ecoledepriere.chemin-neuf.fr

Issued by Gandi Standard SSL CA 2

About this certificate

This digital certificate with serial number 0a:9a:4f:bf:9b:30:5c:9a:00:0d:20:05:04:85:0a:47 was issued on by Gandi.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage contains an inefficient encoding wherein the number of 'unused bits' is declared to be 5, but it should be 7. Raw Bytes: [3 2 5 128], Raw Binary: [00000011 00000010 00000101 10000000] RFC 5280 Section 4.2.1.3 describes the value of a KeyUsage to be a DER encoded BitString, which itself defines that all trailing 0 bits be counted as being "unused". (Where ITU-T Rec. X.680 | ISO/IEC 8824-1, 21.7, applies, the bitstring shall have all trailing 0 bits removed before it is encoded.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=ecoledepriere.chemin-neuf.fr

Gandi

Organization: Gandi
State / Province: Paris
Locality: Paris
Country: FR

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:9a:4f:bf:9b:30:5c:9a:00:0d:20:05:04:85:0a:47
Serial Number (int): 14093511165029893150452432829227010631
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b0:5e:eb:49:a4:5e:30:2f:fa:8c:57:31:b8:16:e7:65:39:dc:59:27
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea

Fingerprint (sha1): 34:c5:7d:5a:6a:56:db:e4:e5:a6:6a:7b:6e:e4:61:59:09:8f:90:ff
Fingerprint (sha256): eb:76:5c:1e:2a:31:dc:c4:39:a8:ed:63:9e:8d:35:90:c6:04:bf:99:f5:d0:52:76:16:4f:b7:82:1e:7c:a9:f6

Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl

Check the revocation status for certificate ecoledepriere.chemin-neuf.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ecoledepriere.chemin-neuf.fr

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ecoledepriere.chemin-neuf.fr

Other certificates including the domain name chemin-neuf.fr

(limited to 100 certificates)
anyhonest.com
www.typo.nyc
www.csswand.dev
chemin-neuf.fr
summerschool.chemin-neuf.fr
summerschool-test.chemin-neuf.fr
www.chemin-neuf.fr
worshipteam.chemin-neuf.fr
welcometoparadise.chemin-neuf.fr
cdn.bitofertas.com
www.meetingo.co
www.chemin-neuf.fr
flockh.art
servicemall.in
welcometoparadise.chemin-neuf.fr
www.chemin-neuf.fr
www.chemin-neuf.fr
chemin-neuf.fr
worshipteam.chemin-neuf.fr
summerschool.chemin-neuf.fr
a-dev.vybeerai.com
songbook.chemin-neuf.fr
www.chemin-neuf.fr
welcometoparadise.chemin-neuf.fr
summerschool.chemin-neuf.fr
ecoledepriere.chemin-neuf.fr
worshipteam.chemin-neuf.fr
jeunes.chemin-neuf.fr
www.gerrylabs.com
worshipteam.chemin-neuf.fr
admin.powerauth.app
chemin-neuf.fr
worshipteam.chemin-neuf.fr
www.karmka.com
chemin-neuf.fr
www.chemin-neuf.fr
www.chemin-neuf.fr
www.chemin-neuf.fr
wordpress.chemin-neuf.fr
worshipteam.chemin-neuf.fr
mood.moodqualifies.com
welcometoparadise.chemin-neuf.fr
www.chemin-neuf.fr
worshipteam.chemin-neuf.fr
staging.coexister.fr
mordle.app
www.chemin-neuf.fr
www.wedzee.com
songbook.chemin-neuf.fr
jaycoelho.com
worshipteam.chemin-neuf.fr
goodnews.chemin-neuf.fr
welcometoparadise.chemin-neuf.fr
www.chemin-neuf.fr
worshipteam.chemin-neuf.fr
www.cana.org
anyhonest.com
sts.edu.pl
www.chemin-neuf.fr
summerschool.chemin-neuf.fr
zerojet.com
chemin-neuf.fr
www.chemin-neuf.fr
jeunes.chemin-neuf.fr
www.chemin-neuf.fr
ecoledepriere.chemin-neuf.fr
chemin-neuf.fr
www.jeunes.chemin-neuf.fr
wordpress.chemin-neuf.fr
campuson.childcareon.com
worshipteam.chemin-neuf.fr
www.chemin-neuf.fr
www.chemin-neuf.fr
summerschool.chemin-neuf.fr
blacklemonclub.com
www.vasaflygplats.fi
app.matchify.se
kenyaku.hills.cf
www.animestories.app
songbook.chemin-neuf.fr
www.chemin-neuf.fr
m.zchoolmate.com
m.zchoolmate.com
chemin-neuf.fr
fuvz.com
worshipteam.chemin-neuf.fr
jeunes.chemin-neuf.fr
www.chemin-neuf.fr
www.chemin-neuf.nl
worshipteam.chemin-neuf.fr
ecoledepriere.chemin-neuf.fr
welcometoparadise.chemin-neuf.fr
www.leibacker.se
welcometoparadise.chemin-neuf.fr
app-staging.brnkl.io
worshipteam.chemin-neuf.fr
servicemall.in
chemin-neuf.fr
directs.chemin-neuf.fr
chemin-neuf.fr

