it.tektonik.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:ac:7c:a5:57:5a:3b:b1:a3:29:56:db:f5:16:de:bb:0c:d2 was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=it.tektonik.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:ac:7c:a5:57:5a:3b:b1:a3:29:56:db:f5:16:de:bb:0c:d2Serial Number (int): 407143393609620034626931770591372365204690
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 66:25:68:95:81:d4:8d:f3:9e:3f:44:ad:87:a1:66:92:63:ed:5d:ab
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a3:32:5b:ac:10:c8:fe:7e:cb:e6:2a:bb:9e:03:77:2b:4b:74:d0:cc
Fingerprint (sha256): ef:6b:27:e5:0a:3e:21:bd:9d:37:aa:66:7a:67:84:48:69:b4:5e:9d:36:97:c5:e4:22:75:02:97:84:b0:e3:38
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate it.tektonik.ca
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for it.tektonik.ca
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
it.tektonik.ca
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
Other certificates including the domain name tektonik.ca
(limited to 100 certificates)
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
Certificate
The complete raw certificate details for it.tektonik.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGvzCCBaegAwIBAgISBKx8pVdaO7GjKVbb9RbeuwzSMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTQwMzE0NTdaFw0yNDA3MTMwMzE0NTZaMBkxFzAVBgNVBAMT Dml0LnRla3RvbmlrLmNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA vPdVdRAmb7AfPP3G3h2qOiL7LiS9nh30LW6fcgZtCDTq+U/MAUi2SM6poe2bRUG+ 6Y0VTJu/zZRyQCfXXvMF2F13NfVCvJQiWR3kpSwacp2y4+G9g0PgwS18QB8hmFSu 4di9J7++BGPkpYeAMh2Rf0JiHGlS50Xl3xhgMT0/04HTDhhGCKiZp0cMgzet8OuC bTz4JIIadoz8HdEthkDz4wRBJiDmBsmkunsmF1Hc++693cF0KDsxG85m4qBWBYdG onULDcpkUKaDtge17brt99NDA6icSPyg+2FG+NKcyQhQHWXXePx/EVgslE2mIx1M guc62WrPHPyHCCWSp6UMSf0HFsWpje72Dz4+k5e+1j+dGiTa1PpJjjG9oxo8+rYM uPkTgvwIA4eU/g+VRXPwsZBsF1QWKdKNlcv+orampDUT+73EBpzizMpJtRYyuiWm azIHMfLyjMVGhd3qa+H/gRGBaIGhJ+xaTUXmVvY/FyWBR+NkI5wfaxBwUn7yAfP/ QQPYniSGEDxbEdnmQV5tUB8g3YM64AkGgPG3QsuPjZtWXLOWeqCxscin7x2XnYMy m1NFUrtrrz50gQgQeRNGZs/bE4XgmIFUGBOfW8mSF1jhUuC+IAuF+xhzN4w2Poit qN9Rt+hqzxI9nqgdVGw4qUWtQN4HsWECqes4+BF68tMCAwEAAaOCAuYwggLiMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUZiVolYHUjfOeP0Sth6FmkmPtXaswHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wge8GA1UdEQSB5zCB5IIOaXQudGVrdG9uaWsuY2GC D2l0LnRla3RvbmlrLmNvbYIQbWFpbC50ZWt0b25pay5jYYIRbWFpbC50ZWt0b25p ay5jb22CGG1lZGlib3RpcXVlLnRla3RvbmlrLmNvbYIQcG9wLnRla3RvbmlrLmNv bYIRc210cC50ZWt0b25pay5jb22CC3Rla3RvbmlrLmNhggx0ZWt0b25pay5jb22C DnRpLnRla3RvbmlrLmNhgg90aS50ZWt0b25pay5jb22CD3d3dy50ZWt0b25pay5j YYIQd3d3LnRla3RvbmlrLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisG AQQB1nkCBAIEgfQEgfEA7wB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s5 2IRzAAABjtrQwZgAAAQDAEcwRQIhAKGl/q/RmzP+JHPdU/3rnRt8XlXD1knQCb4L OanzUCrGAiAGlgiaWnYEsz3Gm9NGthB4ykr4Pf4uEANnCzTVpCxbHQB1AO7N0GTV 2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjtrQwcUAAAQDAEYwRAIgOiUK 4VaA+BQRN+G922QREZTQgyXS9vBlN6wOyiXCR2UCIC7FIJnrSaXyfw98haUsmAqN taHNrV3zkAP7bm7HF29FMA0GCSqGSIb3DQEBCwUAA4IBAQBkqyd1bv4Ad4CfeSYK 6ytocj+npO1jCoJLnM8IoJCypxc+b/bYuhMxN2SOGjNBxE5Y4SW+wV9KWJQuUPWb T6AsiPZJiax4XOM1A5hLFDe0Fv0lmuoG6uMBho9jyvC0BTslX9BmRnnIpgVnrz0G hVU0fkkZ64cajYBI2NJhD6A+pMmtvFPZRaTbuORZo1qGPcFlZRlTMqOTgbyjle6S Tj1z3GfJFck5rQD+k7r8hTN1s2BULorIhZ1E8m39YjxHfnohJcnaf7JRwb4Za4ve ixtTTNjVoCnWYYiIybj4k9kLmDjbAkuaQh3G+6pnK058+JvzdJyMDdS2uac1feLt iJcS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvPdVdRAmb7AfPP3G3h2q OiL7LiS9nh30LW6fcgZtCDTq+U/MAUi2SM6poe2bRUG+6Y0VTJu/zZRyQCfXXvMF 