*.rfklive.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 04:0d:8e:a4:5e:a4:29:09:b5:92:a8:86:74:4f:5c:11 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.rfklive.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:0d:8e:a4:5e:a4:29:09:b5:92:a8:86:74:4f:5c:11Serial Number (int): 5387304967173035681091125670807821329
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: c3:a0:30:98:80:8b:02:93:49:9a:f6:2c:a9:a5:4f:13:7a:66:ca:92
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): cb:9a:07:86:f2:bc:7b:e9:11:1b:e7:fc:0d:a5:03:bc:bc:18:c0:9c
Fingerprint (sha256): dc:f5:69:4a:6d:a2:fc:d7:b3:a6:2e:5e:f7:d9:b0:f8:fe:23:06:ad:8d:17:a6:80:9d:53:6b:4d:67:ca:e5:8a
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate *.rfklive.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rfklive.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rfklive.com
rfk.flexshopper.com
*.rfk.flexshopper.com
rfk.flexshopper.com
*.rfk.flexshopper.com
Other certificates including the domain name rfklive.com
(limited to 100 certificates)
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.uat.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.rfklive.com
*.uat.rfklive.com
*.rfklive.com
Certificate
The complete raw certificate details for *.rfklive.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8jCCBNqgAwIBAgIQBA2OpF6kKQm1kqiGdE9cETANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDcyOTAwMDAwMFoXDTI0MDgyNTIzNTk1OVowGDEW MBQGA1UEAwwNKi5yZmtsaXZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAK+e0C3EpdZNaCCMsDOKxTLjq8jXoar27T3/zjFdkTVGJHHgMvI1siwU O/XMlX2hlii5X2HFxj2ZTHC4HW/D3GZN9+QWMyof6fYX6WrDsYBUSTg9ocpv22c1 uAPhZfyUy9jWj0ygO0G1dpnUjgk5CfQtMQ1ZhvPCIBPyS+EP2pPNWK9V8bjkOySw eGZoxrSoNzi+FJEDfQ14OsU1DPlOutofTa4TJudqER7vg2/d+xyFJMFQn2TgGDkH oHhUVWIJndcrs43KupIoPOc1aZy8lXxPODA52P+tIFhBgQAYzT5hF5McW7bDt3R+ XlmAux+x3nnEsmSywlYA3aMt3IdBZ10CAwEAAaOCAxIwggMOMB8GA1UdIwQYMBaA FIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBTDoDCYgIsCk0ma9iyppU8T embKkjBEBgNVHREEPTA7gg0qLnJma2xpdmUuY29tghNyZmsuZmxleHNob3BwZXIu Y29tghUqLnJmay5mbGV4c2hvcHBlci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRw Oi8vY3JsLnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jcmwwEwYDVR0gBAww CjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v b2NzcC5yMm0wMS5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j cnQucjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNlcjAMBgNVHRMBAf8EAjAA MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDuzdBk1dsazsVct520zROiModG fLzs3sNRSFlGcR+1mwAAAYmftKIyAAAEAwBHMEUCIQCkBGBjhG3jXSFX/OA6PP1e nS3LTDGg9wmkit2e2ovgSQIgNa6f1FRzS8Wr86tdFu/8VTT4L7wndouR6Fz1k1Rn dyQAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYmftKJsAAAE AwBHMEUCIC0IsLCvuik+R8F4EjesXTFrxACw+aJQdd8FBsh/1H6KAiEArW5Hf9UV EC6wBcq+So/NWhpQoys30MFeJbsZ+rP2cMQAdgDatr9rP7W2Ip+bwrtca+hwkXFs u1GEhTS9pD0wSNf7qwAAAYmftKIHAAAEAwBHMEUCIHBGYHl2+eRVykdkCUy5etHp lsQsVWOS8N4ozl8+4uwwAiEA6FVd3AKD3FtRoIBJb/TbD5069kHzvljsddXzwRIy IdowDQYJKoZIhvcNAQELBQADggEBAFHEMyRP1eXSr4XB0YCSvQVtcvsch/ruzkWB