karriere.heel.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a1:b3:3c:e3:f7:e5:70:62:ae:7b:ee:0e:89:6d:3c:11:62 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=karriere.heel.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a1:b3:3c:e3:f7:e5:70:62:ae:7b:ee:0e:89:6d:3c:11:62Serial Number (int): 316360566842356188691286444959664764096866
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 40:39:b8:e7:9b:c7:d5:b4:fa:4e:52:d6:87:4c:04:14:c1:8e:ed:64
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 45:fb:c8:bb:f5:a1:87:ad:28:53:ab:bc:34:fa:10:6c:26:18:14:46
Fingerprint (sha256): ef:f8:2e:ec:8e:ec:54:17:25:a5:5a:55:f4:f7:51:52:35:cc:5f:77:90:ff:44:09:10:bc:ce:77:4c:31:e1:81
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate karriere.heel.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for karriere.heel.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
karriere.heel.de
www.karriere.heel.de
www.karriere.heel.de
Other certificates including the domain name heel.de
(limited to 100 certificates)
lauf.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
Certificate
The complete raw certificate details for karriere.heel.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbTCCBVWgAwIBAgISA6GzPOP35XBirnvuDoltPBFiMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMjkxMTU1NDFaFw0x OTAyMjcxMTU1NDFaMBsxGTAXBgNVBAMTEGthcnJpZXJlLmhlZWwuZGUwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3ZfIf+ajuiUzTQ8EmhD+UWCQ8zpD2 4+Drywsf040Z/C9EN1JD1NfNcX1sK4iy/ENrSkvia14vmCkzKWWWWPrZwaPBOO/J 2JtJCj7yx60AIn+Xijfx8mI4WMkJFO/FXqBMFS2JPlBR5/eGRoy+S52XVJwbuYIV qstQkvJg9c9FXHyeJQ3W5w6iaqwWUxbSMGSLQjk7f2218I6BtxsiRMNwcaID9TI9 UUIHRtyjDzpfOZKWbJFCwYvUOAFzlf66RtibNupr7Knc3ZdTmmQg9NV7VGMnq25P TYfWaIwJFpqaQi/1q/Y724b4ls5ERsqvuOoCni00YWdEryM329rO0XVAh1qjnI9T wjBtAcmDo5UvfHXMGBbXZcAEtrYY1cRTjOpsccxUGk2zfnecn0ibweRFVRE+9f5T 3WofRo28iKDm56J032KpqWZmDpr9+Lit3SuKU/KaFu95cEtQQqC9mDPC5i9kHh2+ r8CS+bOXJ79xgE/Shn6BhT4HI23zZOYmmerSxev3UXbreNbwIhbE7RujiTr7SPQT /NuBd6tTVchUSeIy8l4QFVjbUOjt2iNqdLE4kSHSuClE4D6sta/KVh0XDii6p2GN Y7zxQqSibC8yPLfy3lZerXu58GoQw0na6heGcpsso5iIU3x7++4P1p06Kis1HdRz nNY9z1Haep7tGQIDAQABo4ICejCCAnYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRA Objnm8fVtPpOUtaHTAQUwY7tZDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMDEGA1UdEQQqMCiCEGthcnJpZXJlLmhlZWwu ZGWCFHd3dy5rYXJyaWVyZS5oZWVsLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUA4mlLribo6UAJ6IYbtjuD 1D7n/nSI+6SPKJMBnd3x2/4AAAFnX4oLhgAABAMARjBEAiAInT9LczDy1jb/DRoG 5ds4qSuZGlzAdaqqu0fiSy4WWAIgTjjFAWWlfrYiv04hrTutlYIWX1vcNm0EkiI6 13ZW7/8AdgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWdfiguj AAAEAwBHMEUCIQDNcrvAo4CSkhFg3UvLdIPlJgDEy8+7P93fs0eBW4YJlwIgIyVz Z59gYqQyhLC4NzXOusnUoD0AwZgMbadSRS9td08wDQYJKoZIhvcNAQELBQADggEB AFbfQRZebdk+naszedxCeQi6erLeJUra95Efb2SjTt+iz9zJHOo2kDVtWeRDdnUM ohuwfA1jRF/T8+bn0Ym1qT//1NXJ2EtxjftlWzfnlXR1G81CGhQGClDSdh6Xrvxo pAYyZJKZTgloWYbBmcnQIOgMlymHFVmDhw55nUVtr22LtcUumEVRsyjvj+PgbKss UnMXWw7DQjxLp/1OYl748bYFVXE1Dfdpfx02cBW6H0I5WhJbxfIihe+0CewyiiSt KW1Af/geRCUXlvHonJ9LGhd9MaXjXSUDIdo93amc0o91JHmYMZBW9mh3v68TRPkc F6j7pgAbMiHM5m0fStXG7bc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt2XyH/mo7olM00PBJoQ/ lFgkPM6Q9uPg68sLH9ONGfwvRDdSQ9TXzXF9bCuIsvxDa0pL4mteL5gpMyllllj6 2cGjwTjvydibSQo+8setACJ/l4o38fJiOFjJCRTvxV6gTBUtiT5QUef3hkaMvkud