truhaiku.org
Issued by R3
About this certificate
This digital certificate with serial number 04:32:40:af:74:45:06:a0:99:28:11:ff:3f:d3:55:f1:33:56 was issued on by Let's Encrypt.
With 22 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=truhaiku.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:32:40:af:74:45:06:a0:99:28:11:ff:3f:d3:55:f1:33:56Serial Number (int): 365549243674996696268894478220749316371286
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: a6:76:3d:14:ad:37:e6:87:32:85:61:74:8f:44:3e:bb:3e:24:a5:7e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b4:10:a4:37:0d:52:66:5f:94:30:fd:dc:e8:e8:13:6a:83:a1:ab:38
Fingerprint (sha256): ee:a2:c8:10:7d:c4:c4:09:94:b9:ce:de:7f:10:6d:bb:74:d2:b3:a0:03:e3:2c:5b:a9:72:6e:6f:ca:0c:44:d5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate truhaiku.org
22
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for truhaiku.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
1kcredit.com
caedynfaith.com
horoscope.cool
inlandig.com
intledu.com
latticemagnets.com
luxmatics.com
mens-wallet.com
nftconspiracy.com
ociannajones.com
quadvalues.com
rxsweetblend.com
simplesugarnaturally.com
stlouisreos.com
tenniselbowhouston.com
the-equaliser.com
thebloodsugarcoalition.com
thehoacpafirm.com
totalblog.com
traveltoplists.com
truhaiku.org
www.homesausagemakers.com
caedynfaith.com
horoscope.cool
inlandig.com
intledu.com
latticemagnets.com
luxmatics.com
mens-wallet.com
nftconspiracy.com
ociannajones.com
quadvalues.com
rxsweetblend.com
simplesugarnaturally.com
stlouisreos.com
tenniselbowhouston.com
the-equaliser.com
thebloodsugarcoalition.com
thehoacpafirm.com
totalblog.com
traveltoplists.com
truhaiku.org
www.homesausagemakers.com
Other certificates including the domain name truhaiku.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for truhaiku.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGczCCBVugAwIBAgISBDJAr3RFBqCZKBH/P9NV8TNWMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTcxOTUwNDdaFw0yNDA1MTcxOTUwNDZaMBcxFTATBgNVBAMT DHRydWhhaWt1Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMtc moboX2umRstCZrH274LFT9XjQ5EJWKi/VWugYnSsWM4svP4fEjjtYYq0P7MDNcz0 7Qts6gyVjuU97nh6LzImanB/d8zYOjDEE51qCddJiFUn3+j35LZ8/vtIKlRtk5vg 7mj7DV5HyFeDKdiL9SuVac5if/6DQQHXoeR9gyPfV6C9dcXouI36a79tfI6zU11c hxPEsI9l7tBx5mKg67Z8YHGgZukH7XcKsXR3YZ9TCLQ9ldDx1+gc0agEFeu79UL9 ubLkGJUWfxSYACSlr6DBFW5f7mB1pYgMBPeDwVI5kv/QbXrowpem/10AWuObgtHT 2DBdQ/eUe6T+8h0FwckCAwEAAaOCA5wwggOYMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUpnY9FK035ocyhWF0j0Q+uz4kpX4wHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w ggGjBgNVHREEggGaMIIBloIMMWtjcmVkaXQuY29tgg9jYWVkeW5mYWl0aC5jb22C Dmhvcm9zY29wZS5jb29sggxpbmxhbmRpZy5jb22CC2ludGxlZHUuY29tghJsYXR0 aWNlbWFnbmV0cy5jb22CDWx1eG1hdGljcy5jb22CD21lbnMtd2FsbGV0LmNvbYIR bmZ0Y29uc3BpcmFjeS5jb22CEG9jaWFubmFqb25lcy5jb22CDnF1YWR2YWx1ZXMu Y29tghByeHN3ZWV0YmxlbmQuY29tghhzaW1wbGVzdWdhcm5hdHVyYWxseS5jb22C D3N0bG91aXNyZW9zLmNvbYIWdGVubmlzZWxib3dob3VzdG9uLmNvbYIRdGhlLWVx dWFsaXNlci5jb22CGnRoZWJsb29kc3VnYXJjb2FsaXRpb24uY29tghF0aGVob2Fj cGFmaXJtLmNvbYINdG90YWxibG9nLmNvbYISdHJhdmVsdG9wbGlzdHMuY29tggx0 cnVoYWlrdS5vcmeCGXd3dy5ob21lc2F1c2FnZW1ha2Vycy5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBIsONr2qZHNA/l agL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY241fy5AAAEAwBHMEUCIFWYdzJ14oA0 OlUDk2VfkAZcn2kg34YahmQEMyh2lKJsAiEA4PP3q32rVwXp3m3UXm/uZxxAOi7a /Qgvwf3yVuObwBsAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAA AY241fy7AAAEAwBHMEUCIB5MaYdYKILIXqT7sARRVqLALTxtCV6n3oV7HuOty+v0 AiEAgw5dtcYNpXh7VfAWzuYuSKimiMm8SOdCQxHYveiEUl8wDQYJKoZIhvcNAQEL BQADggEBAJo9S+XgmBHyJt0Nqwl4VEGPgDrTCzcZPAunlMp4PQ0mqEUPFqTOyUIp YNSqeFjBTkfBtUS3b27JpznO6g4blIvIJuFEVXSVDG6g34xDmZRnuIgbVSAkHfuI psddW0WS2ywQpQVcxQrEoaVXzfGwq0QI2Q9mO7I3xDm4dmGgc1lR0QHjTndAi2s6 RbUZW3CsO6kbx3f5xDmFoYm8YqFCJM2hUNtyo3/QGsLaV48QBWPTcqUpM7uzJaW4 Z+FCwmNNnTSeXpmrIWWGQxMpjhNkjwFu30OSG/diHNUZR0ccuVX9xDmyb2DeWKb7 