Dustin C. Hatch
a1ca06a3c5
The VPN capability of the UniFi Security Gateway is extremely limited. It does not support road-warrior IPsec/IKEv2 configuration, and its OpenVPN configuration is inflexible. As with DHCP, the best solution is to simply move service to another machine. To that end, I created a new VM, *vpn0.pyrocufflink.blue*, to host both strongSwan and OpenVPN. For this to work, the necessary TCP/UDP ports need to be forwarded, of course, and all of the remote subnets need static routes on the gateway, specifying this machine as the next hop. Additionally, ICMP redirects need to be disabled, to prevent confusing the routing tables of devices on the same subnet as the VPN gateway.
263 lines
15 KiB
Plaintext
263 lines
15 KiB
Plaintext
Certificate:
|
|
Data:
|
|
Version: 3 (0x2)
|
|
Serial Number:
|
|
f4:ee:98:63:45:d1:49:36:a7:f7:6f:4f:04:77:a7:ab
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
Issuer: C=US, O=Dustin C. Hatch, CN=DCH CA R1
|
|
Validity
|
|
Not Before: May 20 16:08:13 2018 GMT
|
|
Not After : May 19 16:08:13 2021 GMT
|
|
Subject: C=US, O=Dustin C. Hatch, CN=vpn.pyrocufflink.net
|
|
Subject Public Key Info:
|
|
Public Key Algorithm: rsaEncryption
|
|
Public-Key: (4096 bit)
|
|
Modulus:
|
|
00:bf:e9:6c:81:21:d3:1c:14:de:86:64:e8:e6:2f:
|
|
a5:22:49:5d:a2:64:eb:b9:78:bd:2e:57:32:4d:d1:
|
|
4a:3a:67:cc:00:3e:13:ba:be:c6:67:78:8c:71:4b:
|
|
eb:ca:3a:1f:30:10:1a:ff:7a:3c:f1:17:38:21:ae:
|
|
b3:43:5a:09:10:bc:58:11:a0:0b:5b:50:18:c6:e9:
|
|
19:7b:e4:e7:2d:ff:0d:57:a1:9b:30:90:eb:17:02:
|
|
14:04:3f:ab:c9:99:44:b8:66:fc:6c:42:12:29:a3:
|
|
fc:59:d9:2a:64:f0:4d:4d:e4:df:8d:60:43:fa:7a:
|
|
9e:76:98:66:2d:01:47:13:c9:ba:f6:a1:74:55:8e:
|
|
78:b5:d2:59:a0:e7:21:86:86:65:fb:db:d9:ee:ba:
|
|
4e:99:16:79:ac:47:06:af:01:a3:ac:3b:22:94:a6:
|
|
3d:13:0a:ba:5b:73:58:fc:37:22:8f:16:fd:d6:d7:
|
|
04:0a:e0:14:fe:a6:0a:b5:bc:23:6c:fe:bd:f3:2f:
|
|
5f:17:bd:8f:9f:c2:aa:c9:84:7a:8f:a5:51:8e:5d:
|
|
cb:f1:5c:a2:a1:b2:2c:9f:7e:ec:9e:21:78:b9:a5:
|
|
a4:98:67:bc:eb:df:50:78:9d:4f:dc:a5:34:b4:8a:
|
|
