diff --git a/contracts/certificate/signers/CRSASHA2Signer.sol b/contracts/certificate/signers/CRSASHA2Signer.sol
index 74cccdc..f5ec082 100644
--- a/contracts/certificate/signers/CRSASHA2Signer.sol
+++ b/contracts/certificate/signers/CRSASHA2Signer.sol
@@ -1,14 +1,19 @@
 // SPDX-License-Identifier: MIT
 pragma solidity 0.8.16;
 
+import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+
 import {RSA} from "../../utils/RSA.sol";
 import {SHA1} from "../../utils/SHA1.sol";
 
-contract CRSASHA2Signer {
+contract CRSASHA2Signer is Initializable {
     using RSA for bytes;
 
-    uint256 public constant E = 65537; // RSA exponent
-    uint256 public constant X509_KEY_BYTE_LENGTH = 512; // 4096 bits
+    uint256 public exponent; // RSA exponent
+
+    function __CRSASHA2Signer_init(uint256 exponent_) external initializer {
+        exponent = exponent_;
+    }
 
     /**
      * @notice Verifies ICAO member RSA signature of the X509 certificate SA.
@@ -23,14 +28,14 @@ contract CRSASHA2Signer {
         bytes32 x509SAHash = sha256(x509SignedAttributes_);
 
         bytes memory decrypted_ = icaoMemberSignature_.decrypt(
-            abi.encodePacked(E),
+            abi.encodePacked(exponent),
             icaoMemberKey_
         );
 
         bytes32 decryptedX509SAHash_;
 
         assembly {
-            decryptedX509SAHash_ := mload(add(decrypted_, X509_KEY_BYTE_LENGTH)) // 480 offset + 32 length
+            decryptedX509SAHash_ := mload(add(decrypted_, mload(decrypted_))) // load the last 32 bytes
         }
 
         return x509SAHash == decryptedX509SAHash_;
diff --git a/deploy/10_setup.migration.ts b/deploy/10_setup.migration.ts
index 7a287ba..bd7bc02 100644
--- a/deploy/10_setup.migration.ts
+++ b/deploy/10_setup.migration.ts
@@ -33,8 +33,8 @@ export = async (deployer: Deployer) => {
 
   const registration = await deployer.deployed(Registration2Mock__factory, "Registration Proxy");
 
-  const cRsa4096Dispatcher = await deployer.deployed(CRSASHA2Dispatcher__factory, "CRSASHA2Dispatcher 512");
-  const cRsa2048Dispatcher = await deployer.deployed(CRSASHA2Dispatcher__factory, "CRSASHA2Dispatcher 256");
+  const cRsa4096Dispatcher = await deployer.deployed(CRSASHA2Dispatcher__factory, "CRSASHA2Dispatcher 65537 512");
+  const cRsa2048Dispatcher = await deployer.deployed(CRSASHA2Dispatcher__factory, "CRSASHA2Dispatcher 65537 256");
 
   const pRsaSha12688Dispatcher = await deployer.deployed(PRSASHA1Dispatcher__factory, "PRSASHA1Dispatcher 65537");
   const pRsaSha126883Dispatcher = await deployer.deployed(PRSASHA1Dispatcher__factory, "PRSASHA1Dispatcher 3");
diff --git a/deploy/2_registration.migration.ts b/deploy/2_registration.migration.ts
index 2a5b85a..6d18674 100644
--- a/deploy/2_registration.migration.ts
+++ b/deploy/2_registration.migration.ts
@@ -18,10 +18,11 @@ import {
 
 import { getConfig } from "./config/config";
 
-const deployCRSASHA2Dispatcher = async (deployer: Deployer, keyLength: string, keyPrefix: string) => {
-  const signer = await deployer.deploy(CRSASHA2Signer__factory, { name: `CRSASHA2Signer ${keyLength}` });
+const deployCRSASHA2Dispatcher = async (deployer: Deployer, exponent: string, keyLength: string, keyPrefix: string) => {
+  const signer = await deployer.deploy(CRSASHA2Signer__factory, { name: `CRSASHA2Signer ${exponent} ${keyLength}` });
   const dispatcher = await deployer.deploy(CRSASHA2Dispatcher__factory, { name: `CRSASHA2Dispatcher ${keyLength}` });
 
+  await signer.__CRSASHA2Signer_init(exponent);
   await dispatcher.__CRSASHA2Dispatcher_init(await signer.getAddress(), keyLength, keyPrefix);
 };
 
@@ -70,8 +71,8 @@ export = async (deployer: Deployer) => {
 
   await deployPVerifiers(deployer);
 
-  await deployCRSASHA2Dispatcher(deployer, "512", "0x0282020100");
-  await deployCRSASHA2Dispatcher(deployer, "256", "0x0282010100");
+  await deployCRSASHA2Dispatcher(deployer, "65537", "512", "0x0282020100");
+  await deployCRSASHA2Dispatcher(deployer, "65537", "256", "0x0282010100");
 
   await deployPRSASHA12688Dispatcher(deployer, "65537");
   await deployPRSASHA12688Dispatcher(deployer, "3");
diff --git a/test/registration/Registration.test.ts b/test/registration/Registration.test.ts
index 66f2fd6..65dc6bc 100644
--- a/test/registration/Registration.test.ts
+++ b/test/registration/Registration.test.ts
@@ -97,6 +97,7 @@ describe("Registration", () => {
     const rsaSha2Signer = await CRSASHA2Signer.deploy();
     cRsaSha2Dispatcher = await CRSASHA2Dispatcher.deploy();
 
+    await rsaSha2Signer.__CRSASHA2Signer_init(65537);
     await cRsaSha2Dispatcher.__CRSASHA2Dispatcher_init(
       await rsaSha2Signer.getAddress(),
       512,