aletheiagroup.co.in
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number ff:23:cd:28:50:c0:4e:d8 was issued on by GoDaddy.com, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=aletheiagroup.co.in
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): ff:23:cd:28:50:c0:4e:d8Serial Number (int): 18384763676893662936
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 76:17:3a:90:9f:43:e2:14:09:26:dc:b5:3a:04:7b:69:5e:64:e0:d6
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): 3e:f9:e9:d5:20:eb:44:1d:c7:6e:0d:25:c6:ce:e6:30:a0:d2:d0:0f
Fingerprint (sha256): ea:df:14:ef:0b:84:8d:09:fb:dd:59:83:d4:9c:06:71:bd:44:35:f8:85:bb:a9:d9:95:75:85:62:b2:18:bb:5e
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-12329.crl
Check the revocation status for certificate aletheiagroup.co.in
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aletheiagroup.co.in
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aletheiagroup.co.in
Other certificates including the domain name aletheiagroup.co.in
(limited to 100 certificates)
customer-sdpondemand.manageengine.in
humanresource.thepawscuers.life
servicedesk.celestialsys.com
www.aletheiagroup.co.in
servicedesk.celestialsys.com
servicedesk.celestialsys.com
servicedesk.celestialsys.com
customer-sdpondemand.manageengine.in
gtac.plintron.in
hr.aletheiagroup.co.in
customer-sdpondemand.manageengine.in
itcare.hdfcfund.com
servicedesk.celestialsys.com
itcare.hdfcfund.com
itcare.hdfcfund.com
servicedesk.celestialsys.com
customer-sdpondemand.manageengine.in
hr.aletheiagroup.co.in
servicedesk.celestialsys.com
hr.aletheiagroup.co.in
itservicedesk.coraplus.com
servicedesk.celestialsys.com
aletheiagroup.co.in
humanresource.thepawscuers.life
servicedesk.celestialsys.com
www.aletheiagroup.co.in
servicedesk.celestialsys.com
servicedesk.celestialsys.com
servicedesk.celestialsys.com
customer-sdpondemand.manageengine.in
gtac.plintron.in
hr.aletheiagroup.co.in
customer-sdpondemand.manageengine.in
itcare.hdfcfund.com
servicedesk.celestialsys.com
itcare.hdfcfund.com
itcare.hdfcfund.com
servicedesk.celestialsys.com
customer-sdpondemand.manageengine.in
hr.aletheiagroup.co.in
servicedesk.celestialsys.com
hr.aletheiagroup.co.in
itservicedesk.coraplus.com
servicedesk.celestialsys.com
aletheiagroup.co.in
Certificate
The complete raw certificate details for aletheiagroup.co.in in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGjTCCBXWgAwIBAgIJAP8jzShQwE7YMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTIzMTEyNTAwMzkzOFoX DTI0MTEyNTAwMzkzOFowHjEcMBoGA1UEAxMTYWxldGhlaWFncm91cC5jby5pbjCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrGCbAAaglL9Tq14e0duCUp ope6joWlcYfOjH/iilNFe3FYUFXHjJOfBTqHlsOFx5/4GJ3GX3fnnplaTEAIR+mc lZqOY4MVvi6K/kp8oLfIawM8ZeI2ggt91tqGV66vpufrv9gPhMdgqA5AtWJUsNBI IuIJxUqnkwtRS0CqFNspG861mo4FY3+lizFjfmoYyNAgBF+ga6CMmSpwxxe1uvs5 EcCZYAXbE9ruUNfaFQGKT0SQQS4D8M0VHl44epS0MqLuMKp0P3IFHtcvbJQDa7Sx K+bXebkzuAwSpHL1fH4in5ZCCiHXJslu4OSyRiP/hJv88Gbb1CAs/eoyk1RPkS8C AwEAAaOCAzUwggMxMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA5BgNVHR8EMjAwMC6gLKAqhihodHRw Oi8vY3JsLmdvZGFkZHkuY29tL2dkaWcyczEtMTIzMjkuY3JsMF0GA1UdIARWMFQw SAYLYIZIAYb9bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRl cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwdgYIKwYBBQUHAQEE ajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYB BQUHMAKGNGh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9y eS9nZGlnMi5jcnQwHwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wHgYD VR0RBBcwFYITYWxldGhlaWFncm91cC5jby5pbjAdBgNVHQ4EFgQUdhc6kJ9D4hQJ Jty1OgR7aV5k4NYwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO7N0GTV2xrO xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjAPq9VYAAAQDAEcwRQIgFodsjuVN zeQgJJD9DPMoJ9p6BXz6v0IqyVm64VCDYKUCIQCWhd4kmnV58o1hOc+fhyJhHUdk s9VmSGlPdwyFH0gv0AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABjAPq9k8AAAQDAEcwRQIhALr1Kfpjw7sJdvJePKgynuR7ShUhD9qgekwmlxfH m91kAiBAEk4fk3C7jWDKa91fFpu7DwncLeP15FyzEIQngGRBFwB2ANq2v2s/tbYi n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABjAPq9sIAAAQDAEcwRQIgAPWsWSBy EWJPPVlggTVxKhy4gKBK9dwYW7timaUJsWcCIQCwiAok97CyIXCxFJKEBPY8ukZ+ 1ax9aUeiHJotXM7tMzANBgkqhkiG9w0BAQsFAAOCAQEAfLlmc2Jrk3mdql+WKAIW 6hs0uCn2Fpfpak7Y7gu2ggwszfS8MBhF10dAZ5MLwaPSlk2uE+Mcl3ign7nNcZ7X Wf383qr3Hm6PjTLkvHVt6bewDI7qf3M4+byRSFRL1yIiDFD+9Xvh0oKG2BsBBFnl LoO/Hz+ijUxmJKq/kzcDQ+30kSf2VX7aa0aj0rXWf0JKmEki8RTTbZNPFQYK2GeK dvNsM8mHxcAnk9Oye8otLlPbm9Vodk1nR9kE4XXhV4lxNQkuXxvpQS+2chh+/Jr5 uFlz6wR8uSjiwc1OZ/QjysJAt7rODYEXydyrQV63Xjec9XdAnMr4TaPoGK30Q4x5 YA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusYJsABqCUv1OrXh7R24 JSmil7qOhaVxh86Mf+KKU0V7cVhQVceMk58FOoeWw4XHn/gYncZfd+eemVpMQAhH 6ZyVmo5jgxW+Lor+Snygt8hrAzxl4jaCC33W2oZXrq+m5+u/2A+Ex2CoDkC1YlSw 0Egi4gnFSqeTC1FLQKoU2ykbzrWajgVjf6WLMWN+ahjI0CAEX6BroIyZKnDHF7W6 +zkRwJlgBdsT2u5Q19oVAYpPRJBBLgPwzRUeXjh6lLQyou4wqnQ/cgUe1y9slANr tLEr5td5uTO4DBKkcvV8fiKflkIKIdcmyW7g5LJGI/+Em/zwZtvUICz96jKTVE+R LwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18384763676893662936 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-25 00:39:38 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-25 00:39:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aletheiagroup.co.in' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23577980823181788944823631705180338654445596197117013578169665603986380924921002999350959091896099083944297754110855462583669596565462132282763996966413714782069677952793343123414997174836151412318465935125380234505181970983967477107396491314217298822476278105947012020356280024012595844463347579403016681145909409334848875346781013080273123224084529894836872075343162754156733927904983762828366057973396092712638344894952456075889275771324738710741484265417842123150716050013472321746468907821128138532233634088371876982701133528101279777634585006481850781616678605967857611513210123847185037563453074569633863799087 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-12329.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aletheiagroup.co.in' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 76173a909f43e2140926dcb53a047b695e64e0d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c03eaf5560000040300473045022016876c8ee54dcde4202490fd0cf32827da7a057cfabf422ac959bae1508360a50221009685de249a7579f28d6139cf9f8722611d4764b3d56648694f770c851f482fd000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c03eaf64f0000040300473045022100baf529fa63c3bb0976f25e3ca8329ee47b4a15210fdaa07a4c269717c79bdd64022040124e1f9370bb8d60ca6bdd5f169bbb0f09dc2de3f5e45cb310842780644117007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c03eaf6c20000040300473045022000f5ac59207211624f3d59608135712a1cb880a04af5dc185bbb6299a509b167022100b0880a24f7b0b22170b114928404f63cba467ed5ac7d6947a21c9a2d5cceed33 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007cb96673626b93799daa5f96280216ea1b34b829f61697e96a4ed8ee0bb6820c2ccdf4bc301845d7474067930bc1a3d2964dae13e31c9778a09fb9cd719ed759fdfcdeaaf71e6e8f8d32e4bc756de9b7b00c8eea7f7338f9bc9148544bd722220c50fef57be1d28286d81b010459e52e83bf1f3fa28d4c6624aabf93370343edf49127f6557eda6b46a3d2b5d67f424a984922f114d36d934f15060ad8678a76f36c33c987c5c02793d3b27bca2d2e53db9bd568764d6747d904e175e157897135092e5f1be9412fb672187efc9af9b85973eb047cb928e2c1cd4e67f423cac240b7bace0d8117c9dcab415eb75e379cf577409ccaf84da3e818adf4438c7960