www.chiesi.it
Issued by Actalis Domain Validation Server CA G3
About this certificate
This digital certificate with serial number 32:f3:bc:e6:b1:ac:29:91:1d:36:88:e8:56:bd:8c:53 was issued on by Actalis S.p.A..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.chiesi.it
Actalis S.p.A.
Organization:
Actalis S.p.A.
State / Province:
Bergamo
Locality: Ponte San Pietro
Country: IT
Locality: Ponte San Pietro
Country: IT
This certificate has expire since
Certificate Details
Serial Number (hex): 32:f3:bc:e6:b1:ac:29:91:1d:36:88:e8:56:bd:8c:53Serial Number (int): 67726959296339599827021114353353854035
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 6b:bd:83:15:37:d2:8d:1c:d5:18:b6:d5:77:b9:61:a1:f2:65:91:d5
AuthorityKeyId: 42:83:6d:80:7c:09:84:67:fd:80:57:ab:f1:26:f5:77:c8:22:82:71
Fingerprint (sha1): 61:55:8c:d0:f7:3b:e7:2e:61:26:5f:55:03:ed:4f:4e:0c:31:7b:40
Fingerprint (sha256): f2:93:f1:71:69:94:a4:f7:c9:9c:e7:65:87:aa:09:d9:1e:b6:d1:75:95:21:f5:1e:2a:33:f8:f1:ce:6d:da:94
Issuing Certificate URL: http://cacert.actalis.it/certs/actalis-autdvg3
Revocation information
OCSP Server: http://ocsp06.actalis.it/VA/AUTHDV-G3CRL Distribution Point: http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL
Check the revocation status for certificate www.chiesi.it
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.chiesi.it
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
chiesi.it
www.chiesi.it
www.chiesi.it
Other certificates including the domain name chiesi.it
(limited to 100 certificates)
www.chiesi.it
www.chiesi.it
intranet.chiesi.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
foryou.chiesi.it
incapsula.com
incapsula.com
incapsula.com
apps.chiesi.it
intranet.chiesi.com
incapsula.com
foryou.chiesi.it
www.chiesi.it
incapsula.com
incapsula.com
www.chiesi.it
foryou.chiesi.it
videoistruzioniduso.chiesi.it
intranet.chiesi.com
incapsula.com
incapsula.com
intranet.chiesi.com
foryou.chiesi.it
incapsula.com
incapsula.com
intranet.chiesi.com
incapsula.com
incapsula.com
foryou.chiesi.it
intranet.chiesi.com
foryou.chiesi.it
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
Intranet.chiesi.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
www.chiesi.it
www.chiesi.it
incapsula.com
incapsula.com
www.chiesi.it
Intranet.chiesi.com
foryou.chiesi.it
www.chiesi.it
intranet.chiesi.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
foryou.chiesi.it
incapsula.com
incapsula.com
incapsula.com
apps.chiesi.it
intranet.chiesi.com
incapsula.com
foryou.chiesi.it
www.chiesi.it
incapsula.com
incapsula.com
www.chiesi.it
foryou.chiesi.it
videoistruzioniduso.chiesi.it
intranet.chiesi.com
incapsula.com
incapsula.com
intranet.chiesi.com
foryou.chiesi.it
incapsula.com
incapsula.com
intranet.chiesi.com
incapsula.com
incapsula.com
foryou.chiesi.it
intranet.chiesi.com
foryou.chiesi.it
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
Intranet.chiesi.com
incapsula.com
incapsula.com
incapsula.com
incapsula.com
www.chiesi.it
www.chiesi.it
incapsula.com
incapsula.com
www.chiesi.it
Intranet.chiesi.com
foryou.chiesi.it
Certificate
