mpp.hesge.ch
Issued by SwissSign Server Silver CA 2008 - G2
About this certificate
This digital certificate with serial number 85:e8:f8:3c:ad:21:11:82:95:db:be:9a:49:ea:62 was issued on by SwissSign AG.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
Certificate Subject
CN=mpp.hesge.ch,OU=Domain Validated Only
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 85:e8:f8:3c:ad:21:11:82:95:db:be:9a:49:ea:62Serial Number (int): 695300668575883716860922503189097058
Serial Number lenght: 120 bits, 15 octets
SubjectKeyId: 3d:94:cd:29:23:6c:8b:d0:b1:d0:36:41:5b:28:0a:5a:f8:5e:b0:a5
AuthorityKeyId: d3:44:6f:d9:fe:7a:fc:de:ac:1c:7a:a2:21:0d:64:fa:65:b0:d7:82
Fingerprint (sha1): 7a:2a:d4:0c:41:02:8a:f2:df:cf:48:06:39:ac:f3:fc:1d:f8:71:9c
Fingerprint (sha256): e5:52:88:05:4a:a1:76:df:1b:16:04:35:16:42:77:ce:10:47:94:47:a5:85:69:81:d9:94:d8:ca:53:0f:68:e0
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782
Revocation information
OCSP Server: http://silver-server-g2.ocsp.swisssign.net/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782CRL Distribution Point: http://crl.swisssign.net/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782
CRL Distribution Point: ldap://directory.swisssign.net/CN=D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate mpp.hesge.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mpp.hesge.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mpp.hesge.ch
Other certificates including the domain name hesge.ch
(limited to 100 certificates)
heds.prod.hesge.ch
goldorak.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
mail.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
goldorak.hesge.ch
hepiacloud.hesge.ch
m.hesge.ch
idp.hesge.ch
hepiacloud.hesge.ch
idp.hesge.ch
mail.ge.ch
*.hesge.ch
hepiacloud.hesge.ch
vdi.hesge.ch
hepiacloud.hesge.ch
hepiacloud.hesge.ch
candy.hesge.ch
idp.hesge.ch
goldorak.hesge.ch
m.hesge.ch
hepiacloud.hesge.ch
vpn.hesge.ch
*.hesge.ch
mail.ge.ch
m.hesge.ch
idp.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
*.hesge.ch
m.hesge.ch
*.hesge.ch
vdi.hesge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
mpp.hesge.ch
m.hesge.ch
goldorak.hesge.ch
head-mdm.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
goldorak.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
mail.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
goldorak.hesge.ch
hepiacloud.hesge.ch
m.hesge.ch
idp.hesge.ch
hepiacloud.hesge.ch
idp.hesge.ch
mail.ge.ch
*.hesge.ch
hepiacloud.hesge.ch
vdi.hesge.ch
hepiacloud.hesge.ch
hepiacloud.hesge.ch
candy.hesge.ch
idp.hesge.ch
goldorak.hesge.ch
m.hesge.ch
hepiacloud.hesge.ch
vpn.hesge.ch
*.hesge.ch
mail.ge.ch
m.hesge.ch
idp.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
*.hesge.ch
m.hesge.ch
*.hesge.ch
vdi.hesge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
mpp.hesge.ch
m.hesge.ch
goldorak.hesge.ch
head-mdm.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
Certificate
The complete raw certificate details for mpp.hesge.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF5DCCBMygAwIBAgIQAIXo+DytIRGCldu+mknqYjANBgkqhkiG9w0BAQUFADBT MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMS0wKwYDVQQDEyRT d2lzc1NpZ24gU2VydmVyIFNpbHZlciBDQSAyMDA4IC0gRzIwHhcNMTEwODA4MTUy MTIwWhcNMTYwODA4MTUyMTIwWjA3MR4wHAYDVQQLExVEb21haW4gVmFsaWRhdGVk IE9ubHkxFTATBgNVBAMTDG1wcC5oZXNnZS5jaDCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAN6Ao7T6f6zdkdmCIZprln25neXL6oNnD3TW5BtRhhYlwfqz 8pQYOG1mazf4sVGr6buALmqFgLqWjV5Vv6E95e/crr67CjnN022yELUFfC5SfkoJ EIIfQRhX7UULoXE0r5czkRX3Ky9smmmijL2Hkl2VEqJb45iTH5bsW93yvjYnXJf5 QVS1vFpjPxuuhswIfS+50TTKRnx/8AIEr6H2sZkVfaYDm88Z3Ev45PYzje3VkXAt R3cS/MVU1GnAsarkuZQux28jitktDRCg9R1yxj1wmE2xkHl15hS/MeDg6HcquCaG Ut1ckb1pvi6K9UE48K3ENNJkZS886WXAtwVaMTkCAwEAAaOCAs4wggLKMBcGA1Ud EQQQMA6CDG1wcC5oZXNnZS5jaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ9lM0pI2yL0LHQNkFbKApa+F6w