a-rosa.de
Issued by R3
About this certificate
This digital certificate with serial number 04:a6:e2:7a:7e:7e:ac:2a:04:e0:fb:14:76:98:71:d1:ab:a5 was issued on by Let's Encrypt.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=a-rosa.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:a6:e2:7a:7e:7e:ac:2a:04:e0:fb:14:76:98:71:d1:ab:a5Serial Number (int): 405237058188800544514183827900355585354661
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 19:a5:df:53:f0:46:19:b5:90:20:b3:d7:6c:89:cf:64:05:0a:bb:68
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 22:ea:6a:a1:6e:0c:2a:fb:a2:7e:dc:9c:6d:b2:be:4b:8f:86:d5:f3
Fingerprint (sha256): e0:e2:22:07:04:63:6a:a7:1e:d5:bb:8e:75:a3:17:40:7c:8f:8c:51:8d:c5:44:a5:74:5e:90:7c:9e:15:89:1e
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate a-rosa.de
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for a-rosa.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
a-rosa.com
a-rosa.de
arosa-cruises.com
arosacruises.com
extranet.arosa-cruises.com
jobs.arosa-cruises.com
karriere.a-rosa.de
www.a-rosa.com
www.a-rosa.de
www.arosa-cruises.com
www.arosacruises.com
a-rosa.de
arosa-cruises.com
arosacruises.com
extranet.arosa-cruises.com
jobs.arosa-cruises.com
karriere.a-rosa.de
www.a-rosa.com
www.a-rosa.de
www.arosa-cruises.com
www.arosacruises.com
Other certificates including the domain name a-rosa.de
(limited to 100 certificates)
www.a-rosa.de
kurs.a-rosa.de
webmail.a-rosa.de
webmail.a-rosa.de
sslvpn.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
mx01.a-rosa.de
mail.a-rosa.de
kurs.a-rosa.de
m.a-rosa.de
afleet.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
booking.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
webmail.a-rosa.de
a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
old.a-rosa.de
mail.a-rosa.de
a-rosa.de
booking.a-rosa.de
mail.a-rosa.de
webmail.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
a-rosa.de
a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
resort.a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
a-rosa.de
a-rosa.de
webmail.a-rosa.de
www.a-rosa.de
m.a-rosa.de
www.kurs.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
a-rosa.de
www.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
blog.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
webmail.a-rosa.de
webmail.a-rosa.de
sslvpn.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
mx01.a-rosa.de
mail.a-rosa.de
kurs.a-rosa.de
m.a-rosa.de
afleet.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
booking.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
webmail.a-rosa.de
a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
old.a-rosa.de
mail.a-rosa.de
a-rosa.de
booking.a-rosa.de
mail.a-rosa.de
webmail.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
a-rosa.de
a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
resort.a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
a-rosa.de
a-rosa.de
webmail.a-rosa.de
www.a-rosa.de
m.a-rosa.de
www.kurs.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
a-rosa.de
www.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
blog.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
Certificate
The complete raw certificate details for a-rosa.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgISBKbien5+rCoE4PsUdphx0aulMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTAwNzA5NDNaFw0yNDA0MDkwNzA5NDJaMBQxEjAQBgNVBAMT CWEtcm9zYS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPWGXoEn ec3cY2fX3GSCbiBWZWZZ9Z1kz2raYW1oPn83VH5/jHImIQLes1eOrHwVtEI8BxSV CaQfNYBQBr4iYFG2p/NR17avXMODzPQeCBmp0bvWbG8BTj3KkdsMbDTftru7FhM5 s2Oqg0QwowafDIh135ea7mgQELbp8bqGNNncpvSs3G4Xc10tIT1YYcVPOck0tGtO RpubQAWf/BKh7XT/i6z2ehSWxwpba1tdalBfXTKgTPOjdXbq/BZgBAS+ASxum4AT A5nxKbxVzG+uzAhm1m7ZbID6EcgUVjkuZ31P5yjYE1m7U+rm5pv1tKViHGZJ/ymB 3LqRKzvoeJ9HDA8CAwEAAaOCAtMwggLPMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU GaXfU/BGGbWQILPXbInPZAUKu2gwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgdsG A1UdEQSB0zCB0IIKYS1yb3NhLmNvbYIJYS1yb3NhLmRlghFhcm9zYS1jcnVpc2Vz LmNvbYIQYXJvc2FjcnVpc2VzLmNvbYIaZXh0cmFuZXQuYXJvc2EtY3J1aXNlcy5j