DV SSL/TLS Certificate for on-a.ch

Certificate is witin its validity period

Issued by GoDaddy.com, Inc. (Go Daddy Secure Certificate Authority - G2)

About the on-a.ch DV SSL/TLS Certificate

This certificate with serial number af:f5:3d:29:54:dc:b1:0a for on-a.ch was issued on by GoDaddy.com, Inc..

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for on-a.ch provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

GoDaddy.com, Inc.

Organization: GoDaddy.com, Inc.
Organizational unit: http://certs.godaddy.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): af:f5:3d:29:54:dc:b1:0a
Serial Number (int): 12679107573658202378
Serial Number Length: 64 bits, 8 octets

Subject Key Identifier: 91:55:ec:32:fe:16:77:c9:63:50:3c:29:b8:b5:89:e8:89:26:9d:c7
Authority Key Identifier: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce

Fingerprint (SHA-1): 48:d5:b5:9d:0b:5e:ac:6f:e8:d3:e2:73:ff:3d:25:dd:9b:12:dc:fe
Fingerprint (SHA-256): 04:7c:ce:c8:87:67:fb:0a:2c:58:d6:57:81:f2:c0:2f:dd:41:c6:09:9e:9b:25:64:cc:bb:01:55:ca:e2:fb:95

Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt

Revocation Information

OCSP Server: http://ocsp.godaddy.com/
CRL Distribution Point: http://crl.godaddy.com/gdig2s1-31532.crl

Check the revocation status for certificate on-a.ch
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for on-a.ch

