www.cotentin-sports.fr

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:f8:7c:cb:78:f1:b1:66:78:16:b2:ad:05:10:65:9b:13:c9 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

www.cotentin-sports.fr

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:f8:7c:cb:78:f1:b1:66:78:16:b2:ad:05:10:65:9b:13:c9
Serial Number (int): 345892765552451133345450081186417190048713
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: f0:53:e8:51:00:cf:33:a1:3f:26:4a:13:99:bc:07:d0:44:26:54:8a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 5a:ee:84:99:fb:57:31:94:77:46:49:03:f3:33:c0:c0:90:8e:63:27
Fingerprint (sha256): 00:23:9f:9e:6e:59:b0:7d:99:6f:16:d0:f8:e5:ef:23:9e:bc:ba:b5:90:a7:3c:8c:02:07:55:a9:98:ee:fb:25

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate www.cotentin-sports.fr

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.cotentin-sports.fr


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cotentin-sports.fr
www.cotentin-sports.fr

Other certificates including the domain name cotentin-sports.fr

(limited to 100 certificates)

www.cotentin-sports.fr
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
cotentin-sports.fr
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni35599.cloudflaressl.com
cotentin-sports.fr
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
cotentin-sports.fr
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
cotentin-sports.fr
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
cotentin-sports.fr
sni35599.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
cotentin-sports.fr
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
sni35599.cloudflaressl.com
sni226701.cloudflaressl.com
cotentin-sports.fr
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com
sni226701.cloudflaressl.com

