rossdiv.com

Issued by Go Daddy Secure Certificate Authority - G2

About this certificate

This digital certificate with serial number 1c:c2:27:1c:3c:33:e1:a6 was issued on by GoDaddy.com, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

Certificate Subject

CN=rossdiv.com

GoDaddy.com, Inc.

Organization: GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 1c:c2:27:1c:3c:33:e1:a6
Serial Number (int): 2072261780766450086
Serial Number lenght: 61 bits, 8 octets

SubjectKeyId: ef:3f:64:c5:ab:13:ca:61:32:b7:38:3b:30:08:87:fe:a1:a1:84:cd
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce

Fingerprint (sha1): 44:f6:c4:36:b6:94:e9:2b:97:57:ee:71:8b:53:21:4f:25:5a:cc:cc
Fingerprint (sha256): f7:7b:be:e0:76:6b:9c:c5:72:1e:44:85:b8:07:57:ae:b6:47:56:42:2c:b4:2b:f7:8a:ba:4e:27:f3:1a:c8:8a

Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt

Revocation information

OCSP Server: http://ocsp.godaddy.com/
CRL Distribution Point: http://crl.godaddy.com/gdig2s1-21556.crl

Check the revocation status for certificate rossdiv.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rossdiv.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rossdiv.com
www.rossdiv.com

Other certificates including the domain name rossdiv.com

(limited to 100 certificates)
forms.rescape.com.au
forms.taxologyusa.com
forms.kingdomchairs.com
forms.abvs.pet
forms.pickus.io
support.theserviceguide.com
rossdiv.com
forms.cs.zohohost.com.globalmdz.com
rossdiv.com
sales.thenowmassage.com
forms.rossdiv.com
forms.english-village-paju.com
forms.ufone.co.nz
forms.abvs.pet
rossdiv.com
rossdiv.com

