Rating:
On [crt.sh advanced search](https://crt.sh/?a=1) form we see that it is possible to search public certificates by SHA-1(SubjectPublicKeyInfo)
[RsaCtfTool](https://github.com/Ganapati/RsaCtfTool) can generate X.509 encoded public key from given n and e.
```
python3 RsaCtfTool.py --createpub -n 23476345782117384360316464293694572348021858182972446102249052345232474617239084674995381439171455360619476964156250057548035539297034987528920054538760455425802275559282848838042795385223623239088627583122814519864252794995648742053597744613214146425693685364507684602090559028534555976544379804753832469034312177224373112610128420211922617372377101405991494199975508780694545263130816110474679504768973743009441005450839746644168233367636158687594826435608022717302508912914016439961300625816187681031915377565087756094989820015507950937541001438985964760705493680314579323085217869884649720526665543105616470022561 -e 65537
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuffuWhYrpTW8cdcAWUwe
T8oZYCp/8pKPYj4eZ3pd7mhYoCkSSeqZ5e+L33O38SoMANogM1NBayYlumOcPxC/
C9PHMF6AlaLDH+yX/Fg+a055m0O7+5pJNUVuRn9z7aYhhubnRyjk2cVTHLmOHqK9
FPM1QBBdouddMgZYE6plaBdBIMwQ8txuZQs6t862zJfA0/cgT47TtiTNkouHkAuT
VXBPcbM5pXIu7MoflJrUjQ0ljuOIFgXQ7wCFusXrIpvuVpqLzRvTD69GA7Cj0Dt9
ij7KPrBFM2jFyR8vnm5w+T6sGafXgJEEj0sLmbIReWcNeyHC2Tl9OniyMEqPeLsZ
oQIDAQAB
-----END PUBLIC KEY-----
```
SHA1 of base64-decoded public key is: `e7d9335cbc120f133912bb4d4608d4efd833099a`
Searching by SHA1 hash on crt.sh gives us this certificate:
[https://crt.sh/?id=2001057066](https://crt.sh/?id=2001057066)
We see that commonName field of cert is `oa4gio7glypwggb9iu3rh8mrc87tnjbs.flag.ga`
Visiting the website gives us the flag.
`flag{c3rTific4t3_7r4n5pArAncY_fTw}`
