ssl.smugmug.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:14:ed:1f:05:b9:b1:dc:9f:f5:17:76:1b:6e:5e:7a:60:1a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ssl.smugmug.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:14:ed:1f:05:b9:b1:dc:9f:f5:17:76:1b:6e:5e:7a:60:1aSerial Number (int): 268457693246027452499867238888234005717018
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0c:8e:2c:18:ef:39:13:6e:d7:79:b1:f8:94:d5:d9:c4:7a:e2:b3:9b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): d7:b1:ce:3a:15:0d:c3:65:9d:96:0e:e0:8f:68:04:48:78:15:80:82
Fingerprint (sha256): 00:62:89:03:4d:7a:cd:34:1d:ed:b1:c2:a7:ec:4f:b5:48:22:7b:39:42:78:5f:b4:d3:1f:ac:86:36:c2:e2:6d
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ssl.smugmug.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ssl.smugmug.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ssl.smugmug.com
www.vschmidtphoto.com
www.vschmidtphoto.com
Other certificates including the domain name smugmug.com
(limited to 100 certificates)
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
statuspage.io
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
statuspage.io
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
Certificate
The complete raw certificate details for ssl.smugmug.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHITCCBgmgAwIBAgISAxTtHwW5sdyf9Rd2G25eemAaMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA1MjgyMTEwMDZaFw0x ODA4MjYyMTEwMDZaMBoxGDAWBgNVBAMTD3NzbC5zbXVnbXVnLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAM8dxtePz2LptWpcdn2uGsxcE914RKiB vPtr+15q7PbV4aD6EJY/X29Zhinh36thVbcHBjwFXo6b3xVPXTO2vQpnPTotQBgy DBknQNIzyNSivBfFgfVoXf2av4dS8F3qa/Bey7hEj1JACJHzzsHMCdWtDyx8m5Cj luxTeL6rTKMwQW8+e2L60phYwCgXHJyiVsx7rDJOT5CCM1nAFx31rpR9Rk1tFQmG nzMD7TI427zVykHg4lRaL4KjeWQB4kp2YNrDRaVLvwd9IER8RLJPHJ1YX9mHDNZD TJ6DRa4dA2YOEwKedvlPZR+2t5dhi+9hPpHkQwRHcRw2V3Eo7JIwql7+j++qtJb0 rJxxxRWw9jl/k4v0WRaGjh9XIqmwbX1pWfDNmrS9RL2HTs78Dxd67dMby36KciR1 H+KyzqoLnaBPyDPjMMlXTM0pVKVeVF5XGivDyIY3UIflBic0MzrU+fxrcyS644XL BdsPFDtWDRT+LULMR8QsUVxlZok0tjn0/GSR1sxmX7cQ9+MXlGKxZFg9EBh/VAh+ RHFFDPBzQwXY1XCSsGLVbufFGplffGyTJB8lRn5hD8X24RRAJH5KJSHlE2kqnMp3 EIK9iuXzyC6mpcV6Rp5ATDniYF7L1MkSZpe1LrwfcEeO09JN0pHcnu+KzcRWFQog FOo5r4xlShd5AgMBAAGjggMvMIIDKzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAyO LBjvORNu13mx+JTV2cR64rObMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wMQYDVR0RBCowKIIPc3NsLnNtdWdtdWcuY29t ghV3d3cudnNjaG1pZHRwaG90by5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEw geYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl bmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1h eSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25s eSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3Vu ZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQUGCisG AQQB1nkCBAIEgfYEgfMA8QB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2 H79kAAABY6jNJB8AAAQDAEcwRQIgJC2TEEIJ/JgFBi1X4pyOaFGz9HWg+5YyyHrt 1Y22v4wCIQDQ/6IcQxgruHSjdzBKSCEHl9JRNpMbFCJ4bR75BA97hAB3ACk8UZZU yDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABY6jNJDIAAAQDAEgwRgIhAIJx tQ+hwgp1/osZflkV3WOelMuDNpQrSIAKU40kK3uZAiEAwYJIHbNHa1NChGPMIEog CMtNhDdDjp4624xm0o33ZlIwDQYJKoZIhvcNAQELBQADggEBABaiq3F9KcFCImJy ZFoWFEcjkSkcp7XWOQgEx+uoFmOkNwrvxYs13tI/J/b6eE9OnxGA1RGx43Cl/4vM /zeG6+xcDK/9woJvW0pC21b6lDd15g+wRTbocLl98a2lAGdLZivz7RzsueUFA621 F9Ki4xFNs2DLzOuW3e1w8BLVZuCJw/5n11Ff1hl54z5ufb8ZS++fFWtZjrHpueNh T86s530wi1HG6pZDlPyi0STO2G7vmwYGb3fafCrjhI+DgPUrB3EfDwnU9cIgo12k 66th5s9rgNCz+poAuFq4yVqNYdPH9avcrNlxBH0UaSoXplXaCfe38ZgTb86cUQY2 