68:e0:e5:14:ba:c4:b0:ee:71:a2:0a:93:a4:54:ad:
|
|
88:af:ee:50:f4:d4:fe:62:df:de:2e:8d:bc:e9:4d:
|
|
3a:6d:17:49:f2:4d:01:6a:08:fa:61:1a:a7:8b:21:
|
|
2b:c5:bd:f0:05:48:ea:a8:cc:fc:2c:7c:2f:b6:ed:
|
|
1b:86:ba:d2:25:f0:57:0d:80:ca:35:dd:9b:80:3f:
|
|
51:5a:0d:76:80:f6:27:cc:4c:63:f5:48:f1:c4:83:
|
|
e0:86:69:69:69:37:d0:1e:0c:57:93:6f:c8:4e:29:
|
|
be:5c:0c:5e:ff:de:62:1b:bd:4f:20:1e:37:83:c3:
|
|
ce:65:37:46:25:62:72:b8:5f:99:8e:c3:b6:36:99:
|
|
cb:49:99:bb:5d:69:d7:7e:b1:9d:4f:8b:39:65:05:
|
|
9a:c6:03:cd:0a:77:99:c0:27:d0:27:7b:44:f2:65:
|
|
18:53:16:e4:9f:55:48:08:39:ed:50:9c:03:87:78:
|
|
20:53:91:97:17:f9:66:77:81:b0:85:a2:fe:75:ad:
|
|
bc:60:a9:d1:bf:06:7d:f5:a7:48:dc:97:18:7c:23:
|
|
5d:59:fd:c8:68:7a:f7:91:9a:0f:23:aa:37:ae:19:
|
|
16:51:bf:0e:c2:ce:9c:eb:b0:8b:46:fd:69:6b:74:
|
|
1b:0d:63:80:7f:da:22:b8:0a:52:85:db:6c:ef:ad:
|
|
d3:33:ab:0b:a5:5e:d3:1c:95:b7:cc:65:82:00:6b:
|
|
1e:d5:cd
|
|
Exponent: 65537 (0x10001)
|
|
X509v3 extensions:
|
|
X509v3 Basic Constraints:
|
|
CA:FALSE
|
|
X509v3 Subject Key Identifier:
|
|
26:D4:12:91:04:0B:49:7F:97:A7:27:46:06:4A:41:31:7A:DC:5D:55
|
|
X509v3 Authority Key Identifier:
|
|
keyid:EC:79:C5:08:B7:1E:0A:67:C6:E0:34:31:3C:79:D9:D6:83:D9:49:DC
|
|
|
|
X509v3 Key Usage: critical
|
|
Digital Signature, Key Encipherment
|
|
X509v3 Extended Key Usage:
|
|
TLS Web Server Authentication
|
|
X509v3 Subject Alternative Name:
|
|
DNS:vpn.pyrocufflink.net, DNS:vpn.pyrocufflink.blue, DNS:vpn.pyrocufflink.red
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
a2:3f:32:85:53:cf:23:4a:00:21:e4:4c:03:02:cc:09:09:9c:
|
|
11:e9:bb:0a:31:70:e0:98:66:4e:19:48:1b:01:9d:54:41:07:
|
|
2b:24:b8:bc:c0:0a:9a:7c:d3:3c:c5:11:19:42:b5:9b:0b:3c:
|
|
bb:30:4c:6d:81:24:91:25:20:26:ae:ba:b1:82:3a:f1:0d:ba:
|
|
a3:a2:a2:c1:fa:76:8b:2f:cf:3f:e5:df:5c:1b:04:cc:32:f1:
|
|
e5:a1:8b:4e:26:de:af:92:36:65:4a:b9:ce:cf:cf:a0:b8:fe:
|
|
c7:8c:88:f4:56:c9:9e:db:a4:47:6c:e4:71:6c:51:d7:ef:cc:
|
|
39:66:a7:b6:05:82:a3:87:28:c1:e6:51:53:8a:69:e1:05:fb:
|
|
7e:a1:71:36:55:79:1c:07:78:5c:eb:f9:15:3e:bf:25:86:c8:
|
|
