www.sasfoundation.org

Issued by R3

About this certificate

This digital certificate with serial number 04:3e:51:f1:94:28:0f:4a:1d:a1:0b:d0:7d:0b:7e:38:d7:6b was issued on by Let's Encrypt.

With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.sasfoundation.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:3e:51:f1:94:28:0f:4a:1d:a1:0b:d0:7d:0b:7e:38:d7:6b
Serial Number (int): 369655572292311136116983680915827913709419
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 03:29:dc:32:54:82:e4:a0:d0:07:a5:ff:dd:e9:80:84:ab:99:ef:a5
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 83:ab:21:96:f0:fc:53:62:72:5a:e5:1f:e3:54:6c:59:8c:d2:c3:75
Fingerprint (sha256): f0:b6:6e:e7:48:73:dd:a3:a4:40:d7:33:f1:31:ba:ea:be:02:93:e6:1f:4e:22:14:4e:e7:cd:21:95:2d:4f:e4

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.sasfoundation.org

18

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.sasfoundation.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

100history.com
aburrido.org
allsnews.com
beachparkeventcenter.net
corpuschristibuilders.com
dalesky.com
drinksthatshrinkyourbelly.com
fiftystateshalfmarathonclub.com
flippingheavyequipment.com
healthyhomepainters.com
maxsimo.com
medicarebyzipcode.com
nutreation.com
oils.linsadair.com
paolita.com
petcitis.net
russellspoint.com
www.sasfoundation.org

Other certificates including the domain name sasfoundation.org

(limited to 100 certificates)
sasfoundation.org
macwizard.org
sasfoundation.org
norwoodcastings.ca
www.xn--z8h.gg
sasfoundation.org
www.sasfoundation.org
euroverse.org
enerpactoolgroup.asia
www.sasfoundation.org
thebuildersshow.com.cheeselam.org
www.sasfoundation.org
sasfoundation.org
sasfoundation.org
www.sasfoundation.org
hydratight.ca