l1ScG7mCFarLUJLyYPXPRVx8niUN1ucOomqsFlMW0jBki0I5O39ttfCOgbcbIkTD cHGiA/UyPVFCB0bcow86XzmSlmyRQsGL1DgBc5X+ukbYmzbqa+yp3N2XU5pkIPTV e1RjJ6tuT02H1miMCRaamkIv9av2O9uG+JbOREbKr7jqAp4tNGFnRK8jN9vaztF1 QIdao5yPU8IwbQHJg6OVL3x1zBgW12XABLa2GNXEU4zqbHHMVBpNs353nJ9Im8Hk RVURPvX+U91qH0aNvIig5ueidN9iqalmZg6a/fi4rd0rilPymhbveXBLUEKgvZgz wuYvZB4dvq/Akvmzlye/cYBP0oZ+gYU+ByNt82TmJpnq0sXr91F263jW8CIWxO0b o4k6+0j0E/zbgXerU1XIVEniMvJeEBVY21Do7dojanSxOJEh0rgpROA+rLWvylYd Fw4ouqdhjWO88UKkomwvMjy38t5WXq17ufBqEMNJ2uoXhnKbLKOYiFN8e/vuD9ad OiorNR3Uc5zWPc9R2nqe7RkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316360566842356188691286444959664764096866 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-29 11:55:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-27 11:55:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'karriere.heel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 748199483900320309952916633537481716360963995805006726941660446536943334593264884759702477717077509410341666252642269378911797914119406807725900157924365553973498472004938318281550256618753137904080971387138156728150065647885102580406691901760664137137450358114279625482908422243397318746665593495645064907623085579984185764926334175880755187347797995976031505135174084856569034254298774233373354109839502855139901722666440312536982812298998141617609375472011904301650850640861036433183437337155315528685079929710072940410278686604276053228568185757619296513645680160943242751578078300611548331761628245077723605799575897665861292287687359137834724190416868592010762690242866531592291048298331029050417374019850508116381880406355509711408673184039704207703565549355188264700271084700730719756557974499940313704462746941025126643585422033075668982691620057016761068646756814999273899103597704713708734633303695228075001211174084397316475876610115969177375148072123783859408170523866865334169508422402536923023575604123748407082323305010673601070297385996417731236587734235056709240446708350129514622922588799972574984789658739481800555320822175038126313620348909620934436488968567750781443564946059792805183469158645415841865836457241 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4039b8e79bc7d5b4fa4e52d6874c0414c18eed64 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karriere.heel.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.karriere.heel.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001675f8a0b8600000403004630440220089d3f4b7330f2d636ff0d1a06e5db38a92b991a5cc075aaaabb47e24b2e165802204e38c50165a57eb622bf4e21ad3bad9582165f5bdc366d0492223ad77656efff007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001675f8a0ba30000040300473045022100cd72bbc0a38092921160dd4bcb7483e52600c4cbcfbb3fdddfb347815b8609970220232573679f6062a43284b0b83735cebac9d4a03d00c1980c6da752452f6d774f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0056df41165e6dd93e9dab3379dc427908ba7ab2de254adaf7911f6f64a34edfa2cfdcc91cea3690356d59e44376750ca21bb07c0d63445fd3f3e6e7d189b5a93fffd4d5c9d84b718dfb655b37e79574751bcd421a14060a50d2761e97aefc68a406326492994e09685986c199c9d020e80c972987155983870e799d456daf6d8bb5c52e984551b328ef8fe3e06cab2c5273175b0ec3423c4ba7fd4e625ef8f1b6055571350df7697f1d367015ba1f42395a125bc5f22285efb409ec328a24ad296d407ff81e44251796f1e89c9f4b1a177d31a5e35d250321da3ddda99cd28f75247998319056f66877bfaf1344f91c17a8fba6001b3221cce66d1f4ad5c6edb7