c6:47:85:87:eb:77:6b:7a:90:fb:4b:3b:15:f0:ab:b2:b3:b9:
|
|
9f:77:13:13:9b:9c:21:ae:63:9f:33:0e:ca:de:8e:ae:0d:1d:
|
|
b4:be:f2:17:55:73:31:a7:6e:4e:36:4f:8f:ea:89:cf:55:81:
|
|
13:1c:c4:76:6e:e0:23:81:48:08:38:13:d3:6c:d1:e4:a4:e9:
|
|
c1:de:9a:22:ff:ae:be:a7:38:3c:12:46:19:7a:04:50:34:6f:
|
|
13:9e:1c:8c:ef:27:7c:ad:94:72:1e:d4:9e:de:80:bd:a9:92:
|
|
86:ec:b5:42:c8:3b:a7:ee:42:ee:1f:f4:77:f3:48:e7:ff:41:
|
|
58:80:74:77:ce:ff:41:b8:4d:3b:68:34:1f:7f:74:40:2a:47:
|
|
f9:84:b2:0e:95:fa:b8:44:23:b4:c9:7f:f7:c1:22:b9:56:34:
|
|
bb:aa:41:12:23:9d:d9:93:4a:f4:b9:69:94:3e:49:2b:39:cc:
|
|
9d:d3:18:eb:9e:5a:e3:50:b6:23:5d:e3:1e:81:d6:5d:61:cc:
|
|
c0:2a:8b:8d:4a:92:29:56:b9:34:e9:3f:a3:c0:de:e9:ca:ed:
|
|
27:89:12:e9:98:46:8c:ef:72:f8:bd:d5:54:12:63:3f:d1:65:
|
|
35:e6:64:90:1e:1b:7d:aa:c6:e1:32:65:b6:41:a1:ea:ee:07:
|
|
1f:23:a3:71:df:ea:ee:c0:78:7f:43:ac:9b:b2:fb:f8:94:c8:
|
|
54:bc:f2:66:66:06:af:f5:08:cf:99:9e:a2:4c:5c:27:81:47:
|
|
a5:9c:8a:7e:58:66:88:9b:1b:11:53:0f:d0:94:9d:12:cf:f9:
|
|
29:38:be:1c:bb:32:f6:e0:8a:62:62:e3:5c:9f:28:a6:31:a6:
|
|
fe:6d:10:2b:28:9f:21:6a:72:1c:61:12:50:4f:ee:eb:b3:17:
|
|
47:0f:59:73:c1:b1:0d:df
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIFzjCCA7agAwIBAgIRAPTumGNF0Uk2p/dvTwR3p6swDQYJKoZIhvcNAQELBQAw
|
|
OzELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD0R1c3RpbiBDLiBIYXRjaDESMBAGA1UE
|
|
AwwJRENIIENBIFIxMB4XDTE4MDUyMDE2MDgxM1oXDTIxMDUxOTE2MDgxM1owRjEL
|
|
MAkGA1UEBhMCVVMxGDAWBgNVBAoMD0R1c3RpbiBDLiBIYXRjaDEdMBsGA1UEAwwU
|
|
dnBuLnB5cm9jdWZmbGluay5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
|
|
AoICAQC/6WyBIdMcFN6GZOjmL6UiSV2iZOu5eL0uVzJN0Uo6Z8wAPhO6vsZneIxx
|
|
S+vKOh8wEBr/ejzxFzghrrNDWgkQvFgRoAtbUBjG6Rl75Oct/w1XoZswkOsXAhQE
|
|
P6vJmUS4ZvxsQhIpo/xZ2Spk8E1N5N+NYEP6ep52mGYtAUcTybr2oXRVjni10lmg
|
|
5yGGhmX729nuuk6ZFnmsRwavAaOsOyKUpj0TCrpbc1j8NyKPFv3W1wQK4BT+pgq1
|
|
vCNs/r3zL18XvY+fwqrJhHqPpVGOXcvxXKKhsiyffuyeIXi5paSYZ7zr31B4nU/c
|
|
pTS0imjg5RS6xLDucaIKk6RUrYiv7lD01P5i394ujbzpTTptF0nyTQFqCPphGqeL
|
|
ISvFvfAFSOqozPwsfC+27RuGutIl8FcNgMo13ZuAP1FaDXaA9ifMTGP1SPHEg+CG
|
|
