www.sasfoundation.org
Issued by R3
About this certificate
This digital certificate with serial number 04:3e:51:f1:94:28:0f:4a:1d:a1:0b:d0:7d:0b:7e:38:d7:6b was issued on by Let's Encrypt.
With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.sasfoundation.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:3e:51:f1:94:28:0f:4a:1d:a1:0b:d0:7d:0b:7e:38:d7:6bSerial Number (int): 369655572292311136116983680915827913709419
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 03:29:dc:32:54:82:e4:a0:d0:07:a5:ff:dd:e9:80:84:ab:99:ef:a5
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 83:ab:21:96:f0:fc:53:62:72:5a:e5:1f:e3:54:6c:59:8c:d2:c3:75
Fingerprint (sha256): f0:b6:6e:e7:48:73:dd:a3:a4:40:d7:33:f1:31:ba:ea:be:02:93:e6:1f:4e:22:14:4e:e7:cd:21:95:2d:4f:e4
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.sasfoundation.org
18
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.sasfoundation.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
100history.com
aburrido.org
allsnews.com
beachparkeventcenter.net
corpuschristibuilders.com
dalesky.com
drinksthatshrinkyourbelly.com
fiftystateshalfmarathonclub.com
flippingheavyequipment.com
healthyhomepainters.com
maxsimo.com
medicarebyzipcode.com
nutreation.com
oils.linsadair.com
paolita.com
petcitis.net
russellspoint.com
www.sasfoundation.org
aburrido.org
allsnews.com
beachparkeventcenter.net
corpuschristibuilders.com
dalesky.com
drinksthatshrinkyourbelly.com
fiftystateshalfmarathonclub.com
flippingheavyequipment.com
healthyhomepainters.com
maxsimo.com
medicarebyzipcode.com
nutreation.com
oils.linsadair.com
paolita.com
petcitis.net
russellspoint.com
www.sasfoundation.org
Other certificates including the domain name sasfoundation.org
(limited to 100 certificates)
sasfoundation.org
macwizard.org
sasfoundation.org
norwoodcastings.ca
www.xn--z8h.gg
sasfoundation.org
www.sasfoundation.org
euroverse.org
enerpactoolgroup.asia
www.sasfoundation.org
thebuildersshow.com.cheeselam.org
www.sasfoundation.org
sasfoundation.org
sasfoundation.org
www.sasfoundation.org
hydratight.ca
macwizard.org
sasfoundation.org
norwoodcastings.ca
www.xn--z8h.gg
sasfoundation.org
www.sasfoundation.org
euroverse.org
enerpactoolgroup.asia
www.sasfoundation.org
thebuildersshow.com.cheeselam.org
www.sasfoundation.org
sasfoundation.org
sasfoundation.org
www.sasfoundation.org
hydratight.ca
Certificate
The complete raw certificate details for www.sasfoundation.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVjCCBT6gAwIBAgISBD5R8ZQoD0odoQvQfQt+ONdrMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMTgxMTEzMjlaFw0yNDA1MTgxMTEzMjhaMCAxHjAcBgNVBAMT FXd3dy5zYXNmb3VuZGF0aW9uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBALXRosaRcAhVe1xV4//zJvQeBxuKO4fUkyorZo/yDo/wC1JUdMPRt0ca gkQt1CdoQndlg4uz+oDAPsZt4Y2xEBjKV6F55qTfEbRtfXcJfkGTIDQyExFLHXEx nxBLhVsmEqZTrdVFVv/gpvRt+Qqf6qanFNtYME/59d4kfzY0zW1Zp+9NW6LKRCBi SFDg0EX4oOnNmX6rbv2Q+1gqK/gu/Yi/Kt+CNR8xKCyLO/cnyNOqtXkhkCkuyECa E8OoSOYmUZoAOFbeH3RqIms8u0NyEsRAR7LuNIqA0wKASPfiURoWsKEpUyqVPxpj 58yUAfIN4xkqg1IOMdl0MppplCVU4NUCAwEAAaOCA3YwggNyMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUAyncMlSC5KDQB6X/3emAhKuZ76UwHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wggF9BgNVHREEggF0MIIBcIIOMTAwaGlzdG9yeS5jb22CDGFidXJy aWRvLm9yZ4IMYWxsc25ld3MuY29tghhiZWFjaHBhcmtldmVudGNlbnRlci5uZXSC GWNvcnB1c2NocmlzdGlidWlsZGVycy5jb22CC2RhbGVza3kuY29tgh1kcmlua3N0 aGF0c2hyaW5reW91cmJlbGx5LmNvbYIfZmlmdHlzdGF0ZXNoYWxmbWFyYXRob25j bHViLmNvbYIaZmxpcHBpbmdoZWF2eWVxdWlwbWVudC5jb22CF2hlYWx0aHlob21l cGFpbnRlcnMuY29tggttYXhzaW1vLmNvbYIVbWVkaWNhcmVieXppcGNvZGUuY29t gg5udXRyZWF0aW9uLmNvbYISb2lscy5saW5zYWRhaXIuY29tggtwYW9saXRhLmNv bYIMcGV0Y2l0aXMubmV0ghFydXNzZWxsc3BvaW50LmNvbYIVd3d3LnNhc2ZvdW5k YXRpb24ub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB 9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNvCK+ 6QAABAMARzBFAiEArvLCVYxS31ydTNsqssoBN8RJlBKtMn3O9ak8wwJuvDACIAPN 0ZrHa6NN+dJNc0ZYJmUvW9DYDI3qGX/A1S2tkXwNAHYAdv+IPwq2+5VRwmHM9Ye6 NLSkzbsp3GhCCp/mZ0xaOnQAAAGNvCK/MwAABAMARzBFAiEAk9/LJdqqwYIyi45Z PMNVSkUxmt2N2F8/5mzbPRTcQBMCIEEma1KHqzrDEv03lgHPmy5bUL/MsMsCx/+G 