banking.live.ft.com
Issued by R3
About this certificate
This digital certificate with serial number 04:2c:32:2b:bc:03:51:b3:3b:08:2b:53:5c:0e:c9:cc:19:d9 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=banking.live.ft.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:2c:32:2b:bc:03:51:b3:3b:08:2b:53:5c:0e:c9:cc:19:d9Serial Number (int): 363488256353472416706461688967621503621593
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ce:2c:0d:8a:75:b8:84:43:b6:fc:f9:e4:6c:8a:30:e0:8c:40:08:c6
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 28:b3:35:80:89:e0:41:5c:ef:ca:f0:35:d3:b9:7a:29:63:54:15:ff
Fingerprint (sha256): 01:d2:4e:07:47:56:a5:dd:72:70:b0:b4:35:6b:45:f1:dc:a5:26:ff:96:27:7d:7a:2d:e3:d3:4c:41:b9:f3:67
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate banking.live.ft.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for banking.live.ft.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
banking.live.ft.com
Other certificates including the domain name ft.com
(limited to 100 certificates)
f4.shared.global.fastly.net
datasovereigntyandthecloud.live.ft.com
h2.shared.global.fastly.net
globalcarbonforum.live.ft.com
dns-vetting1c.map.fastly.net
e.ssl.fastly.net
ft-nbh-ise-01.osb.ft.com
cryptowinter.live.ft.com
o2.shared.global.fastly.net
dns-vetting2.map.fastly.net
akamaisecure3.qualtrics.com
dns-vetting1-mims-pawel.map.fastly.net
o2.shared.global.fastly.net
h2.shared.global.fastly.net
netzero-newyork.live.ft.com
futurecitiessingapore.live.ft.com
int-ic.glb.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
www.lantern.ft.com
dns-vetting1f.map.fastly.net
h2.shared.global.fastly.net
luxuryglobal.live.ft.com
energydecadeofdelivery.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
dns-vetting1d.map.fastly.net
forums.ft.com
discoverb2b.ft.com
dns-vetting1d.map.fastly.net
marketingservices.ft.com
santander.ft.com
etnotalks.live.ft.com
education.ft.com
www.ftbroadcast2.live.ft.com
luxuryglobal2021.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
intelligentbusiness2020.live.ft.com
f3.shared.global.fastly.net
banking.live.ft.com
dns-vetting1f.map.fastly.net
commoditiesglobal.live.ft.com
e1p-internal-sandbox.mrooms.net
intelligentdocumentprocessing.live.ft.com
futurecitieslondon.live.ft.com
dns-vetting1.map.fastly.net
indiainvestment.live.ft.com
pharma2022.live.ft.com
o2.shared.global.fastly.net
intelligentdocumentprocessing.live.ft.com
dns-vetting1h.map.fastly.net
heroku-ft-app-remove-long-pres-aiiucp.apps.in.ft.com
pharmaanalytics.live.ft.com
f4.shared.global.fastly.net
dns-vetting1g.map.fastly.net
o2.shared.global.fastly.net
leveragingdigitisation.live.ft.com
womeneurope2024.live.ft.com
dns-vetting1.map.fastly.net
futurecitiesjohannesburg.live.ft.com
industrialinnovation-europe.live.ft.com
climatecapitalfinance.live.ft.com
about.ft.com
r.ssl.fastly.net
eff22.live.ft.com
asiagreentech2023.live.ft.com
www.ft.com
ft.map.fastly.net
*.memb.ft.com
e1p-internal-sandbox.mrooms.net
scienceatstake.com
ft.com
