ssl.smugmug.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:32:1a:5e:2e:06:b9:10:54:77:eb:f2:c6:73:5e:ec:2b:1e was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ssl.smugmug.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:32:1a:5e:2e:06:b9:10:54:77:eb:f2:c6:73:5e:ec:2b:1eSerial Number (int): 278386025078646258411116446903888062982942
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6d:7f:3c:28:7b:e4:3b:c0:a9:2f:a8:fc:06:72:2f:ec:60:c7:9f:ee
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e1:f0:04:bb:6a:0b:71:b0:dc:1c:9e:01:04:d0:7d:6f:a2:0d:9a:a1
Fingerprint (sha256): 00:05:ff:60:fa:9e:05:98:83:d9:f9:f0:c3:41:42:cf:36:2b:d1:57:6a:ca:e3:c0:f7:9f:5a:a7:35:8c:fd:f9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ssl.smugmug.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ssl.smugmug.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ssl.smugmug.com
www.olafthiel.com
www.olafthiel.com
Other certificates including the domain name smugmug.com
(limited to 100 certificates)
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
statuspage.io
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
statuspage.io
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
Certificate
The complete raw certificate details for ssl.smugmug.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGajCCBVKgAwIBAgISAzIaXi4GuRBUd+vyxnNe7CseMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEyMDIwNzI0MDZaFw0x OTAzMDIwNzI0MDZaMBoxGDAWBgNVBAMTD3NzbC5zbXVnbXVnLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMgn4KqkZljfeevHy9/G+GWiIe8PZrAX RmucTeM4jBHt4UKFjd7dUTiz2V/bErz63biNvGPWgkldLy6J+PzomlVTuzBlxcx8 sc1N0HtJeUojNgvQy6VyUkTis6vcksaV/PGO3vgS6LmHoxYIHTG8w2rAwjWHOEUZ dKsTpiRulVG/AfFELF2bFCRypGX051YNcRcblXBy4CjaexkNM4Rz1FMDQr9ujjfO RxXJ6jSN5D3jzJRtLCm+8r2z7ZcjlLtRtuJMTcZTUUULoYJwkewNB9VrU0smFlos 8Sjh0VGnAOkfPn0b8jY6h8qWU9U+YAer7yO9dVmaOJx3HBgEeSFrddlN2RdCFXVn 2bt5uhDmxn3JoXZNoDKB80sB6dDXsQG2kWTt76yIi/dY0o19LOU/02kB6eT3ogGU 7qBpZgnadn/MaFHw4oUrYDoySTX9Sf9l1JBaMkyKft9aoPYcP68DJ/eKmLh8n5u/ Phx/d8W/LQG6MP73O+9s2+d/8vWB5yJo5zcSMlPoKUX9v/zZhODezku0PaErV8eF akAL3vgCaeA7nrUBikDcOpNpv8kI1tfpCHv+CdL1dwD8qKdgHAf0tP001dSZgA92 UkBsMcitTUiGrPARCpUv9RC28jyJ8C22oCORIkfI3Y3EUge/4kmrglnkpetd1tcZ 8XpJACJ9EU47AgMBAAGjggJ4MIICdDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFG1/ PCh75DvAqS+o/AZyL+xgx5/uMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYDVR0RBCYwJIIPc3NsLnNtdWdtdWcuY29t ghF3d3cub2xhZnRoaWVsLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEE AYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y ZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AHR+2oMxrTMQkSGcziVPQnDCv/1e QiAIxjc1eeYQe8xWAAABZ24EeVwAAAQDAEgwRgIhANsXE6WWFr5WiyWNeUmWnine /eNaeeTixiHBSM8NzKlKAiEA9tlEHcVizWPGxXyGoQbFIECliB4N1mWDyceeqiip obQAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWduBHlMAAAE AwBHMEUCIQC1oKU6KGWHZXHwtTl7IX6/5daSKwTMdDiVYtrCm29THgIgYx6YjIbU ROJmNzV2LYVoNbMMU3FNQN1Ytu7ATFo55LUwDQYJKoZIhvcNAQELBQADggEBAAkF nb6nmZRiUZY6QNKYCP/8rHj2j2/zT7dq5kg2LsU/gz7iQuYhGQ55vfYGir7kHxlA osMDCBJQzQCC+wN5bT0YQ4OtPDjA1JJBdwiMJukecykEc7efpa52QRIqQifCksPy H9mYqqqHCebAt44WlXV1t3CiB5egIfYe7+WkK1l14FEwnUhr+t9iCpdwrQtSyiJX 2/lMq0sWOFsVB4AhEu4A1O7RkPDjz9PazIfgbODb3vBs1iPqWUuZ9zcFU7URcqPs CHBqKjLwrRCVplcLrFvnAhbm7LEkIupRXcgH3EfCtQkTMB/ue8Kccs3QIxHtzeyN xeaNZYQNvjklScAkURs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyCfgqqRmWN9568fL38b4 ZaIh7w9msBdGa5xN4ziMEe3hQoWN3t1ROLPZX9sSvPrduI28Y9aCSV0vLon4/Oia