familieschange.ca.gov
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:e9:de:5a:50:f8:89:8c:e8:75:85:da:1a:41:07:0a:b4:7c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=familieschange.ca.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e9:de:5a:50:f8:89:8c:e8:75:85:da:1a:41:07:0a:b4:7cSerial Number (int): 340918206851924843774497593045530870199420
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fa:9c:d1:25:45:e7:62:1e:27:85:f7:6e:be:af:6d:94:3b:62:0a:88
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 22:3f:86:15:5f:88:62:9d:1a:44:32:1e:c4:5b:1a:be:5a:ea:20:4a
Fingerprint (sha256): 00:2d:5b:70:5a:b7:8f:9d:05:c2:ea:90:e8:9a:7c:cf:6d:c2:52:b5:92:9c:a6:5d:16:ed:b4:da:1a:bc:6b:a4
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate familieschange.ca.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for familieschange.ca.gov
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
familieschange.ca.gov
www.familieschange.ca.gov
www.familieschange.ca.gov
Other certificates including the domain name ca.gov
(limited to 100 certificates)
tomalescsd.ca.gov
calbar.ca.gov
cbdmpdcs.cdph.ca.gov
test.cnips.ca.gov
eams.dwc.ca.gov
incapsula.com
staging3.rcpa.ca.gov
5671617594130432-fe3.pantheonsite.io
cases.oehha.ca.gov
google.ftb.ca.gov
incapsula.com
jobstraining.ca.gov
test-web-lws.edu.help
test.cairhub-vic-api.cdph.ca.gov
*.fire.ca.gov
www.dgsapps.dgs.ca.gov
*.cammis-mod-sit.dhcs.ca.gov
carpepm.almonds.com
*.dmhc.ca.gov
familieschange.ca.gov
incapsula.com
accountportalstg.cdph.ca.gov
cert00091-azurecdn.akamaized.net
supedocs.jud.ca.gov
pes.post.ca.gov
espssrs.oshpd.ca.gov
assist.dsh.ca.gov
cert00025-azurecdn.akamaized.net
test-www.ots.ca.gov
www.privacy.ca.gov
passwordreset.stg.courts.ca.gov
tnm.ftb.ca.gov
cert00080-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
www.scout.ca.gov
brdcvpnb.net.ca.gov
californiasolarstatistics.ca.gov
ecr1.si.odi.cdt.ca.gov
imperva.com
cert00060-azurecdn.akamaized.net
performance.medi-cal.ca.gov
sdiom.edd.ca.gov
caleprocure.ca.gov
incapsula.com
wca.ca.gov
portal.ncric.ca.gov
dtsc.ca.gov
tahoe.ca.gov
*.ctc.ca.gov
incapsula.com
cert00078-azurecdn.akamaized.net
imperva.com
cert00091-azurecdn.akamaized.net
*.sos.ca.gov
pas.familieschange.ca.gov
calgold.ca.gov
*.kern.courts.ca.gov
saltoncsd.ca.gov
cert00078-azurecdn.akamaized.net
incapsula.com
www.sonoma.courts.ca.gov
www.cba.ca.gov
cert00078-azurecdn.akamaized.net
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
incapsula.com
*.sdcourt.ca.gov
incapsula.com
cert00052-azurecdn.akamaized.net
healthstrategicplan.sonomacounty.ca.gov
incapsula.com
apps.calbar.ca.gov
nartc.fcm.arizona.edu
www.yuba.courts.ca.gov
*.library.ca.gov
stanct.org
capiaa.ca.gov
cws.access.ca.gov
bboard.technology.ca.gov
SIS2STAGING.CDPH.CA.GOV
author.chhsa.ca.gov
5675267779461120-fe4.pantheonsite.io