dns-vetting1g.map.fastly.net
r.ssl.fastly.net
o2.shared.global.fastly.net
dns-vetting1e.map.fastly.net
dns-vetting2.map.fastly.net
api.workfit.com
sendgrid.trytuesday.com
zenith.ft.com
dns-vetting1e.map.fastly.net
heroku-ft-app-at-4199-remove-c-f4qu5g.apps.in.ft.com
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
retirementstrategies.live.ft.com
acceleratingequality.live.ft.com
santander.ft.com
i.subs.ft.com
inboundjapan.live.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
app-review-1772.apps.in.ft.com
dns-vetting1-mims-pawel.map.fastly.net
corporateculture.live.ft.com
streamliningbusiness.live.ft.com
dns-vetting1e.map.fastly.net
managingregulationandrisk.live.ft.com
futureinvestmentprofessional.live.ft.com
hcltechatdavosceo.live.ft.com
datasovereigntyandthecloud.live.ft.com
h2.shared.global.fastly.net
globalcarbonforum.live.ft.com
dns-vetting1c.map.fastly.net
e.ssl.fastly.net
ft-nbh-ise-01.osb.ft.com
cryptowinter.live.ft.com
o2.shared.global.fastly.net
dns-vetting2.map.fastly.net
akamaisecure3.qualtrics.com
dns-vetting1-mims-pawel.map.fastly.net
o2.shared.global.fastly.net
h2.shared.global.fastly.net
netzero-newyork.live.ft.com
futurecitiessingapore.live.ft.com
int-ic.glb.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
www.lantern.ft.com
dns-vetting1f.map.fastly.net
h2.shared.global.fastly.net
luxuryglobal.live.ft.com
energydecadeofdelivery.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
dns-vetting1d.map.fastly.net
forums.ft.com
discoverb2b.ft.com
dns-vetting1d.map.fastly.net
marketingservices.ft.com
santander.ft.com
etnotalks.live.ft.com
education.ft.com
www.ftbroadcast2.live.ft.com
luxuryglobal2021.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
intelligentbusiness2020.live.ft.com
f3.shared.global.fastly.net
banking.live.ft.com
dns-vetting1f.map.fastly.net
commoditiesglobal.live.ft.com
e1p-internal-sandbox.mrooms.net
intelligentdocumentprocessing.live.ft.com
futurecitieslondon.live.ft.com
dns-vetting1.map.fastly.net
indiainvestment.live.ft.com
pharma2022.live.ft.com
o2.shared.global.fastly.net
intelligentdocumentprocessing.live.ft.com
dns-vetting1h.map.fastly.net
heroku-ft-app-remove-long-pres-aiiucp.apps.in.ft.com
pharmaanalytics.live.ft.com
f4.shared.global.fastly.net
dns-vetting1g.map.fastly.net
o2.shared.global.fastly.net
leveragingdigitisation.live.ft.com
womeneurope2024.live.ft.com
dns-vetting1.map.fastly.net
futurecitiesjohannesburg.live.ft.com
industrialinnovation-europe.live.ft.com
climatecapitalfinance.live.ft.com
about.ft.com
r.ssl.fastly.net
eff22.live.ft.com
asiagreentech2023.live.ft.com
www.ft.com
ft.map.fastly.net
*.memb.ft.com
e1p-internal-sandbox.mrooms.net
scienceatstake.com
ft.com
dns-vetting1g.map.fastly.net
r.ssl.fastly.net
o2.shared.global.fastly.net
dns-vetting1e.map.fastly.net
dns-vetting2.map.fastly.net
api.workfit.com
sendgrid.trytuesday.com
zenith.ft.com
dns-vetting1e.map.fastly.net
heroku-ft-app-at-4199-remove-c-f4qu5g.apps.in.ft.com
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
