*.shopnation.com

Issued by Amazon

About this certificate

This digital certificate with serial number 08:59:2e:a5:f9:7b:57:6f:e3:bc:45:74:6f:33:24:4c was issued on by Amazon.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.shopnation.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 08:59:2e:a5:f9:7b:57:6f:e3:bc:45:74:6f:33:24:4c
Serial Number (int): 11096884527388387703835066014322861132
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: c8:bf:12:9b:1b:ba:ca:21:15:e2:63:77:d6:6d:eb:6b:66:e7:ba:2f
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): df:c7:2f:e4:5b:cf:f6:0b:ba:7f:a3:8a:27:50:c6:8d:ad:16:9d:ec
Fingerprint (sha256): f2:df:66:e1:cc:b9:6e:b9:77:85:54:12:f8:68:bc:1c:da:24:9d:9a:5a:7b:8d:8f:a1:d7:46:fb:19:df:f9:18

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.shopnation.com

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.shopnation.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.shopnation.com
*.fitnessmagazine.com
*.qa3.shopnation.com
*.allrecipes.com
*.more.com
*.staging.shopnation.com
*.qa1.shopnation.com
*.qa2.shopnation.com
*.bhg.com
*.parents.com

Other certificates including the domain name shopnation.com

(limited to 100 certificates)
*.qa1.shopnation.com
assets.qa2.shopnation.com
images.qa.shopnation.com
assets.meredith.com
assets.qa1.shopnation.com
*.monitoring-es53.shopnation.com
assets.meredith.com
vfs-proxy.qa1.shopnation.com
ssl768224.cloudflaressl.com
*.shopnation.com
*.shopnation.com
*.shopnation.com
assets.meredith.com
*.qa2.shopnation.com
*.shopnation.com
images.prod.shopnation.com
*.qa1-es53.shopnation.com
images.prod.shopnation.com
assets.meredith.com
images.prod.shopnation.com
*.shopnation.com
ssl768223.cloudflaressl.com
*.qa2-es53.shopnation.com
*.staging.shopnation.com
assets.meredith.com
*.shopnation.com
assets.meredith.com
*.shopnation.com
images.prod.shopnation.com
*.shopnation.com
images.prod.shopnation.com
bhg-home.shopnation.com
images.prod.shopnation.com
assets.qa1.shopnation.com
images.prod.shopnation.com
assets.meredith.com
*.shopnation.com
images.prod.shopnation.com
*.shopnation.com
*.shopnation.com
images.qa.shopnation.com
*.shopnation.com
*.reports-es53.shopnation.com

