public DomainCertificate(byte[] data, uint offset, uint length, bool privateKeyIncluded = false)
        : base(0, DateTime.MinValue, DateTime.MinValue, HashFunctionType.MD5)
    {
        var oOffset = offset;

        this.id = DC.GetUInt64(data, offset, Endian.Little);
        offset += 8;

        // load IPs
        this.ip  = DC.GetUInt32(data, offset, Endian.Little);
        offset  += 4;
        this.ip6 = DC.Clip(data, offset, 16);

        offset += 16;

        this.issueDate  = DC.GetDateTime(data, offset, Endian.Little);
        offset         += 8;
        this.expireDate = DC.GetDateTime(data, offset, Endian.Little);
        offset         += 8;

        this.domain = Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]);
        offset     += (uint)data[offset] + 1;

        this.authorityName = (Encoding.ASCII.GetString(data, (int)offset + 1, data[offset]));
        offset            += (uint)data[offset] + 1;

        caId    = DC.GetUInt64(data, offset, Endian.Little);
        offset += 8;

        var aea = (AsymetricEncryptionAlgorithmType)(data[offset] >> 5);

        if (aea == AsymetricEncryptionAlgorithmType.RSA)
        {
            var  key            = new RSAParameters();
            uint exponentLength = (uint)data[offset++] & 0x1F;

            key.Exponent = DC.Clip(data, offset, exponentLength);
            offset      += exponentLength;

            uint keySize = DC.GetUInt16(data, offset, Endian.Little);
            offset += 2;

            key.Modulus = DC.Clip(data, offset, keySize);

            offset += keySize;

            // copy cert data
            publicRawData = new byte[offset - oOffset];
            Buffer.BlockCopy(data, (int)oOffset, publicRawData, 0, publicRawData.Length);

            if (privateKeyIncluded)
            {
                uint privateKeyLength = (keySize * 3) + (keySize / 2);
                privateRawData = DC.Clip(data, offset, privateKeyLength);

                uint halfKeySize = keySize / 2;

                key.D        = DC.Clip(data, offset, keySize);
                offset      += keySize;
                key.DP       = DC.Clip(data, offset, halfKeySize);
                offset      += halfKeySize;
                key.DQ       = DC.Clip(data, offset, halfKeySize);
                offset      += halfKeySize;
                key.InverseQ = DC.Clip(data, offset, halfKeySize);
                offset      += halfKeySize;
                key.P        = DC.Clip(data, offset, halfKeySize);
                offset      += halfKeySize;
                key.Q        = DC.Clip(data, offset, halfKeySize);
                offset      += halfKeySize;
            }

            // setup rsa
            rsa = RSA.Create();// new RSACryptoServiceProvider();
            rsa.ImportParameters(key);

            this.signature = DC.Clip(data, offset, length - (offset - oOffset));
        }
    }