pTAfBgNVHSMEGDAWgBTTRG/Z/nr83qwceqIhDWT6ZbDXgjCB/wYDVR0fBIH3MIH0 MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvRDM0NDZGRDlGRTdBRkNE RUFDMUM3QUEyMjEwRDY0RkE2NUIwRDc4MjCBqKCBpaCBooaBn2xkYXA6Ly9kaXJl Y3Rvcnkuc3dpc3NzaWduLm5ldC9DTj1EMzQ0NkZEOUZFN0FGQ0RFQUMxQzdBQTIy MTBENjRGQTY1QjBENzgyJTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRl UmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Q b2ludDBkBgNVHSAEXTBbMFkGCWCFdAFZAQMBBDBMMEoGCCsGAQUFBwIBFj5odHRw Oi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbi1TaWx2ZXItQ1At Q1BTLVI0LnBkZjCB1wYIKwYBBQUHAQEEgcowgccwZAYIKwYBBQUHMAKGWGh0dHA6 Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4vYXV0aG9yaXR5L2Rvd25sb2FkL0QzNDQ2 RkQ5RkU3QUZDREVBQzFDN0FBMjIxMEQ2NEZBNjVCMEQ3ODIwXwYIKwYBBQUHMAGG U2h0dHA6Ly9zaWx2ZXItc2VydmVyLWcyLm9jc3Auc3dpc3NzaWduLm5ldC9EMzQ0 NkZEOUZFN0FGQ0RFQUMxQzdBQTIyMTBENjRGQTY1QjBENzgyMA0GCSqGSIb3DQEB BQUAA4IBAQAFL/wplWC7SC4qWqZX+NcJv5MvgO4WTWTAsf2x5qEOoRM2gGCxG1Qv t1h1vTNvpqL+KzZ/Jnh+k15WIv8BT/z3LJu7OQSh6oXTgoi2ppvj6/LvdXroJusS mZEyTDL8+lcXfGek4Fk0zFyx08tTvu9A1KUV9hDfH2+x0Dpp0c+cQHa7P8WvimKT CtvmiEKPeeTBym/7+bf5yGFaN1qlgISZ4e6N/VAnopFqYxi0ziTVF1lrd6LS5ZAF 7PvEAoS7T58wgiEI0lfPZJRv0qwtaBhQ0atQyoM96VuHJAEejfh/f1hYwbSkq64q Hlr4c9j36X1lvtDO5N6KAencWhpcWjCR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oCjtPp/rN2R2YIhmmuW fbmd5cvqg2cPdNbkG1GGFiXB+rPylBg4bWZrN/ixUavpu4AuaoWAupaNXlW/oT3l 79yuvrsKOc3TbbIQtQV8LlJ+SgkQgh9BGFftRQuhcTSvlzORFfcrL2yaaaKMvYeS XZUSolvjmJMfluxb3fK+Nidcl/lBVLW8WmM/G66GzAh9L7nRNMpGfH/wAgSvofax mRV9pgObzxncS/jk9jON7dWRcC1HdxL8xVTUacCxquS5lC7HbyOK2S0NEKD1HXLG PXCYTbGQeXXmFL8x4ODodyq4JoZS3VyRvWm+Lor1QTjwrcQ00mRlLzzpZcC3BVox OQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 695300668575883716860922503189097058 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Silver CA 2008 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-08-08 15:21:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-08 15:21:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated Only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mpp.hesge.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28088338194418551906855347526835940911948097692262565759921733515999693859867806338838624113136995135538086347752391884593741608221888894616937580535172309751700445348264862500711739891947720610904840219458522502830861470251692301021805322620180873548062851131619743268075050279487794568832480448633429388752380563436044633870627638913851052551286610858534860902655265821580059437256551962813485553958841385307512630646476797523966700762420972489654336193961335173606019426948785432549622381560407159577643457410185555030618618459752291678783632453524175050018232353645481679572818489761300694497114445624832968765753 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mpp.hesge.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3d94cd29236c8bd0b1d036415b280a5af85eb0a5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d3446fd9fe7afcdeac1c7aa2210d64fa65b0d782 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.3.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Silver-CP-CPS-R4.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (202 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://silver-server-g2.ocsp.swisssign.net/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00052ffc299560bb482e2a5aa657f8d709bf932f80ee164d64c0b1fdb1e6a10ea113368060b11b542fb75875bd336fa6a2fe2b367f26787e935e5622ff014ffcf72c9bbb3904a1ea85d38288b6a69be3ebf2ef757ae826eb129991324c32fcfa57177c67a4e05934cc5cb1d3cb53beef40d4a515f610df1f6fb1d03a69d1cf9c4076bb3fc5af8a62930adbe688428f79e4c1ca6ffbf9b7f9c8615a375aa5808499e1ee8dfd5027a2916a6318b4ce24d517596b77a2d2e59005ecfbc40284bb4f9f30822108d257cf64946fd2ac2d681850d1ab50ca833de95b8724011e8df87f7f5858c1b4a4abae2a1e5af873d8f7e97d65bed0cee4de8a01e9dc5a1a5c5a3091