aWlpN9AeDFeTb8hOKb5cDF7/3mIbvU8gHjeDw85lN0YlYnK4X5mOw7Y2mctJmbtd
|
|
add+sZ1PizllBZrGA80Kd5nAJ9Ane0TyZRhTFuSfVUgIOe1QnAOHeCBTkZcX+WZ3
|
|
gbCFov51rbxgqdG/Bn31p0jclxh8I11Z/choeveRmg8jqjeuGRZRvw7CzpzrsItG
|
|
/WlrdBsNY4B/2iK4ClKF22zvrdMzqwulXtMclbfMZYIAax7VzQIDAQABo4HBMIG+
|
|
MAkGA1UdEwQCMAAwHQYDVR0OBBYEFCbUEpEEC0l/l6cnRgZKQTF63F1VMB8GA1Ud
|
|
IwQYMBaAFOx5xQi3HgpnxuA0MTx52daD2UncMA4GA1UdDwEB/wQEAwIFoDATBgNV
|
|
HSUEDDAKBggrBgEFBQcDATBMBgNVHREERTBDghR2cG4ucHlyb2N1ZmZsaW5rLm5l
|
|
dIIVdnBuLnB5cm9jdWZmbGluay5ibHVlghR2cG4ucHlyb2N1ZmZsaW5rLnJlZDAN
|
|
BgkqhkiG9w0BAQsFAAOCAgEAoj8yhVPPI0oAIeRMAwLMCQmcEem7CjFw4JhmThlI
|
|
GwGdVEEHKyS4vMAKmnzTPMURGUK1mws8uzBMbYEkkSUgJq66sYI68Q26o6Kiwfp2
|
|
iy/PP+XfXBsEzDLx5aGLTiber5I2ZUq5zs/PoLj+x4yI9FbJntukR2zkcWxR1+/M
|
|
OWantgWCo4coweZRU4pp4QX7fqFxNlV5HAd4XOv5FT6/JYbIxkeFh+t3a3qQ+0s7
|
|
FfCrsrO5n3cTE5ucIa5jnzMOyt6Org0dtL7yF1VzMaduTjZPj+qJz1WBExzEdm7g
|
|
I4FICDgT02zR5KTpwd6aIv+uvqc4PBJGGXoEUDRvE54cjO8nfK2Uch7Unt6AvamS
|
|
huy1Qsg7p+5C7h/0d/NI5/9BWIB0d87/QbhNO2g0H390QCpH+YSyDpX6uEQjtMl/
|
|
98EiuVY0u6pBEiOd2ZNK9LlplD5JKznMndMY655a41C2I13jHoHWXWHMwCqLjUqS
|
|
KVa5NOk/o8De6crtJ4kS6ZhGjO9y+L3VVBJjP9FlNeZkkB4bfarG4TJltkGh6u4H
|
|
HyOjcd/q7sB4f0Osm7L7+JTIVLzyZmYGr/UIz5meokxcJ4FHpZyKflhmiJsbEVMP
|
|
0JSdEs/5KTi+HLsy9uCKYmLjXJ8opjGm/m0QKyifIWpyHGESUE/u67MXRw9Zc8Gx
|
|
Dd8=
|
|
-----END CERTIFICATE-----
|
|
Certificate:
|
|
Data:
|
|
Version: 3 (0x2)
|
|
Serial Number:
|
|
12:ae:b5:db:96:be:43:b8:8d:31:11:f4:42:91:ef:ee
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
Issuer: C = US, O = Dustin C. Hatch, CN = DCH Root CA R1
|
|
Validity
|
|
Not Before: Feb 21 13:04:10 2018 GMT
|
|
Not After : Feb 20 13:04:10 2023 GMT
|
|
Subject: C = US, O = Dustin C. Hatch, CN = DCH CA R1
|
|
Subject Public Key Info:
|
|
Public Key Algorithm: rsaEncryption
|
|
Public-Key: (4096 bit)
|
|
Modulus:
|
|
00:c1:dd:56:e7:5c:9b:65:e0:50:24:39:ba:cd:26:
|
|
4e:6c:db:0a:41:ed:d1:10:46:31:b9:ea:e9:5d:04:
|
|
f5:8a:21:5a:8b:6e:5c:5c:23:e2:eb:ea:57:8c:fc:
|
|
ad:a0:c6:34:a1:2f:31:0a:4b:43:5a:b3:70:de:e9:
|
|
