*.ahv-iv.ch

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate


This digital certificate with serial number f1:af:c9:fc:3d:e3:e0:a0:80:cb:fa:9b:4a:00:2a was issued on by SwissSign AG .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • WARNING: Using depricated TeletexString for '[*.ahv-iv.ch]'
  • ERROR: Certificate contains a key usage different from ClientAuth or EmailProtection
  • ERROR: Certificate contains a CRL with an non-preferred scheme ([ldap])

Informationsstelle AHV

Organization: Informationsstelle AHV
State / Province: Zug
Locality: Zug
Country: CH

SwissSign AG

Organization: SwissSign AG
State / Province: Zug
Locality: Zug
Country: CH

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): f1:af:c9:fc:3d:e3:e0:a0:80:cb:fa:9b:4a:00:2a
Serial Number (int): 1254908967513240938735098425651101738
Serial Number lenght: 120 bits, 15 octets

SubjectKeyId: cf:72:57:7a:30:b8:ed:1b:51:85:da:df:26:4b:7a:ab:bc:f8:ee:09
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): 7c:98:ca:93:15:f5:99:60:28:59:7e:7c:ad:40:d5:24:52:d7:d1:e5
Fingerprint (sha256): f2:63:44:19:03:15:59:8c:b4:6c:1c:3c:56:4b:44:1a:09:01:08:ac:33:0e:e9:c9:e7:69:f7:0d:1a:00:c6:ee

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for the current certificate on *.ahv-iv.ch
2
DNS Names
1
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.ahv-iv.ch
ahv-iv.ch
[email protected]