grants.ca.gov
accepttest.medi-cal.ca.gov
calendar.sdzsafaripark.org
phnsdcounty.us
listserv.sco.ca.gov
pass.cdcr.ca.gov
www.casgem.water.ca.gov
mail.buttecourt.ca.gov
cert00068-azurecdn.akamaized.net
cert00098-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
incapsula.com
sip.fiscal.ca.gov
panorama.epanet.ca.gov
SVGCALCDRM.ct.dot.ca.gov
incapsula.com
vpn1.dhcs.ca.gov
Info.fresno.courts.ca.gov
calbar.ca.gov
cbdmpdcs.cdph.ca.gov
test.cnips.ca.gov
eams.dwc.ca.gov
incapsula.com
staging3.rcpa.ca.gov
5671617594130432-fe3.pantheonsite.io
cases.oehha.ca.gov
google.ftb.ca.gov
incapsula.com
jobstraining.ca.gov
test-web-lws.edu.help
test.cairhub-vic-api.cdph.ca.gov
*.fire.ca.gov
www.dgsapps.dgs.ca.gov
*.cammis-mod-sit.dhcs.ca.gov
carpepm.almonds.com
*.dmhc.ca.gov
familieschange.ca.gov
incapsula.com
accountportalstg.cdph.ca.gov
cert00091-azurecdn.akamaized.net
supedocs.jud.ca.gov
pes.post.ca.gov
espssrs.oshpd.ca.gov
assist.dsh.ca.gov
cert00025-azurecdn.akamaized.net
test-www.ots.ca.gov
www.privacy.ca.gov
passwordreset.stg.courts.ca.gov
tnm.ftb.ca.gov
cert00080-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
www.scout.ca.gov
brdcvpnb.net.ca.gov
californiasolarstatistics.ca.gov
ecr1.si.odi.cdt.ca.gov
imperva.com
cert00060-azurecdn.akamaized.net
performance.medi-cal.ca.gov
sdiom.edd.ca.gov
caleprocure.ca.gov
incapsula.com
wca.ca.gov
portal.ncric.ca.gov
dtsc.ca.gov
tahoe.ca.gov
*.ctc.ca.gov
incapsula.com
cert00078-azurecdn.akamaized.net
imperva.com
cert00091-azurecdn.akamaized.net
*.sos.ca.gov
pas.familieschange.ca.gov
calgold.ca.gov
*.kern.courts.ca.gov
saltoncsd.ca.gov
cert00078-azurecdn.akamaized.net
incapsula.com
www.sonoma.courts.ca.gov
www.cba.ca.gov
cert00078-azurecdn.akamaized.net
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
incapsula.com
*.sdcourt.ca.gov
incapsula.com
cert00052-azurecdn.akamaized.net
healthstrategicplan.sonomacounty.ca.gov
incapsula.com
apps.calbar.ca.gov
nartc.fcm.arizona.edu
www.yuba.courts.ca.gov
*.library.ca.gov
stanct.org
capiaa.ca.gov
cws.access.ca.gov
bboard.technology.ca.gov
SIS2STAGING.CDPH.CA.GOV
author.chhsa.ca.gov
5675267779461120-fe4.pantheonsite.io
grants.ca.gov
accepttest.medi-cal.ca.gov
calendar.sdzsafaripark.org
phnsdcounty.us
listserv.sco.ca.gov
pass.cdcr.ca.gov
www.casgem.water.ca.gov
mail.buttecourt.ca.gov
cert00068-azurecdn.akamaized.net
cert00098-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
incapsula.com
sip.fiscal.ca.gov
panorama.epanet.ca.gov
SVGCALCDRM.ct.dot.ca.gov
incapsula.com
vpn1.dhcs.ca.gov
Info.fresno.courts.ca.gov
Certificate