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for on-a.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgIJAK/1PSlU3LEKMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa
MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0
cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj
dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MTAxODIwMTgzMloX
DTI1MTExOTIwMTgzMlowEjEQMA4GA1UEAxMHb24tYS5jaDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALu2tWPKb9f1nk7U6onll9fW/VXNTipNMOVkcN0y
9DUkQtFQZDs4tSiruPYFyXC91ztXn/YQhm7mvovA9YdMWIM9RpVFNK5uqYqUueoR
4s3/Y9RW8J50wPeQJsdG+/fwzK+KwDiWeLOokFfokAPf/9aoTX/GUrnsgpSUMtl+
k1gfEJFnGr4hGv/URG5azl2TlKSbdYU366vk6zzj1vNAzCik9xgsZy21+x7TQaXD
6NEuxYoxPaJ2cSs1fRQJLg6Punhl7cO5Xt6YWwXh2TpmioRuEGbOyPNT2dH8UheN
gAjtrPGwAUmCEWOfrfY4VMv9mszOQsvS97s/zeptIm3e1WkCAwEAAaOCAzYwggMy
MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4G
A1UdDwEB/wQEAwIFoDA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLmdvZGFk
ZHkuY29tL2dkaWcyczEtMzE1MzIuY3JsMF0GA1UdIARWMFQwSAYLYIZIAYb9bQEH
FwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv
bS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUF
BzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6
Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQw
HwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0RBBgwFoIHb24t
YS5jaIILd3d3Lm9uLWEuY2gwHQYDVR0OBBYEFJFV7DL+FnfJY1A8Kbi1ieiJJp3H
MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwAS8U40vVNyTIQGGcOPP3oT+Oe1
YoeInG0wBYTr5YYmOgAAAZKhSCTMAAAEAwBIMEYCIQDZ9SfgO+B2JnTZHDWIWCGv
0IMwLRJ70v+JPQWxBBoO9wIhAKzEn51NqAXbtco2eFZuYzCPyayvNVeoKBFdKOAc
/wMGAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGSoUgm4AAA
BAMARzBFAiByPFz+tmbJnFbiG3+hMKuLwQckGuaqOKorQxVzCqf7EgIhAKHizEY5
LUosa1FUfkI+fWq1IRQ5KNPWipdgCXWRU+sKAHUAzPsPaoVxCWX+lZtTzumyfCLp
hVwNl422qX5UwP5MDbAAAAGSoUgqxgAABAMARjBEAiBMTuJrI0FX+IH71cm7+s5F
jufeTp+yZr6e4tRXO7dg/wIgcQPNaA02EbvxnNTv1VOoJp+oSA2/knlItpHbltUh
c5AwDQYJKoZIhvcNAQELBQADggEBAACNUhZ/ayE6mi1P4Zwco6/4SENtO3L0qprT
wqMKqH7rYTaEgx3gYCKGOv2ZyqGDtGD9dcqKGTp+Cy/Gm1MZEBNW0MnGatPIr5XA
9Xb6Yex5sUZqppzBCCcJxdvE3NHJ0iJRzOq/6Bn1djRD+307SW09+DP/5ovCzTtt
gexCCgkR+bDVIFjCAocTyxwJWRPHj2e6TI9l2j/Gd+zmoocxbuiJa2dHOVCSTxKv
wkDoIgDN8Muig5viNI/3KzRA6ISs9uwq9kAgmNrj8ZLTypJ/GivzDNEKjwz/4Frf
aDAB5C3wtlt+YO/tWPRIn7CDxVkUGYXuXdqNJ/95AqE/GPh5Z8A=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7a1Y8pv1/WeTtTqieWX
19b9Vc1OKk0w5WRw3TL0NSRC0VBkOzi1KKu49gXJcL3XO1ef9hCGbua+i8D1h0xY
gz1GlUU0rm6pipS56hHizf9j1FbwnnTA95Amx0b79/DMr4rAOJZ4s6iQV+iQA9//
1qhNf8ZSueyClJQy2X6TWB8QkWcaviEa/9REblrOXZOUpJt1hTfrq+TrPOPW80DM
KKT3GCxnLbX7HtNBpcPo0S7FijE9onZxKzV9FAkuDo+6eGXtw7le3phbBeHZOmaK
hG4QZs7I81PZ0fxSF42ACO2s8bABSYIRY5+t9jhUy/2azM5Cy9L3uz/N6m0ibd7V
aQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12679107573658202378
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-18 20:18:32 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-11-19 20:18:32 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'on-a.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23696659974558109672696463241271137194836009497364177946974579914519451220775721518915936054262556641207523689347598021124615162845044531646585468425687474118788715623146061442415885817902412703255060195607407160564323642775271843117274929633593091905532434596413283844691261007959242700732447720808405707032261711309987204306986571103934321177770579803051076066298793479530512140723473149001648819301288159694964254119912960666234692216873554914548539040183849357520432870815310782325497337203368156492241370500437829278812647124005881337528629155598034238461365298046883978233107665466536197005791444344765371307369
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-31532.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'on-a.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.on-a.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9155ec32fe1677c963503c29b8b589e889269dc7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800770012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000192a14824cc0000040300483046022100d9f527e03be0762674d91c35885821afd083302d127bd2ff893d05b1041a0ef7022100acc49f9d4da805dbb5ca3678566e63308fc9acaf3557a828115d28e01cff03060076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b800000192a14826e000000403004730450220723c5cfeb666c99c56e21b7fa130ab8bc107241ae6aa38aa2b4315730aa7fb12022100a1e2cc46392d4a2c6b51547e423e7d6ab521143928d3d68a976009759153eb0a007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000192a1482ac6000004030046304402204c4ee26b234157f881fbd5c9bbface458ee7de4e9fb266be9ee2d4573bb760ff02207103cd680d3611bbf19cd4efd553a8269fa8480dbf927948b691db96d5217390
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00008d52167f6b213a9a2d4fe19c1ca3aff848436d3b72f4aa9ad3c2a30aa87eeb613684831de06022863afd99caa183b460fd75ca8a193a7e0b2fc69b5319101356d0c9c66ad3c8af95c0f576fa61ec79b1466aa69cc1082709c5dbc4dcd1c9d22251cceabfe819f5763443fb7d3b496d3df833ffe68bc2cd3b6d81ec420a0911f9b0d52058c2028713cb1c095913c78f67ba4c8f65da3fc677ece6a287316ee8896b67473950924f12afc240e82200cdf0cba2839be2348ff72b3440e884acf6ec2af6402098dae3f192d3ca927f1a2bf30cd10a8f0cffe05adf683001e42df0b65b7e60efed58f4489fb083c559141985ee5dda8d27ff7902a13f18f87967c0