www.mrlightonline.com
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number fd:4a:8e:23:24:91:4c:4a was issued on by GoDaddy.com, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.mrlightonline.com
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): fd:4a:8e:23:24:91:4c:4aSerial Number (int): 18251556721460857930
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: f1:a4:16:4b:41:9d:6d:7c:71:4a:eb:1b:d4:52:72:71:48:03:ed:0e
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): 70:b0:b5:aa:92:7d:81:d3:5b:07:d9:c7:aa:bc:56:87:60:3f:29:d1
Fingerprint (sha256): f7:2e:76:8c:0e:f0:4a:15:a2:29:0d:0c:e1:de:fc:d8:74:af:a3:e2:54:06:08:bb:8c:b1:d0:da:43:11:3a:64
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-21297.crl
Check the revocation status for certificate www.mrlightonline.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.mrlightonline.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.mrlightonline.com
mrlightonline.com
mrlightonline.com
Other certificates including the domain name mrlightonline.com
(limited to 100 certificates)
clientpay.cndcoh.org
books.stealthit.ca
billing.robsonsupport.com
account.iskraint.com
books.buildfloor.in
mlmef.mrlightonline.com
my.ssdweb.in
billing.swyftlight.com
mlmef.mrlightonline.com
ses.shivangtools.com
mlmef.mrlightonline.com
clients.murias.com
books.bioxstem.com
billing.4jawaly.com
billing.creativebusinesslabs.com
billing.swyftlight.com
billing.creativebusinesslabs.com
books.comcapfl.com
billing.xylemacademy.com
billing.swyftlight.com
www.mrlightonline.com
books.buildfloor.in
books.stealthit.ca
billing.robsonsupport.com
account.iskraint.com
books.buildfloor.in
mlmef.mrlightonline.com
my.ssdweb.in
billing.swyftlight.com
mlmef.mrlightonline.com
ses.shivangtools.com
mlmef.mrlightonline.com
clients.murias.com
books.bioxstem.com
billing.4jawaly.com
billing.creativebusinesslabs.com
billing.swyftlight.com
billing.creativebusinesslabs.com
books.comcapfl.com
billing.xylemacademy.com
billing.swyftlight.com
www.mrlightonline.com
books.buildfloor.in
Certificate
The complete raw certificate details for www.mrlightonline.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGpTCCBY2gAwIBAgIJAP1KjiMkkUxKMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MDUxMTA4MzQxNloX DTI1MDUxMTA4MzQxNlowIDEeMBwGA1UEAxMVd3d3Lm1ybGlnaHRvbmxpbmUuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxQXSoHqAeoyaPNX2ilT HN3ZT+Rm8zfjEyaIQjGarm0bxdAmpxQn2L4DZ1iyzMN1yWMYXOehjCOrlrvFJYY0 mXXBOhdwCX7Oyi4oUS2OoBgayUSw4AY/A8dfQNlwH1Nvf34sZclbwwOlynVM/zvD 3ybnxQub0y8O7B10zskaW7fknEg6Af6x6yLZU2EwfmsIj1qyHI3VTPUrXhFJUEeg Q8h7yTMLn8pUgXixu48z9xhpQO1W82GhA4s//x1v9nN8i2Ex0WVvm840UBlmbKNr mNgwo7lIEM1Rbs69ZNqKJFAXW6fQJV6aWaQeJpKq+k3GdHSP8rfKL09F9l/HGn/F 8wIDAQABo4IDSzCCA0cwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDkGA1UdHwQyMDAwLqAsoCqGKGh0 dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMS0yMTI5Ny5jcmwwXQYDVR0gBFYw VDBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNh dGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcB AQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggr BgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0 b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAz BgNVHREELDAqghV3d3cubXJsaWdodG9ubGluZS5jb22CEW1ybGlnaHRvbmxpbmUu Y29tMB0GA1UdDgQWBBTxpBZLQZ1tfHFK6xvUUnJxSAPtDjCCAX8GCisGAQQB1nkC BAIEggFvBIIBawFpAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8A AAGPZsneogAABAMARzBFAiBpuRdu9L1sunTWjni+UgN2jHqUtEH0IXKeMnxMv0PO ZAIhAObWJz8KbscHEePKHgCiycqo5lM6xOAlr6i9I8X59/WHAHcAfVkeEuF4Knsc YWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGPZsnfrAAABAMASDBGAiEA1vSsPEDr 8Rxj2lgEx7EojqSBGvyJkopIgViJav8UQXYCIQD2gAMQpcq+RMTwL0YaRZU6QfRj LPSjq9KXDO4ogg6rqwB2AMz7D2qFcQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2w AAABj2bJ4DMAAAQDAEcwRQIgKg1LorcdJbw1SKPbF0PGfLX2tOairD4hmukFlaxj s28CIQCj8FyWs9gnTRpfsEgfpYJJhVBWnx/OtYqdRftOt7uOHjANBgkqhkiG9w0B AQsFAAOCAQEAoiqnt0+sJNdcSbOOdDhuTeyjFGvCVDbCvUpLIkY6dDQjOQMiHtJ6 v2kaW2Kb2a8xGT3WhXa04vLbk/HyoaoD9p/m4gEF6PGcZBjtG2cIPmr/k1YuTjyP CZNkua1oLWeT8WIRjPc5Moa6G4u6Zof1msK6hfi5K+9J46V0MIZj2HkpEt0aG8eA +ewfvn18RNzFBQzOrQVi886gmTygJWpHILbASo2jlAptTLc2p5EjrYC+gCdLMNsS 4ZCRiDelRFPPx+O3WNDX1DIkL+0ZABwcQHVASd9VWs+rNVZ661TMK2nzKXIHM+eb LaAlAV3dBxsOLQwjpm6VLk1l0x2n5MaOzA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxQXSoHqAeoyaPNX2ilT HN3ZT+Rm8zfjEyaIQjGarm0bxdAmpxQn2L4DZ1iyzMN1yWMYXOehjCOrlrvFJYY0 mXXBOhdwCX7Oyi4oUS2OoBgayUSw4AY/A8dfQNlwH1Nvf34sZclbwwOlynVM/zvD 3ybnxQub0y8O7B10zskaW7fknEg6Af6x6yLZU2EwfmsIj1qyHI3VTPUrXhFJUEeg Q8h7yTMLn8pUgXixu48z9xhpQO1W82GhA4s//x1v9nN8i2Ex0WVvm840UBlmbKNr mNgwo7lIEM1Rbs69ZNqKJFAXW6fQJV6aWaQeJpKq+k3GdHSP8rfKL09F9l/HGn/F 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18251556721460857930 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-11 08:34:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-11 08:34:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.mrlightonline.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19071891281677932180770203155884623626511051170340722444287774053550326092612890578445464888340585848400743567967874650905378654151677775040291606280023334167002886744059483756672331492821334945954813859321706678602037223816846211532246474505526492395993200865800786345673724782554857629732356302867681104098692017850961409042840525441311211739974201867901462906362415531647836494346403680380476182842820702760626685865168490132040453226652658679764448499710265455771090704548945002054215769795574805844592328179840916543972096451104999355963099406100104650211699913361374719152849187515940031000178020701422793770483 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-21297.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mrlightonline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mrlightonline.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f1a4164b419d6d7c714aeb1bd45272714803ed0e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f66c9dea20000040300473045022069b9176ef4bd6cba74d68e78be5203768c7a94b441f421729e327c4cbf43ce64022100e6d6273f0a6ec70711e3ca1e00a2c9caa8e6533ac4e025afa8bd23c5f9f7f5870077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f66c9dfac0000040300483046022100d6f4ac3c40ebf11c63da5804c7b1288ea4811afc89928a488158896aff144176022100f6800310a5cabe44c4f02f461a45953a41f4632cf4a3abd2970cee28820eabab007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f66c9e033000004030047304502202a0d4ba2b71d25bc3548a3db1743c67cb5f6b4e6a2ac3e219ae90595ac63b36f022100a3f05c96b3d8274d1a5fb0481fa582498550569f1fceb58a9d45fb4eb7bb8e1e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a22aa7b74fac24d75c49b38e74386e4deca3146bc25436c2bd4a4b22463a7434233903221ed27abf691a5b629bd9af31193dd68576b4e2f2db93f1f2a1aa03f69fe6e20105e8f19c6418ed1b67083e6aff93562e4e3c8f099364b9ad682d6793f162118cf7393286ba1b8bba6687f59ac2ba85f8b92bef49e3a574308663d8792912dd1a1bc780f9ec1fbe7d7c44dcc5050ccead0562f3cea0993ca0256a4720b6c04a8da3940a6d4cb736a79123ad80be80274b30db12e190918837a54453cfc7e3b758d0d7d432242fed19001c1c40754049df555acfab35567aeb54cc2b69f329720733e79b2da025015ddd071b0e2d0c23a66e952e4d65d31da7e4c68ecc