cktWUFwb8Nsq//bd109zv4Jd8T5+xuQFRPSKhEk11QvOR8nmZ2u6thDEsrwi+0kh jlnFk+7bjobbfj0JSgyFB9TQxUyrOZ+i5++B21KaxTxvwOYALFYx+L+R6PHacc+Q h8tlZY8Pg7/ORqHOyyd+nRhfEnr4ivXQv6rBthSbrbkxMmsdZE+aFpn9X8eucBnR LrPltVtY0p/7WBDAqEkBdjX/LguoYEFkFOJMdgwO/kfLKqMVJ4QjwWugo/xvj4K7 y8ISbiuIEDvBkFMajWHCLDUIGse3I2nP9XLmHvYgtWefmYM6rPk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr57QLcSl1k1oIIywM4rF MuOryNehqvbtPf/OMV2RNUYkceAy8jWyLBQ79cyVfaGWKLlfYcXGPZlMcLgdb8Pc Zk335BYzKh/p9hfpasOxgFRJOD2hym/bZzW4A+Fl/JTL2NaPTKA7QbV2mdSOCTkJ 9C0xDVmG88IgE/JL4Q/ak81Yr1XxuOQ7JLB4ZmjGtKg3OL4UkQN9DXg6xTUM+U66 2h9NrhMm52oRHu+Db937HIUkwVCfZOAYOQegeFRVYgmd1yuzjcq6kig85zVpnLyV fE84MDnY/60gWEGBABjNPmEXkxxbtsO3dH5eWYC7H7HeecSyZLLCVgDdoy3ch0Fn XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5387304967173035681091125670807821329 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rfklive.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22170017075966672256891016882817940231150828912573636089389458502237804149803066396533532296070207053614726488653373344563192093396093885561007619564269632986643545659927052700807492799343845992822785703755873708904658196519842500070218386780427382401954083746340382169993183018719145937921825657906272975902773650879618260091709246763761771117029844741888508597487560048469360523438704198800875002101880860397078734661361168482177266312851241907336727837609953260827691609552404438500360070505190454544187442015715994816522718445008129922925799762817792761814276347080077850184330172728668298702450461120260347094877 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c3a03098808b0293499af62ca9a54f137a66ca92 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rfklive.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rfk.flexshopper.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rfk.flexshopper.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001899fb4a2320000040300473045022100a4046063846de35d2157fce03a3cfd5e9d2dcb4c31a0f709a48add9eda8be049022035ae9fd454734bc5abf3ab5d16effc5534f82fbc27768b91e85cf5935467772400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001899fb4a26c000004030047304502202d08b0b0afba293e47c1781237ac5d316bc400b0f9a25075df0506c87fd47e8a022100ad6e477fd515102eb005cabe4a8fcd5a1a50a32b37d0c15e25bb19fab3f670c4007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001899fb4a207000004030047304502207046607976f9e455ca4764094cb97ad1e996c42c556392f0de28ce5f3ee2ec30022100e8555ddc0283dc5b51a080496ff4db0f9d3af641f3be58ec75d5f3c1123221da . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0051c433244fd5e5d2af85c1d18092bd056d72fb1c87faeece4581724b56505c1bf0db2afff6ddd74f73bf825df13e7ec6e40544f48a844935d50bce47c9e6676bbab610c4b2bc22fb49218e59c593eedb8e86db7e3d094a0c8507d4d0c54cab399fa2e7ef81db529ac53c6fc0e6002c5631f8bf91e8f1da71cf9087cb65658f0f83bfce46a1cecb277e9d185f127af88af5d0bfaac1b6149badb931326b1d644f9a1699fd5fc7ae7019d12eb3e5b55b58d29ffb5810c0a849017635ff2e0ba860416414e24c760c0efe47cb2aa315278423c16ba0a3fc6f8f82bbcbc2126e2b88103bc190531a8d61c22c35081ac7b72369cff572e61ef620b5679f99833aacf9