12:57:01:0b:c2:d2:df:c1:74:ea:c3:1d:10:95:a4:
|
|
86:9f:71:a5:9f:7a:b4:5e:68:58:dd:57:0f:b5:55:
|
|
b9:fb:89:6d:e7:3e:fd:92:c1:64:5b:7b:94:19:2e:
|
|
c7:d0:71:42:11:b8:d8:a5:9d:87:1f:d7:6b:8b:cb:
|
|
d9:76:32:5a:08:79:82:2b:36:ea:3c:79:ce:70:6d:
|
|
e3:40:e5:36:17:cf:1b:00:33:63:68:78:27:5a:be:
|
|
78:c2:01:92:08:00:2c:f6:08:bb:bf:5f:a4:77:60:
|
|
05:c2:1f:e3:21:db:96:d8:c0:b7:0a:72:a5:06:b4:
|
|
6e:d3:ee:d6:91:7e:47:fc:4a:1a:98:6a:3a:11:28:
|
|
9e:5e:61:02:2c:3d:c9:98:44:a0:9c:8b:19:69:46:
|
|
f5:22:32:09:f8:ab:b6:2d:a0:d7:59:61:13:65:2e:
|
|
5e:a3:64:7f:bf:4f:2c:94:e6:23:fc:f4:ef:3b:14:
|
|
8f:7c:7a:e0:44:53:67:ff:58:f9:1c:68:a4:36:ca:
|
|
62:52:46:38:12:a7:ce:64:9b:a1:32:cd:39:b9:f2:
|
|
55:47:2c:fa:c8:55:b8:2f:28:45:9a:fc:fc:cd:64:
|
|
54:fa:5f:19:fa:7e:dd:b1:e5:cf:65:18:a8:d2:8f:
|
|
34:16:83:f4:26:30:e1:a3:7f:b5:44:a0:d1:33:fe:
|
|
03:f2:3b:b2:4b:38:c0:e9:b2:03:e6:f4:18:1f:09:
|
|
63:e7:dd:26:dc:ec:9e:2b:a3:43:64:d8:fe:d1:76:
|
|
c0:c6:a9:92:1a:fa:01:07:15:73:4a:80:09:fa:02:
|
|
3e:83:7f:12:bc:00:1f:53:43:04:9e:7f:ac:2f:ff:
|
|
e9:cc:f2:06:fe:86:ce:8d:67:46:27:d0:48:de:75:
|
|
74:da:c2:18:0c:91:30:11:5c:cf:8e:1b:79:b2:94:
|
|
c8:5e:4b:76:1c:da:88:ef:e8:42:f7:4f:b5:9b:76:
|
|
fe:1c:b7:1d:ba:b2:0e:b0:db:29:4e:a1:48:03:c8:
|
|
0a:62:ab:a0:a5:19:86:ae:19:e8:72:35:0f:72:f0:
|
|
dd:1f:1d:29:6a:f2:8d:d4:1d:3e:fc:60:b0:cc:2c:
|
|
52:96:2a:f1:b4:5f:ac:d4:5a:e5:05:fc:86:61:e2:
|
|
5d:d7:4a:14:ff:f8:e8:60:64:fa:b1:5a:5e:70:d2:
|
|
5b:f9:e7:c4:e1:ae:12:d0:6a:48:90:4b:72:19:9d:
|
|
92:ef:85
|
|
Exponent: 65537 (0x10001)
|
|
X509v3 extensions:
|
|
X509v3 Basic Constraints: critical
|
|
CA:TRUE, pathlen:0
|
|
X509v3 Key Usage:
|
|
Digital Signature, Certificate Sign, CRL Sign
|
|
Authority Information Access:
|
|
CA Issuers - URI:http://dustin.hatch.name/dch-ca/dch-root-ca.cer
|
|
|
|
X509v3 Authority Key Identifier:
|
|
keyid:C7:BF:DF:C7:69:05:A9:E8:E3:3E:DB:CE:E6:47:CE:92:2D:27:11:6A
|
|
|
|
X509v3 CRL Distribution Points:
|
|
|
|
Full Name:
|
|
URI:http://dustin.hatch.name/dch-ca/dch-ca.crl
|
|
|
|
X509v3 Subject Key Identifier:
|
|