The complete raw certificate details for familieschange.ca.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHMTCCBhmgAwIBAgISA+neWlD4iYzodYXaGkEHCrR8MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MDIwNzQ3MTZaFw0x ODA5MzAwNzQ3MTZaMCAxHjAcBgNVBAMTFWZhbWlsaWVzY2hhbmdlLmNhLmdvdjCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOHSFO8QAmTayrwPJxK4G3n+ D08jUT6NyryipclZo7pJwYQGqYO4pIyEBwq+MgcAEYFfgW8tsZZYbcoJoBt+StMS jrLicqmJLg1A12qUrD2zT4GwdI96fWpWmuBxtzkr0EmfQgNs9r1zTTWmFI1QjGuR VOCHNv4U+RKL451kfiYBlOzasTinrBG+n2Gx8lhtlANLsy+s47DFzgWlJqfISGxg UquQYEWqCspPJikGEC3kJhM5kCx9cRiHjWbi+PiALfvJFfBwzcI7fouORPr/Tzy9 vBu5LTRIlfW375HSr+6J4vH7O6dm8s0hdeKuWUMluJp4Q7LHLbqinCha4hUcX/Np snbqy6z3MamjFbaYgcvsYB2+FwdyPMZ5q2Nag2zFpN7xWVJjjDdV8558DA8T+OW8 LVyo8gDArKY7pIRhLuFrLhuN6uQErx8PGvb8qPF/OtTnWX3ERuUAQSByQjhcGvrU 3q0GAfgee/0knrzASkEXTAy7TY47fQTXKVO2OViJrHjv57QfL8tZgewl8gjC10Ra 7OmT/uVOVE7okOSKDkj00dYU4ERTuseblSDbWp6qErHFH+gNGA+/dF15aCIat/2s 0SfOFfcxsBkkN8EIXJC4nBhyvOiG/JvToAkz7TQ1GPt2URr0iNiuBCpOmhJwtNgr BhARyKkOKHOPNDuUNSbZAgMBAAGjggM5MIIDNTAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFPqc0SVF52IeJ4X3br6vbZQ7YgqIMB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wOwYDVR0RBDQwMoIVZmFtaWxpZXNj aGFuZ2UuY2EuZ292ghl3d3cuZmFtaWxpZXNjaGFuZ2UuY2EuZ292MIH+BgNVHSAE gfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhp cyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5n IFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZp Y2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVw b3NpdG9yeS8wggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDbdK/uyynssf7KPnFt LOW5qrs294Rxg8ddnU83th+/ZAAAAWRaLLROAAAEAwBHMEUCIQCOEcPSvxm4PZj2 vqjkBR6SWoOZIBxT8pePiWLEQkvFQQIgez/eF++qEmImN/ZPfzKT71gdVkG4Ci0s LM4YVfMGUtsAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWRa LLRkAAAEAwBIMEYCIQDoL3D8Il5//1WB58tDwqYYHK8jAA3PXFn21vz65eM6sAIh AOFL/Mwesq9YGp4BgiyMqwzAtCgY7AH0ypPmLJXQSAThMA0GCSqGSIb3DQEBCwUA A4IBAQB/NEkOU09LQsxNBJ1nnOaXNzgWBIzgLBFkcg0bQ+RLiz7fW3WglC65pLTL rnQeefAo/AoD3kW2WRPZoZg5Xz/CKYKAvWnEkr1YJu/4AZnHMJtxNSujC/wdXT/V M/6XYeP7h2bH7WL67B1T7ypomf9a5MdRR7NMvbbutzv8Y6BNQLbBYy9sbMQmxRip CSixr0A1tsNp1nuYOC6j463AITwoZe6+u3W9MropuWusq8ObnESCsIZ0ucssOEYp 20M1R49n6s8uKtHeYuyb1O+h/3R1ioRGeV2dSDs77mngJvryuwDe2QK4+FtZUm5R ZOTfpmoDcpps8Rmvm8FyADnQ18TV -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4dIU7xACZNrKvA8nErgb ef4PTyNRPo3KvKKlyVmjuknBhAapg7ikjIQHCr4yBwARgV+Bby2xllhtygmgG35K 0xKOsuJyqYkuDUDXapSsPbNPgbB0j3p9alaa4HG3OSvQSZ9CA2z2vXNNNaYUjVCM a5FU4Ic2/hT5EovjnWR+JgGU7NqxOKesEb6fYbHyWG2UA0uzL6zjsMXOBaUmp8hI bGBSq5BgRaoKyk8mKQYQLeQmEzmQLH1xGIeNZuL4+IAt+8kV8HDNwjt+i45E+v9P PL28G7ktNEiV9bfvkdKv7oni8fs7p2byzSF14q5ZQyW4mnhDssctuqKcKFriFRxf 82mydurLrPcxqaMVtpiBy+xgHb4XB3I8xnmrY1qDbMWk3vFZUmOMN1XznnwMDxP4 5bwtXKjyAMCspjukhGEu4WsuG43q5ASvHw8a9vyo8X861OdZfcRG5QBBIHJCOFwa +tTerQYB+B57/SSevMBKQRdMDLtNjjt9BNcpU7Y5WImseO/ntB8vy1mB7CXyCMLX RFrs6ZP+5U5UTuiQ5IoOSPTR1hTgRFO6x5uVINtanqoSscUf6A0YD790XXloIhq3 /azRJ84V9zGwGSQ3wQhckLicGHK86Ib8m9OgCTPtNDUY+3ZRGvSI2K4EKk6aEnC0 2CsGEBHIqQ4oc480O5Q1JtkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 340918206851924843774497593045530870199420 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-02 07:47:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-30 07:47:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'familieschange.ca.