8475c77fb5.nxcli.net
Issued by R3
About this certificate
This digital certificate with serial number 03:70:94:11:2a:12:8e:e3:20:05:20:ad:35:9f:42:a6:8a:4d was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=8475c77fb5.nxcli.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:70:94:11:2a:12:8e:e3:20:05:20:ad:35:9f:42:a6:8a:4dSerial Number (int): 299645297756180142216422018175700549667405
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f1:99:5c:68:06:fc:07:d9:9c:98:65:7a:aa:0b:bf:7d:81:55:4d:cd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 75:59:d0:6a:b0:c0:e5:6f:d2:3f:1c:c0:a9:ef:71:9d:41:fd:0a:ae
Fingerprint (sha256): 00:0a:96:50:7c:c2:7a:c7:ab:fb:f2:21:0c:be:f2:15:4e:31:53:09:52:9e:e2:3d:a2:c9:5b:69:dd:34:55:20
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate 8475c77fb5.nxcli.net
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for 8475c77fb5.nxcli.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
8475c77fb5.nxcli.net
medicaidmattersny.org
www.medicaidmattersny.org
medicaidmattersny.org
www.medicaidmattersny.org
Other certificates including the domain name nxcli.net
(limited to 100 certificates)
a2a036cc17.nxcli.net
75b4b9b5dc.nxcli.net
103ae74ca9.nxcli.net
f2923accef.nxcli.net
6e1fd868ed.nxcli.net
1b95316ac4.nxcli.net
489f06eeac.nxcli.net
dba7195ad4.nxcli.net
535cf9e251.nxcli.net
8475c77fb5.nxcli.net
15be8c6e63.nxcli.net
7854ce4ce0.nxcli.net
31839e4893.nxcli.net
94678f8f2a.nxcli.net
798fd96511.nxcli.net
7866b65089.nxcli.net
3b2f652f68.nxcli.net
753b8dd118.nxcli.net
536da0e780.nxcli.net
811a8bf3dd.nxcli.net
66f92c39cf.nxcli.net
c522066a96.nxcli.net
5338a2b6e2.nxcli.net
ddb0cb956e.nxcli.net
7dc4732f9b.nxcli.net
41d7e82c47.nxcli.net
fc2f6d4328.nxcli.net
3fd2226913.nxcli.net
6809bc8fdc.nxcli.net
5d848740b9.nxcli.net
aa6b287501.nxcli.net
f8f4bfda08.nxcli.net
336631357a.nxcli.net
bbe1a1c2eb.nxcli.net
0de2d0e0b2.nxcli.net
5af068f62a.nxcli.net
bddb805c5e.nxcli.net
f7027fb9c4.nxcli.net
3532fc4b4b.nxcli.net
44083d18e4.nxcli.net
fa1e3c5ba9.nxcli.net
44f233d070.nxcli.net
b6aaa5e7ed.nxcli.net
9f3015c3b2.nxcli.net
3ffa73dd00.nxcli.net
ad4eb8db67.nxcli.net
3f071fd245.nxcli.net
29b3cdac98.nxcli.net
af908aad3e.nxcli.net
a02ed4fc0b.nxcli.net
d809c50123.nxcli.net
15b29f2831.nxcli.net
b5ccb4f3b0.nxcli.net
d367f29a7c.nxcli.net
a8da0640da.nxcli.net
f64261a1f6.nxcli.net
67f9caf0db.nxcli.net
ae6406a22e.nxcli.net
c05fc6a891.nxcli.net
39a94bd1ce.nxcli.net
b4d59eb5eb.nxcli.net
6cb6de2c28.nxcli.net
8e2d66d038.nxcli.net
f9a8a2180e.nxcli.net
a7a9438bcb.nxcli.net
4a4bb3f7d6.nxcli.net
41013916ba.nxcli.net
bd3d46d20b.nxcli.net
7e0ac19ae9.nxcli.net
6134347fa2.nxcli.net
b21f1e6f5c.nxcli.net
02d525bc4d.nxcli.net
3d47ca0dc4.nxcli.net
afad2687e4.nxcli.net
de9763bcd0.nxcli.net
fb0f130ce5.nxcli.net
8bca915c0f.nxcli.net
f2eae35b04.nxcli.net