MQ7R/ipE5j9rtrSbaxSPoYAPl+O6Jo8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1yahuhfa6ZGy0Jmsfbv gsVP1eNDkQlYqL9Va6BidKxYziy8/h8SOO1hirQ/swM1zPTtC2zqDJWO5T3ueHov MiZqcH93zNg6MMQTnWoJ10mIVSff6Pfktnz++0gqVG2Tm+DuaPsNXkfIV4Mp2Iv1 K5VpzmJ//oNBAdeh5H2DI99XoL11xei4jfprv218jrNTXVyHE8Swj2Xu0HHmYqDr tnxgcaBm6QftdwqxdHdhn1MItD2V0PHX6BzRqAQV67v1Qv25suQYlRZ/FJgAJKWv oMEVbl/uYHWliAwE94PBUjmS/9BteujCl6b/XQBa45uC0dPYMF1D95R7pP7yHQXB yQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 365549243674996696268894478220749316371286 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-17 19:50:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-17 19:50:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'truhaiku.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25672040455579911507784174893243700883814905806540823835253264058325199724929523138544145139900821499530818345919024287905589703992936493838403917783878214470026352809238541008721721094474628744547789485370456273376164192168669781162943365665605370099228964137460280019619459596858340585992335194341582002457443186507862839494857759521719865155195745838535193769341240665362302661321332261862749916399288424363112614229408859410634950189348324915487417539055900837561650959142502781860927002546380073023971038100271686505435419917461625178777973650958425583351813041287895688854005351184110178841300200639534507344329 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a6763d14ad37e687328561748f443ebb3e24a57e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (410 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1kcredit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caedynfaith.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'horoscope.cool' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inlandig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intledu.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'latticemagnets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'luxmatics.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mens-wallet.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nftconspiracy.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ociannajones.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'quadvalues.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rxsweetblend.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'simplesugarnaturally.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stlouisreos.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tenniselbowhouston.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'the-equaliser.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thebloodsugarcoalition.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thehoacpafirm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'totalblog.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'traveltoplists.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'truhaiku.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.homesausagemakers.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018db8d5fcb9000004030047304502205598773275e280343a550393655f90065c9f6920df861a86640433287694a26c022100e0f3f7ab7dab5705e9de6dd45e6fee671c403a2edafd082fc1fdf256e39bc01b0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018db8d5fcbb000004030047304502201e4c6987582882c85ea4fbb0045156a2c02d3c6d095ea7de857b1ee3adcbebf4022100830e5db5c60da5787b55f016cee62e48a8a688c9bc48e7424311d8bde884525f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009a3d4be5e09811f226dd0dab097854418f803ad30b37193c0ba794ca783d0d26a8450f16a4cec9422960d4aa7858c14e47c1b544b76f6ec9a739ceea0e1b948bc826e1445574950c6ea0df8c43999467b8881b5520241dfb88a6c75d5b4592db2c10a5055cc50ac4a1a557cdf1b0ab4408d90f663bb237c439b87661a0735951d101e34e77408b6b3a45b5195b70ac3ba91bc777f9c43985a189bc62a14224cda150db72a37fd01ac2da578f100563d372a52933bbb325a5b867e142c2634d9d349e5e99ab2165864313298e13648f016edf43921bf7621cd51947471cb955fdc439b26f60de58a6fb310ed1fe2a44e63f6bb6b49b6b148fa1800f97e3ba268f