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 921267801469459532546911521299846703856214686764198506119380899284487965708606433370816417335822420844624392099158935752841590383069038686844139085949314782303940960284931923154711412833912775329270140391255261424109041589322164089650054679759300134131310366081794225301861986011897839752970923802011208108854220967949091586354614257146711174835062590751015236721750651804705417913984318626758077553001459151870247696816429587407842073820072237026543508396669617995503568502718781860746153789336659362379825569686899024144996000478029846827906961883980084503553897571818593283866948667211119406839627850323581764150609804624552755314966714554781755904163120835889860698223979291403887805443735251280411285765252732933108082617227359989472732875863678367551886425272915616367368431498117419628194887494797637488342446619064869299697659863895189011146867013245861771573458411651298144294623719194993088420387509656353676520133909676060267209135088228328984226034308645392561506568432619346654402988279073685550348800074517246145739542862749009832179747545683219143458566916542069469783856047881549462210063591568244046232916483747138696015123358277349923858835011159355439166372874908392054670937904743631874419107566382523441573340889 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fa9cd12545e7621e2785f76ebeaf6d943b620a88 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'familieschange.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.familieschange.ca.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf64000001645a2cb44e00000403004730450221008e11c3d2bf19b83d98f6bea8e4051e925a8399201c53f2978f8962c4424bc54102207b3fde17efaa12622637f64f7f3293ef581d5641b80a2d2c2cce1855f30652db007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001645a2cb4640000040300483046022100e82f70fc225e7fff5581e7cb43c2a6181caf23000dcf5c59f6d6fcfae5e33ab0022100e14bfccc1eb2af581a9e01822c8cab0cc0b42818ec01f4ca93e62c95d04804e1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007f34490e534f4b42cc4d049d679ce697373816048ce02c1164720d1b43e44b8b3edf5b75a0942eb9a4b4cbae741e79f028fc0a03de45b65913d9a198395f3fc2298280bd69c492bd5826eff80199c7309b71352ba30bfc1d5d3fd533fe9761e3fb8766c7ed62faec1d53ef2a6899ff5ae4c75147b34cbdb6eeb73bfc63a04d40b6c1632f6c6cc426c518a90928b1af4035b6c369d67b98382ea3e3adc0213c2865eebebb75bd32ba29b96bacabc39b9c4482b08674b9cb2c384629db4335478f67eacf2e2ad1de62ec9bd4efa1ff74758a8446795d9d483b3bee69e026faf2bb00ded902b8f85b59526e5164e4dfa66a03729a6cf119af9bc1720039d0d7c4d5