umidigitalfaith.org
Issued by R3
About this certificate
This digital certificate with serial number 03:b6:42:b2:4e:5d:bc:e7:6d:94:ee:81:c8:65:a2:88:90:7b was issued on by Let's Encrypt.
With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=umidigitalfaith.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b6:42:b2:4e:5d:bc:e7:6d:94:ee:81:c8:65:a2:88:90:7bSerial Number (int): 323356903440908795096988278064541917024379
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: da:33:6a:8a:be:57:28:72:96:e6:f1:8c:b1:d9:2f:ad:3f:a8:8e:d5
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 2b:f1:9c:6a:e1:cb:aa:5b:74:bc:f4:25:c2:1b:72:99:12:64:2c:d0
Fingerprint (sha256): d9:67:9a:06:29:4c:c6:cb:e5:65:0a:8f:a2:6d:74:85:81:67:1e:84:2c:44:fa:79:78:b8:e6:e4:b0:b6:ec:cb
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate umidigitalfaith.org
15
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for umidigitalfaith.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
advantagebasketballacademy.com
calendar.blenkush.com
convoy.vc.music-blog.com
dentistlucknow.in.archaeologies.com
greenlabelorganics.com
ihtpodcast.com.nusit.com
nowontv.net.wedriveit.com
ottawacountyrepublicans.net
rentals.ambrosehill.com
sacondo.net
sandlot7on7.com
silverbowcounty.com
thesweetkillingfields.com
umidigitalfaith.org
usa-precision-firearms.net
calendar.blenkush.com
convoy.vc.music-blog.com
dentistlucknow.in.archaeologies.com
greenlabelorganics.com
ihtpodcast.com.nusit.com
nowontv.net.wedriveit.com
ottawacountyrepublicans.net
rentals.ambrosehill.com
sacondo.net
sandlot7on7.com
silverbowcounty.com
thesweetkillingfields.com
umidigitalfaith.org
usa-precision-firearms.net
Other certificates including the domain name umidigitalfaith.org
(limited to 100 certificates)
merchant.ac
trailerupholstery.ca
exoniaconsulting.ca
kiesza.ca
merchant.ac
mumbai.world
umidigitalfaith.org
kiesza.ca
domain.limited
leaselock.ca
mumbai.world
trailerupholstery.ca
umidigitalfaith.org
backorder.world
mumbai.world
trailerupholstery.ca
nix.vc
vacations.vc
umidigitalfaith.org
trailerupholstery.ca
westgarden.life
umidigitalfaith.org
mumbai.world
exoniaconsulting.ca
mumbai.world
stemsterlingranch.org
exoniaconsulting.ca
wildanimals.co.za
umidigitalfaith.org
musicbingo.ca
healthmanagement.ae
umidigitalfaith.org
hitv.ca
pointq.net.umidigitalfaith.org
photo-studio.co.za
kudzoo.media
trailerupholstery.ca
exoniaconsulting.ca
kiesza.ca
umidigitalfaith.org
umidigitalfaith.org
trailerupholstery.ca
trailerupholstery.ca
umidigitalfaith.org
trailerupholstery.ca
trailerupholstery.ca
umidigitalfaith.org
trailerupholstery.ca
trailerupholstery.ca
exoniaconsulting.ca
kiesza.ca
merchant.ac
mumbai.world
umidigitalfaith.org
kiesza.ca
domain.limited
leaselock.ca
mumbai.world
trailerupholstery.ca
umidigitalfaith.org
backorder.world
mumbai.world
trailerupholstery.ca
nix.vc
vacations.vc
umidigitalfaith.org
trailerupholstery.ca
westgarden.life
umidigitalfaith.org
mumbai.world
exoniaconsulting.ca
mumbai.world
stemsterlingranch.org
exoniaconsulting.ca
wildanimals.co.za
umidigitalfaith.org
