ssl.smugmug.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:72:11:ea:02:b7:77:27:6b:ff:e5:9d:07:4c:26:20:4c:bf was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ssl.smugmug.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:72:11:ea:02:b7:77:27:6b:ff:e5:9d:07:4c:26:20:4c:bfSerial Number (int): 300152859552761414815903943066692114992319
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fe:3b:fa:44:95:7c:97:a7:3b:e5:7f:bf:0a:5c:75:bb:4e:d6:03:6d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ce:68:2a:5e:40:a0:0c:ec:f2:19:81:40:d1:89:76:69:29:c5:83:e8
Fingerprint (sha256): 00:6c:bd:2d:98:ae:59:9f:64:f1:fe:a3:ef:f9:ca:70:dd:8a:fa:05:f1:8f:fc:93:ca:dd:0f:c0:4d:c7:63:61
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ssl.smugmug.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ssl.smugmug.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ssl.smugmug.com
www.paulmortimerphoto.co.uk
www.paulmortimerphoto.co.uk
Other certificates including the domain name smugmug.com
(limited to 100 certificates)
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
statuspage.io
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
statuspage.io
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
ssl.smugmug.com
Certificate
The complete raw certificate details for ssl.smugmug.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHJjCCBg6gAwIBAgISA3IR6gK3dydr/+WdB0wmIEy/MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA1MjIyMDUwMDNaFw0x ODA4MjAyMDUwMDNaMBoxGDAWBgNVBAMTD3NzbC5zbXVnbXVnLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAK4dsytWtDOXzVlz7mA8p4PNcTBOlhmn zE5SKpV5PsfON7mq7WcMy76dDPn691SfyjA6SY9tmDRKZoCyH8XRHYIPt4795q3Q H3E0ty2EdjblRvJt2lwZfAaret1rpBWGNwNcmokg60tpXM/8Z6grrpxsMnJbzHKl iazoRCuzKmmqViLY3lUoKG1dhf5eP4iCNVkdeTagFNkMX2mZktRQ42oyKctPUG7v ORkZwQg2TsetmaM2GHay7asYH75z+ezR0PcMqBJsgCExWXxy1ePB7C/8y3vt0f/A LfEjxBhYYe+ne2zIBO76un77mmdcqLyd/+vMzypLrU4kWe+RZZ16k9dFANkZB+3L h5UaKYqHRllOZy9MjpJFRRMyCj9SMqpr6G2q+aU+TL0c7dueg1hJYSdenZDpXfo6 /WVxP4Rsl/voXJq/tCPwi1iBnlDMiEKXeHB9wi+7eyzBeqPjZTvZSgR1d8f/bTjh zw6EJQxO205OZg5/3DHLH8arOvw+wwnzQqnc3aGKF/V49uodOFScaO4WY1smvJUs hZRfp/eqOfRrKMRv5DFY2vwd/s6LOD12a2zScxr7l4V4AqEQ1ReJUDIh1gMIhKiy fKfA64Ec33UkK6FVPA2K2qpy5wRjWjcqq8BgNfsimuS8yheDYHjjU+BnIa8OhA0v VlEtQXQA/OO1AgMBAAGjggM0MIIDMDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFP47 +kSVfJenO+V/vwpcdbtO1gNtMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wNwYDVR0RBDAwLoIPc3NsLnNtdWdtdWcuY29t ght3d3cucGF1bG1vcnRpbWVycGhvdG8uY28udWswgf4GA1UdIASB9jCB8zAIBgZn gQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz LmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmlj YXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBh bmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGlj eSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCC AQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGD x12dTze2H79kAAABY4nUoukAAAQDAEcwRQIhAI3I/Sb/1FKQJgdc5DADAQu+JuxU rCYN9fbY0Io4sch/AiBxsOl2e1G7TXyp231S8IWzRlofCjJ0DjOI9YYinDpKzwB2 ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABY4nUoxcAAAQDAEcw RQIhALJNN+qbAuokkKMJUfAF1q+c/Sr4L/gC+TF7UPz894HyAiBKBJ3VcZo3hK+Z IqnLprrUzrWXFPxXeItYNosgih7kejANBgkqhkiG9w0BAQsFAAOCAQEAJkeSsjBu lNsWl1zL8OH5R+kKpnpqptVZXC2TBF8Q99Yw+5BYSN6A8hLKtEbWt1Ep4cHKowSj Rw/3qxFw0BzoIy8uKtZmzJA3RzMP2wXoYcvDY8QrI3KEANttOtWsXNvfB19xFQm2 jaWA1xejLeycGKWl/rAxY9YcEZpBk+3dFq3cu1NSTzc6V25lVmSgAf0PcVrM7Mxl 488ySrv98gTs2yiblSbfWhZfkkT4bTBxTztsavE9xAOh8w6weYfvpPd73ItrYMUR Qive8Wcyhm9PCieYKSaeiVrKL/hJ/KH4xFOEg6WZbOKvbraNs9tBDYc42oXrrxeB