The complete raw certificate details for www.chiesi.it in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHbTCCBVWgAwIBAgIQMvO85rGsKZEdNojoVr2MUzANBgkqhkiG9w0BAQsFADCB hDELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMS8wLQYDVQQDDCZB Y3RhbGlzIERvbWFpbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBHMzAeFw0yMjA3MTEx MjAzMjdaFw0yMzA3MDcxMzAxMjdaMBgxFjAUBgNVBAMMDXd3dy5jaGllc2kuaXQw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFeMEqzmKuq3hVFcj0sHhx NF1Bq9TIsTwM3TwZwSkcGEqD41oakGtqZcx/mlZ/odW5aQ5HYdRqJ9ywfXln77Vn GPorsfPgjX/+MvRFuUYuGidce9RB4pno6a3gmV1xt2Hdw5s/eCOaGpf52SjVctEP FTb8SeStwuCXcExDRH5e3+lxfJPmEtQ71b2CPp6YMeIIEnr1s8WAVePXGn3EoWuE 6cob7/aNa8ANqYdzowpst+CjcMITz5I9JdpayYTze09j0nCe5pYPnrYXlHruzTH6 hV/HGuFklpWugOXuy/FlRdi3KcUsGBA7zJDiFGPh8enqZgLzJhQ7qvhAwnGmf0Pz AgMBAAGjggNEMIIDQDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFEKDbYB8CYRn /YBXq/Em9XfIIoJxMH0GCCsGAQUFBwEBBHEwbzA6BggrBgEFBQcwAoYuaHR0cDov L2NhY2VydC5hY3RhbGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0ZHZnMzAxBggrBgEF BQcwAYYlaHR0cDovL29jc3AwNi5hY3RhbGlzLml0L1ZBL0FVVEhEVi1HMzAjBgNV HREEHDAaggljaGllc2kuaXSCDXd3dy5jaGllc2kuaXQwUQYDVR0gBEowSDA8BgYr gR8BFgEwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVh LWRvd25sb2FkMAgGBmeBDAECATAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH AwEwSAYDVR0fBEEwPzA9oDugOYY3aHR0cDovL2NybDA2LmFjdGFsaXMuaXQvUmVw b3NpdG9yeS9BVVRIRFYtRzMvZ2V0TGFzdENSTDAdBgNVHQ4EFgQUa72DFTfSjRzV GLbVd7lhofJlkdUwDgYDVR0PAQH/BAQDAgWgMIIBfgYKKwYBBAHWeQIEAgSCAW4E ggFqAWgAdwCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYHtLc4f AAAEAwBIMEYCIQCt2CptEWWJEiIYlWzrlC4+Mz9VOIptLYlojyG0j/Dh4wIhAL13 KgKTEY1OXIK3LFnJAiVlv1CyyLP6l8+e8TTyD8qHAHYAejKMVNi3LbYg6jjgUh7p hBZwMhOFTTvSK8E6V6NS61IAAAGB7S3OPgAABAMARzBFAiEAkI9RIIiIkWBoly8a F7x3cw3M3NUWOV+73EwqjvLIwhYCIHp2OtpyM4/WN6cLHplg1z3NMoApo8M2g921 oLEKo7xsAHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAGB7S3O uQAABAMARjBEAiB5kwuyDFuw9uZpkrzaciZlk5TfXjTJywQ7AQa4qumXQwIgRjh+ uCMo+An+pwdaziqzo3ohQordnSZEu4uKO1YG4vgwDQYJKoZIhvcNAQELBQADggIB ABBbsbybUNRsXmTqjbabwKNdLXENAa1C4x8Xf8jyLfns5pkc9TUytmhDdj0bqXcW gLSn+ZVWWiCiczYQWbaYONwNSek+wbrSSJxWWRVnqJRxKu9dhmPJqyW9I7ImXlYk D8sOauLDZ+F5ZhYO5aZoUAon1I2wiWdWlnThKvHm1NtXxvC28WYWGMFzkrwBaMNh 2ois+W8gQkk1EiFC6KqgJWJnXYv15VPvuZVr6bBfchS5XQAQPKp7jJwbfOcCwaog HF2uvwhBOxiOAarN4ZojTEiEjXXLElYMx6CRazmZwN4ftK09c0SPe6fTcWTx3P9s 5v+qLalD/huOk0RSKkPaNGFKhcgDGD1sLiMuLJhzvmMVIB4QnhMmtgyZrffW8fzG cf/C5X9fVdrsHyUNiDnIHb3teDsjLpyIRWdRoD/wcGnsYMLKU44iGOPjPYCduf9v tLJdrjh77NEjX81NBua9PHr+iL7YVIeWHMki2Bzyt689pBKfiOQYEE5NMCBDm+s6 EPZtKtd3/wvaT4hf5GuHmRGHn3LdrYaglxRrTL42lIfFjh3wk9EPLb/kJgcEeO4K Lh4FII12St0TCsT8WZLugFuPQKxXMYta6+EzaASvbUJ5mn6JqtIeU/GvPAdbCUVA ucoJ0edbDMzaRYYe1fA8DIg4yfT87ylN4I5o/j7r5dvG -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXjBKs5irqt4VRXI9LB4 cTRdQavUyLE8DN08GcEpHBhKg+NaGpBramXMf5pWf6HVuWkOR2HUaifcsH15Z++1 Zxj6K7Hz4I1//jL0RblGLhonXHvUQeKZ6Omt4Jldcbdh3cObP3gjmhqX+dko1XLR DxU2/EnkrcLgl3BMQ0R+Xt/pcXyT5hLUO9W9gj6emDHiCBJ69bPFgFXj1xp9xKFr hOnKG+/2jWvADamHc6MKbLfgo3DCE8+SPSXaWsmE83tPY9JwnuaWD562F5R67s0x +oVfxxrhZJaVroDl7svxZUXYtynFLBgQO8yQ4hRj4fHp6mYC8yYUO6r4QMJxpn9D 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 67726959296339599827021114353353854035 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bergamo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ponte San Pietro' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis S.p.A.