b1c13a4036.nxcli.net
bb70b8ad03.nxcli.net
0208a57fd0.nxcli.net
5e42d166fd.nxcli.net
ce16e167e3.nxcli.net
dc63454c4c.nxcli.net
8730008bf2.nxcli.net
9978d42999.nxcli.net
0b15bfe610.nxcli.net
e85b6347ed.nxcli.net
52e3163df8.nxcli.net
05a0c70213.nxcli.net
1b038849c3.nxcli.net
6fc6ac756d.nxcli.net
f7a96ccbeb.nxcli.net
fcfc979e73.nxcli.net
9e57a1209d.nxcli.net
c445065e80.nxcli.net
cf4bd274fe.nxcli.net
4f5864b363.nxcli.net
08da24c888.nxcli.net
f059571560.nxcli.net
75b4b9b5dc.nxcli.net
103ae74ca9.nxcli.net
f2923accef.nxcli.net
6e1fd868ed.nxcli.net
1b95316ac4.nxcli.net
489f06eeac.nxcli.net
dba7195ad4.nxcli.net
535cf9e251.nxcli.net
8475c77fb5.nxcli.net
15be8c6e63.nxcli.net
7854ce4ce0.nxcli.net
31839e4893.nxcli.net
94678f8f2a.nxcli.net
798fd96511.nxcli.net
7866b65089.nxcli.net
3b2f652f68.nxcli.net
753b8dd118.nxcli.net
536da0e780.nxcli.net
811a8bf3dd.nxcli.net
66f92c39cf.nxcli.net
c522066a96.nxcli.net
5338a2b6e2.nxcli.net
ddb0cb956e.nxcli.net
7dc4732f9b.nxcli.net
41d7e82c47.nxcli.net
fc2f6d4328.nxcli.net
3fd2226913.nxcli.net
6809bc8fdc.nxcli.net
5d848740b9.nxcli.net
aa6b287501.nxcli.net
f8f4bfda08.nxcli.net
336631357a.nxcli.net
bbe1a1c2eb.nxcli.net
0de2d0e0b2.nxcli.net
5af068f62a.nxcli.net
bddb805c5e.nxcli.net
f7027fb9c4.nxcli.net
3532fc4b4b.nxcli.net
44083d18e4.nxcli.net
fa1e3c5ba9.nxcli.net
44f233d070.nxcli.net
b6aaa5e7ed.nxcli.net
9f3015c3b2.nxcli.net
3ffa73dd00.nxcli.net
ad4eb8db67.nxcli.net
3f071fd245.nxcli.net
29b3cdac98.nxcli.net
af908aad3e.nxcli.net
a02ed4fc0b.nxcli.net
d809c50123.nxcli.net
15b29f2831.nxcli.net
b5ccb4f3b0.nxcli.net
d367f29a7c.nxcli.net
a8da0640da.nxcli.net
f64261a1f6.nxcli.net
67f9caf0db.nxcli.net
ae6406a22e.nxcli.net
c05fc6a891.nxcli.net
39a94bd1ce.nxcli.net
b4d59eb5eb.nxcli.net
6cb6de2c28.nxcli.net
8e2d66d038.nxcli.net
f9a8a2180e.nxcli.net
a7a9438bcb.nxcli.net
4a4bb3f7d6.nxcli.net
41013916ba.nxcli.net
bd3d46d20b.nxcli.net
7e0ac19ae9.nxcli.net
6134347fa2.nxcli.net
b21f1e6f5c.nxcli.net
02d525bc4d.nxcli.net
3d47ca0dc4.nxcli.net
afad2687e4.nxcli.net
de9763bcd0.nxcli.net
fb0f130ce5.nxcli.net
8bca915c0f.nxcli.net
f2eae35b04.nxcli.net
b1c13a4036.nxcli.net
bb70b8ad03.nxcli.net
0208a57fd0.nxcli.net
5e42d166fd.nxcli.net
ce16e167e3.nxcli.net
dc63454c4c.nxcli.net
8730008bf2.nxcli.net
9978d42999.nxcli.net
0b15bfe610.nxcli.net
e85b6347ed.nxcli.net
52e3163df8.nxcli.net
05a0c70213.nxcli.net
1b038849c3.nxcli.net
6fc6ac756d.nxcli.net
f7a96ccbeb.nxcli.net
fcfc979e73.nxcli.net
9e57a1209d.nxcli.net
c445065e80.nxcli.net
cf4bd274fe.nxcli.net
4f5864b363.nxcli.net
08da24c888.nxcli.net
f059571560.nxcli.net
Certificate
