nancynano.lbl.gov
Issued by GTS CA 1D4
About this certificate
This digital certificate with serial number d5:3f:a8:6c:73:a3:b3:e0:10:f6:33:f0:8f:58:a7:3a was issued on by Google Trust Services LLC.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nancynano.lbl.gov
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): d5:3f:a8:6c:73:a3:b3:e0:10:f6:33:f0:8f:58:a7:3aSerial Number (int): 283456093841518420565233203442844477242
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 59:2a:f8:78:44:8f:9c:fa:45:ae:7c:9f:ce:a2:f9:26:13:95:2e:99
AuthorityKeyId: 25:e2:18:0e:b2:57:91:94:2a:e5:d4:5d:86:90:83:de:53:b3:b8:92
Fingerprint (sha1): 31:6a:5d:96:d0:8b:fc:4f:4b:24:8c:c3:c7:99:e7:65:12:12:7b:bf
Fingerprint (sha256): 01:9c:c3:e7:60:e5:8f:48:db:95:84:c0:03:23:f2:4f:5b:fc:6b:db:b6:f6:9e:00:c5:33:fd:15:7c:91:9d:50
Issuing Certificate URL: http://pki.goog/repo/certs/gts1d4.der
Revocation information
OCSP Server: http://ocsp.pki.goog/s/gts1d4/zSylIU0REVECRL Distribution Point: http://crls.pki.goog/gts1d4/mLboP8s_BtA.crl
Check the revocation status for certificate nancynano.lbl.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nancynano.lbl.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nancynano.lbl.gov
Other certificates including the domain name lbl.gov
(limited to 100 certificates)
sni.cloudflaressl.com
watershed.lbl.gov
5692462144159744-fe3.pantheonsite.io
nanowiki.lbl.gov
sciencesearch-ncem.lbl.gov
bcp.lbl.gov
sni.cloudflaressl.com
iprequest.lbl.gov
carpepm.almonds.com
sni.cloudflaressl.com
5648554290839552-fe1.pantheonsite.io
cuwip.physics.berkeley.edu
ess-dive.lbl.gov
slidecam-camera.lbl.gov
peabody.lbl.gov
pjfischer.lbl.gov
eesatough.lbl.gov
5769720821186560-fe3.pantheonsite.io
5756433131896832-fe1.pantheonsite.io
5631943370604544-fe1.pantheonsite.io
5757334940811264-fe4.pantheonsite.io
bsbip1-admin.lbl.gov
sni.cloudflaressl.com
5709068098338816-fe3.pantheonsite.io
5643365030821888-fe1.pantheonsite.io
ergoeval.lbl.gov
sni.cloudflaressl.com
ssl937631.cloudflaressl.com
qmm.lbl.gov
babe.lbl.gov
5756433131896832-fe1.pantheonsite.io
flexlab.lbl.gov
calendar.sdzsafaripark.org
conferences.lbl.gov
ee.lbl.gov
sni.cloudflaressl.com
foundry2.lbl.gov
sxworkshop.lbl.gov
5652720409116672-fe3.pantheonsite.io
postdocresources.lbl.gov
5768939674009600-fe3.pantheonsite.io
5650082896543744-fe3.pantheonsite.io
matgen8.lbl.gov
ssl937633.cloudflaressl.com
sni.cloudflaressl.com
www.3scale.net
sni.cloudflaressl.com
sni.cloudflaressl.com
5709068098338816-fe3.pantheonsite.io
5721489412194304-fe1.pantheonsite.io
sni.cloudflaressl.com
dnscontacts.lbl.gov
5650082896543744-fe3.pantheonsite.io
sni.cloudflaressl.com
cdn-test.battlefields.org
5695414665740288-fe2.pantheonsite.io
p3hpc2018.lbl.gov
5768939674009600-fe3.pantheonsite.io
phywebb.lbl.gov
sni.cloudflaressl.com
nancynano.lbl.gov
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
eapx02.lbl.gov
foundry2.lbl.gov
5656619568332800-fe3.pantheonsite.io
spt.lbl.gov
5656619568332800-fe3.pantheonsite.io
5769720821186560-fe3.pantheonsite.io
5709068098338816-fe3.pantheonsite.io
cascade.lbl.gov
waterenergy.lbl.gov
ecep.lbl.gov
callxpresswpm.lbl.gov
bl831.als.lbl.gov
5650082896543744-fe3.pantheonsite.io
chns120.courseresource.yale.edu
shirley.lbl.gov
www.3scale.net
sni.cloudflaressl.com
flexo.lbl.gov
5721489412194304-fe1.pantheonsite.io
energystorage.lbl.gov
www.3scale.net
friendsofberkeleylab.lbl.gov
ultrafast.lbl.gov
5643365030821888-fe1.pantheonsite.io
cuwip.physics.berkeley.edu
www.3scale.net
5649391675244544-fe2.pantheonsite.io
www-afrd.lbl.gov
5692462144159744-fe3.pantheonsite.io
ssl744665.cloudflaressl.com
onthemove.lbl.gov
5757334940811264-fe4.pantheonsite.io
5652720409116672-fe3.pantheonsite.io