EC:79:C5:08:B7:1E:0A:67:C6:E0:34:31:3C:79:D9:D6:83:D9:49:DC
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
83:c2:82:7e:fe:a1:c3:c8:47:af:1e:f4:34:53:4f:cd:82:f1:
|
|
4b:2c:4b:a5:cb:94:a6:d3:5b:e0:77:f1:fd:1a:05:46:47:19:
|
|
43:72:91:b0:95:7e:ad:e0:65:34:47:23:26:09:12:c9:82:c0:
|
|
3a:2a:e2:92:e4:e6:c8:07:d0:a0:a9:11:d7:3c:ec:68:99:9c:
|
|
88:13:62:0e:0f:d4:78:7a:26:04:ec:80:65:18:ba:0d:a9:8c:
|
|
36:0c:af:5c:69:19:04:ac:ea:c0:3c:6e:06:f6:c7:65:ab:89:
|
|
fc:83:70:55:85:3e:86:db:77:59:dc:bd:87:7f:cd:e4:da:65:
|
|
ab:94:22:ce:a1:7f:a0:12:56:5a:04:8d:c4:86:cc:77:ee:14:
|
|
c5:89:bd:d5:9c:92:61:45:74:60:4c:d9:bd:a1:5a:05:8c:ca:
|
|
07:89:95:3f:56:ba:e0:ed:c2:b1:70:fe:ae:bd:a1:b3:db:2e:
|
|
9c:91:fa:69:de:1f:4f:bf:bc:1b:d2:35:9f:2b:80:53:be:6e:
|
|
44:3c:c6:1e:f2:15:42:ad:05:56:27:19:d0:d1:e0:b9:af:5a:
|
|
f3:ae:60:e8:bd:84:c0:49:bd:be:0b:d3:87:4e:af:4e:59:7c:
|
|
50:27:8b:85:ed:1f:1c:88:6d:34:d8:83:e3:13:56:20:f7:ba:
|
|
a1:72:4c:1a:21:3a:1f:dc:0c:b5:35:1a:e5:46:e6:66:7f:05:
|
|
90:79:ee:80:48:ea:7a:8c:12:ea:68:4c:c4:f7:6a:83:b2:4b:
|
|
ed:ca:16:98:33:4e:ce:5e:8b:a8:f3:05:b0:6c:67:ab:57:69:
|
|
24:02:7b:dd:48:4c:35:58:53:15:21:a1:bc:cd:b2:91:f0:cd:
|
|
11:44:96:0e:2e:5f:43:88:a1:fc:33:c7:27:46:6d:25:69:23:
|
|
d6:17:4c:ee:68:9f:d9:12:86:cb:d1:37:d9:42:bb:1f:35:65:
|
|
0c:c0:d1:58:d5:63:35:f0:1c:2d:3b:e1:a2:0f:a7:51:2a:5c:
|
|
53:d3:ba:b9:db:92:5a:59:e5:35:b7:c9:f9:b5:ff:bb:a2:e3:
|
|
b3:cb:ef:fd:94:36:00:c7:a5:f0:b5:f0:e7:05:b8:df:c0:e7:
|
|
61:dc:75:a7:d2:73:f3:15:75:7c:5e:d9:38:17:ad:f7:a8:de:
|
|
29:d3:f0:c4:5b:86:be:b9:9d:37:72:fc:65:c8:1f:95:b5:9b:
|
|
5d:d6:78:a1:33:09:bd:30:2d:aa:15:72:ee:16:5a:b4:aa:d9:
|
|
30:d4:6c:43:03:c3:ea:d0:d4:fc:cf:ce:a7:95:6d:dd:7d:20:
|
|
a1:60:4d:30:84:74:3b:3a:46:15:8c:78:e8:31:3b:e3:18:36:
|
|
bc:96:4f:f6:9f:48:e4:87
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIF9DCCA9ygAwIBAgIQEq6125a+Q7iNMRH0QpHv7jANBgkqhkiG9w0BAQsFADBA
|
|
MQswCQYDVQQGEwJVUzEYMBYGA1UECgwPRHVzdGluIEMuIEhhdGNoMRcwFQYDVQQD
|
|
DA5EQ0ggUm9vdCBDQSBSMTAeFw0xODAyMjExMzA0MTBaFw0yMzAyMjAxMzA0MTBa
|
|
MDsxCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9EdXN0aW4gQy4gSGF0Y2gxEjAQBgNV
|
|
BAMMCURDSCBDQSBSMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMHd
|
|
Vudcm2XgUCQ5us0mTmzbCkHt0RBGMbnq6V0E9YohWotuXFwj4uvqV4z8raDGNKEv
|
|
MQpLQ1qzcN7pElcBC8LS38F06sMdEJWkhp9xpZ96tF5oWN1XD7VVufuJbec+/ZLB
|
|
ZFt7lBkux9BxQhG42KWdhx/Xa4vL2XYyWgh5gis26jx5znBt40DlNhfPGwAzY2h4
|
|
J1q+eMIBkggALPYIu79fpHdgBcIf4yHbltjAtwpypQa0btPu1pF+R/xKGphqOhEo
|
|
nl5hAiw9yZhEoJyLGWlG9SIyCfirti2g11lhE2UuXqNkf79PLJTmI/z07zsUj3x6
|
|
4ERTZ/9Y+RxopDbKYlJGOBKnzmSboTLNObnyVUcs+shVuC8oRZr8/M1kVPpfGfp+
|
|
3bHlz2UYqNKPNBaD9CYw4aN/tUSg0TP+A/I7sks4wOmyA+b0GB8JY+fdJtzsniuj
|
|
Q2TY/tF2wMapkhr6AQcVc0qACfoCPoN/ErwAH1NDBJ5/rC//6czyBv6Gzo1nRifQ
|
|
SN51dNrCGAyRMBFcz44bebKUyF5LdhzaiO/oQvdPtZt2/hy3HbqyDrDbKU6hSAPI
|
|
CmKroKUZhq4Z6HI1D3Lw3R8dKWryjdQdPvxgsMwsUpYq8bRfrNRa5QX8hmHiXddK
|
|
FP/46GBk+rFaXnDSW/nnxOGuEtBqSJBLchmdku+FAgMBAAGjge4wgeswEgYDVR0T
|
|
AQH/BAgwBgEB/wIBADALBgNVHQ8EBAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsG
|
|
AQUFBzAChi9odHRwOi8vZHVzdGluLmhhdGNoLm5hbWUvZGNoLWNhL2RjaC1yb290
|
|
LWNhLmNlcjAfBgNVHSMEGDAWgBTHv9/HaQWp6OM+287mR86SLScRajA7BgNVHR8E
|
|
NDAyMDCgLqAshipodHRwOi8vZHVzdGluLmhhdGNoLm5hbWUvZGNoLWNhL2RjaC1j
|
|
YS5jcmwwHQYDVR0OBBYEFOx5xQi3HgpnxuA0MTx52daD2UncMA0GCSqGSIb3DQEB
|
|
CwUAA4ICAQCDwoJ+/qHDyEevHvQ0U0/NgvFLLEuly5Sm01vgd/H9GgVGRxlDcpGw
|
|
lX6t4GU0RyMmCRLJgsA6KuKS5ObIB9CgqRHXPOxomZyIE2IOD9R4eiYE7IBlGLoN
|
|
qYw2DK9caRkErOrAPG4G9sdlq4n8g3BVhT6G23dZ3L2Hf83k2mWrlCLOoX+gElZa
|
|
BI3Ehsx37hTFib3VnJJhRXRgTNm9oVoFjMoHiZU/Vrrg7cKxcP6uvaGz2y6ckfpp
|
|
3h9Pv7wb0jWfK4BTvm5EPMYe8hVCrQVWJxnQ0eC5r1rzrmDovYTASb2+C9OHTq9O
|
|
WXxQJ4uF7R8ciG002IPjE1Yg97qhckwaITof3Ay1NRrlRuZmfwWQee6ASOp6jBLq
|
|
aEzE92qDskvtyhaYM07OXouo8wWwbGerV2kkAnvdSEw1WFMVIaG8zbKR8M0RRJYO
|
|
Ll9DiKH8M8cnRm0laSPWF0zuaJ/ZEobL0TfZQrsfNWUMwNFY1WM18BwtO+GiD6dR
|
|
KlxT07q525JaWeU1t8n5tf+7ouOzy+/9lDYAx6XwtfDnBbjfwOdh3HWn0nPzFXV8
|
|
Xtk4F633qN4p0/DEW4a+uZ03cvxlyB+VtZtd1nihMwm9MC2qFXLuFlq0qtkw1GxD
|
|
A8Pq0NT8z86nlW3dfSChYE0whHQ7OkYVjHjoMTvjGDa8lk/2n0jkhw==
|
|
-----END CERTIFICATE-----
|