rwX+YPELnqCuFw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArh2zK1a0M5fNWXPuYDyn g81xME6WGafMTlIqlXk+x843uartZwzLvp0M+fr3VJ/KMDpJj22YNEpmgLIfxdEd gg+3jv3mrdAfcTS3LYR2NuVG8m3aXBl8Bqt63WukFYY3A1yaiSDrS2lcz/xnqCuu nGwyclvMcqWJrOhEK7MqaapWItjeVSgobV2F/l4/iII1WR15NqAU2QxfaZmS1FDj ajIpy09Qbu85GRnBCDZOx62ZozYYdrLtqxgfvnP57NHQ9wyoEmyAITFZfHLV48Hs L/zLe+3R/8At8SPEGFhh76d7bMgE7vq6fvuaZ1yovJ3/68zPKkutTiRZ75FlnXqT 10UA2RkH7cuHlRopiodGWU5nL0yOkkVFEzIKP1Iyqmvobar5pT5MvRzt256DWElh J16dkOld+jr9ZXE/hGyX++hcmr+0I/CLWIGeUMyIQpd4cH3CL7t7LMF6o+NlO9lK BHV3x/9tOOHPDoQlDE7bTk5mDn/cMcsfxqs6/D7DCfNCqdzdoYoX9Xj26h04VJxo 7hZjWya8lSyFlF+n96o59GsoxG/kMVja/B3+zos4PXZrbNJzGvuXhXgCoRDVF4lQ MiHWAwiEqLJ8p8DrgRzfdSQroVU8DYraqnLnBGNaNyqrwGA1+yKa5LzKF4NgeONT 4Gchrw6EDS9WUS1BdAD847UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300152859552761414815903943066692114992319 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-22 20:50:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-20 20:50:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl.smugmug.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 710331368380229072646947022622570428724438958355140794210748258182436946283338211939924421224675057953600588407493259419886736655711600787975552378980475992650305035399791769329715846644969706272558583434178334887955124493651992053098440221646466097061211677157226341094927563781264264944607331836048336427847612617862511027374579185170797867766696934949257668932327814458577969205193936866786299205993447339480482053952461990980080092938059849602783857423702188832819075936763969854563090452687282261099998203869363209164583428642423433595767122874468364002028948731556337233479890799581397529064986775870318037185629412450020375655937435485447317307101917555973201091036057427333005080479913238988745271704914855394007958677101838680756062078079489301553617957754198538441196487230699962353068019816709108767291053199404989327051949988015419082266046462059175735299080083643799719653654025261823460090903025627301079602169115929632247665933006963735137621430467562649003976476128422657497106609885080150498326169552259794245704696582094599962146865263357198242582551755665525568440041160840778121975597290781029641078875486417362224274424873467323609882460719047312404610976968645043096901048077845472599609503420616385557568480181 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fe3bfa44957c97a73be57fbf0a5c75bb4ed6036d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl.smugmug.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paulmortimerphoto.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf640000016389d4a2e900000403004730450221008dc8fd26ffd4529026075ce43003010bbe26ec54ac260df5f6d8d08a38b1c87f022071b0e9767b51bb4d7ca9db7d52f085b3465a1f0a32740e3388f586229c3a4acf007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016389d4a3170000040300473045022100b24d37ea9b02ea2490a30951f005d6af9cfd2af82ff802f9317b50fcfcf781f202204a049dd5719a3784af9922a9cba6bad4ceb59714fc57788b58368b208a1ee47a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00264792b2306e94db16975ccbf0e1f947e90aa67a6aa6d5595c2d93045f10f7d630fb905848de80f212cab446d6b75129e1c1caa304a3470ff7ab1170d01ce8232f2e2ad666cc903747330fdb05e861cbc363c42b23728400db6d3ad5ac5cdbdf075f711509b68da580d717a32dec9c18a5a5feb03163d61c119a4193eddd16addcbb53524f373a576e655664a001fd0f715acceccc65e3cf324abbfdf204ecdb289b9526df5a165f9244f86d30714f3b6c6af13dc403a1f30eb07987efa4f77bdc8b6b60c511422bdef16732866f4f0a279829269e895aca2ff849fca1f8c4538483a5996ce2af6eb68db3db410d8738da85ebaf1781af05fe60f10b9ea0ae17