retirementstrategies.live.ft.com
acceleratingequality.live.ft.com
santander.ft.com
i.subs.ft.com
inboundjapan.live.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
app-review-1772.apps.in.ft.com
dns-vetting1-mims-pawel.map.fastly.net
corporateculture.live.ft.com
streamliningbusiness.live.ft.com
dns-vetting1e.map.fastly.net
managingregulationandrisk.live.ft.com
futureinvestmentprofessional.live.ft.com
hcltechatdavosceo.live.ft.com
Certificate
The complete raw certificate details for banking.live.ft.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8zCCBNugAwIBAgISBCwyK7wDUbM7CCtTXA7JzBnZMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MTkyMzQ4MjdaFw0yMzEyMTgyMzQ4MjZaMB4xHDAaBgNVBAMT E2JhbmtpbmcubGl2ZS5mdC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQDMcLukeCZDdzGjLIY5M3gLcLLsmAIf6Y8dE/YtQ6g1mx1K6a2hBJPLVknu Xm4BbWCXMjs/WsQvQmn5lLSlfDOiCLcVwCzMHi9ztzec5qRz5E1PFd14uBKj/G6v fMquylFNWzrFoMRySYS9lnpTO75g40v2vH1xqQxqwq/TRgtjCTccllj+Eyp0lYWk qlSn6UtBlcUhumT+jnPbOwL/1okjFG7n73rrPz0ikOv4hCf+cy6bmmEnEziWsAnr XkgzxV+YnT7yV7Jn8NUg5j22J8dO426MEzmMkFpUFzQs+x2G6HlrGD7MInpVgTWs 0G6Z0tlijsXGO+DN5tEmBqlywbaERGD1ElVti/ZLMgh5uM3RVQeR5TP/98kmoHbV xkivVN+MSGNr7gP4xSQQU3Ltldj9E+FZaEVawHtennhTz7JOzA85MQ8JiaR/dBZq acqIXskScqp01Of0BcR9Jt9edJj2RB6It8Cdi7GtQ/CzGXHZEkEuS9RIlugI8nv1 tcuhRVaiDDGaV8xCZvcRkgQ4FLN/kIN+5511H+jyQKdYo/DuWs5O8ySt1eVFiAGT mO6N5e4aLSSzFKvNTChduBYe9oIVlhN9bTZRSmERG/I5swQjnmK+37XlnpV5thS3 4L/mXnShcSiCO39B/fTBf2f2aoImhDgON61WkaOxxnCpYSwzgQIDAQABo4ICFTCC AhEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTOLA2KdbiEQ7b8+eRsijDgjEAIxjAf BgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcw IQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYW aHR0cDovL3IzLmkubGVuY3Iub3JnLzAeBgNVHREEFzAVghNiYW5raW5nLmxpdmUu ZnQuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB 8gDwAHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGKsA9PIQAA BAMARzBFAiAeTBgVMe+L/ACDoFR4tlrPRk/TbkUlhHRfd40diPRJnQIhALPyWMCq YBgKe3EPuNJEo44osdUhzvfKhXGthyI48/KkAHYAejKMVNi3LbYg6jjgUh7phBZw MhOFTTvSK8E6V6NS61IAAAGKsA9POwAABAMARzBFAiEA2LiYN9d1PTwfHjrWY9wR yAhaaboEd1qZb0uCbslRHl4CIGY8vxo/7klZAOHiX1Bm0BQoMohU/y1mmG6iApoZ 8n00MA0GCSqGSIb3DQEBCwUAA4IBAQBMQORSqmk1ZxiKjZDkzQnYLqJpJ4oydg55 PJYXB7Or2D9hvmBlJz5rkFHi/16iX2eQ3bKrdnco0anyQmqBkTiGIRDl2kEpYKnJ k5QQC3qoJhEkrp3B6YB8anF1ZuQC4RjJt2k3R9K2Zqo7tq+s8BgrmgxnhEMJlHK6 ZFq2HwcoSUuJN7davUEzS2vJ+1fAV7kY1dsOdIOTOy7SSkMI0scugOObiGZCgF4u S0UYLzVW55ePWV4Rwjq0g0LLpOyqUbn7T35bzmGHGLd5JOAWZCbeW899ijQdTG1C 3mHjg12l3tdLILbw2CgAKVS4HF0K6qHQjY50ZEQcUxj+xS91YuwS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzHC7pHgmQ3cxoyyGOTN4 C3Cy7JgCH+mPHRP2LUOoNZsdSumtoQSTy1ZJ7l5uAW1glzI7P1rEL0Jp+ZS0pXwz ogi3FcAszB4vc7c3nOakc+RNTxXdeLgSo/xur3zKrspRTVs6xaDEckmEvZZ6Uzu+ YONL9rx9cakMasKv00YLYwk3HJZY/hMqdJWFpKpUp+lLQZXFIbpk/o5z2zsC/9aJ IxRu5+966z89IpDr+IQn/nMum5phJxM4lrAJ615IM8VfmJ0+8leyZ/DVIOY9tifH TuNujBM5jJBaVBc0LPsdhuh5axg+zCJ6VYE1rNBumdLZYo7FxjvgzebRJgapcsG2 hERg9RJVbYv2SzIIebjN0VUHkeUz//fJJqB21cZIr1TfjEhja+4D+MUkEFNy7ZXY /RPhWWhFWsB7Xp54U8+yTswPOTEPCYmkf3QWamnKiF7JEnKqdNTn9AXEfSbfXnSY 9kQeiLfAnYuxrUPwsxlx2RJBLkvUSJboCPJ79bXLoUVWogwxmlfMQmb3EZIEOBSz f5CDfueddR/o8kCnWKPw7lrOTvMkrdXlRYgBk5jujeXuGi0ksxSrzUwoXbgWHvaC FZYTfW02UUphERvyObMEI55ivt+15Z6VebYUt+C/5l50oXEogjt/Qf30wX9n9mqC JoQ4DjetVpGjscZwqWEsM4ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 363488256353472416706461688967621503621593 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-19 23:48:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 23:48:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'banking.live.ft.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 834043914979260348582120981540635587238476685009583537727441228877311591360344050741406714731519696188795877198313333373249366486267487004138180701266570099241596775490333547352792516082974598881112084237874392891831215919337660449624370152615830737781969618462527174155869028240127871256632875083386157540352240216594733791704523416751675578625222999482872787303626654918698952800693568674763029772463621728475962217255596430582066364884881465385407783291482263449995221164364012236038439393627134653137411441050325237383480162776653779161001310617090891139863977374698426557865484668889850719414727965727286230856612306676821382480597848083785051111864747969628671126989473480447967688188266241453214163423758511804085453680546558382742479189003546588210619108716077613564942847433611139703423047106637164258045245695605467307790168544835864327896613626165303823023747687294729947189637731174214797912666844306978482290228754482203601346131815367915738156133801765833556067635288061814895327627981512481234126383235941368321940284174308057654518279318898627353988334124139738512123128091563709771558613959566326062095933928363640856005257364551037544916885533828631841426561348685499540540629424447761656114414609439466653081154433 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ce2c0d8a75b88443b6fcf9e46c8a30e08c4008c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banking.live.ft.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018ab00f4f21000004030047304502201e4c181531ef8bfc0083a05478b65acf464fd36e452584745f778d1d88f4499d022100b3f258c0aa60180a7b710fb8d244a38e28b1d521cef7ca8571ad872238f3f2a40076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ab00f4f3b0000040300473045022100d8b89837d7753d3c1f1e3ad663dc11c8085a69ba04775a996f4b826ec9511e5e0220663cbf1a3fee495900e1e25f5066d01428328854ff2d66986ea2029a19f27d34 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004c40e452aa693567188a8d90e4cd09d82ea269278a32760e793c961707b3abd83f61be6065273e6b9051e2ff5ea25f6790ddb2ab767728d1a9f2426a819138862110e5da412960a9c99394100b7aa8261124ae9dc1e9807c6a717566e402e118c9b7693747d2b666aa3bb6afacf0182b9a0c678443099472ba645ab61f0728494b8937b75abd41334b6bc9fb57c057b918d5db0e7483933b2ed24a4308d2c72e80e39b886642805e2e4b45182f3556e7978f595e11c23ab48342cba4ecaa51b9fb4f7e5bce618718b77924e0166426de5bcf7d8a341d4c6d42de61e3835da5ded74b20b6f0d828002954b81c5d0aeaa1d08d8e7464441c5318fec52f7562ec12