cafe.loacker.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 08:b2:25:8b:88:32:6b:0e:1e:2e:c1:e8:05:84:7c:8f was issued on by Amazon.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=cafe.loacker.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 08:b2:25:8b:88:32:6b:0e:1e:2e:c1:e8:05:84:7c:8f
Serial Number (int): 11558814311119364075984130141363403919
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: d4:20:63:97:f3:f4:79:e8:5e:79:87:d9:f6:a6:c8:a3:31:2b:3b:4a
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 29:46:8c:19:99:b0:54:2b:53:e9:98:e5:88:e0:23:2e:08:de:8c:b7
Fingerprint (sha256): dd:4c:a8:ec:0d:85:e8:18:39:b0:5d:1d:ae:f4:a2:a4:2c:01:57:0d:6e:62:a4:75:a1:15:a1:9d:44:92:ea:be

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate cafe.loacker.com

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cafe.loacker.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cafe.loacker.com
*.estatepiuchebuona.it
estatepiuchebuona.it
*.cafe.loacker.com
loacker.it
loacker.jp
tempodibonta.it
*.tempodibonta.it
*.loacker.jp
*.loackerfamily.it

Other certificates including the domain name loacker.com

(limited to 100 certificates)
*.loacker.com
*.net.loacker.com
*.loacker.com
servicedesk.cheaperwaste.co.uk
sg2.loacker.com
consumer-hub.loacker.com
*.net.loacker.com
loacker.com
portal.loacker.com
consumer-hub.loacker.com
r.loacker.com
www.loacker.com
www.loacker-family.com
sip.loacker.com
cafe.loacker.com
www.loacker.com
*.loacker.com
shop.loacker.com
estatechebonta.loacker.com
plovcq.loacker.com
*.loacker.com
www.loacker.com
datapoc.loacker.com
consumer-hub.loacker.com
loacker.com
sip.loacker.com
loacker.com
consumer-hub.loacker.com
portal.loacker.com
loacker.com
*.loacker.com
consumer-hub.loacker.com
consumer-hub.loacker.com
*.loacker.com
loacker.com
estatechebonta.loacker.com
sg2.loacker.com
loacker.com
servicemanager.loacker.com
www.loacker-family.com
consumer-hub.loacker.com
test-shop.loacker.com
*.loacker.com
*.loacker.com
consumer-hub.loacker.com
sip.loacker.com
*.net.loacker.com
sip.loacker.com
loacker.com
www.loacker-family.com
loacker.com
consumer-hub.loacker.com
cafe.loacker.com
loacker.com
loacker.com
shop.loacker.com
consumer-hub.loacker.com
*.net.loacker.com
*.net.loacker.com
plovcq.loacker.com
sip.loacker.com
loacker.com
servicedesk.cheaperwaste.co.uk