5zuC6BbHMA0GCSqGSIb3DQEBCwUAA4IBAQAxdBeikZ2K0dRMKGf1Dq1XyXUJdCLH tEhta2+JMIRqVv/cZSPCiFRD7UdvjtkB14RMAf0bLwsE1Xm7TRDQkjZLh3fq2e0D qFkj1fF0pzjt1DHjQhvKdyktc0BbcN988+OPIItImLmf4BAGw8ttfe9hkLeKsEBE yBG+J7o/ljI7Lx89/QstuByNo8eh/1NBTrXT47Qtmv3jTII+Vl+gPP3GonUYU7dY JMVfRlk3xdKGDHIxgilwTE9Jd5gZ35Ax7P9IA/oaOKJftkuwGZmE5iONbFYysRL9 g0k8Iwe3R0t3o4XAtJZ+/u0P+1x5m4NKtAb04akCAd01YSyc8B5SW/V+ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdGixpFwCFV7XFXj//Mm 9B4HG4o7h9STKitmj/IOj/ALUlR0w9G3RxqCRC3UJ2hCd2WDi7P6gMA+xm3hjbEQ GMpXoXnmpN8RtG19dwl+QZMgNDITEUsdcTGfEEuFWyYSplOt1UVW/+Cm9G35Cp/q pqcU21gwT/n13iR/NjTNbVmn701bospEIGJIUODQRfig6c2Zfqtu/ZD7WCor+C79 iL8q34I1HzEoLIs79yfI06q1eSGQKS7IQJoTw6hI5iZRmgA4Vt4fdGoiazy7Q3IS xEBHsu40ioDTAoBI9+JRGhawoSlTKpU/GmPnzJQB8g3jGSqDUg4x2XQymmmUJVTg 1QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 369655572292311136116983680915827913709419 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-18 11:13:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-18 11:13:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sasfoundation.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22952508485598184841579769929107026728232912709444526970093528863427230033783429205944278236528286169015339960115917562560598451194208122462386749645869394059669371248661635737187169609306801904219268805662462520959012293878342498950178794164833309686329416635298350799852979188982954543133267854354919168895549287486536891443599125763085152381033074095444243836862229249744768095891230939881083688931314155744942438441193498763549895342477413667892061754987166920623029248143198477244926894453536560012536363791311733310747122287434566182479787969500416867434413872493406375648820753755843128837492883479000511733973 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0329dc325482e4a0d007a5ffdde98084ab99efa5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (372 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '100history.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aburrido.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'allsnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beachparkeventcenter.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpuschristibuilders.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dalesky.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drinksthatshrinkyourbelly.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fiftystateshalfmarathonclub.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flippingheavyequipment.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthyhomepainters.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maxsimo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medicarebyzipcode.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nutreation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oils.linsadair.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paolita.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'petcitis.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'russellspoint.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sasfoundation.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018dbc22bee90000040300473045022100aef2c2558c52df5c9d4cdb2ab2ca0137c4499412ad327dcef5a93cc3026ebc30022003cdd19ac76ba34df9d24d73465826652f5bd0d80c8dea197fc0d52dad917c0d00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018dbc22bf33000004030047304502210093dfcb25daaac182328b8e593cc3554a45319add8dd85f3fe66cdb3d14dc4013022041266b5287ab3ac312fd379601cf9b2e5b50bfccb0cb02c7ff86e73b82e816c7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00317417a2919d8ad1d44c2867f50ead57c975097422c7b4486d6b6f8930846a56ffdc6523c2885443ed476f8ed901d7844c01fd1b2f0b04d579bb4d10d092364b8777ead9ed03a85923d5f174a738edd431e3421bca77292d73405b70df7cf3e38f208b4898b99fe01006c3cb6d7def6190b78ab04044c811be27ba3f96323b2f1f3dfd0b2db81c8da3c7a1ff53414eb5d3e3b42d9afde34c823e565fa03cfdc6a2751853b75824c55f465937c5d2860c72318229704c4f49779819df9031ecff4803fa1a38a25fb64bb0199984e6238d6c5632b112fd83493c2307b7474b77a385c0b4967efeed0ffb5c799b834ab406f4e1a90201dd35612c9cf01e525bf57e