VVO7MGXFzHyxzU3Qe0l5SiM2C9DLpXJSROKzq9ySxpX88Y7e+BLouYejFggdMbzD asDCNYc4RRl0qxOmJG6VUb8B8UQsXZsUJHKkZfTnVg1xFxuVcHLgKNp7GQ0zhHPU UwNCv26ON85HFcnqNI3kPePMlG0sKb7yvbPtlyOUu1G24kxNxlNRRQuhgnCR7A0H 1WtTSyYWWizxKOHRUacA6R8+fRvyNjqHypZT1T5gB6vvI711WZo4nHccGAR5IWt1 2U3ZF0IVdWfZu3m6EObGfcmhdk2gMoHzSwHp0NexAbaRZO3vrIiL91jSjX0s5T/T aQHp5PeiAZTuoGlmCdp2f8xoUfDihStgOjJJNf1J/2XUkFoyTIp+31qg9hw/rwMn 94qYuHyfm78+HH93xb8tAbow/vc772zb53/y9YHnImjnNxIyU+gpRf2//NmE4N7O S7Q9oStXx4VqQAve+AJp4DuetQGKQNw6k2m/yQjW1+kIe/4J0vV3APyop2AcB/S0 /TTV1JmAD3ZSQGwxyK1NSIas8BEKlS/1ELbyPInwLbagI5EiR8jdjcRSB7/iSauC WeSl613W1xnxekkAIn0RTjsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 278386025078646258411116446903888062982942 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-02 07:24:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-02 07:24:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl.smugmug.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 816564307470281284781554416517551188146338658429091724816522651463831256922218205067495296095007955892935797744747628534980228944243172355993259474638335690414239217648725900424251072764752044082509460883285483276563401168811738621960361098725539129209419573545003519506323334869804794725099434195548863953439090760731696154320608251553318184057032154734739602457692533003767181950574732301462700749001107381027841442382286353479306946013205181021978143037766109514751205939054481408741994232274264334553701436248802178615559037267783745018363466903752520608320994150838658181757124118312665821457791627367733028913422241417028087973978422843391244995998439792939794535594511948053347840272116712188193464292652319111534563822487607630458684033405119452039466116205842122242554204792433622246259739952410210709201159462008627926862062667791639084611282414741060869204084458906131957204173821512234600113396600151710683483960950786077729737122038504137542466642235292777908765469627904640904625559690720242734614211216970840421194614140615721041223235811154369847899948329242767297012673687357304710865931510997231975614025560469432797378977899649721600170324738403060842237666294998821970468834064594323627160439714262117306841779771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6d7f3c287be43bc0a92fa8fc06722fec60c79fee . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl.smugmug.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.olafthiel.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001676e04795c0000040300483046022100db1713a59616be568b258d7949969e29defde35a79e4e2c621c148cf0dcca94a022100f6d9441dc562cd63c6c57c86a106c52040a5881e0dd66583c9c79eaa28a9a1b400760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001676e04794c0000040300473045022100b5a0a53a2865876571f0b5397b217ebfe5d6922b04cc74389562dac29b6f531e0220631e988c86d444e2663735762d856835b30c53714d40dd58b6eec04c5a39e4b5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0009059dbea799946251963a40d29808fffcac78f68f6ff34fb76ae648362ec53f833ee242e621190e79bdf6068abee41f1940a2c303081250cd0082fb03796d3d184383ad3c38c0d4924177088c26e91e73290473b79fa5ae7641122a4227c292c3f21fd998aaaa8709e6c0b78e16957575b770a20797a021f61eefe5a42b5975e051309d486bfadf620a9770ad0b52ca2257dbf94cab4b16385b1507802112ee00d4eed190f0e3cfd3dacc87e06ce0dbdef06cd623ea594b99f7370553b51172a3ec08706a2a32f0ad1095a6570bac5be70216e6ecb12422ea515dc807dc47c2b50913301fee7bc29c72cdd02311edcdec8dc5e68d65840dbe392549c024511b