducts.ca
digi.no
digi.no
whitepaper.digi.no
upliftstress.com
whitepaper.digi.no
digi.no
digi.no
dev.viviultra.app
www.matahari-amsterdam.nl
slw.ai
edificiouna.porcelanosapartners.com
whitepaper.digi.no
kolssak.afterword.com
digi.no
kalk.digi.no
digi.no
whitepaper.digi.no
app.bemoved.com.au
digi.no
digi.no
www.chen.enterprises
digi.no
digi.no
www.inthga.io
introvue.robinsoft.biz
www.ministryofpup.com
digi.no
dcfit.turnosweb.app
erlend2.digi.no
digi.no
digi.no
www.penguinpeople.io
groupm.beaconforce.com
www.trumpcarestories.org
digi.no
www.parrify.com
cloud.workito.co.il
digi.no
digi.no
wallbrand.co
whitepaper.digi.no
f.link.mustard.love
1j2n061x3td.www.digi.no
mysomras.com
digi.no
www.waidy.it
www.couplemonitor.app
new-adventskalender.de
admin.ugyde.io
digi.no
digi.no
digi.no
erlend2.digi.no
ymd.development.fensi.in
www.crudewiser.com
whitepaper.digi.no
erickmendoza.com
employeronboarding.keeper.co.in
www.iamtheliquor.app
static.dev.getbusy.com
www.51hint.com
www.aduug.com
digi.no
digi.no
whitepaper.digi.no
www.marktompkins.me
digital.stratton-press.linkmalloc.com
whitepaper.digi.no
hueanh.com
invertecfoods.cl
trimbo.com
digi.no
digi.no
digi.no
digi.no
www.garrettspence.dev
vedur.arnigu.info
kalk.digi.no
kalkulator.digi.no
digi.no
digi.no
digi.no
admin.job.hoikushi-go.com
f.link.mustard.love
digi.no
whitepaper.digi.no
nakytec.com
www.redstonemail.app
cvmetalproducts.ca
digi.no
digi.no
whitepaper.digi.no
upliftstress.com
whitepaper.digi.no
digi.no
digi.no
dev.viviultra.app
www.matahari-amsterdam.nl
slw.ai
edificiouna.porcelanosapartners.com
whitepaper.digi.no
kolssak.afterword.com
digi.no
kalk.digi.no
digi.no
whitepaper.digi.no
app.bemoved.com.au
digi.no
digi.no
www.chen.enterprises
digi.no
digi.no
www.inthga.io
introvue.robinsoft.biz
www.ministryofpup.com
digi.no
Certificate
The complete raw certificate details for digi.no in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISA77PwvkpM7nfB16lrTQc6UVqMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTgxNDI2MTdaFw0yNDA2MTYxNDI2MTZaMBIxEDAOBgNVBAMT B2RpZ2kubm8wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCy70KYHGiB c0NLQpH4TWJXCaLbc5IMS3i3dZ9GVw5zzN2j1PltA5yBG5TMudBHiJyZSWru2Icf crZTCi3Llhy6dOkPAJTVi7fwtb8KKyYSKO8KgPziOucJB3Qe8CRCTiwmSw6wWezj ZZIV00Z9n/tNq4ztCfFvKXr+yvehQMzJgwye04D9pfmPOkpzjvuioO+oO9xRAo7/ SHzIGUa2iIVIGo5ESJU+XkhP/txjK+4ZjhYJS9FUExpjehw+Su+ahqrMisfH2+vr cq080A/+ou4MKlvjS/bLEQS6NlXPGts27Y6bCDEBsQJeMUMQdLVbZccgv3wIoaPv O6En9s0okVRJ+51bw7e+L2Lb0bvJJ8dk+p1l9T8oJN4BJURsTkpWaTlrX9GAP9we eWtga5UaInkFXRfH/LFWYeY3bjMx5ju24kmzi3MSge1dBWfvlapcdU+vQcjLXXJa rxkEvyvfQdRE6v9QL8wLFBJTfN/RN5Ai0rGXFFQcN08/lICpOMdueXZ2XMdir008 o0sSPxz6S+pl4BZdMF/ujSrqvjWavbiumpPLPZeEstijhgrw4rbrsugpK63mf8Jx SGXnKIbRjboGpSiF9h8mx334o0wqWzSA80i9edjxtvo7A/B1f5T4saXabUGSBIZ4 3bTKoGQ3qeb030RvTZtLMbCsQ+l3ulLYGwIDAQABo4ICJDCCAiAwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBS/1RCMD/XE58QlkqLa8ya/hY/duzAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzAtBgNVHREEJjAkggdkaWdpLm5vggx0ZXN0LmRpZ2kubm+CC3d3 dy5kaWdpLm5vMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGOUiuq 6AAABAMARzBFAiEAkS31iWtMnLqfkEgYkcWyrgn0lCUwLO+Q3fmPuCEgix0CIGu6 9J/c7DGH5JWRcA1+ywZ4eEDKyEYiKDCn/exbUpfkAHYAdv+IPwq2+5VRwmHM9Ye6 NLSkzbsp3GhCCp/mZ0xaOnQAAAGOUiurKwAABAMARzBFAiARMkuSDP/CqiZL24yy /w7OBAV4UEkSyZlboiYpPiXBpwIhAN+RcvL3GsfMyxyt3GvCIBXJrQXwKhFo35wr 6Ybas3q0MA0GCSqGSIb3DQEBCwUAA4IBAQAFSknTLFqYkLaYF7eadjzZH/gWVPdY PoRh7/DiR8i2Ihx/IbixmCBd4OINy0QhOICnJGrowYgZNKOgXVaSr+VzfuMsE8Af cGO4nbcKGsrPyvp0NzLeNeUEsuMij41pfz25s7pBQm9wZ91qfpPgZyf/DbiVheJM Md9qsfb7kLXet4penW/+FGcTPSr67Wi+vLieFyCAaTigJ1Rm8U6m6SnxeqwmB9XD IsApEhIi9qa8XkHvrb5POk3VdmZet/uRYaXxOkH7cdfg7MYsTNG4jP4dIRSrzGJ/ FBsQzWLd2CuXph14ggl0hqqIgZqTOw29Nou6Mhxd4F58KTrU1YUtnNkN -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsu9CmBxogXNDS0KR+E1i Vwmi23OSDEt4t3WfRlcOc8zdo9T5bQOcgRuUzLnQR4icmUlq7tiHH3K2Uwoty5Yc unTpDwCU1Yu38LW/CismEijvCoD84jrnCQd0HvAkQk4sJksOsFns42WSFdNGfZ/7 TauM7Qnxbyl6/sr3oUDMyYMMntOA/aX5jzpKc477oqDvqDvcUQKO/0h8yBlGtoiF SBqOREiVPl5IT/7cYyvuGY4WCUvRVBMaY3ocPkrvmoaqzIrHx9vr63KtPNAP/qLu DCpb40v2yxEEujZVzxrbNu2OmwgxAbECXjFDEHS1W2XHIL98CKGj7zuhJ/bNKJFU SfudW8O3vi9i29G7ySfHZPqdZfU/KCTeASVEbE5KVmk5a1/RgD/cHnlrYGuVGiJ5 BV0Xx/yxVmHmN24zMeY7tuJJs4tzEoHtXQVn75WqXHVPr0HIy11yWq8ZBL8r30HU ROr/UC/MCxQSU3zf0TeQItKxlxRUHDdPP5SAqTjHbnl2dlzHYq9NPKNLEj8c+kvq ZeAWXTBf7o0q6r41mr24rpqTyz2XhLLYo4YK8OK267LoKSut5n/CcUhl5yiG0Y26 BqUohfYfJsd9+KNMKls0gPNIvXnY8bb6OwPwdX+U+LGl2m1BkgSGeN20yqBkN6nm 9N9Eb02bSzGwrEPpd7pS2BsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 326266670064561435752515860542599910212970 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-18 14:26:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-16 14:26:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digi.no' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 729989519828153316928244075154295208347532530042655075511742919985011759160256326686399274152826995383249626413936985918027517154729766345700198685265167342921977737578259351847314347966830081945022830772738194142006450210248212470493081231320486993273868151539625255395804122187361302284536454793814491744487484137800304509914623677732315337018141846287554123552841455479447960141132580866083401269179644791723478711129837677011068128954500801394201155734490618295431378470723596322265077310653384491301735605836802930423584940249018096779700328742745901965523648471106066319900010153419956172487896357284594162220511087772233084672021264944397077074898152716626587033340928308757302501941845335092421500882874000192330149359036389347277563170268479740764994969677008145177148129204134085385747487602724844025892628602632576455695110336421388980582358329713075378831620189220345872663918353564706021642845937397057057653492306012685513828481791241680285773309895147126961353767122336587140576010065246853996004671654208775105622486119972107584056738294976831303167758564858017958707782871780422128317157873278798374665413711844423945043868616461653009580705211653331952178665128288630316567079287979114328247846083533333528233302043 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bfd5108c0ff5c4e7c42592a2daf326bf858fddbb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digi.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.digi.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.digi.no' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e522baae80000040300473045022100912df5896b4c9cba9f90481891c5b2ae09f49425302cef90ddf98fb821208b1d02206bbaf49fdcec3187e49591700d7ecb06787840cac846222830a7fdec5b5297e400760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e522bab2b0000040300473045022011324b920cffc2aa264bdb8cb2ff0ece040578504912c9995ba226293e25c1a7022100df9172f2f71ac7cccb1caddc6bc22015c9ad05f02a1168df9c2be986dab37ab4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00054a49d32c5a9890b69817b79a763cd91ff81654f7583e8461eff0e247c8b6221c7f21b8b198205de0e20dcb44213880a7246ae8c1881934a3a05d5692afe5737ee32c13c01f7063b89db70a1acacfcafa743732de35e504b2e3228f8d697f3db9b3ba41426f7067dd6a7e93e06727ff0db89585e24c31df6ab1f6fb90b5deb78a5e9d6ffe1467133d2afaed68bebcb89e1720806938a0275466f14ea6e929f17aac2607d5c322c029121222f6a6bc5e41efadbe4f3a4dd576665eb7fb9161a5f13a41fb71d7e0ecc62c4cd1b88cfe1d2114abcc627f141b10cd62ddd82b97a61d7882097486aa88819a933b0dbd368bba321c5de05e7c293ad4d5852d9cd90d