musicbingo.ca
healthmanagement.ae
umidigitalfaith.org
hitv.ca
pointq.net.umidigitalfaith.org
photo-studio.co.za
kudzoo.media
trailerupholstery.ca
exoniaconsulting.ca
kiesza.ca
umidigitalfaith.org
umidigitalfaith.org
trailerupholstery.ca
trailerupholstery.ca
umidigitalfaith.org
trailerupholstery.ca
trailerupholstery.ca
umidigitalfaith.org
trailerupholstery.ca
Certificate
The complete raw certificate details for umidigitalfaith.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXTCCBUWgAwIBAgISA7ZCsk5dvOdtlO6ByGWiiJB7MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjgyMjUwNTlaFw0yNDAzMjcyMjUwNThaMB4xHDAaBgNVBAMT E3VtaWRpZ2l0YWxmYWl0aC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCvMG+SKrH2fhBJXinZaMrYmU0tO9LL5kjb/muy44UfdTagMe7INvREwLFJ dFUJ3GUI9jyD02ad++1vVcL8mDNNkn5LUebASn7HCOM2x98fXDASbZzyipTjkkoX q1iFzqZhHDKk1N7YZO1pjQ2LqQQEINnE2NBmQc6fTMJA7LP4GClgH5D0oGQLkn5c CyGknrbnIkbxJBf+CcTw2zzefxfZyL4z8NHynZmm+hVnB3Qh8xZ5SjXnpkIWpiKF KnBkqgtucJotIiz+WHLkXmxiGLg9VKI3eumg0mbOVAhYwaIQ6yPhcZvhYDRG5Uld 0sV0PMwq7oV5Ig225Cn/AteAvKtTAgMBAAGjggN/MIIDezAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFNozaoq+VyhylubxjLHZL60/qI7VMB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMIIBhQYDVR0RBIIBfDCCAXiCHmFkdmFudGFnZWJhc2tldGJhbGxhY2Fk ZW15LmNvbYIVY2FsZW5kYXIuYmxlbmt1c2guY29tghhjb252b3kudmMubXVzaWMt YmxvZy5jb22CI2RlbnRpc3RsdWNrbm93LmluLmFyY2hhZW9sb2dpZXMuY29tghZn cmVlbmxhYmVsb3JnYW5pY3MuY29tghhpaHRwb2RjYXN0LmNvbS5udXNpdC5jb22C GW5vd29udHYubmV0LndlZHJpdmVpdC5jb22CG290dGF3YWNvdW50eXJlcHVibGlj YW5zLm5ldIIXcmVudGFscy5hbWJyb3NlaGlsbC5jb22CC3NhY29uZG8ubmV0gg9z YW5kbG90N29uNy5jb22CE3NpbHZlcmJvd2NvdW50eS5jb22CGXRoZXN3ZWV0a2ls bGluZ2ZpZWxkcy5jb22CE3VtaWRpZ2l0YWxmYWl0aC5vcmeCGnVzYS1wcmVjaXNp b24tZmlyZWFybXMubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHW eQIEAgSB9gSB8wDxAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMA AAGMstahTwAABAMASDBGAiEAkAfDk41+ChaI+xjagMGvyYdyPosOPuIInv9aHrp6 xSoCIQDAFUnrKLKDTKnh2taDx/kjuywChG7IVIjz7wMx7OUe5AB2AKLiv9Ye3i8v B6DWTm03p9xlQ7DGtS6i2reK+Jpt9RfYAAABjLLWoWAAAAQDAEcwRQIgZM+2vbr8 rIoCAUMePCjTQs5ds7H7Ivse6AvtZzLZXXECIQDjfvVS6XOppHXrofP0leyQxxz3 M0Y5TIqJAFFhO7WDDzANBgkqhkiG9w0BAQsFAAOCAQEAOvwEtnJ7anl3kn6JUDIY vy7Cv9RUc7UhqNuhDIVEu87Oi76SMVntdY17kfJO4cHLzMQX6e6Py054PpqxY3b0 EYauqYUW3LWPb0iKAFZeypE0MmqBuYsAqFp3PT+kKJvVCQFuLJKZHRoL2ktEnxf7 cg/W+eqFGE2AzV8S2PDKqXO/MfnAFf65CMv0AsrD8coWerlrx2XEXlhbbdgi6n2X es+XFqPYBJxvCBoW7muBTm2hO2zjm4FpDYd/WzeQf5VaKjpJiPcotxwKzFOUU90H 31ZDatRTyS7+n7y1irabj1dY3OHb1f4DuwpXiBK/R83MbPjHig44g4O3IsmOuyuz Mw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzBvkiqx9n4QSV4p2WjK 2JlNLTvSy+ZI2/5rsuOFH3U2oDHuyDb0RMCxSXRVCdxlCPY8g9Nmnfvtb1XC/Jgz TZJ+S1HmwEp+xwjjNsffH1wwEm2c8oqU45JKF6tYhc6mYRwypNTe2GTtaY0Ni6kE BCDZxNjQZkHOn0zCQOyz+BgpYB+Q9KBkC5J+XAshpJ625yJG8SQX/gnE8Ns83n8X 2ci+M/DR8p2ZpvoVZwd0IfMWeUo156ZCFqYihSpwZKoLbnCaLSIs/lhy5F5sYhi4 PVSiN3rpoNJmzlQIWMGiEOsj4XGb4WA0RuVJXdLFdDzMKu6FeSINtuQp/wLXgLyr UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 323356903440908795096988278064541917024379 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-28 22:50:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 22:50:58 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'umidigitalfaith.