The complete raw certificate details for 8475c77fb5.nxcli.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJjCCBQ6gAwIBAgISA3CUESoSjuMgBSCtNZ9CpopNMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTUwNjE3NDRaFw0yNDAxMTMwNjE3NDNaMB8xHTAbBgNVBAMT FDg0NzVjNzdmYjUubnhjbGkubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC CgKCAgEAqfP8iITqghJsynMyBBWC7TsLej92FmN4y2sImeRetlVdg9GfkKGCvFzx 9r3OMbxpznDphd/2P3GRHi3S8H9NyRGjUFlpvKTSlq+9izHhzg/Fq15+pEz+3jwB svdyk5PhTLhClnNszsN9HP9OMqW4obgDgKEjXJ4E6v38D819kDsCHnpyr9UcYlws gO3gW7leVK6L4Yf+dot3xSzqm9+AkYCO7Cs7N0hAWcnOo3hFvrwu36zSUCK36Qx+ MpCSdSZwpTkwFO8kRDP0MVjOrVhxCLDSMKeOI8IRsuSfN/t9eJxyVuYfKVK8JKrI Q/V1lZa+3WoLp4oC2jDx2a6zA2TahRntvnBpO9zxQ2R2pYid9pYZ4seBkXTAmJGs D3ROUbpPQcx7LGzrwyNMzWMaNIds4GYGRZ8D0T+nMm5sGDNgqktlWD14SOCsO2du 63eWvqpcShGK3ip29f+WnBusdxau3Hfd414SGJI716I3O0Ulb//ribfWbqTfyd8J Kp67188lwuARGEOj88E0J+UxV6DnfylVL879E4w2azAOPuRGY1D1m/e/X5GpZo8w RHrlQb49dY/YnH0yNcLuHnP1Ar1m/P/QmhRrEqfV931TmzQO6D36o+DAjov7n5Oh mhPjmpqN3PM4V2cheALEDXDrTQYFQoIBdgWRcwp6L2xMB9qbr+cCAwEAAaOCAkcw ggJDMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU8ZlcaAb8B9mcmGV6qgu/fYFVTc0w HwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBH MCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKG Fmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wUQYDVR0RBEowSIIUODQ3NWM3N2ZiNS5u eGNsaS5uZXSCFW1lZGljYWlkbWF0dGVyc255Lm9yZ4IZd3d3Lm1lZGljYWlkbWF0 dGVyc255Lm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIE gfQEgfEA7wB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABizIy rkIAAAQDAEYwRAIgICBxg8z6zTMV6A4GmjRsE+ROxXP7E/iGAU+JL4obTFoCIEWb HtyQzOZGgGbTzUsadI70AF2esrWv2G60ngdl2TaGAHYAdv+IPwq2+5VRwmHM9Ye6 NLSkzbsp3GhCCp/mZ0xaOnQAAAGLMjKurQAABAMARzBFAiB9QSjeeAr7ixcdZvPg 2G2H5OxDSOnG1wwlyJ8cxUxZGwIhANEFVr565yseT/j/qB6ag6NRrQxU8xXYTq8C 8agQxhQlMA0GCSqGSIb3DQEBCwUAA4IBAQACIArUGYVJADhLK2U3T8dh8YK6rrPB cmPEQloEJ9hnoOGO1AtEp82xxWAoyGCa1Pi/Qh+F0h3+09gHd7lyMxPg7iO93iCH ljtlUHn2BdRFjmh+t5fFIBLmHbZHdRaQ9o00g6t+RRMnXk5IucEpB+Sg5bhhWLS8 lqbAr5lazvqpv0BiZ6I11dsGbvRwCZ9jnIrpaOd+1PXlS4Wg8rPh6ohB71BDCsKS SamOAZlLekeXbvE9y7lsz1ZgfDwcN0yd4MCxz5SIA17Z2BgyE+7kcJnPcqfQ1cMs /lK6nVPcdmr9UAUzAKNTO04dU+ALHujmiFn05DBETNNmZ6sd7pe7RczP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqfP8iITqghJsynMyBBWC 7TsLej92FmN4y2sImeRetlVdg9GfkKGCvFzx9r3OMbxpznDphd/2P3GRHi3S8H9N yRGjUFlpvKTSlq+9izHhzg/Fq15+pEz+3jwBsvdyk5PhTLhClnNszsN9HP9OMqW4 obgDgKEjXJ4E6v38D819kDsCHnpyr9UcYlwsgO3gW7leVK6L4Yf+dot3xSzqm9+A kYCO7Cs7N0hAWcnOo3hFvrwu36zSUCK36Qx+MpCSdSZwpTkwFO8kRDP0MVjOrVhx CLDSMKeOI8IRsuSfN/t9eJxyVuYfKVK8JKrIQ/V1lZa+3WoLp4oC2jDx2a6zA2Ta hRntvnBpO9zxQ2R2pYid9pYZ4seBkXTAmJGsD3ROUbpPQcx7LGzrwyNMzWMaNIds 4GYGRZ8D0T+nMm5sGDNgqktlWD14SOCsO2du63eWvqpcShGK3ip29f+WnBusdxau 3Hfd414SGJI716I3O0Ulb//ribfWbqTfyd8JKp67188lwuARGEOj88E0J+UxV6Dn fylVL879E4w2azAOPuRGY1D1m/e/X5GpZo8wRHrlQb49dY/YnH0yNcLuHnP1Ar1m /P/QmhRrEqfV931TmzQO6D36o+DAjov7n5OhmhPjmpqN3PM4V2cheALEDXDrTQYF QoIBdgWRcwp6L2xMB9qbr+cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 299645297756180142216422018175700549667405 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-15 06:17:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-13 06:17:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '8475c77fb5.nxcli.