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGPjCCBSagAwIBAgIQAPGvyfw94+CggMv6m0oAKjANBgkqhkiG9w0BAQsFADBS MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSwwKgYDVQQDEyNT d2lzc1NpZ24gU2VydmVyIEdvbGQgQ0EgMjAxNCAtIEcyMjAeFw0xNTAzMDgwODAw MjJaFw0xNjAzMDgwODAwMjJaMH8xCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNadWcx DDAKBgNVBAcTA1p1ZzEfMB0GA1UEChMWSW5mb3JtYXRpb25zc3RlbGxlIEFIVjEU MBIGA1UEAxQLKi5haHYtaXYuY2gxHTAbBgkqhkiG9w0BCQEWDmluZm9AYWh2LWl2 LmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TUZcLo9Xg6o6mz0 q2WtGX9J3056o+DzOiV7TXGta9ZNW+no3Q60IkSSDKawasa3ShyTOzZm8cR23eMA tMg6b1zn+yVOyAzgIcW1PgspGMDMrMV26lpGcpOAtscsLb+3bQ0FxU3ZY+EWf1/U AxjmPOFe56YmoXBDs/GlmsZiQ2lhba3ru5wqABspXnpSznVutV4eUV0kHDNBQ3Dc sFsAmvl28acayJ5BUS/nqy8mmb4eonERdbYJznBwv3nPY21esw5mh34hBD2WuQf0 EwaSRM7u1OPPqYgCIEuI0bZWiON6GceVy+vY7/XwBJN9yjZa7NPEWS+oIQBZ4r+D ioNiDQIDAQABo4IC4TCCAt0wMQYDVR0RBCowKIEOaW5mb0BhaHYtaXYuY2iCCyou YWh2LWl2LmNogglhaHYtaXYuY2gwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUz3JXejC47RtRhdrfJkt6q7z4 7gkwHwYDVR0jBBgwFoAU5/Hn/S5TrRHlgRpXpHOPEn2YyK4wgf8GA1UdHwSB9zCB 9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0L0U3RjFFN0ZEMkU1M0FE MTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUwgaiggaWggaKGgZ9sZGFwOi8vZGly ZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049RTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3 QTQ3MzhGMTI3RDk4QzhBRSUyQ089U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0 ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9u UG9pbnQwXwYDVR0gBFgwVjBUBglghXQBWQECAQYwRzBFBggrBgEFBQcCARY5aHR0 cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24tR29sZC1DUC1D UFMucGRmMIHVBggrBgEFBQcBAQSByDCBxTBkBggrBgEFBQcwAoZYaHR0cDovL3N3 aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvRTdGMUU3RkQy RTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4QzhBRTBdBggrBgEFBQcwAYZRaHR0 cDovL2dvbGQtc2VydmVyLWcyLm9jc3Auc3dpc3NzaWduLm5ldC9FN0YxRTdGRDJF NTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThDOEFFMA0GCSqGSIb3DQEBCwUAA4IB AQAM2eTXs48dLDIgE4FBFKNdPLLgjygfx0Juv+g6ge6izBsx+5TQu/tWuuQXA76B biaYcHwlW8a9BRUn9g6CENk+zcyLGqpSmrEGS1aRkJs2SA3KvV1YE4X67fRvocHY YjY4tgbyhUdLOd9V52rLffb4v0XdrgfqIqyq4l/apYbcoLDQPymvRaKbpxGKBXsq MbQF50FfttOmce3+bO/sxL4H1Ln0+6bfAq208P2gSSThX8kayDIWlVwWEyj0iCbS TDqGef22I6L86WK6uSNCi6gTSkHSwkygYen8UtG3135oahy05oLf6IlxJC4HJqRE y+t7YK0tuWhX45EfmFVwxdRm -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TUZcLo9Xg6o6mz0q2Wt GX9J3056o+DzOiV7TXGta9ZNW+no3Q60IkSSDKawasa3ShyTOzZm8cR23eMAtMg6 b1zn+yVOyAzgIcW1PgspGMDMrMV26lpGcpOAtscsLb+3bQ0FxU3ZY+EWf1/UAxjm POFe56YmoXBDs/GlmsZiQ2lhba3ru5wqABspXnpSznVutV4eUV0kHDNBQ3DcsFsA mvl28acayJ5BUS/nqy8mmb4eonERdbYJznBwv3nPY21esw5mh34hBD2WuQf0EwaS RM7u1OPPqYgCIEuI0bZWiON6GceVy+vY7/XwBJN9yjZa7NPEWS+oIQBZ4r+DioNi DQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1254908967513240938735098425651101738 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-03-08 08:00:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-08 08:00:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zug' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zug' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Informationsstelle AHV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.ahv-iv.ch' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26914943236142757232176316222373539421881754757626813341947417264464805771434600070701748907000448239183301356550899148040009420301429111376960305391428529391872578602401386710114933069355631678897916591120941858316080211774057196443920991997211353319995389719855302357671557484551478503368175063857745478861922315859728985203673114675456626131782730721377494571211765232825723276514417877973440480219590404555177995293432284675930821055675327005516728906131493869814121226424077390409892780446654054388099693318637733914690415392367486558600554775639208852521357704394431612386547261375571296533578949809587976626701 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '[email protected]' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ahv-iv.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ahv-iv.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cf72577a30b8ed1b5185dadf264b7aabbcf8ee09 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000cd9e4d7b38f1d2c322013814114a35d3cb2e08f281fc7426ebfe83a81eea2cc1b31fb94d0bbfb56bae41703be816e2698707c255bc6bd051527f60e8210d93ecdcc8b1aaa529ab1064b5691909b36480dcabd5d581385faedf46fa1c1d8623638b606f285474b39df55e76acb7df6f8bf45ddae07ea22acaae25fdaa586dca0b0d03f29af45a29ba7118a057b2a31b405e7415fb6d3a671edfe6cefecc4be07d4b9f4fba6df02adb4f0fda04924e15fc91ac83216955c161328f48826d24c3a8679fdb623a2fce962bab923428ba8134a41d2c24ca061e9fc52d1b7d77e686a1cb4e682dfe88971242e0726a444cbeb7b60ad2db96857e3911f985570c5d466