Certificate

The complete raw certificate details for *.shopnation.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgIQCFkupfl7V2/jvEV0bzMkTDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTA3MDMwMDAwMDBaFw0yMjA4MDEy
MzU5NTlaMBsxGTAXBgNVBAMMECouc2hvcG5hdGlvbi5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQC38sOH4Lve7C9t5dc9VinIdYXXa5bYFiM0f3ci
tXggnbR54bNXpwzdRAcMtqWjKgmRCoT95Pi9bbE/6nICoMcQaGr8Nn6qJ8ufi5yA
OosrZJKyu18fpM+5weBbrO+Rglkh1saCh9Fy8O7ctphRw2uCu+C/KcyEcPDz3lU4
zwjkALDQmBgdERQb5yC1M5/CcUe6TY6LNR9iqo6DxrfQXrT1Hha7CQIOCxeEDi6b
KB4W3CO32pzuIKItWIPGJmUS7FEzp7ApFs3trWu+mJMbpOEysU/nhswut3xBRRpq
Sh72qBBcsFdRf5xM40HW/izsQN/YtFakp2Zr5ow0fosdSx+xAgMBAAGjggOYMIID
lDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUyL8S
mxu6yiEV4mN31m3ra2bnui8wgcgGA1UdEQSBwDCBvYIQKi5zaG9wbmF0aW9uLmNv
bYIVKi5maXRuZXNzbWFnYXppbmUuY29tghQqLnFhMy5zaG9wbmF0aW9uLmNvbYIQ
Ki5hbGxyZWNpcGVzLmNvbYIKKi5tb3JlLmNvbYIYKi5zdGFnaW5nLnNob3BuYXRp
b24uY29tghQqLnFhMS5zaG9wbmF0aW9uLmNvbYIUKi5xYTIuc2hvcG5hdGlvbi5j
b22CCSouYmhnLmNvbYINKi5wYXJlbnRzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDATBgNVHSAE
DDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6
Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDov
L2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQC
MAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2ACl5vvCeOTkh8FZzn2Old+W+
V32cYAr4+U1dJlwlXceEAAABemnx7tcAAAQDAEcwRQIgXeeiWOkJtbZoT1EdRNVK
momwfFCOvcyG4W32LL+lQfgCIQCsUlz4tv6QoTrjyei2yDlu8f3DtvZYV+jMJyeC
L4shJQB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABemnx7rsA
AAQDAEcwRQIhAN6FnGNkb5nMgMExfDoSlUhXtieWw9Ngm4bwUzu/SSULAiB9DhYZ
1W9A1IQi8d3+18PYKUU70X7nno8OkyQWNsjLYQB3AEHIyrHfIkZKEMahOglCh15O
MYsbA+vrS8do8JBilgb2AAABemnx7j4AAAQDAEgwRgIhAIiU/W5V+P1g25rXOFNB
yFi415SEqmKdqVdOu2IaK8zaAiEAhBv+DknoczxRTirFSUWHIug+SiCM71zpONHC
36YtuvMwDQYJKoZIhvcNAQELBQADggEBAKOZXF+sGb+SNRByMIQkeZ9WgWlE/lds
/CmZ4ky8e4KHuj454DrwEbu/0K43fdBTDVHY+xANyHI7ZJV9ysSMbVB7IL4Z1gC+
1iV9EGC9oPu6VcFYDkaWIvVRMVPKyioYRHn1S11zmP3dypI+GpARgpFPI2rwzEUK
nwVL6DIlG2Tcwk6oplKYHBbLiywt1dr6NfCtW5qGM/DCa6719XzGJySRX27vfHO6
cZm1MMgg2EPqH9f5mgtQo0pf7/inIJMiNxSiSbMrZTrdEdNhswMJIy4BKyWd5uPv
e89RQOcgLUaUGih1eRewxecvq3Lrfpwtse+awtdgccSBG4OBbaOD4dQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/LDh+C73uwvbeXXPVYp
yHWF12uW2BYjNH93IrV4IJ20eeGzV6cM3UQHDLaloyoJkQqE/eT4vW2xP+pyAqDH
EGhq/DZ+qifLn4ucgDqLK2SSsrtfH6TPucHgW6zvkYJZIdbGgofRcvDu3LaYUcNr
grvgvynMhHDw895VOM8I5ACw0JgYHREUG+cgtTOfwnFHuk2OizUfYqqOg8a30F60
9R4WuwkCDgsXhA4umygeFtwjt9qc7iCiLViDxiZlEuxRM6ewKRbN7a1rvpiTG6Th
MrFP54bMLrd8QUUaakoe9qgQXLBXUX+cTONB1v4s7EDf2LRWpKdma+aMNH6LHUsf
sQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11096884527388387703835066014322861132
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.shopnation.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23221321096365006165636515295568863769381708019496041099628709618575354864059093458369673696756979807049875571419495272187244275011709094702382482484628409267532554720351491496966084893924239817023916207094020069967519093776400528670590590406864447191874019269356371562125257207448223250529226561759466370900841668419691370725377941654086105462133630681003894237919855511248968439894579770223033918780097355830510054806143883602653180778873498828169476390195830815229856085925924506524082617630528199265211116417111536964349967666328854355297617702299821585403497322226424611477722039748274496376291408786893830823857
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c8bf129b1bbaca2115e26377d66deb6b66e7ba2f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (192 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fitnessmagazine.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa3.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.allrecipes.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.more.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa1.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qa2.shopnation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bhg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.parents.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017a69f1eed7000004030047304502205de7a258e909b5b6684f511d44d54a9a89b07c508ebdcc86e16df62cbfa541f8022100ac525cf8b6fe90a13ae3c9e8b6c8396ef1fdc3b6f65857e8cc2727822f8b212500760051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017a69f1eebb0000040300473045022100de859c63646f99cc80c1317c3a12954857b62796c3d3609b86f0533bbf49250b02207d0e1619d56f40d48422f1ddfed7c3d829453bd17ee79e8f0e93241636c8cb6100770041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017a69f1ee3e00000403004830460221008894fd6e55f8fd60db9ad7385341c858b8d79484aa629da9574ebb621a2bccda022100841bfe0e49e8733c514e2ac549458722e83e4a208cef5ce938d1c2dfa62dbaf3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a3995c5fac19bf92351072308424799f56816944fe576cfc2999e24cbc7b8287ba3e39e03af011bbbfd0ae377dd0530d51d8fb100dc8723b64957dcac48c6d507b20be19d600bed6257d1060bda0fbba55c1580e469622f5513153caca2a184479f54b5d7398fdddca923e1a901182914f236af0cc450a9f054be832251b64dcc24ea8a652981c16cb8b2c2dd5dafa35f0ad5b9a8633f0c26baef5f57cc62724915f6eef7c73ba7199b530c820d843ea1fd7f99a0b50a34a5feff8a72093223714a249b32b653add11d361b30309232e012b259de6e3ef7bcf5140e7202d46941a28757917b0c5e72fab72eb7e9c2db1ef9ac2d76071c4811b83816da383e1d4