2F13NfVCvJQiWR3kpSwacp2y4+G9g0PgwS18QB8hmFSu4di9J7++BGPkpYeAMh2R f0JiHGlS50Xl3xhgMT0/04HTDhhGCKiZp0cMgzet8OuCbTz4JIIadoz8HdEthkDz 4wRBJiDmBsmkunsmF1Hc++693cF0KDsxG85m4qBWBYdGonULDcpkUKaDtge17brt 99NDA6icSPyg+2FG+NKcyQhQHWXXePx/EVgslE2mIx1Mguc62WrPHPyHCCWSp6UM Sf0HFsWpje72Dz4+k5e+1j+dGiTa1PpJjjG9oxo8+rYMuPkTgvwIA4eU/g+VRXPw sZBsF1QWKdKNlcv+orampDUT+73EBpzizMpJtRYyuiWmazIHMfLyjMVGhd3qa+H/ gRGBaIGhJ+xaTUXmVvY/FyWBR+NkI5wfaxBwUn7yAfP/QQPYniSGEDxbEdnmQV5t UB8g3YM64AkGgPG3QsuPjZtWXLOWeqCxscin7x2XnYMym1NFUrtrrz50gQgQeRNG Zs/bE4XgmIFUGBOfW8mSF1jhUuC+IAuF+xhzN4w2PoitqN9Rt+hqzxI9nqgdVGw4 qUWtQN4HsWECqes4+BF68tMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 407143393609620034626931770591372365204690 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-14 03:14:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-13 03:14:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'it.tektonik.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 770914623621173331046320771210550701610444980429260721690771735542739963450585612223767545479948665835021371469288178747634358139488398012512990930885545341910200204793914518036207973102524072726006967828525748347719762486684582170674683318929689879653004227640729578629156929020802491969326243134031146080673789861346378504489001899447368347237222997862107753013504146284182768119456554713621645089146093715196303664374872386852835914319211022265522616716255472747193492893997249089832111516293030781992982910102691369742279468914840520692141369071261941873798885582362576306184843334974870418034882602290759638713194580819316539356529599394337028778865187813817272137393597317812303196466702938881613575530515207500176773961199859061582936204714560829478368187908699131508799303526466130883973306164102850065918160430967239705459267728187123287684671412203859755398613354706844741107891816471113156009861761663124214971688740939225041704744927034125276906775553204617742786251331928721694220206658951084741121967574625516222490531800752613698482334666331762842880378053542286204319519533312912098745786292662889364380787931042176798089226202506051696301118805941008283139706546229374401849495878095044924540321989513449253843432147 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6625689581d48df39e3f44ad87a1669263ed5dab . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (231 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medibotique.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pop.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smtp.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018edad0c1980000040300473045022100a1a5feafd19b33fe2473dd53fdeb9d1b7c5e55c3d649d009be0b39a9f3502ac602200696089a5a7604b33dc69bd346b61078ca4af83dfe2e1003670b34d5a42c5b1d007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018edad0c1c5000004030046304402203a250ae15680f8141137e1bddb64111194d08325d2f6f06537ac0eca25c2476502202ec52099eb49a5f27f0f7c85a52c980a8db5a1cdad5df39003fb6e6ec7176f45 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0064ab27756efe0077809f79260aeb2b68723fa7a4ed630a824b9ccf08a090b2a7173e6ff6d8ba133137648e1a3341c44e58e125bec15f4a58942e50f59b4fa02c88f64989ac785ce33503984b1437b416fd259aea06eae301868f63caf0b4053b255fd0664679c8a60567af3d068555347e4919eb871a8d8048d8d2610fa03ea4c9adbc53d945a4dbb8e459a35a863dc16565195332a39381bca395ee924e3d73dc67c915c939ad00fe93bafc853375b360542e8ac8859d44f26dfd623c477e7a2125c9da7fb251c1be196b8bde8b1b534cd8d5a029d6618888c9b8f893d90b9838db024b9a421dc6fbaa672b4e7cf89bf3749c8c0dd4b6b9a7357de2ed889712