Certificate

The complete raw certificate details for cafe.loacker.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgIQCLIli4gyaw4eLsHoBYR8jzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDYxNTAwMDAwMFoXDTI0MDcxMzIzNTk1OVowGzEZ
MBcGA1UEAxMQY2FmZS5sb2Fja2VyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKcQP8+5etbjAeRBVKno9PPEB2SIvg08NHKfodUkaagUnTd97NPC
wGNvupbFyOqAHpkHItcJLilojY8a3UqLz7vMiO0KZkayEHUXPHtmhhXHZGD6cRs/
R7bKlVebhuQKvHMwnBaZ/+k7DpbooySXM9EHag3O88/+HTpZ6WcqfaCXj5mgkL/t
0fRbrsj8HyoWm+TYxXVcHk7F74rGnDQFtphoHh7Mr/yMiYlpuFxFSfukBXXh1YHz
cq2ac7VZzELYnF42WALX+IDImawdfN9UT2v2R/I/u+vQpPf1TlPydB/jOr1OulYU
k1kDbK9qTNhKGWvvlFYCFFkQPoMgHRxSx0UCAwEAAaOCA40wggOJMB8GA1UdIwQY
MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBTUIGOX8/R56F55h9n2
psijMSs7SjCBvQYDVR0RBIG1MIGyghBjYWZlLmxvYWNrZXIuY29tghYqLmVzdGF0
ZXBpdWNoZWJ1b25hLml0ghRlc3RhdGVwaXVjaGVidW9uYS5pdIISKi5jYWZlLmxv
YWNrZXIuY29tggpsb2Fja2VyLml0ggpsb2Fja2VyLmpwgg90ZW1wb2RpYm9udGEu
aXSCESoudGVtcG9kaWJvbnRhLml0ggwqLmxvYWNrZXIuanCCEioubG9hY2tlcmZh
bWlseS5pdDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9u
dHJ1c3QuY29tL3IybTAyLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEF
BQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRy
dXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVz
dC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIB
bwSCAWsBaQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiL21
mq8AAAQDAEcwRQIgZ8Z6asc5PDHAM+keKk7WvcOx5wE0Xv5lPV6RM+vmV0QCIQDT
VtcAY2litem0SX7z47th+8zyoc25329PQqVgqhpwsAB2AEiw42vapkc0D+VqAvqd
MOscUgHLVt0sgdm7v6s52IRzAAABiL21mpYAAAQDAEcwRQIgMgPHdjotoo0brV3y
H3S+AT/bfm9uAY+lKzsl/xATZGACIQD32rCFxcfylZ1TQE7a3aAdNZtnxFIKoXov
DrS3xuFFJQB3ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiL21
ml0AAAQDAEgwRgIhAJEISGeXUDT0oCNjOoTq/6s8oMxeKCo+wCEknuQTyNMPAiEA
ywR8I6CjVusowAsaiv4nOEKYvuSqZR1ygdlFXO69Z80wDQYJKoZIhvcNAQELBQAD
ggEBACeKl4t37G+SzcwFoqGGVoRR54CpvXsRzJ+whNMeKjsXvvAlGMMdBsCmlobG
wy+fShpUBPMQuFk0ldkeKn2ZiDh/HIcIol+8uPJTHAeJT49u5VN2TdEDDzjTKVt8
BMDEB9NMkID9qc3Dbsr4kgYjtFJ+FphIYsQNe1KgInv5RzSQDAV8ivEfpEjJRH27
Tqc0eje2nwh3jeyaJeJgZv0MBGb+d7QA28sIpYoT6QRkIYq0uZK9SdxRxzQHlN9B
n9Y9PX3Ps1vDdrSyaAd3rvGvSIPSmtEZp8ODCr8MGxfJwcfTGmloUO6/SsP9BA7+
NHQWrOnqqvnvsna8G3vkrJ2efQc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxA/z7l61uMB5EFUqej0
88QHZIi+DTw0cp+h1SRpqBSdN33s08LAY2+6lsXI6oAemQci1wkuKWiNjxrdSovP
u8yI7QpmRrIQdRc8e2aGFcdkYPpxGz9HtsqVV5uG5Aq8czCcFpn/6TsOluijJJcz
0QdqDc7zz/4dOlnpZyp9oJePmaCQv+3R9FuuyPwfKhab5NjFdVweTsXvisacNAW2
mGgeHsyv/IyJiWm4XEVJ+6QFdeHVgfNyrZpztVnMQticXjZYAtf4gMiZrB1831RP
a/ZH8j+769Ck9/VOU/J0H+M6vU66VhSTWQNsr2pM2EoZa++UVgIUWRA+gyAdHFLH
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11558814311119364075984130141363403919
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cafe.loacker.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21089809739743435637970114873152345184493344834009779386796624742186976423578736492562052576372476925948384690423667187206313256353509299398288777838964696589893216802045928625675184857455603048725346851816433280447037321013404861538942392376088819888992993097821317270422539571562397137127440992040602225194142448429267512727452544508227866318781063338361159308093006893476392696093203004655825582788646390963056618762288526997007556905625369489674449284850336332826896248959880761840614190120918334012326149772755012127053408334236651665057369542118924120141070401275709611209764065256960715459513434467844354131781
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d4206397f3f479e85e7987d9f6a6c8a3312b3b4a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (181 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cafe.loacker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.estatepiuchebuona.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'estatepiuchebuona.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cafe.loacker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'loacker.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'loacker.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tempodibonta.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tempodibonta.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.loacker.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.loackerfamily.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188bdb59aaf0000040300473045022067c67a6ac7393c31c033e91e2a4ed6bdc3b1e701345efe653d5e9133ebe65744022100d356d700636962b5e9b4497ef3e3bb61fbccf2a1cdb9df6f4f42a560aa1a70b000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000188bdb59a96000004030047304502203203c7763a2da28d1bad5df21f74be013fdb7e6f6e018fa52b3b25ff10136460022100f7dab085c5c7f2959d53404edadda01d359b67c4520aa17a2f0eb4b7c6e14525007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188bdb59a5d000004030048304602210091084867975034f4a023633a84eaffab3ca0cc5e282a3ec021249ee413c8d30f022100cb047c23a0a356eb28c00b1a8afe27384298bee4aa651d7281d9455ceebd67cd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00278a978b77ec6f92cdcc05a2a186568451e780a9bd7b11cc9fb084d31e2a3b17bef02518c31d06c0a69686c6c32f9f4a1a5404f310b8593495d91e2a7d9988387f1c8708a25fbcb8f2531c07894f8f6ee553764dd1030f38d3295b7c04c0c407d34c9080fda9cdc36ecaf8920623b4527e16984862c40d7b52a0227bf94734900c057c8af11fa448c9447dbb4ea7347a37b69f08778dec9a25e26066fd0c0466fe77b400dbcb08a58a13e90464218ab4b992bd49dc51c7340794df419fd63d3d7dcfb35bc376b4b2680777aef1af4883d29ad119a7c3830abf0c1b17c9c1c7d31a696850eebf4ac3fd040efe347416ace9eaaaf9efb276bc1b7be4ac9d9e7d07