b22CFmpvYnMuYXJvc2EtY3J1aXNlcy5jb22CEmthcnJpZXJlLmEtcm9zYS5kZYIO d3d3LmEtcm9zYS5jb22CDXd3dy5hLXJvc2EuZGWCFXd3dy5hcm9zYS1jcnVpc2Vz LmNvbYIUd3d3LmFyb3NhY3J1aXNlcy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUu otq3iviabfUX2AAAAYzya4vMAAAEAwBHMEUCIGvZu47fAvmz2PnMcNZbw5AppJzA KPhWixnaOEiFdhI4AiEAwEe6Vf5NkZqEKQKC19fBCjz5xkBZKQWk3Gh1uELLK2AA dgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYzya4xCAAAEAwBH MEUCIQDVjQ67mIoQRv1zTn9ik+oEIfDudoZN2JoVIR922owumAIgDoGnTCWAzJ4y gWMJaVjZs2PszZEaImhwKBsmJhZmb/EwDQYJKoZIhvcNAQELBQADggEBAFJsiXLU h0Lhbdd+Zkpxo2tXig/GBt+mXgVZeV4OxwKTfPwFJikp06TTQvBiWmDDvKcG0R0V dgc4v2p4zTVamZzFIQMjQlS/eStrC7lFw3MtH0/Bc9F9N51vsbi6SAg/wksIR2ng mm663x693DsjNHg6I83D43NsrvBF/CmthympeLXYZTUPf+mcqtyTxmGuyvnOT7kb 91ndfiqyo7iEgvmFz7cwEAkyLxXkCZLsRgeQnVvdZaFiyCjrOgtEuADY3inqO+Yd RvR35fgJ7pCJdSOEU6cJOQSs5DLtH6J+z3Og77YtqCPSARVlv5cnZRqrL0E3K8d2 ZNFC5YAzJYgaA7g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YZegSd5zdxjZ9fcZIJu IFZlZln1nWTPatphbWg+fzdUfn+MciYhAt6zV46sfBW0QjwHFJUJpB81gFAGviJg Uban81HXtq9cw4PM9B4IGanRu9ZsbwFOPcqR2wxsNN+2u7sWEzmzY6qDRDCjBp8M iHXfl5ruaBAQtunxuoY02dym9KzcbhdzXS0hPVhhxU85yTS0a05Gm5tABZ/8EqHt dP+LrPZ6FJbHCltrW11qUF9dMqBM86N1dur8FmAEBL4BLG6bgBMDmfEpvFXMb67M CGbWbtlsgPoRyBRWOS5nfU/nKNgTWbtT6ubmm/W0pWIcZkn/KYHcupErO+h4n0cM DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 405237058188800544514183827900355585354661 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 07:09:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 07:09:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'a-rosa.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30994644618151240982216206827320356282029279265750891391628477454732277442218778498250376532616276873346831934529010420585308039334028790965517238015473162439939244876396026792477602622170125641273172442483199296619974797306594475806785821590198142553954121736821760212002134105734864713434721518827902019102227147578585644839549543719499778179514907783301822744279385720374800346751046560617099366440255050432710721777013427167325478327197234290604895540414950709689315728107303448393481253728142557852265421084698990403866514072987830325694205286993877887005887284974483297625072467767376298885304139643411193334799 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 19a5df53f04619b59020b3d76c89cf64050abb68 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (211 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a-rosa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a-rosa.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arosa-cruises.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arosacruises.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.arosa-cruises.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jobs.arosa-cruises.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karriere.a-rosa.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.a-rosa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.a-rosa.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arosa-cruises.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arosacruises.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cf26b8bcc000004030047304502206bd9bb8edf02f9b3d8f9cc70d65bc39029a49cc028f8568b19da384885761238022100c047ba55fe4d919a84290282d7d7c10a3cf9c640592905a4dc6875b842cb2b60007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cf26b8c420000040300473045022100d58d0ebb988a1046fd734e7f6293ea0421f0ee76864dd89a15211f76da8c2e9802200e81a74c2580cc9e328163096958d9b363eccd911a226870281b262616666ff1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00526c8972d48742e16dd77e664a71a36b578a0fc606dfa65e0559795e0ec702937cfc05262929d3a4d342f0625a60c3bca706d11d15760738bf6a78cd355a999cc52103234254bf792b6b0bb945c3732d1f4fc173d17d379d6fb1b8ba48083fc24b084769e09a6ebadf1ebddc3b2334783a23cdc3e3736caef045fc29ad8729a978b5d865350f7fe99caadc93c661aecaf9ce4fb91bf759dd7e2ab2a3b88482f985cfb7301009322f15e40992ec4607909d5bdd65a162c828eb3a0b44b800d8de29ea3be61d46f477e5f809ee908975238453a7093904ace432ed1fa27ecf73a0efb62da823d2011565bf9727651aab2f41372bc77664d142e5803325881a03b8