Certificate

The complete raw certificate details for ecoledepriere.chemin-neuf.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIQCppPv5swXJoADSAFBIUKRzANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4w
DAYDVQQKEwVHYW5kaTEgMB4GA1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIw
HhcNMjAwMzMwMDAwMDAwWhcNMjEwNDI5MjM1OTU5WjAnMSUwIwYDVQQDExxlY29s
ZWRlcHJpZXJlLmNoZW1pbi1uZXVmLmZyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEy7sAnDrPhW6hhjRJogroPQyjDm6DkMc8AmuDmM0KTSBOG1TeQQFpb7iHXMrw
SyJAaN0geVcam3q7sYC57JBDTKOCArgwggK0MB8GA1UdIwQYMBaAFLOQp9jJr07N
YTyffK1df0H9aTDqMB0GA1UdDgQWBBSwXutJpF4wL/qMVzG4FudlOdxZJzAOBgNV
HQ8BAf8EBAMCBYAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwSwYDVR0gBEQwQjA2BgsrBgEEAbIxAQICGjAnMCUGCCsGAQUFBwIB
FhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMAgGBmeBDAECATBBBgNVHR8EOjA4
MDagNKAyhjBodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNT
TENBMi5jcmwwcwYIKwYBBQUHAQEEZzBlMDwGCCsGAQUFBzAChjBodHRwOi8vY3J0
LnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNTTENBMi5jcnQwJQYIKwYBBQUH
MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wJwYDVR0RBCAwHoIcZWNvbGVk
ZXByaWVyZS5jaGVtaW4tbmV1Zi5mcjCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3
AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABcSjL0XEAAAQDAEgw
RgIhAMqdfpQugnaicAF0vFRF3fKYF5Ht0WY+UBYJFbgYfkxDAiEAk7duv1UtUwYg
alIwRTpS8z5MDoKCUH5UKoj9hmBpgSkAdgCUILwejtWNbIhzH4KLIiwN0dpNXmxP
lD1h204vWE2iwgAAAXEoy9GwAAAEAwBHMEUCIAiVaOz/jGbqIOxY0G6Q1/BvJFVc
bGzWcbPWgVgAbSvNAiEAqGnlKlIWpBAQL9q+olCq8ut2WqYT2Md0468PMnKjP8ow
DQYJKoZIhvcNAQELBQADggEBADPoYV/OX3Pa54UQXOPXXJa+ztq+6AHa3DEA+0DP
hfdGPPUvhiAIofWd8tm8FylLfpXXXsgGWEdCTVr8QB1GpRd8VGeu2Bg5FGURV4oN
4uQPxxcaH3acTdLEGmwHyc/Rv8h07HVOrJyZFlpl3hrWgjoeDrcLOrzz71WCHrb6
40/b1USydxZMpCl2u5Yx2K/ug3gGP4Ec+vtq63Qt4oeIPOvxgO2YWvUdJSNR1lbn
FdDtNwabbJOrNQXFfZBW4SGTE5skjWACnWfysIe4u7qHIDNpZJXochbQj5PTgmbb
W3/xopNqwRuVMD+/ZOvdlwAcF+ayqg22vXwTl3pG4gFd66c=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEy7sAnDrPhW6hhjRJogroPQyjDm6D
kMc8AmuDmM0KTSBOG1TeQQFpb7iHXMrwSyJAaN0geVcam3q7sYC57JBDTA==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14093511165029893150452432829227010631
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ecoledepriere.chemin-neuf.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004cbbb009c3acf856ea1863449a20ae83d0ca30e6e8390c73c026b8398cd0a4d204e1b54de4101696fb8875ccaf04b224068dd2079571a9b7abbb180b9ec90434c
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b05eeb49a45e302ffa8c5731b816e76539dc5927
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							0580
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecoledepriere.chemin-neuf.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d70000017128cbd1710000040300483046022100ca9d7e942e8276a2700174bc5445ddf2981791edd1663e50160915b8187e4c4302210093b76ebf552d5306206a5230453a52f33e4c0e8282507e542a88fd86606981290076009420bc1e8ed58d6c88731f828b222c0dd1da4d5e6c4f943d61db4e2f584da2c20000017128cbd1b000000403004730450220089568ecff8c66ea20ec58d06e90d7f06f24555c6c6cd671b3d68158006d2bcd022100a869e52a5216a410102fdabea250aaf2eb765aa613d8c774e3af0f3272a33fca
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0033e8615fce5f73dae785105ce3d75c96becedabee801dadc3100fb40cf85f7463cf52f862008a1f59df2d9bc17294b7e95d75ec8065847424d5afc401d46a5177c5467aed81839146511578a0de2e40fc7171a1f769c4dd2c41a6c07c9cfd1bfc874ec754eac9c99165a65de1ad6823a1e0eb70b3abcf3ef55821eb6fae34fdbd544b277164ca42976bb9631d8afee8378063f811cfafb6aeb742de287883cebf180ed985af51d252351d656e715d0ed37069b6c93ab3505c57d9056e12193139b248d60029d67f2b087b8bbba872033696495e87216d08f93d38266db5b7ff1a2936ac11b95303fbf64ebdd97001c17e6b2aa0db6bd7c13977a46e2015deba7