mlogistics.schulthess.ch

Issued by SwissSign RSA TLS DV ICA 2022 - 1

About this certificate

This digital certificate with serial number 60:2c:92:d0:b2:eb:13:9f:3b:18:ce:7f:7a:2a:df:63:ee:80:12:f5 was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mlogistics.schulthess.ch

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 60:2c:92:d0:b2:eb:13:9f:3b:18:ce:7f:7a:2a:df:63:ee:80:12:f5
Serial Number (int): 549057136198125469288640815321363604297155089141
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: a4:78:6a:38:8a:7d:02:08:f6:41:6e:8b:f9:6f:1b:e9:c3:ce:08:12
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de

Fingerprint (sha1): 7d:82:59:11:19:87:04:d6:b1:e1:b8:2f:21:55:0b:77:75:e6:a8:2e
Fingerprint (sha256): ff:5d:d5:c7:c2:48:f5:6a:73:9f:e1:0f:8d:29:cd:c0:45:fe:c3:82:18:91:b9:b9:e7:48:b1:35:4e:d3:37:f4

Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba

Check the revocation status for certificate mlogistics.schulthess.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mlogistics.schulthess.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mlogistics.schulthess.ch

Other certificates including the domain name schulthess.ch

(limited to 100 certificates)

Certificate

The complete raw certificate details for mlogistics.schulthess.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIhjCCBm6gAwIBAgIUYCyS0LLrE587GM5/eirfY+6AEvUwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDYyMDA1
MDU1NloXDTI1MDYyMDA1MDU1NlowIzEhMB8GA1UEAxMYbWxvZ2lzdGljcy5zY2h1
bHRoZXNzLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwty5u/RS
z17/Nme4rlBQ6LWzZIypGGrpqburOZ4zj0umJb3DFUX9TZpYcz5zSBigrKG9psEI
h/EXFNWDJThhz33MRgcESZ7HyslrS/KYryUwTOG/9F3FZZd6ldF3b0FLApEdJJ2p
EHCngpEOMNc6mnKpMxIsUiNExlha5k9/18vEItzHMG7cKrMgbNAr/e2BQVEX5Imw
T1ZK/v3QmxMEQwSZKMKVxaoYdagcW+MbUu/Wam0U93PtXoOenXhoh0OfDS0MqgV6
HyeefzEmNZTAbpSEmoTTIsh3cJA/43oQa9zv1D11tqglFpxv2ebavSblMvxYesaU
t2aFbA4eo5utvQIDAQABo4IEgzCCBH8wgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsG
AQUFBzAChkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMWI4NjMzODUtZjRh
OS00N2ZhLTg4YTUtMmE1YWJmZDRhMTY3MFIGCCsGAQUFBzABhkZodHRwOi8vb2Nz
cC5zd2lzc3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWIt
ZmQyOWFiNzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQIBMAgGBgQAj3oBBjBQBghg
hXQBWQIBATBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3Nz
aWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZA
aHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTY3OTcyM2IyLTg2NDEtNDY0Mi04
NTAwLWY2ZDJmZjM3ZTZiYTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
DgYDVR0PAQH/BAQDAgWgMCMGA1UdEQQcMBqCGG1sb2dpc3RpY3Muc2NodWx0aGVz
cy5jaDAdBgNVHQ4EFgQUpHhqOIp9Agj2QW6L+W8b6cPOCBIwHwYDVR0jBBgwFoAU
671/SZOMye7sorr3HNJn8IOx6t4wggJuBgorBgEEAdZ5AgQCBIICXgSCAloCWAB2
ACjigTj9gyFF6anWqnU3bYN3qIUSs8B/ckFIIdy96YxmAAABkDQJiHYAAAQDAEcw
RQIhAMSrHrSB0O73Ye2hdKWbHKoRcK5B4//TdiT13IkTlwFUAiBU7+t0EZHOBEiE
VAUZ9cZwU5nS8X3wyu71t+1SskC1LgB3AOCSs/wMHcjnaDYf3mG5lk0KUngZinLW
csSwTaVtb1QEAAABkDQJhOMAAAQDAEgwRgIhALH1QUE+eu5XaJISaAuXWqgDfBGx
WRHijNZOD2ssftbIAiEA98U0wrRBaVzGxKZml6hHgrXijTqU5oZ3n0dixkv79TEA
dgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAZA0CYN5AAAEAwBH
MEUCIQCyOxKSJbcp3j/tgHe6cmKWvD527Kz+rWS1U6gKnSny/wIgOQS0KqwOYMU8
QsRRjBvAsTRCAs3Zl9Jb+3xvqpthp7cAdQDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2X
jbapflTA/kwNsAAAAZA0CYWpAAAEAwBGMEQCIHIvHg9oh3qF1G/BqLvZEHf6Wxq1
yPh6qJDFsZ1AVYPcAiByF3PBR1fDbVOURsdipSlUS4D3OwS8xP9jIj+4KKBaZAB2
AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkDQJg7MAAAQDAEcw
RQIhAKvmgiVpEClvx2PP6IV5gPr4/2DBiDQVSkyxFhTpUEfQAiBmX3gBtTxSndRR
/eNUBXmBZ79hBgYjHz0vpR2D6/tu9jANBgkqhkiG9w0BAQsFAAOCAgEAgdVPBTN2
XUGngrSoqkHl/sXEHUvO8l7kcqr92jVntgLpla4QyTuVQ/iqdPMgJvUOGOh/IfWM
gjlHg7ZUe3KfNOx/qxYxoaHbLaT82N+KAKOCbPX5M0oZV2bMSENHzwHds84ACrKQ
NhV7rlus31ciU1UH/dMImcbXdiicURdlyFwlJfmmUDoD3jHT1/s1JFb4DXc1XbYy
6p4qkYx/mPyj+VoxFpWHNQ9PcmaGBBykUdxJUofdRZbWccZrQF/03God6W6lcl7B
JM5gxVzRJ8T9sTQ+paXlUDgPoT/N4HZVQzp+EOxxfQF/c2nGcUdp5VfYQidK5Dy2
yKjqumsn6Rgd0/G5On5HMSkHecDfjKJaZRRwY60QKLSZwASaqrqwgY0zapjqvoFn
JsE4THTSd7eKktkL5EKMkG487zWq8ZhNEOS2Lre5mj3hEKZVwrIzIcj91GmlIUdn
