www.aspneumatics.co.uk
Issued by Starfield Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number f9:7d:b2:3d:7d:67:43:7a was issued on by Starfield Technologies, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.aspneumatics.co.uk
Starfield Technologies, Inc.
Organization:
Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
Organization unit: http://certs.starfieldtech.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): f9:7d:b2:3d:7d:67:43:7aSerial Number (int): 17977721264699556730
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 8d:b7:33:ca:b9:49:e0:8a:7c:6e:e1:2b:2b:2c:03:2e:62:a0:2b:ae
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63
Fingerprint (sha1): 25:81:e0:4b:9c:94:a0:b5:7a:02:78:c4:20:bd:37:91:74:9d:3f:5c
Fingerprint (sha256): ef:fa:0b:ad:93:49:dd:02:b5:63:c8:d0:e5:bf:c8:7a:1e:26:14:bd:64:44:88:1a:4d:67:0c:64:4a:1d:4a:01
Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt
Revocation information
OCSP Server: http://ocsp.starfieldtech.com/CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-623.crl
Check the revocation status for certificate www.aspneumatics.co.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.aspneumatics.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
Other certificates including the domain name aspneumatics.co.uk
(limited to 100 certificates)
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
www.aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
www.aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
www.aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
www.aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
aspneumatics.co.uk
Certificate
The complete raw certificate details for www.aspneumatics.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGzzCCBbegAwIBAgIJAPl9sj19Z0N6MA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy MB4XDTIzMDkxNzA5NDk1N1oXDTI0MTAxMDEyNTI1NFowITEfMB0GA1UEAxMWd3d3 LmFzcG5ldW1hdGljcy5jby51azCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOUZbxjXqUGYMmAr5X7iii98Nz5+2IzmfPNHrQuH0KK8SnewiMcZULIfohBP o01S5dGByCGWzGDjtXTee2MGLY38rC2rcH9eQQgVdm7r8lAjT9PSFCklkjp096Rz +3hnD1a6Dc2+/rdXUjB6A6S22FWrZ9MuEjcILIgh2DoIoIsYEcjffTYIvasipx6e ecb6P3NUiomACwn0KZIbuD6AXKFD/JLcFGOi/zq5OB74/esXLZT3RJ938pMoxpwt ilqVfn25bKKt0WAfP6iHwhdy/ekOucmqPUaHE3NGd75DbR+7xUNi6s5OI7vfhSoN vKKJWG9SX16rWHERR5nX9z+vjr0CAwEAAaOCA2IwggNeMAwGA1UdEwEB/wQCMAAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA9 BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3Nm aWcyczEtNjIzLmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYB BQUHAgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVw b3NpdG9yeS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGG Hmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0 cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3Nm aWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzA1BgNVHREE LjAsghZ3d3cuYXNwbmV1bWF0aWNzLmNvLnVrghJhc3BuZXVtYXRpY3MuY28udWsw HQYDVR0OBBYEFI23M8q5SeCKfG7hKyssAy5ioCuuMIIBfQYKKwYBBAHWeQIEAgSC AW0EggFpAWcAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYqi jAF8AAAEAwBHMEUCIQD+h2ebhbJBHkw8uTVAC0zkbvertDNNukJZHg9HgT7vKAIg aJLaiOA/C6nXA8xgcshkdMNFgdeV3wT9gy+YICKkm9kAdQBIsONr2qZHNA/lagL6 nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYqijAJ1AAAEAwBGMEQCIFDKtaBCPKgOcULs 2vMRpKxk4x67cQWE58bZjgDwuArRAiBk+ncnPtFM46ibJnCXupm/ib0QxHnni4nP