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22115587964104185253211336692404316333118075418703755911708509974801535489424311554709049273109658837193546672928050415296370604498275568419580373038305939826728165095715752837246317606075172040486914509977958436456678548376382852069790184312231556626743089714282331268558430329522845256004948699839964512697258182561099690987528254028975296602935536380974387064473358755064645753532348278038285423064530265993341668937598242012294821455550939144475589807426299584611747375779586230145436489514846498719705611371433996344007056530337117995770213530276567904902567970181100583883477205665452368188365256566017686809427 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) da336a8abe57287296e6f18cb1d92fad3fa88ed5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (380 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advantagebasketballacademy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'calendar.blenkush.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'convoy.vc.music-blog.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dentistlucknow.in.archaeologies.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greenlabelorganics.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ihtpodcast.com.nusit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nowontv.net.wedriveit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ottawacountyrepublicans.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rentals.ambrosehill.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sacondo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sandlot7on7.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'silverbowcounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thesweetkillingfields.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'umidigitalfaith.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usa-precision-firearms.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cb2d6a14f00000403004830460221009007c3938d7e0a1688fb18da80c1afc987723e8b0e3ee2089eff5a1eba7ac52a022100c01549eb28b2834ca9e1dad683c7f923bb2c02846ec85488f3ef0331ece51ee4007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cb2d6a1600000040300473045022064cfb6bdbafcac8a0201431e3c28d342ce5db3b1fb22fb1ee80bed6732d95d71022100e37ef552e973a9a475eba1f3f495ec90c71cf73346394c8a890051613bb5830f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003afc04b6727b6a7977927e89503218bf2ec2bfd45473b521a8dba10c8544bbcece8bbe923159ed758d7b91f24ee1c1cbccc417e9ee8fcb4e783e9ab16376f41186aea98516dcb58f6f488a00565eca9134326a81b98b00a85a773d3fa4289bd509016e2c92991d1a0bda4b449f17fb720fd6f9ea85184d80cd5f12d8f0caa973bf31f9c015feb908cbf402cac3f1ca167ab96bc765c45e585b6dd822ea7d977acf9716a3d8049c6f081a16ee6b814e6da13b6ce39b81690d877f5b37907f955a2a3a4988f728b71c0acc539453dd07df56436ad453c92efe9fbcb58ab69b8f5758dce1dbd5fe03bb0a578812bf47cdcc6cf8c78a0e388383b722c98ebb2bb333