jamesmarine.com
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number e3:c5:4f:aa:6f:6e:90:8a was issued on by GoDaddy.com, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=jamesmarine.com
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): e3:c5:4f:aa:6f:6e:90:8aSerial Number (int): 16412612010454192266
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: c5:04:d3:a1:c2:6d:a6:02:f1:fa:7d:1e:3f:90:37:52:29:c0:b9:ac
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): 07:3e:02:6f:92:51:09:3f:c0:4c:c2:40:3a:57:70:a9:39:75:d7:77
Fingerprint (sha256): fd:39:61:80:01:cc:fa:9c:12:50:4a:0f:67:6d:8e:db:82:4c:c7:94:95:ef:bb:21:72:89:ab:bb:5c:81:74:25
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-20827.crl
Check the revocation status for certificate jamesmarine.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for jamesmarine.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
jamesmarine.com
www.jamesmarine.com
www.jamesmarine.com
Other certificates including the domain name jamesmarine.com
(limited to 100 certificates)
mail.jamesmarine.com
cpanel.jamesmarine.com
mail.jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
cpanel.jamesmarine.com
mail.jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
jamesmarine.com
mail.jamesmarine.com
mail.jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
mail.jamesmarine.com
jamesmarine.com
jamesmarine.com
mail.jamesmarine.com
mail.jamesmarine.com
jamesmarine.com
jamesmarine.com
work.jamesmarine.com
cpanel.jamesmarine.com
mail.jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
cpanel.jamesmarine.com
mail.jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
jamesmarine.com
mail.jamesmarine.com
mail.jamesmarine.com
cpanel.jamesmarine.com
jamesmarine.com
mail.jamesmarine.com
jamesmarine.com
jamesmarine.com
mail.jamesmarine.com
mail.jamesmarine.com
jamesmarine.com
jamesmarine.com
work.jamesmarine.com
Certificate
The complete raw certificate details for jamesmarine.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGnDCCBYSgAwIBAgIJAOPFT6pvbpCKMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MDQzMDE4MTI1NVoX DTI1MDQzMDE4MTI1NVowGjEYMBYGA1UEAxMPamFtZXNtYXJpbmUuY29tMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48kEHjc2o7YERgQJsVMYjk3lAw9T jZFHkiWYWCT2ZO+ny4NpYyLUi2PMXjO8Z6wib2Ril93Qf9VzQ2BAEBoVvxAbwhv2 +FkO0Dz8q2nt6eznTY2EiHnKitQAscx1w45ZlOvfmbE7CgCqS47ShcP+2tTtawBa 0CW3lyHJIpYCXfbp+OhgJR2zTpfUtbaEv/BfDapiP7Xu9yllHp2ZbEJClI/JUtB7 TfEXDul2KJaCooPi5BCmG3jtPA4DmA5ibkK+6dcBex+tOdW6OSGrNEplm/HIV8xf 0IpVxUSAI0cRvHIa49+bq2LS2JAZSsn8VqsWMDpIyBa4abXjNtrKcDCWmwIDAQAB o4IDSDCCA0QwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDgYDVR0PAQH/BAQDAgWgMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9j cmwuZ29kYWRkeS5jb20vZ2RpZzJzMS0yMDgyNy5jcmwwXQYDVR0gBFYwVDBIBgtg hkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdv ZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcw AoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dk aWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAvBgNVHREE KDAmgg9qYW1lc21hcmluZS5jb22CE3d3dy5qYW1lc21hcmluZS5jb20wHQYDVR0O BBYEFMUE06HCbaYC8fp9Hj+QN1IpwLmsMIIBgAYKKwYBBAHWeQIEAgSCAXAEggFs AWoAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY8wNc7NAAAE AwBIMEYCIQDPbJ3h2WjqjIeBnM33XJx6mfuTzOfPCGgNhSkeDEDrggIhAJbl2uDc 55rMes5wZyhQhzPB3p7LDNSF7Lb+WWi4I3U6AHYAfVkeEuF4KnscYWd8Xv340Idc FKBOlZ65Ay/ZDowuebgAAAGPMDXPxAAABAMARzBFAiEAgi7S+1Yt7T5ZpgphbhrG 