Certificate

The complete raw certificate details for rossdiv.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGjjCCBXagAwIBAgIIHMInHDwz4aYwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz
LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1
cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMjQwNTE2MjIwMjE4WhcN
MjUwNjE3MjIwMjE4WjAWMRQwEgYDVQQDEwtyb3NzZGl2LmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBALvPYFWRnBMNwDVYCqlWa1ExEtWI4dLOHV7m
e8CT2/lRatwjJu+rEZAvoMNJSC0bwrSk/ZUzeY2whMNWdCXqYPIo7Aov/a3aTg6L
Q5niV5lq9cJdIqP/fR3UHUn8atmGLQ+sNxj2KWq5FpugnkKMGYu1iVSKVBc8fYtX
rXE+ox6Av2eSCYzxgMUPX9ljOLgiLUgylzrqr4mHjxQOw3CZ4TaJjy2psL/nbul5
6ZRcOVG5t1NAwXx3Db5torthrvU7BrqXBh6Dpox1xIo077tkemRJuPyZ0jhrnbJi
w47FMb2Y54B56pAXWdugjYrtuQJUkYVcutvgLgnhu55jd+QsR3sCAwEAAaOCAz8w
ggM7MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MA4GA1UdDwEB/wQEAwIFoDA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLmdv
ZGFkZHkuY29tL2dkaWcyczEtMjE1NTYuY3JsMF0GA1UdIARWMFQwSAYLYIZIAYb9
bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5
LmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwdgYIKwYBBQUHAQEEajBoMCQGCCsG
AQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0
dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5j
cnQwHwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wJwYDVR0RBCAwHoIL
cm9zc2Rpdi5jb22CD3d3dy5yb3NzZGl2LmNvbTAdBgNVHQ4EFgQU7z9kxasTymEy
tzg7MAiH/qGhhM0wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AE51oydcmhDD
OFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABj4NteZcAAAQDAEgwRgIhAJ8/Imfa
QTDRJulmPFpXuzr6AomoFjHcRJiakbXBrW/ZAiEA9aucbt0GpMU4oz68KaMfGOYn
t/0jiQEksdBtTtcr/tQAdwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55
uAAAAY+DbXpCAAAEAwBIMEYCIQCLIE2x8Y9lmS8muQ46KkAZwyIXzZXtkC6B/R2C
qQ9cUgIhAIVkuCqg8u0GWze1q7tNCWlqKJCLtIlyPkurNjSuKHsGAHUAzPsPaoVx
CWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGPg217JgAABAMARjBEAiB8Fpl5
GJUeCDld4TSAox8A1KJICxwKbNchb+5nFFmOGwIgK1iXHmnynXqQrqBYjWWfTGhD
7ZvsqiISmUa7IYnqx8kwDQYJKoZIhvcNAQELBQADggEBAAWqFPkzubbBlaeSx//e
GpNDxX7kgRCqcIhccs+du8UAXR6hucIBbfnkTlpDyRH2Mc56l8Q5kTUBEQIIQutx
Vaz7lgzTCCQxJ4s2tNp+pairS62HfReGvcGnSDOC6QRZfW4/qiNDkoLwCngWPHus
07ZyR9rU83Q8IoOwQRE3EBfF+AnJNcV33C9tcqqWEacgYPU3sM4Il9eATkT/FVS3
WtT+DVKUZ7XLrTPe7uQj5JITeyiqNy9mnQ74jTmw8iJ7S6UqnEKbcvQIfBgCHdMn
P1lQiqjRMCrdVFlhsQX9l2fgppYjIU0pIWe927csajrL+5IIRjsOlQFGtyaFB5j/
UQ0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu89gVZGcEw3ANVgKqVZr
UTES1Yjh0s4dXuZ7wJPb+VFq3CMm76sRkC+gw0lILRvCtKT9lTN5jbCEw1Z0Jepg
8ijsCi/9rdpODotDmeJXmWr1wl0io/99HdQdSfxq2YYtD6w3GPYparkWm6CeQowZ
i7WJVIpUFzx9i1etcT6jHoC/Z5IJjPGAxQ9f2WM4uCItSDKXOuqviYePFA7DcJnh
NomPLamwv+du6XnplFw5Ubm3U0DBfHcNvm2iu2Gu9TsGupcGHoOmjHXEijTvu2R6
ZEm4/JnSOGudsmLDjsUxvZjngHnqkBdZ26CNiu25AlSRhVy62+AuCeG7nmN35CxH
ewIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2072261780766450086
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-16 22:02:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-17 22:02:18 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rossdiv.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23708824096304024565000996810626179769946331260264721569262264033363118989089105185293330061794495975906387873456954147581473367340594598539973999200398015454836126176891324038433026429291574844985426091227422105957577818964616195150375529629929712466214909847703349514884612622672594919927431585715697594798099333089508341619320176459570692801056301000564797069925944058057815339636672014430807679917306112605001075346673677701722975686415858338309529165138758234555620620445238261633517579125950922262948252600866718697141535914958259439530913080464902248883868157522706740691479760031349322983082540578980131260283
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-21556.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rossdiv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rossdiv.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ef3f64c5ab13ca6132b7383b300887fea1a184cd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f836d799700000403004830460221009f3f2267da4130d126e9663c5a57bb3afa0289a81631dc44989a91b5c1ad6fd9022100f5ab9c6edd06a4c538a33ebc29a31f18e627b7fd23890124b1d06d4ed72bfed40077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f836d7a4200000403004830460221008b204db1f18f65992f26b90e3a2a4019c32217cd95ed902e81fd1d82a90f5c520221008564b82aa0f2ed065b37b5abbb4d09696a28908bb489723e4bab3634ae287b06007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f836d7b26000004030046304402207c16997918951e08395de13480a31f00d4a2480b1c0a6cd7216fee6714598e1b02202b58971e69f29d7a90aea0588d659f4c6843ed9becaa22129946bb2189eac7c9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0005aa14f933b9b6c195a792c7ffde1a9343c57ee48110aa70885c72cf9dbbc5005d1ea1b9c2016df9e44e5a43c911f631ce7a97c43991350111020842eb7155acfb960cd3082431278b36b4da7ea5a8ab4bad877d1786bdc1a7483382e904597d6e3faa23439282f00a78163c7bacd3b67247dad4f3743c2283b04111371017c5f809c935c577dc2f6d72aa9611a72060f537b0ce0897d7804e44ff1554b75ad4fe0d529467b5cbad33deeee423e492137b28aa372f669d0ef88d39b0f2227b4ba52a9c429b72f4087c18021dd3273f59508aa8d1302add545961b105fd9767e0a69623214d292167bddbb72c6a3acbfb9208463b0e950146b726850798ff510d