sharp.lbl.gov
5692462144159744-fe3.pantheonsite.io
watershed.lbl.gov
5692462144159744-fe3.pantheonsite.io
nanowiki.lbl.gov
sciencesearch-ncem.lbl.gov
bcp.lbl.gov
sni.cloudflaressl.com
iprequest.lbl.gov
carpepm.almonds.com
sni.cloudflaressl.com
5648554290839552-fe1.pantheonsite.io
cuwip.physics.berkeley.edu
ess-dive.lbl.gov
slidecam-camera.lbl.gov
peabody.lbl.gov
pjfischer.lbl.gov
eesatough.lbl.gov
5769720821186560-fe3.pantheonsite.io
5756433131896832-fe1.pantheonsite.io
5631943370604544-fe1.pantheonsite.io
5757334940811264-fe4.pantheonsite.io
bsbip1-admin.lbl.gov
sni.cloudflaressl.com
5709068098338816-fe3.pantheonsite.io
5643365030821888-fe1.pantheonsite.io
ergoeval.lbl.gov
sni.cloudflaressl.com
ssl937631.cloudflaressl.com
qmm.lbl.gov
babe.lbl.gov
5756433131896832-fe1.pantheonsite.io
flexlab.lbl.gov
calendar.sdzsafaripark.org
conferences.lbl.gov
ee.lbl.gov
sni.cloudflaressl.com
foundry2.lbl.gov
sxworkshop.lbl.gov
5652720409116672-fe3.pantheonsite.io
postdocresources.lbl.gov
5768939674009600-fe3.pantheonsite.io
5650082896543744-fe3.pantheonsite.io
matgen8.lbl.gov
ssl937633.cloudflaressl.com
sni.cloudflaressl.com
www.3scale.net
sni.cloudflaressl.com
sni.cloudflaressl.com
5709068098338816-fe3.pantheonsite.io
5721489412194304-fe1.pantheonsite.io
sni.cloudflaressl.com
dnscontacts.lbl.gov
5650082896543744-fe3.pantheonsite.io
sni.cloudflaressl.com
cdn-test.battlefields.org
5695414665740288-fe2.pantheonsite.io
p3hpc2018.lbl.gov
5768939674009600-fe3.pantheonsite.io
phywebb.lbl.gov
sni.cloudflaressl.com
nancynano.lbl.gov
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
sni.cloudflaressl.com
eapx02.lbl.gov
foundry2.lbl.gov
5656619568332800-fe3.pantheonsite.io
spt.lbl.gov
5656619568332800-fe3.pantheonsite.io
5769720821186560-fe3.pantheonsite.io
5709068098338816-fe3.pantheonsite.io
cascade.lbl.gov
waterenergy.lbl.gov
ecep.lbl.gov
callxpresswpm.lbl.gov
bl831.als.lbl.gov
5650082896543744-fe3.pantheonsite.io
chns120.courseresource.yale.edu
shirley.lbl.gov
www.3scale.net
sni.cloudflaressl.com
flexo.lbl.gov
5721489412194304-fe1.pantheonsite.io
energystorage.lbl.gov
www.3scale.net
friendsofberkeleylab.lbl.gov
ultrafast.lbl.gov
5643365030821888-fe1.pantheonsite.io
cuwip.physics.berkeley.edu
www.3scale.net
5649391675244544-fe2.pantheonsite.io
www-afrd.lbl.gov
5692462144159744-fe3.pantheonsite.io
ssl744665.cloudflaressl.com
onthemove.lbl.gov
5757334940811264-fe4.pantheonsite.io
5652720409116672-fe3.pantheonsite.io
sharp.lbl.gov
5692462144159744-fe3.pantheonsite.io
Certificate
The complete raw certificate details for nancynano.lbl.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgIRANU/qGxzo7PgEPYz8I9YpzowDQYJKoZIhvcNAQELBQAw RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM TEMxEzARBgNVBAMTCkdUUyBDQSAxRDQwHhcNMjMxMDExMDIyNDM5WhcNMjQwMTA5 MDMxMDQ4WjAcMRowGAYDVQQDExFuYW5jeW5hbm8ubGJsLmdvdjCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAMFQyDmyKdgwAmhJ7LZXHsRRMDenndxnt+0A 6zoiEwRPoCfNuvcrcvGzysfwyP4Uf4OMfXlCR/9mhyy/aEg4L4U567uI7vc5cK/a SO1Zuau5r8yrLAqjAoglumkOYkgJvorLc7VAxEwE2BhOuGqiCf2mbah+VuqPD80P 4WHQ5e3F+DZ/PPb9iI8CDF7ZhPXozi++GNPsC3k2F21VewyfUWrSyq4j+dQZoOh0 SJZFuLDwsCSyjYpmCC9jGsPcMgfn62Q/5r1yIr7IdOXP9kRP+6GOwV4m+qlQZW61 N3NhLACzmM7S8/t6GE5W+ymQjEossqDtSVq51gb44z1UmfUiCtcCAwEAAaOCAncw ggJzMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBRZKvh4RI+c+kWufJ/OovkmE5UumTAfBgNVHSMEGDAW gBQl4hgOsleRlCrl1F2GkIPeU7O4kjB4BggrBgEFBQcBAQRsMGowNQYIKwYBBQUH MAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMWQ0L3pTeWxJVTBSRVZFMDEG CCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMxZDQuZGVy MBwGA1UdEQQVMBOCEW5hbmN5bmFuby5sYmwuZ292MCEGA1UdIAQaMBgwCAYGZ4EM AQIBMAwGCisGAQQB1nkCBQMwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybHMu cGtpLmdvb2cvZ3RzMWQ0L21MYm9QOHNfQnRBLmNybDCCAQMGCisGAQQB1nkCBAIE gfQEgfEA7wB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABixzD 3RAAAAQDAEYwRAIgSULBJ/qzNwM75WnEOmLarygtrUj/4p2GgXQMQ+ajs6gCIGeu rqjtnLWlRAIB1ro+MjInl/JK4ip9eHblwPDfgRNEAHYASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGLHMPc/wAABAMARzBFAiEAxRy0KZUiGwMX3Q7d TjEMlAxNN7ZPc+2npJIVbjU2nfgCIGZcYiazuli06lruO1rqFct8e3fS69r8peG/ lhljIe4eMA0GCSqGSIb3DQEBCwUAA4IBAQA6+CJSowG5nwVhQKLgWM17biQlgVIs bunkmnMI8Uyo0HwY6IySjt7Yg3D2ZWbzZ+EoRinS3bV/6X8B/4wkH+RNjJUIkQBb JRDtxYlqUt5I8+ebp/wru9TCOn1OgD5K+337L0mRmWV2bSBX9Um2Xnib0fbQrthZ JGyraZsHy048B+LkqswmCMbND+FLo6+WR+Uijf1f4wno4FX2ZCCBHjDafeSf4aAz ZoOV4OoVV9YXr6eL1mCEoaiUW7bMpsY2wNuwAqVVNUdPEeNbZopXpoDGgh7jRIz/ kKDxw5OuHCuYp94Ni6sPspIGqYtlDrLo5q5iN3FIpXnyVEATo162Io9T -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVDIObIp2DACaEnstlce xFEwN6ed3Ge37QDrOiITBE+gJ8269yty8bPKx/DI/hR/g4x9eUJH/2aHLL9oSDgv hTnru4ju9zlwr9pI7Vm5q7mvzKssCqMCiCW6aQ5iSAm+istztUDETATYGE64aqIJ /aZtqH5W6o8PzQ/hYdDl7cX4Nn889v2IjwIMXtmE9ejOL74Y0+wLeTYXbVV7DJ9R atLKriP51Bmg6HRIlkW4sPCwJLKNimYIL2Maw9wyB+frZD/mvXIivsh05c/2RE/7 oY7BXib6qVBlbrU3c2EsALOYztLz+3oYTlb7KZCMSiyyoO1JWrnWBvjjPVSZ9SIK 1wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 283456093841518420565233203442844477242 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1D4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-11 02:24:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 03:10:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nancynano.lbl.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24403828011611422089236339262988162581702052585359902459107099696139243358976310990972889659848769538412335831454240372811761564909604781766796559671068268830496417886416836539622204833169759936979624062847938645381190833699852865154761628547101934387445094892291266368042106049071064171722269152337510463999037682298032807388387403682769131823579620349178040126605457654780910150859201137382721373316552001355081610798309219743106453877377609969237153317518437787954884056984453006751460096474088728566372363918826457246853018730771138254060445894040945142256688451183834380074536366099103698585313877811581352544983 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 592af878448f9cfa45ae7c9fcea2f92613952e99 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 25e2180eb25791942ae5d45d869083de53b3b892 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1d4/zSylIU0REVE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1d4.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nancynano.lbl.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1d4/mLboP8s_BtA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b1cc3dd10000004030046304402204942c127fab337033be569c43a62daaf282dad48ffe29d8681740c43e6a3b3a8022067aeaea8ed9cb5a5440201d6ba3e32322797f24ae22a7d7876e5c0f0df81134400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b1cc3dcff0000040300473045022100c51cb42995221b0317dd0edd4e310c940c4d37b64f73eda7a492156e35369df80220665c6226b3ba58b4ea5aee3b5aea15cb7c7b77d2ebdafca5e1bf96196321ee1e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003af82252a301b99f056140a2e058cd7b6e242581522c6ee9e49a7308f14ca8d07c18e88c928eded88370f66566f367e1284629d2ddb57fe97f01ff8c241fe44d8c950891005b2510edc5896a52de48f3e79ba7fc2bbbd4c23a7d4e803e4afb7dfb2f49919965766d2057f549b65e789bd1f6d0aed859246cab699b07cb4e3c07e2e4aacc2608c6cd0fe14ba3af9647e5228dfd5fe309e8e055f66420811e30da7de49fe1a033668395e0ea1557d617afa78bd66084a1a8945bb6cca6c636c0dbb002a55535474f11e35b668a57a680c6821ee3448cff90a0f1c393ae1c2b98a7de0d8bab0fb29206a98b650eb2e8e6ae62377148a579f2544013a35eb6228f53