5kd+Ckv8ozqS0pyACkgD3DwCIGYXzUB99jwcNLEDaBbpcWkuVR3L3XjiaX/1PVOG v3zaAHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGPMDXQbQAA BAMASDBGAiEAwlyriL+CuEOAoX8KmQTZcv2bpgEhJAGdY2jgKlaapTECIQCcbKBD fdTmE1Ov/j/swe/Tsk5+eP51SWOgD4xEzylLBjANBgkqhkiG9w0BAQsFAAOCAQEA k9IIrN2ATOCv+9D6HRNYv79WwDhbOIsqlS9SSOlkN1M6gmDZbTqZANkUrtcBWxjI lDpRcJV/HERYNfWuW28G3KgP21+2l/RDxHpUI0eezWFmufQpV5oojVBo3Ic+XLHv SpywBHqTSzY4akytYLOLaZKwlIUzFe6QUWqROGaELV6zS0xkVIBQXM4dbZT7iPku 116FUxN6NP8cMmraHzCcGKnQBXzLCAB6iJRc+U/7VFdDLhN0MqAIjVtEDu74F5IQ DeiPIUeIpNS4RMMmO4epIGk4ZNlidi0o5DDhFRoonC+YTmJPIlHR6FKdiS9WRw4S 2wINc6B8EVoadXzpd1cqaw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48kEHjc2o7YERgQJsVMY jk3lAw9TjZFHkiWYWCT2ZO+ny4NpYyLUi2PMXjO8Z6wib2Ril93Qf9VzQ2BAEBoV vxAbwhv2+FkO0Dz8q2nt6eznTY2EiHnKitQAscx1w45ZlOvfmbE7CgCqS47ShcP+ 2tTtawBa0CW3lyHJIpYCXfbp+OhgJR2zTpfUtbaEv/BfDapiP7Xu9yllHp2ZbEJC lI/JUtB7TfEXDul2KJaCooPi5BCmG3jtPA4DmA5ibkK+6dcBex+tOdW6OSGrNEpl m/HIV8xf0IpVxUSAI0cRvHIa49+bq2LS2JAZSsn8VqsWMDpIyBa4abXjNtrKcDCW mwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16412612010454192266 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-30 18:12:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-30 18:12:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'jamesmarine.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28755219953758003642302117320654684101950693883085189008368306583011666920398369199656898408116742653399806913233819406454040290283805021686688978509556815583620655661350096621890173071581291026572301268241222578825038459566334624288407424000001305364859588990422240317930348338083407520324839012057858057645456975759481288487835819491095973198242704468223858846456042410953643190090808644155256432184767111069231004333397849734843006272843639978545610984832651975088455551135336373383337744064722124381667897488586771947721359871106459773438781208873590174959109717536988165538631950342633255154770659661460785895067 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-20827.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jamesmarine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jamesmarine.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c504d3a1c26da602f1fa7d1e3f90375229c0b9ac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f3035cecd0000040300483046022100cf6c9de1d968ea8c87819ccdf75c9c7a99fb93cce7cf08680d85291e0c40eb8202210096e5dae0dce79acc7ace706728508733c1de9ecb0cd485ecb6fe5968b823753a0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f3035cfc40000040300473045022100822ed2fb562ded3e59a60a616e1ac6e6477e0a4bfca33a92d29c800a4803dc3c02206617cd407df63c1c34b1036816e971692e551dcbdd78e2697ff53d5386bf7cda007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f3035d06d0000040300483046022100c25cab88bf82b84380a17f0a9904d972fd9ba6012124019d6368e02a569aa5310221009c6ca0437dd4e61353affe3fecc1efd3b24e7e78fe754963a00f8c44cf294b06 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0093d208acdd804ce0affbd0fa1d1358bfbf56c0385b388b2a952f5248e96437533a8260d96d3a9900d914aed7015b18c8943a5170957f1c445835f5ae5b6f06dca80fdb5fb697f443c47a5423479ecd6166b9f429579a288d5068dc873e5cb1ef4a9cb0047a934b36386a4cad60b38b6992b094853315ee90516a913866842d5eb34b4c645480505cce1d6d94fb88f92ed75e8553137a34ff1c326ada1f309c18a9d0057ccb08007a88945cf94ffb5457432e137432a0088d5b440eeef81792100de88f214788a4d4b844c3263b87a920693864d962762d28e430e1151a289c2f984e624f2251d1e8529d892f56470e12db020d73a07c115a1a757ce977572a6b