hrm-systems.ch

Issued by R3

About this certificate

This digital certificate with serial number 03:3e:27:9f:be:59:10:f9:a7:d6:b2:f3:5d:1a:15:d5:14:93 was issued on by Let's Encrypt.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=hrm-systems.ch

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:3e:27:9f:be:59:10:f9:a7:d6:b2:f3:5d:1a:15:d5:14:93
Serial Number (int): 282487033872129428164105941775731452613779
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 02:b6:78:0f:c9:98:ae:8e:f7:33:68:b3:f1:70:fb:9f:d8:1f:ef:d0
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 3c:67:57:2b:be:52:22:a8:ac:2f:b0:30:28:1d:aa:93:15:a7:13:4d
Fingerprint (sha256): fb:54:70:f1:86:e8:56:97:67:bd:6d:db:42:79:88:f6:5a:05:73:4b:bd:77:0c:ef:07:71:19:9f:3b:05:f4:5a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate hrm-systems.ch

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hrm-systems.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.hrm-systems.ch
hrm-systems.ch
hrm-systems.swiss
hrms.swiss
huv.ch
uka.swiss
ukasolutions.ch
www.hrm-systems.swiss
www.hrms.swiss
www.huv.ch
www.uka.swiss
www.ukasolutions.ch

Other certificates including the domain name hrm-systems.ch

(limited to 100 certificates)
hrm-systems.ch
www.hrm-systems.ch
huv.ch
*.uka.swiss
hrm-systems.swiss
hrm-systems.swiss
ideas-uka.hrm-systems.ch
www.hrm-systems.ch
*.hrm-systems.ch
hrm-systems.ch
*.hrm-reports.ch
staging.hrm-systems.ch
www.hrm-systems.ch
www.hrm-systems.ch
www.helptest.hrm-systems.ch
*.hrm-systems.ch
*.hrm-systems.ch
*.hrm-systems.ch
hrm-reports.ch
*.hrm-reports.ch
helptest.hrm-systems.ch
www.hilfe.hrm-systems.ch
status.hrm-systems.ch
www.hrm-systems.ch
hrm-systems.ch
hrm-systems.ch
*.hrm-systems.ch
hrm-systems.ch
hrm-systems.swiss
www.carema.ch
webmail.hrm-systems.ch
*.hrm-systems.ch
hilfe.hrm-systems.ch
www.hrm-systems.ch
www.hrm-systems.ch
hilfe.hrm-systems.ch
*.hrm-systems.ch
hrm-systems.ch
hrm-systems.ch
hrm-systems.ch
hrm-systems.ch
*.hrm-systems.ch
hrm-systems.ch
hrm-systems.ch
hrm-systems.ch
www.carema.ch

