Serviço de Validação on-line do Cartão de Cidadão 000141 - EC do Cartão de Cidadão

- Cartão de Cidadão -

Issued by Cartão de Cidadão 003

About this certificate

This digital certificate with serial number 41:35:98:1b:dc:55:12:8e:64:49:e6:ee:f0:dc:a3:09 was issued on by SCEE - Sistema de Certificação Electrónica do Estado.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • The commonName field of the subject MUST be less than 65 characters (RFC 5280: A.1)
  • Certificate had 0 embedded SCTs. Browser policy may require 4 for this certificate. Check if certificate has enough embedded SCTs to meet Apple CT Policy (https://support.apple.com/en-us/HT205280)

Cartão de Cidadão

Organization: Cartão de Cidadão
Organization unit: Serviços do Cartão de Cidadão
Organization unit: Validação on-line
Country: PT

SCEE - Sistema de Certificação Electrónica do Estado

Organization: SCEE - Sistema de Certificação Electrónica do Estado
Organization unit: ECEstado
Country: PT

This certificate will expire on

Certificate Details

Serial Number (hex): 41:35:98:1b:dc:55:12:8e:64:49:e6:ee:f0:dc:a3:09
Serial Number (int): 86678096593131569026725199942235497225
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: bb:1f:fe:8e:5f:f2:f4:59:41:61:fd:e2:91:f0:6f:a3:04:68:87:aa
AuthorityKeyId: 3c:df:ca:b3:5a:3c:39:1e:8c:e6:e2:39:82:70:0a:89:ac:fd:2e:f6

Fingerprint (sha1): 09:bb:4a:e9:2f:c9:c4:ee:7f:d7:2e:a9:6e:13:9b:b1:41:5e:20:5d
Fingerprint (sha256): e5:d5:f7:8b:a3:56:78:65:da:5f:b6:83:78:75:1d:f8:3b:3a:42:e6:ab:44:21:f3:05:87:3e:5b:8b:76:6a:9a


Revocation information

OCSP Server: http://ocsp.root.cartaodecidadao.pt/publico/ocsp
CRL Distribution Point: http://pki.cartaodecidadao.pt/publico/lrc/cc_ec_cidadao_crl003_crl.crl

Check the revocation status for certificate Serviço de Validação on-line do Cartão de Cidadão 000141 - EC do Cartão de Cidadão

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for Serviço de Validação on-line do Cartão de Cidadão 000141 - EC do Cartão de Cidadão

