grapevine.northdevonhospice.org.uk
Issued by Amazon
About this certificate
This digital certificate with serial number 03:ff:a5:9e:fd:8f:8d:89:d4:47:b3:9f:5e:72:31:b1 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=grapevine.northdevonhospice.org.uk
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ff:a5:9e:fd:8f:8d:89:d4:47:b3:9f:5e:72:31:b1Serial Number (int): 5315078880388660716551598055187689905
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 96:9d:c8:ed:ea:00:e2:9c:e1:ea:7e:c0:66:03:f0:f7:f8:05:8b:2d
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): ef:6d:fd:28:50:8d:27:7f:d0:21:73:7b:9a:e3:2e:6b:71:81:34:2a
Fingerprint (sha256): eb:77:44:32:79:1d:4f:ea:4c:4a:08:84:7e:64:a8:2d:33:38:93:14:91:16:ac:8c:cf:f9:67:f0:b7:c5:63:b5
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate grapevine.northdevonhospice.org.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for grapevine.northdevonhospice.org.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
grapevine.northdevonhospice.org.uk
intranet.northdevonhospice.org.uk
intranet.northdevonhospice.org.uk
Other certificates including the domain name northdevonhospice.org.uk
(limited to 100 certificates)
webmail.northdevonhospice.org.uk
*.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
www.northdevonhospice.org.uk
www.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
www.northdevonhospice.org.uk
remote.northdevonhospice.org.uk
remote.northdevonhospice.org.uk
www.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
remote.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
www.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
www.northdevonhospice.org.uk
webmail.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
www.northdevonhospice.org.uk
www.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
www.northdevonhospice.org.uk
remote.northdevonhospice.org.uk
remote.northdevonhospice.org.uk
www.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
remote.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
www.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
www.northdevonhospice.org.uk
webmail.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
*.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
grapevine.northdevonhospice.org.uk
secure.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
donate.northdevonhospice.org.uk
Certificate
The complete raw certificate details for grapevine.northdevonhospice.org.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgIQA/+lnv2PjYnUR7OfXnIxsTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDAxMTMwMDAwMDBaFw0yMTAyMTMx MjAwMDBaMC0xKzApBgNVBAMTImdyYXBldmluZS5ub3J0aGRldm9uaG9zcGljZS5v cmcudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9nFWFM4Qt0vPS G1x18TeKOJ8E75iV4OQH5N87Qv6SUwjU89utA2E1N+9rhsyj/AgUDx4j3SrKHTXi 86wbyhYUUNVq29/E7Sm0sKbnXfmwt72b5/ftuWJftynApeF85EZGbz+ENFX1puKZ xr7+V9WX6ObSB4VI4gGIU5lRleJ8+aoBS2IM/6kH75/1joFTm/xuZWTsFZOf9Aew mpF3/3Q4e3uDoJbWlt2Zrtf6V/HLAE4LYTrvD92PykKwPGctvcdRAi6sUVZ4UP22 Z0K1YE8KDV6RY1Pmh+RfHHUY+43E/lm5vZbuPKLs5qKvZLCL//UTcA+9KtPMNPtM QigL2iOBAgMBAAGjggKxMIICrTAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0 W/k90DAdBgNVHQ4EFgQUlp3I7eoA4pzh6n7AZgPw9/gFiy0wUAYDVR0RBEkwR4Ii Z3JhcGV2aW5lLm5vcnRoZGV2b25ob3NwaWNlLm9yZy51a4IhaW50cmFuZXQubm9y dGhkZXZvbmhvc3BpY2Uub3JnLnVrMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2Ny bC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJ YIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG IWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq aHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1Ud EwEB/wQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCkuQmQtBhYFIe7E6LM Z3AKPDWYBPkb37jjd80OyA3cEAAAAW+fkvHAAAAEAwBHMEUCICCqHCJIttUzX8eb LI8Eq+7penHNKH+Y1B7hJ9GrODAHAiEAl73bCrqHltFRxNyPQx/o5Ycw0S9i7+LC LUy6bgugdOMAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAW+f kvJhAAAEAwBHMEUCIBuY/hwsDRLYOzAMvSMUvWmh3eXMe3GHJiQn3wWDcRvgAiEA 26BGsxqrPwW29djPn55p0DYm6UvmHiZAsSN/iza0lEEwDQYJKoZIhvcNAQELBQAD ggEBABNDdapqy9pwQbQW8aI/RqG5luwDQR+NNeYiP0pKey8upFvoQiUVO+7D1yJ6 Z2azMSZP/JMM0ARXOgyL22AO51nr/wklOA+Cuz1UMel8hQpDJ/pBHiWBqMHi3nIB Y+CYDCh/m80Rq2cXlkIH7CM8J9HvrS2QUhEnUCG+jzuLDOj3byhoVK9ynpBvOtuM WNHjHZZjqLWz/G3U8TG3sIjp6YdQ7HIz9rfBicHdNQRNv2PZEmTqWg24JqzKLhWg oiUCKuN0QT7Wh8RHT0FrcCozo8q6+6XLCoV9LuBIPZ46wA5a34GfKi7eTOV5P0Zp W89SLu7P7IsJl7trPqeBaBq+m34= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZxVhTOELdLz0htcdfE3 ijifBO+YleDkB+TfO0L+klMI1PPbrQNhNTfva4bMo/wIFA8eI90qyh014vOsG8oW FFDVatvfxO0ptLCm5135sLe9m+f37bliX7cpwKXhfORGRm8/hDRV9abimca+/lfV l+jm0geFSOIBiFOZUZXifPmqAUtiDP+pB++f9Y6BU5v8bmVk7BWTn/QHsJqRd/90 OHt7g6CW1pbdma7X+lfxywBOC2E67w/dj8pCsDxnLb3HUQIurFFWeFD9tmdCtWBP Cg1ekWNT5ofkXxx1GPuNxP5Zub2W7jyi7Oair2Swi//1E3APvSrTzDT7TEIoC9oj gQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5315078880388660716551598055187689905 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-13 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'grapevine.northdevonhospice.org.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23936130838643429253174587705692600057791773465352599126379825819172956492654865455966435669600232971764626548436393850967058007755765151325338967501185350453515470609402230640463370650962377028099448345785930913319512460436491323262732552811664756199404680107494606216172726408898267094163598358253620759494623592131121348989040117403285250758024068280874552488694036412020782414795896310131269525913344956602108178396001897695714704402916466167939333197980387807341341785752277854816477586112849532350893723790884995195545323932657295656718656303544937085978836715089659669581981177863753039638865133391912915051393 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 969dc8edea00e29ce1ea7ec06603f0f7f8058b2d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'grapevine.northdevonhospice.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intranet.northdevonhospice.org.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016f9f92f1c00000040300473045022020aa1c2248b6d5335fc79b2c8f04abeee97a71cd287f98d41ee127d1ab38300702210097bddb0aba8796d151c4dc8f431fe8e58730d12f62efe2c22d4cba6e0ba074e30076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016f9f92f261000004030047304502201b98fe1c2c0d12d83b300cbd2314bd69a1dde5cc7b7187262427df0583711be0022100dba046b31aab3f05b6f5d8cf9f9e69d03626e94be61e2640b1237f8b36b49441 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00134375aa6acbda7041b416f1a23f46a1b996ec03411f8d35e6223f4a4a7b2f2ea45be84225153beec3d7227a6766b331264ffc930cd004573a0c8bdb600ee759ebff0925380f82bb3d5431e97c850a4327fa411e2581a8c1e2de720163e0980c287f9bcd11ab6717964207ec233c27d1efad2d905211275021be8f3b8b0ce8f76f286854af729e906f3adb8c58d1e31d9663a8b5b3fc6dd4f131b7b088e9e98750ec7233f6b7c189c1dd35044dbf63d91264ea5a0db826acca2e15a0a225022ae374413ed687c4474f416b702a33a3cabafba5cb0a857d2ee0483d9e3ac00e5adf819f2a2ede4ce5793f46695bcf522eeecfec8b0997bb6b3ea781681abe9b7e