Certificate

The complete raw certificate details for hrm-systems.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAz4nn75ZEPmn1rLzXRoV1RSTMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAxMDgxNTQ2NTVaFw0yMzA0MDgxNTQ2NTRaMBkxFzAVBgNVBAMT
DmhybS1zeXN0ZW1zLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
ryocu69Fguvjruf+uZnvb/PTjT4DqOJszYJ3pJVAPwIOWOCcJKY3cMQ5J4wCW68C
AF4Ki8X4IB0pNlosVntsYdmWrlHzVKiI9KkGhD0x8XjcS3V1PtGucg8NDIcmsHZd
lGHg60JWyyINbnE6o3aBmcZMWiRHZlbrNm/TVg1uyGIyjHLRwXnyVZJrzp4+rLov
ZYZCvNSlusw2A7W7dszgDH/3Hv+cOt5+lx8AlZ1HxqkreYUrb1xmx2tq0BlAAKBC
7RWhfbQhOi15LilfHTVdB+ilBW9zib3sauKN1XAydlf775PtVBtxhjjf5EC53rYg
UURjZkCKu0H1oGQBRjWVLQIDAQABo4IC+jCCAvYwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBQCtngPyZiujvczaLPxcPuf2B/v0DAfBgNVHSMEGDAWgBQULrMXt1hWy65Q
CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y
My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn
LzCBxwYDVR0RBIG/MIG8ghAqLmhybS1zeXN0ZW1zLmNogg5ocm0tc3lzdGVtcy5j
aIIRaHJtLXN5c3RlbXMuc3dpc3OCCmhybXMuc3dpc3OCBmh1di5jaIIJdWthLnN3
aXNzgg91a2Fzb2x1dGlvbnMuY2iCFXd3dy5ocm0tc3lzdGVtcy5zd2lzc4IOd3d3
LmhybXMuc3dpc3OCCnd3dy5odXYuY2iCDXd3dy51a2Euc3dpc3OCE3d3dy51a2Fz
b2x1dGlvbnMuY2gwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEw
KDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEGBgor
BgEEAdZ5AgQCBIH3BIH0APIAdwDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9
bQa9bgAAAYWSRytgAAAEAwBIMEYCIQC1KUb/MRNADOEWT9YzlL1KNByp4+NQUAhR
x0Q1C01CCQIhAMQP7DH8bd7YRtBLKLVQE7n4wjI2wU5pXpcYCtvfgkfQAHcAb1N2
rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAGFkkcszQAABAMASDBGAiEA
h1qFC2RKK3BczOzHt2fnUJ8ZcNOoP27GXtWhf54T5YQCIQDPAoOxSTAM47yVnC9F
hhIVs4ArQ1BlTWW0CFvmrUG3kjANBgkqhkiG9w0BAQsFAAOCAQEAKU0kLHXGlT1A
zVk895lT4FdZbtpjK5m+e7EhBqVR+UxmZxJryDXCa2UiqkTZgfFZEraCAuSNeQV+
KgJwflvJt8sPZI0PCs7tSQ2XXn5aj5B+vPWedcbWYLADOZo7RAYb5p0/D3MvQS9h
ImZYLGcvhDW1cb1AYyt0OhDz5MuRSF5JkUKzxQFxQUxLbaBVnIgJfnOx6hCL60Ne
eT8RIXR2ZMzIeXMt1rKnG30Bo/iPGsb3vwdy5KHOqYd7iAijsskwe3c0h+ZHn9Hg
pGw1z+5rOoQfLDeHXbujm5HgFeqA6vnwHRQB3g5H6N5b3ICNCFYmpGYz1/y6Z2Tw
RausNTJYNQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryocu69Fguvjruf+uZnv
b/PTjT4DqOJszYJ3pJVAPwIOWOCcJKY3cMQ5J4wCW68CAF4Ki8X4IB0pNlosVnts
YdmWrlHzVKiI9KkGhD0x8XjcS3V1PtGucg8NDIcmsHZdlGHg60JWyyINbnE6o3aB
mcZMWiRHZlbrNm/TVg1uyGIyjHLRwXnyVZJrzp4+rLovZYZCvNSlusw2A7W7dszg
DH/3Hv+cOt5+lx8AlZ1HxqkreYUrb1xmx2tq0BlAAKBC7RWhfbQhOi15LilfHTVd
B+ilBW9zib3sauKN1XAydlf775PtVBtxhjjf5EC53rYgUURjZkCKu0H1oGQBRjWV
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 282487033872129428164105941775731452613779
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-08 15:46:55 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-08 15:46:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hrm-systems.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22112469688003841283585476211073241451579373491232397200748396534257885249541262055952042237993454311959756020200857126924050331153799214670452058850035488416927461928199325936437249069406456459389016980325550826484395641127259824792277276960066691595022391264698527877267388237914015577222866984942281842914818729461839590216818347059906945599309768472307926317979714928625071660607773525756411522212762310887875030170709041473931400785232002847526955725448582418841419324425638060141801941907287163739606065119145118989412696345554723183364799622394919129623757636029937844245535611491405830419044988587823938770221
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							02b6780fc998ae8ef73368b3f170fb9fd81fefd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (191 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hrm-systems.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hrm-systems.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hrm-systems.swiss'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hrms.swiss'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'huv.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uka.swiss'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ukasolutions.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hrm-systems.swiss'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hrms.swiss'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.huv.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uka.swiss'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ukasolutions.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018592472b600000040300483046022100b52946ff3113400ce1164fd63394bd4a341ca9e3e350500851c744350b4d4209022100c40fec31fc6dded846d04b28b55013b9f8c23236c14e695e97180adbdf8247d00077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000018592472ccd0000040300483046022100875a850b644a2b705cccecc7b767e7509f1970d3a83f6ec65ed5a17f9e13e584022100cf0283b149300ce3bc959c2f45861215b3802b4350654d65b4085be6ad41b792
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00294d242c75c6953d40cd593cf79953e057596eda632b99be7bb12106a551f94c6667126bc835c26b6522aa44d981f15912b68202e48d79057e2a02707e5bc9b7cb0f648d0f0aceed490d975e7e5a8f907ebcf59e75c6d660b003399a3b44061be69d3f0f732f412f612266582c672f8435b571bd40632b743a10f3e4cb91485e499142b3c50171414c4b6da0559c88097e73b1ea108beb435e793f1121747664ccc879732dd6b2a71b7d01a3f88f1ac6f7bf0772e4a1cea9877b8808a3b2c9307b773487e6479fd1e0a46c35cfee6b3a841f2c37875dbba39b91e015ea80eaf9f01d1401de0e47e8de5bdc808d085626a46633d7fcba6764f045abac35325835