Certificate

The complete raw certificate details for www.sasfoundation.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGVjCCBT6gAwIBAgISBD5R8ZQoD0odoQvQfQt+ONdrMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTgxMTEzMjlaFw0yNDA1MTgxMTEzMjhaMCAxHjAcBgNVBAMT
FXd3dy5zYXNmb3VuZGF0aW9uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBALXRosaRcAhVe1xV4//zJvQeBxuKO4fUkyorZo/yDo/wC1JUdMPRt0ca
gkQt1CdoQndlg4uz+oDAPsZt4Y2xEBjKV6F55qTfEbRtfXcJfkGTIDQyExFLHXEx
nxBLhVsmEqZTrdVFVv/gpvRt+Qqf6qanFNtYME/59d4kfzY0zW1Zp+9NW6LKRCBi
SFDg0EX4oOnNmX6rbv2Q+1gqK/gu/Yi/Kt+CNR8xKCyLO/cnyNOqtXkhkCkuyECa
E8OoSOYmUZoAOFbeH3RqIms8u0NyEsRAR7LuNIqA0wKASPfiURoWsKEpUyqVPxpj
58yUAfIN4xkqg1IOMdl0MppplCVU4NUCAwEAAaOCA3YwggNyMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADAdBgNVHQ4EFgQUAyncMlSC5KDQB6X/3emAhKuZ76UwHwYDVR0jBBgwFoAUFC6z
F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo
dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl
bmNyLm9yZy8wggF9BgNVHREEggF0MIIBcIIOMTAwaGlzdG9yeS5jb22CDGFidXJy
aWRvLm9yZ4IMYWxsc25ld3MuY29tghhiZWFjaHBhcmtldmVudGNlbnRlci5uZXSC
GWNvcnB1c2NocmlzdGlidWlsZGVycy5jb22CC2RhbGVza3kuY29tgh1kcmlua3N0
aGF0c2hyaW5reW91cmJlbGx5LmNvbYIfZmlmdHlzdGF0ZXNoYWxmbWFyYXRob25j
bHViLmNvbYIaZmxpcHBpbmdoZWF2eWVxdWlwbWVudC5jb22CF2hlYWx0aHlob21l
cGFpbnRlcnMuY29tggttYXhzaW1vLmNvbYIVbWVkaWNhcmVieXppcGNvZGUuY29t
gg5udXRyZWF0aW9uLmNvbYISb2lscy5saW5zYWRhaXIuY29tggtwYW9saXRhLmNv
bYIMcGV0Y2l0aXMubmV0ghFydXNzZWxsc3BvaW50LmNvbYIVd3d3LnNhc2ZvdW5k
YXRpb24ub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNvCK+
6QAABAMARzBFAiEArvLCVYxS31ydTNsqssoBN8RJlBKtMn3O9ak8wwJuvDACIAPN
0ZrHa6NN+dJNc0ZYJmUvW9DYDI3qGX/A1S2tkXwNAHYAdv+IPwq2+5VRwmHM9Ye6
NLSkzbsp3GhCCp/mZ0xaOnQAAAGNvCK/MwAABAMARzBFAiEAk9/LJdqqwYIyi45Z
PMNVSkUxmt2N2F8/5mzbPRTcQBMCIEEma1KHqzrDEv03lgHPmy5bUL/MsMsCx/+G
5zuC6BbHMA0GCSqGSIb3DQEBCwUAA4IBAQAxdBeikZ2K0dRMKGf1Dq1XyXUJdCLH
tEhta2+JMIRqVv/cZSPCiFRD7UdvjtkB14RMAf0bLwsE1Xm7TRDQkjZLh3fq2e0D
qFkj1fF0pzjt1DHjQhvKdyktc0BbcN988+OPIItImLmf4BAGw8ttfe9hkLeKsEBE
yBG+J7o/ljI7Lx89/QstuByNo8eh/1NBTrXT47Qtmv3jTII+Vl+gPP3GonUYU7dY
JMVfRlk3xdKGDHIxgilwTE9Jd5gZ35Ax7P9IA/oaOKJftkuwGZmE5iONbFYysRL9
g0k8Iwe3R0t3o4XAtJZ+/u0P+1x5m4NKtAb04akCAd01YSyc8B5SW/V+
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdGixpFwCFV7XFXj//Mm
9B4HG4o7h9STKitmj/IOj/ALUlR0w9G3RxqCRC3UJ2hCd2WDi7P6gMA+xm3hjbEQ
GMpXoXnmpN8RtG19dwl+QZMgNDITEUsdcTGfEEuFWyYSplOt1UVW/+Cm9G35Cp/q
pqcU21gwT/n13iR/NjTNbVmn701bospEIGJIUODQRfig6c2Zfqtu/ZD7WCor+C79
iL8q34I1HzEoLIs79yfI06q1eSGQKS7IQJoTw6hI5iZRmgA4Vt4fdGoiazy7Q3IS
xEBHsu40ioDTAoBI9+JRGhawoSlTKpU/GmPnzJQB8g3jGSqDUg4x2XQymmmUJVTg
1QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 369655572292311136116983680915827913709419
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-18 11:13:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-18 11:13:28 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sasfoundation.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22952508485598184841579769929107026728232912709444526970093528863427230033783429205944278236528286169015339960115917562560598451194208122462386749645869394059669371248661635737187169609306801904219268805662462520959012293878342498950178794164833309686329416635298350799852979188982954543133267854354919168895549287486536891443599125763085152381033074095444243836862229249744768095891230939881083688931314155744942438441193498763549895342477413667892061754987166920623029248143198477244926894453536560012536363791311733310747122287434566182479787969500416867434413872493406375648820753755843128837492883479000511733973
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0329dc325482e4a0d007a5ffdde98084ab99efa5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (372 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '100history.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aburrido.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'allsnews.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beachparkeventcenter.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpuschristibuilders.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dalesky.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drinksthatshrinkyourbelly.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fiftystateshalfmarathonclub.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flippingheavyequipment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthyhomepainters.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maxsimo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medicarebyzipcode.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nutreation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oils.linsadair.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paolita.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'petcitis.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'russellspoint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sasfoundation.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dbc22bee90000040300473045022100aef2c2558c52df5c9d4cdb2ab2ca0137c4499412ad327dcef5a93cc3026ebc30022003cdd19ac76ba34df9d24d73465826652f5bd0d80c8dea197fc0d52dad917c0d00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018dbc22bf33000004030047304502210093dfcb25daaac182328b8e593cc3554a45319add8dd85f3fe66cdb3d14dc4013022041266b5287ab3ac312fd379601cf9b2e5b50bfccb0cb02c7ff86e73b82e816c7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00317417a2919d8ad1d44c2867f50ead57c975097422c7b4486d6b6f8930846a56ffdc6523c2885443ed476f8ed901d7844c01fd1b2f0b04d579bb4d10d092364b8777ead9ed03a85923d5f174a738edd431e3421bca77292d73405b70df7cf3e38f208b4898b99fe01006c3cb6d7def6190b78ab04044c811be27ba3f96323b2f1f3dfd0b2db81c8da3c7a1ff53414eb5d3e3b42d9afde34c823e565fa03cfdc6a2751853b75824c55f465937c5d2860c72318229704c4f49779819df9031ecff4803fa1a38a25fb64bb0199984e6238d6c5632b112fd83493c2307b7474b77a385c0b4967efeed0ffb5c799b834ab406f4e1a90201dd35612c9cf01e525bf57e