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Actalis Domain Validation Server CA G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-11 12:03:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-07 13:01:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.chiesi.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16849240853056847759285409952785588789428075047960424530993670983033047535425766186541676216677866444452168076671325756831733631824882676729188592818467770207271165205872228671377215958703272137704929217433603844682976223043805863268638274094051768301653178331434468290213266703639930461372054968908916511961662711839865171506744843971711665692869204107553969866288952025351888413342621829409903832692530422859751856227719746226849421393884559548184643980580751439337909036393456767645987584854376230151598145980377129339172063468071800688513229382017257707445384297363403766489256875061540451687422052770717066281971 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 42836d807c098467fd8057abf126f577c8228271 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacert.actalis.it/certs/actalis-autdvg3' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp06.actalis.it/VA/AUTHDV-G3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chiesi.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chiesi.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.159.1.22.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.actalis.it/area-download' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6bbd831537d28d1cd518b6d577b961a1f26591d5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000181ed2dce1f0000040300483046022100add82a6d116589122218956ceb942e3e333f55388a6d2d89688f21b48ff0e1e3022100bd772a0293118d4e5c82b72c59c9022565bf50b2c8b3fa97cf9ef134f20fca870076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000181ed2dce3e0000040300473045022100908f51208888916068972f1a17bc77730dccdcd516395fbbdc4c2a8ef2c8c21602207a763ada72338fd637a70b1e9960d73dcd328029a3c33683ddb5a0b10aa3bc6c0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000181ed2dceb90000040300463044022079930bb20c5bb0f6e66992bcda7226659394df5e34c9cb043b0106b8aae99743022046387eb82328f809fea7075ace2ab3a37a21428add9d2644bb8b8a3b5606e2f8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00105bb1bc9b50d46c5e64ea8db69bc0a35d2d710d01ad42e31f177fc8f22df9ece6991cf53532b66843763d1ba9771680b4a7f995565a20a273361059b69838dc0d49e93ec1bad2489c56591567a894712aef5d8663c9ab25bd23b2265e56240fcb0e6ae2c367e17966160ee5a668500a27d48db08967569674e12af1e6d4db57c6f0b6f1661618c17392bc0168c361da88acf96f20424935122142e8aaa02562675d8bf5e553efb9956be9b05f7214b95d00103caa7b8c9c1b7ce702c1aa201c5daebf08413b188e01aacde19a234c48848d75cb12560cc7a0916b3999c0de1fb4ad3d73448f7ba7d37164f1dcff6ce6ffaa2da943fe1b8e9344522a43da34614a85c803183d6c2e232e2c9873be6315201e109e1326b60c99adf7d6f1fcc671ffc2e57f5f55daec1f250d8839c81dbded783b232e9c88456751a03ff07069ec60c2ca538e2218e3e33d809db9ff6fb4b25dae387becd1235fcd4d06e6bd3c7afe88bed85487961cc922d81cf2b7af3da4129f88e418104e4d3020439beb3a10f66d2ad777ff0bda4f885fe46b879911879f72ddad86a097146b4cbe369487c58e1df093d10f2dbfe426070478ee0a2e1e05208d764add130ac4fc5992ee805b8f40ac57318b5aebe1336804af6d42799a7e89aad21e53f1af3c075b094540b9ca09d1e75b0cccda45861ed5f03c0c8838c9f4fcef294de08e68fe3eebe5dbc6