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment

Extended Key Usages

OCSP Signing

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for Serviço de Validação on-line do Cartão de Cidadão 000141 - EC do Cartão de Cidadão in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG1TCCBL2gAwIBAgIQQTWYG9xVEo5kSebu8NyjCTANBgkqhkiG9w0BAQsFADCB
hDELMAkGA1UEBhMCUFQxQDA+BgNVBAoMN1NDRUUgLSBTaXN0ZW1hIGRlIENlcnRp
ZmljYcOnw6NvIEVsZWN0csOzbmljYSBkbyBFc3RhZG8xETAPBgNVBAsMCEVDRXN0
YWRvMSAwHgYDVQQDDBdDYXJ0w6NvIGRlIENpZGFkw6NvIDAwMzAeFw0yMjA5Mjgx
MDEzMDNaFw0yNTA4MTAxODE1MTNaMIHYMQswCQYDVQQGEwJQVDEcMBoGA1UECgwT
Q2FydMOjbyBkZSBDaWRhZMOjbzEpMCcGA1UECwwgU2VydmnDp29zIGRvIENhcnTD
o28gZGUgQ2lkYWTDo28xHDAaBgNVBAsME1ZhbGlkYcOnw6NvIG9uLWxpbmUxYjBg
BgNVBAMMWVNlcnZpw6dvIGRlIFZhbGlkYcOnw6NvIG9uLWxpbmUgZG8gQ2FydMOj
byBkZSBDaWRhZMOjbyAwMDAxNDEgLSBFQyBkbyBDYXJ0w6NvIGRlIENpZGFkw6Nv
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5vPNWbDppOUwh/zaQHU
55/ZLzi/ThjqLYu6KvIIxdYyKgwErYF4siKk23PmzzHw9ydLiilhtpyhCWyp7Tmc
1QjmQ5x+TOoXCe/ZvtmN1aX8Kym/KJ9EdanFPyF+Y7OM2FWHcUOcVrKKFParTb0t
Ft67asDqzwUWKobgN4+At3WydvTNZ4iC8sltjQyJKMVptD0qswupdmbQtvVH+2kC
qChRhCJ2ykx6rpsFZmYDzHEeafPBThwkgIxAkXpWsW6R2vtiRkgRCY+9fodantyM
2jaDM2PoeBm9UJXtpEmAvQSuC9B0dxFqZoA9G/yT9L6n3F/619i7yCL4IY/ZvuZV
0QIDAQABo4IB6zCCAecwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQ838qzWjw5
Hozm4jmCcAqJrP0u9jBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6
Ly9vY3NwLnJvb3QuY2FydGFvZGVjaWRhZGFvLnB0L3B1YmxpY28vb2NzcDCBuQYD
VR0gBIGxMIGuMFUGCmCEbAEBAQIEAAcwRzBFBggrBgEFBQcCARY5aHR0cHM6Ly9w
a2kuY2FydGFvZGVjaWRhZGFvLnB0L3B1YmxpY28vcG9saXRpY2FzL2Nwcy5odG1s
MFUGC2CEbAEBAQIEAAEGMEYwRAYIKwYBBQUHAgEWOGh0dHBzOi8vcGtpLmNhcnRh
b2RlY2lkYWRhby5wdC9wdWJsaWNvL3BvbGl0aWNhcy9jcC5odG1sMA8GCSsGAQUF
BzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwVwYDVR0fBFAwTjBMoEqgSIZG
aHR0cDovL3BraS5jYXJ0YW9kZWNpZGFkYW8ucHQvcHVibGljby9scmMvY2NfZWNf
Y2lkYWRhb19jcmwwMDNfY3JsLmNybDAdBgNVHQ4EFgQUux/+jl/y9FlBYf3ikfBv
owRoh6owDgYDVR0PAQH/BAQDAgbAMA0GCSqGSIb3DQEBCwUAA4ICAQBvMBdfRF7M
bURYnDy8nNNTZuzkN6xgI9/fZXj7MyOdkTfZVvD/RnDeebi2WJH2rIGdAGDr8e8t
4DMfLBzxNSpHuRBwe5e7iA+laEELELOnfWajauj3Xr7Ba02yoo6GCljqcEEFqz0T
b6dA6RTRGGzmgiiXCsE+dP6wizSjHPanklVWtR2rrW/WzQB+DuHmqEDwXZQg4j9U
pV+ax0nJO/REyeJNx1mxbrxIA28bS+Tp7glCmPGqJCFg5Q9I39laZA6FAbPhJhXP
6w1Dhq7DmfIBbbVkUi/APR6yP7h2HhHxX/Yi0qQrkgPdY1ZX4Q5cNQCZYKvGRNmP
msIcCE0pgv8fgF1VITDKi1dcf3WC08wUa16xXIw2emqV2QNrVwaFG442Oh8xxvgO
JbNywdAB23bKag9plzNbLE4uptNUdx5/+iwxMC9mExUf4pBwob0ydHSEdK/hDa0E
s6OLHX4u6odi+71u7AJzZirAbdKDMV6/OOjtoPbd8SbaFU5HXaf6IfuOUQOeX0tl
tuyjo9RXQMTcxlY3RKt9/0vpyNT6Vcoqh3whMGm329qWitqtn2YZpPFlYJimqZGU
BoC8pbKDpURLtSvbhI8hCXFmbsOjCzltzkU9sh5Dljgoy0ZtaP8am4Ixoq+juns/
uuTHrGYcC1mFcH+h2HA/AryLZfU6weyReQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5vPNWbDppOUwh/zaQHU
55/ZLzi/ThjqLYu6KvIIxdYyKgwErYF4siKk23PmzzHw9ydLiilhtpyhCWyp7Tmc
1QjmQ5x+TOoXCe/ZvtmN1aX8Kym/KJ9EdanFPyF+Y7OM2FWHcUOcVrKKFParTb0t
Ft67asDqzwUWKobgN4+At3WydvTNZ4iC8sltjQyJKMVptD0qswupdmbQtvVH+2kC
qChRhCJ2ykx6rpsFZmYDzHEeafPBThwkgIxAkXpWsW6R2vtiRkgRCY+9fodantyM
2jaDM2PoeBm9UJXtpEmAvQSuC9B0dxFqZoA9G/yT9L6n3F/619i7yCL4IY/ZvuZV
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 86678096593131569026725199942235497225