OW1fzaA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzx3G14/PYum1alx2fa4a zFwT3XhEqIG8+2v7Xmrs9tXhoPoQlj9fb1mGKeHfq2FVtwcGPAVejpvfFU9dM7a9 Cmc9Oi1AGDIMGSdA0jPI1KK8F8WB9Whd/Zq/h1LwXepr8F7LuESPUkAIkfPOwcwJ 1a0PLHybkKOW7FN4vqtMozBBbz57YvrSmFjAKBccnKJWzHusMk5PkIIzWcAXHfWu lH1GTW0VCYafMwPtMjjbvNXKQeDiVFovgqN5ZAHiSnZg2sNFpUu/B30gRHxEsk8c nVhf2YcM1kNMnoNFrh0DZg4TAp52+U9lH7a3l2GL72E+keRDBEdxHDZXcSjskjCq Xv6P76q0lvSsnHHFFbD2OX+Ti/RZFoaOH1ciqbBtfWlZ8M2atL1EvYdOzvwPF3rt 0xvLfopyJHUf4rLOqgudoE/IM+MwyVdMzSlUpV5UXlcaK8PIhjdQh+UGJzQzOtT5 /GtzJLrjhcsF2w8UO1YNFP4tQsxHxCxRXGVmiTS2OfT8ZJHWzGZftxD34xeUYrFk WD0QGH9UCH5EcUUM8HNDBdjVcJKwYtVu58UamV98bJMkHyVGfmEPxfbhFEAkfkol IeUTaSqcyncQgr2K5fPILqalxXpGnkBMOeJgXsvUyRJml7UuvB9wR47T0k3Skdye 74rNxFYVCiAU6jmvjGVKF3kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 268457693246027452499867238888234005717018 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-28 21:10:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-26 21:10:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl.smugmug.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 844960847261780400079651158265557818382686255081433098529236002456133195783957827559119538550255118634284460888759866648756987168285812253632653497410700877842226324476890803534413452756702447977441849935129138235600831437685681292514217438154236171188329864087825374143104217052687734880465778494391570592769385089017829023016295443645102216980257824931982322329655189425433484709885029605465704754937480964543575209138095757725055016354688454406337112183372155595716226415795634216196458057850260783624842754524526360093834135233648024083159550491817706935941689865293901016755026076419283807358768337632216566942417936634313945607959798361939159592605971370682047356507038954755707459779293392570392732548446440094329164760093535092090812272243311900413591789282403565725608368993246999130732152644089527963008912892884947999225545967895209226731895452005082114194787795829603633419553992372876125515418731390962534249411575850619744152168760543509991833461241008531647884305855596547713635054586476142755778999552825839628944529371959898474469854082186821177626577143437628624677294218394385283638834600449040762984218670474356762701552727867344480961273039785166918437418836774689040591483250051221486857736297162474590525069177 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0c8e2c18ef39136ed779b1f894d5d9c47ae2b39b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl.smugmug.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vschmidtphoto.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000163a8cd241f00000403004730450220242d93104209fc9805062d57e29c8e6851b3f475a0fb9632c87aedd58db6bf8c022100d0ffa21c43182bb874a377304a48210797d25136931b1422786d1ef9040f7b84007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000163a8cd243200000403004830460221008271b50fa1c20a75fe8b197e5915dd639e94cb8336942b48800a538d242b7b99022100c182481db3476b53428463cc204a2008cb4d8437438e9e3adb8c66d28df76652 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0016a2ab717d29c142226272645a1614472391291ca7b5d6390804c7eba81663a4370aefc58b35ded23f27f6fa784f4e9f1180d511b1e370a5ff8bccff3786ebec5c0caffdc2826f5b4a42db56fa943775e60fb04536e870b97df1ada500674b662bf3ed1cecb9e50503adb517d2a2e3114db360cbcceb96dded70f012d566e089c3fe67d7515fd61979e33e6e7dbf194bef9f156b598eb1e9b9e3614fceace77d308b51c6ea964394fca2d124ced86eef9b06066f77da7c2ae3848f8380f52b07711f0f09d4f5c220a35da4ebab61e6cf6b80d0b3fa9a00b85ab8c95a8d61d3c7f5abdcacd971047d14692a17a655da09f7b7f198136fce9c510636396d5fcda0