wRKlE0muptw8NwWP056C+Jk276HD9tuwWJlDWd84720d15UramZ9vEqktVBS0Ch+
W9P0AbkBkquUzFvjVGs9U7j7qM5RSYGuOXy5tXPTVfja8bmWoUOal0ypGc0qSA8f
cXqa+X/2rp2OePp3ODSvUdlHQZUzgwwOsMcfWyMwY6QFvMwQ6gFrFPHNi+BNnnyN
PYNW77eAuy22oE/Mc+f/NTy0LFTQ0s95V6w=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwty5u/RSz17/Nme4rlBQ
6LWzZIypGGrpqburOZ4zj0umJb3DFUX9TZpYcz5zSBigrKG9psEIh/EXFNWDJThh
z33MRgcESZ7HyslrS/KYryUwTOG/9F3FZZd6ldF3b0FLApEdJJ2pEHCngpEOMNc6
mnKpMxIsUiNExlha5k9/18vEItzHMG7cKrMgbNAr/e2BQVEX5ImwT1ZK/v3QmxME
QwSZKMKVxaoYdagcW+MbUu/Wam0U93PtXoOenXhoh0OfDS0MqgV6HyeefzEmNZTA
bpSEmoTTIsh3cJA/43oQa9zv1D11tqglFpxv2ebavSblMvxYesaUt2aFbA4eo5ut
vQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 549057136198125469288640815321363604297155089141
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-20 05:05:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-20 05:05:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mlogistics.schulthess.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24599074976065984946959648914777069133893849889014409046615696324584735765604897002354278984842837144775217381430850033683984408743874303976771474521744066803695830231647687723487124481243546917571715021562419265484068727893417739680331364598866127362972761902122948402001337754039583890780799987788474024779124916590874434678845476458998133705297202391794160552920458761560427598383417793575389356244553366880527570248103351072372055606160161346049814363680992508286412253461117425538456001176013418425793998828579041484362721223891925194580240878451624399704009045721760349365440434633746712919581242285639780249021
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mlogistics.schulthess.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a4786a388a7d0208f6416e8bf96f1be9c3ce0812
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes)
							025800760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c6600000190340988760000040300473045022100c4ab1eb481d0eef761eda174a59b1caa1170ae41e3ffd37624f5dc8913970154022054efeb741191ce044884540519f5c6705399d2f17df0caeef5b7ed52b240b52e007700e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f540400000190340984e30000040300483046022100b1f541413e7aee57689212680b975aa8037c11b15911e28cd64e0f6b2c7ed6c8022100f7c534c2b441695cc6c4a66697a84782b5e28d3a94e686779f4762c64bfbf531007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b0800000190340983790000040300473045022100b23b129225b729de3fed8077ba726296bc3e76ecacfead64b553a80a9d29f2ff02203904b42aac0e60c53c42c4518c1bc0b1344202cdd997d25bfb7c6faa9b61a7b7007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000190340985a900000403004630440220722f1e0f68877a85d46fc1a8bbd91077fa5b1ab5c8f87aa890c5b19d405583dc0220721773c14757c36d539446c762a529544b80f73b04bcc4ff63223fb828a05a640076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df00000190340983b30000040300473045022100abe682256910296fc763cfe8857980faf8ff60c18834154a4cb11614e95047d00220665f7801b53c529dd451fde35405798167bf610606231f3d2fa51d83ebfb6ef6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0081d54f0533765d41a782b4a8aa41e5fec5c41d4bcef25ee472aafdda3567b602e995ae10c93b9543f8aa74f32026f50e18e87f21f58c82394783b6547b729f34ec7fab1631a1a1db2da4fcd8df8a00a3826cf5f9334a195766cc484347cf01ddb3ce000ab29036157bae5bacdf5722535507fdd30899c6d776289c511765c85c2525f9a6503a03de31d3d7fb352456f80d77355db632ea9e2a918c7f98fca3f95a31169587350f4f726686041ca451dc495287dd4596d671c66b405ff4dc6a1de96ea5725ec124ce60c55cd127c4fdb1343ea5a5e550380fa13fcde07655433a7e10ec717d017f7369c6714769e557d842274ae43cb6c8a8eaba6b27e9181dd3f1b93a7e4731290779c0df8ca25a65147063ad1028b499c0049aaabab0818d336a98eabe816726c1384c74d277b78a92d90be4428c906e3cef35aaf1984d10e4b62eb7b99a3de110a655c2b23321c8fdd469a5214767c112a51349aea6dc3c37058fd39e82f89936efa1c3f6dbb058994359df38ef6d1dd7952b6a667dbc4aa4b55052d0287e5bd3f401b90192ab94cc5be3546b3d53b8fba8ce514981ae397cb9b573d355f8daf1b996a1439a974ca919cd2a480f1f717a9af97ff6ae9d8e78fa773834af51d947419533830c0eb0c71f5b233063a405bccc10ea016b14f1cd8be04d9e7c8d3d8356efb780bb2db6a04fcc73e7ff353cb42c54d0d2cf7957ac