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SCEE - Sistema de Certificação Electrónica do Estado'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ECEstado'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cartão de Cidadão 003'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-28 10:13:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-10 18:15:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cartão de Cidadão'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Serviços do Cartão de Cidadão'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Validação on-line'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Serviço de Validação on-line do Cartão de Cidadão 000141 - EC do Cartão de Cidadão'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22168535852022360051637742701588782578020422823234932834487607549133883562024139042809307738033356084143219481495747486921351599667374104378762251877071063121903795639047715131284551698892084091490223530246496156914654625400735748605209408354020722317587902526647440309120683152428283978419713626512236626968524778416204594083115702329086279903300554871523517184179330105927995556898313025953925186823461089932908808706329291878537533176374706290641905454775486005084714932463231191252370108227286193640260352320330779242096371068095503238919010569389839365438542518298729131226773755174395428386670305327813470082513
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3cdfcab35a3c391e8ce6e23982700a89acfd2ef6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.root.cartaodecidadao.pt/publico/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (177 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.620.1.1.1.2.4.0.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://pki.cartaodecidadao.pt/publico/politicas/cps.html'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.620.1.1.1.2.4.0.1.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://pki.cartaodecidadao.pt/publico/politicas/cp.html'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1.5 (ocspNoCheck)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.9 (ocspSigning)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.cartaodecidadao.pt/publico/lrc/cc_ec_cidadao_crl003_crl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bb1ffe8e5ff2f4594161fde291f06fa3046887aa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2 bits)
							06c0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		006f30175f445ecc6d44589c3cbc9cd35366ece437ac6023dfdf6578fb33239d9137d956f0ff4670de79b8b65891f6ac819d0060ebf1ef2de0331f2c1cf1352a47b910707b97bb880fa568410b10b3a77d66a36ae8f75ebec16b4db2a28e860a58ea704105ab3d136fa740e914d1186ce68228970ac13e74feb08b34a31cf6a7925556b51dabad6fd6cd007e0ee1e6a840f05d9420e23f54a55f9ac749c93bf444c9e24dc759b16ebc48036f1b4be4e9ee094298f1aa242160e50f48dfd95a640e8501b3e12615cfeb0d4386aec399f2016db564522fc03d1eb23fb8761e11f15ff622d2a42b9203dd635657e10e5c35009960abc644d98f9ac21c084d2982ff1f805d552130ca8b575c7f7582d3cc146b5eb15c8c367a6a95d9036b5706851b8e363a1f31c6f80e25b372c1d001db76ca6a0f6997335b2c4e2ea6d354771e7ffa2c31302f6613151fe29070a1bd3274748474afe10dad04b3a38b1d7e2eea8762fbbd6eec0273662ac06dd283315ebf38e8eda0f6ddf126da154e475da7fa21fb8e51039e5f4b65b6eca3a3d45740c4dcc6563744ab7dff4be9c8d4fa55ca2a877c213069b7dbda968adaad9f6619a4f1656098a6a991940680bca5b283a5444bb52bdb848f210971666ec3a30b396dce453db21e43963828cb466d68ff1a9b8231a2afa3ba7b3fbae4c7ac661c0b5985707fa1d8703f02bc8b65f53ac1ec9179