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 693348042442812487531811102355965780296137952196019763349609612012080446164939703283942091066472455379588232857170600914710497939619149015267612057269356379199133846791115766784834723508496278405298888317309786498665071748529670929892622345014125883274750224936825504284072723607696632452205775394305611645345816423506337903654334181468498517010984036532943146309666956872236939160563547191163503468594905548001052895702096833378748240365701682267264813735709643005434188320536503444639164965028343782928156587501033750415149925988121696467276927057478420557422628080752133006644516705656662189429491020762300343508265905078632354217614120924667414019531498778805050704051392134875337478676147662172310741396553407964545843627546192661601429470040119826806675264890197570073126949658602982951930886304385769823039837971515049535983601151704417808815772964553630976356364676362500577489643462902072111879055496038894953619552296284050092377859720569271451474130665526684779305910660966832842248000079880059101366690832937249024806978996377405900782124035229051571522406237984104138756493297788087379851115623835963520075223824384115092780313540098875407594809130185757169225216568572811845178678076857215548446889526527869411957387239 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f1995c6806fc07d99c98657aaa0bbf7d81554dcd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '8475c77fb5.nxcli.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medicaidmattersny.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.medicaidmattersny.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b3232ae420000040300463044022020207183ccfacd3315e80e069a346c13e44ec573fb13f886014f892f8a1b4c5a0220459b1edc90cce6468066d3cd4b1a748ef4005d9eb2b5afd86eb49e0765d9368600760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b3232aead000004030047304502207d4128de780afb8b171d66f3e0d86d87e4ec4348e9c6d70c25c89f1cc54c591b022100d10556be7ae72b1e4ff8ffa81e9a83a351ad0c54f315d84eaf02f1a810c61425 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0002200ad419854900384b2b65374fc761f182baaeb3c17263c4425a0427d867a0e18ed40b44a7cdb1c56028c8609ad4f8bf421f85d21dfed3d80777b9723313e0ee23bdde2087963b655079f605d4458e687eb797c52012e61db647751690f68d3483ab7e4513275e4e48b9c12907e4a0e5b86158b4bc96a6c0af995acefaa9bf406267a235d5db066ef470099f639c8ae968e77ed4f5e54b85a0f2b3e1ea8841ef50430ac29249a98e01994b7a47976ef13dcbb96ccf56607c3c1c374c9de0c0b1cf9488035ed9d8183213eee47099cf72a7d0d5c32cfe52ba9d53dc766afd50053300a3533b4e1d53e00b1ee8e68859f4e430444cd36667ab1dee97bb45cccf