L4/nIU25NAB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiqKM AtcAAAQDAEcwRQIhAOcEzVuenP9LQEl44yUOosPMVRQK8S2jzM6AkrHbPtVTAiAc X2wEYH71TQm119msL94ZAtW07kSsYJ/MhCdxCzFmDTANBgkqhkiG9w0BAQsFAAOC AQEAFPqefHeJkeHWcxZPhP+B0MTce05oosHcEX4bR80O/L2YmrLRVvmmljNbvURe SJvWByvfk/CwaLYHOEgVyq1XYVkzvsOcemuMv2j0nNoJ0RFCWy03RFKDsESb3hWS gGs6isp3Hslx9SFGwzsLbEY3r2cfLwt/89Lj7fJRZLkw5ILu785UvLxX1Jq2Jo2U Cnb2mJZ6+Ru36dDFldE78tquA020511A6d38kBb3mh+sY9QBLzcQ0j2yarGM7cvD 40p8BlErfPS1Wu1Aona2CPwFFNL3tlsOtJ6LeJHft20jFktF/vWwOsD5IP3pGfl+ uhdfbx0GRpk47z5tSqk24G8+iA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RlvGNepQZgyYCvlfuKK L3w3Pn7YjOZ880etC4fQorxKd7CIxxlQsh+iEE+jTVLl0YHIIZbMYOO1dN57YwYt jfysLatwf15BCBV2buvyUCNP09IUKSWSOnT3pHP7eGcPVroNzb7+t1dSMHoDpLbY Vatn0y4SNwgsiCHYOgigixgRyN99Ngi9qyKnHp55xvo/c1SKiYALCfQpkhu4PoBc oUP8ktwUY6L/Ork4Hvj96xctlPdEn3fykyjGnC2KWpV+fblsoq3RYB8/qIfCF3L9 6Q65yao9RocTc0Z3vkNtH7vFQ2Lqzk4ju9+FKg28oolYb1JfXqtYcRFHmdf3P6+O vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17977721264699556730 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-17 09:49:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-10 12:52:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aspneumatics.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28921113796667900519369448250245175960227452786852363333227155259843117126702608395603331295425257936327450531430717763044290805613220120339321246145495778479550028861107289445370501364530700831344935370479426180176917900358423404925703140567720402023853474718833147623289397280417450713687003992486815403650108348162240175895485520088474926851742039320017417752440989537580925991139037937317240812537486398114339128304007344432101863836277541201138792282528490764365982239737530433416911769730682793607224682080988106585292956267492377854622282414019784407793781893045625511237773364070022118052816478534152865418941 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-623.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aspneumatics.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aspneumatics.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8db733cab949e08a7c6ee12b2b2c032e62a02bae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018aa28c017c0000040300473045022100fe87679b85b2411e4c3cb935400b4ce46ef7abb4334dba42591e0f47813eef2802206892da88e03f0ba9d703cc6072c86474c34581d795df04fd832f982022a49bd900750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018aa28c02750000040300463044022050cab5a0423ca80e7142ecdaf311a4ac64e31ebb710584e7c6d98e00f0b80ad1022064fa77273ed14ce3a89b267097ba99bf89bd10c479e78b89cf2f8fe7214db934007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018aa28c02d70000040300473045022100e704cd5b9e9cff4b404978e3250ea2c3cc55140af12da3ccce8092b1db3ed55302201c5f6c04607ef54d09b5d7d9ac2fde1902d5b4ee44ac609fcc8427710b31660d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0014fa9e7c778991e1d673164f84ff81d0c4dc7b4e68a2c1dc117e1b47cd0efcbd989ab2d156f9a696335bbd445e489bd6072bdf93f0b068b607384815caad57615933bec39c7a6b8cbf68f49cda09d111425b2d37445283b0449bde1592806b3a8aca771ec971f52146c33b0b6c4637af671f2f0b7ff3d2e3edf25164b930e482eeefce54bcbc57d49ab6268d940a76f698967af91bb7e9d0c595d13bf2daae034db4e75d40e9ddfc9016f79a1fac63d4012f3710d23db26ab18cedcbc3e34a7c06512b7cf4b55aed40a276b608fc0514d2f7b65b0eb49e8b7891dfb76d23164b45fef5b03ac0f920fde919f97eba175f6f1d06469938ef3e6d4aa936e06f3e88