Certificate

The complete raw certificate details for www.cotentin-sports.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISA/h8y3jxsWZ4FrKtBRBlmxPJMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMzExNjUxMDBaFw0x
NzA2MjkxNjUxMDBaMCExHzAdBgNVBAMTFnd3dy5jb3RlbnRpbi1zcG9ydHMuZnIw
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDD3OGegtkOvPCPjd1Y8nYX
MQSSiA991PocMxi0GMKUrWQ5ycH9+jsQ9yylUJ6vm9CbiTJHWVdhLb3Xrbbclteb
lp0dVfBkMw0aZC6qcK9DE8Qp78mx+gr6CzHFbJ8j0zjnmwmHpkOzFpK9g1yznj+k
RVUmOIRxamGTuI29QzZhlLGkikfo7HVbon/mzqf6UsTfDc3a93Kc3cTqp1p88jp8
AQckcbNEQuBeS2fSW7Wd8/Yt2asVtHVlz6d+OjxlRxZDZKwmtpKzhytN9ATfRUsi
QGxywZBuvUo+sYmK+XtXPCcV3USOv0O6wuNrKdvmkPBTqwg8ku5GAvL9gT+bL01U
wphUgI78FwwFSWOoHK0BhA4GLp2S4Gb1MbXmWVo96+kJZLJWr4Hd2rBnt2yRNUcL
ICpbETUcE6to/lbJIC4Pd2T/GGQ/BC8NJXCS32Tlmb2NoXFrk1J7ExC7i96nCjBB
TeoAOmNB8CHkX4GyZQkTuVCkhdFUow3ibU6XJAGRMu643a5cv8un7rYzkqwxB0HZ
9hIE7YTC+XDdVaZ3VjQO/YckpZZ/QQieujkfN1lUheyVQflrmXL6FTSK/ehg5ORW
Q/CZqtTPIgIaEu9PlC+3wuMP2S6eW3sk+DaF1fY5mFo18zJW/HLGXkpLZN7Ue71V
EB00QTjMHSC1qAufQ0r4FwIDAQABo4ICKzCCAicwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBTwU+hRAM8zoT8mShOZvAfQRCZUijAfBgNVHSMEGDAWgBSoSmpjBH3duubR
ObemRWXv86jsoTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9v
Y3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8v
Y2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzA1BgNVHREELjAsghJjb3RlbnRp
bi1zcG9ydHMuZnKCFnd3dy5jb3RlbnRpbi1zcG9ydHMuZnIwgf4GA1UdIASB9jCB
8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRw
Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENl
cnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFy
dGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRl
IFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0
b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAhwUzlzpbxeMClsynOH+7BIhRVf9TFEFj
Bm0Puc7A/B1CJ+lRWxF5CJzNUX1BftyAn4oJZZI1o59ubHIM9urYhC2uaEanZ27T
6/RUFxXyf0d+tJ/0BMK05KB0jHz/m2Q4gYeL0fQ2wRUVbfmr3A0EnLSfA7zdKava
wz52YUIacMQfv/O7HGELNpK23pzfdPk0pHVV5/Cd0Xsm5XMGFSmZ/W4IMZ9N7SBQ
bI7cD+GshgTuAPzx/NPEqi2V5JI2uvqwqYy9IOWTra7/RQgQ85lTjP+WBnTWZ+Rl
EcKLW6FMmweRp5X6/+cqtH4kzKmjld2QxeGU62sml+EpcM7r/x2kKg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw9zhnoLZDrzwj43dWPJ2
FzEEkogPfdT6HDMYtBjClK1kOcnB/fo7EPcspVCer5vQm4kyR1lXYS2916223JbX
m5adHVXwZDMNGmQuqnCvQxPEKe/JsfoK+gsxxWyfI9M455sJh6ZDsxaSvYNcs54/
pEVVJjiEcWphk7iNvUM2YZSxpIpH6Ox1W6J/5s6n+lLE3w3N2vdynN3E6qdafPI6
fAEHJHGzRELgXktn0lu1nfP2LdmrFbR1Zc+nfjo8ZUcWQ2SsJraSs4crTfQE30VL
IkBscsGQbr1KPrGJivl7VzwnFd1Ejr9DusLjaynb5pDwU6sIPJLuRgLy/YE/my9N
VMKYVICO/BcMBUljqBytAYQOBi6dkuBm9TG15llaPevpCWSyVq+B3dqwZ7dskTVH
CyAqWxE1HBOraP5WySAuD3dk/xhkPwQvDSVwkt9k5Zm9jaFxa5NSexMQu4vepwow
QU3qADpjQfAh5F+BsmUJE7lQpIXRVKMN4m1OlyQBkTLuuN2uXL/Lp+62M5KsMQdB
2fYSBO2Ewvlw3VWmd1Y0Dv2HJKWWf0EInro5HzdZVIXslUH5a5ly+hU0iv3oYOTk
VkPwmarUzyICGhLvT5Qvt8LjD9kunlt7JPg2hdX2OZhaNfMyVvxyxl5KS2Te1Hu9
VRAdNEE4zB0gtagLn0NK+BcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 345892765552451133345450081186417190048713
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-31 16:51:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-29 16:51:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cotentin-sports.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 799050582275717637420007457513714482439686533885116519739117690245296831547206899028117576126051255516239863542365261670892126119902269236870247600476984344825753056606666440122661691066870718798215053336940443269999996124261912751084734338581183461318563861016978008471025810601278378356383436379312829540126164068698766450213431540019263360537245879896844977065015128665174857960564859759956759512809421240217036244398363232856215607695979137002340704416824932487626303471583520977207561089577553419120196119930320950867544414104005110799224014824430063410432663733337124997945223431281793333362372479463857643962439329067175251138819012686883426080881903054452339334369142049997505626806227661837751120775476364319031187782369249349969811601098362355005664568025961475782143027649654335188025596375584274673385403473799253190449359415524127216158469968959365523597669685118147454922193132657021827269183349065404923628444994090386588766075779209598966233412335770730502616927932737547097631542910294149040944948625974497195354242252297678681102087318214840548547116553977173589676028010992469621693499538602935718030211473050130714949653385470944164123800823488772617185763996295338878051323864078715921593070670673270513230084119
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f053e85100cf33a13f264a1399bc07d04426548a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cotentin-sports.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cotentin-sports.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00870533973a5bc5e30296cca7387fbb04885155ff53144163066d0fb9cec0fc1d4227e9515b1179089ccd517d417edc809f8a09659235a39f6e6c720cf6ead8842dae6846a7676ed3ebf4541715f27f477eb49ff404c2b4e4a0748c7cff9b643881878bd1f436c115156df9abdc0d049cb49f03bcdd29abdac33e7661421a70c41fbff3bb1c610b3692b6de9cdf74f934a47555e7f09dd17b26e57306152999fd6e08319f4ded20506c8edc0fe1ac8604ee00fcf1fcd3c4aa2d95e49236bafab0a98cbd20e593adaeff450810f399538cff960674d667e46511c28b5ba14c9b0791a795faffe72ab47e24cca9a395dd90c5e194eb6b2697e12970ceebff1da42a