*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
Issued by R3
About this certificate
This digital certificate with serial number 04:19:25:b1:93:01:e8:48:48:ba:b9:07:78:f9:78:a9:94:c9 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:19:25:b1:93:01:e8:48:48:ba:b9:07:78:f9:78:a9:94:c9Serial Number (int): 357006306354117778532569848844648861766857
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 4e:c6:d8:30:ab:c2:ba:f1:c7:8b:89:ba:c5:f5:81:9f:6c:4c:67:13
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ac:09:59:ef:9d:33:46:f2:6a:14:41:93:b0:2a:12:db:58:7a:be:dd
Fingerprint (sha256): 03:2a:2f:c3:be:09:39:dc:27:c2:22:00:33:e1:ab:af:69:9d:a3:97:41:9c:53:b1:41:41:96:4b:0f:0c:7e:89
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
Other certificates including the domain name nyt.net
(limited to 100 certificates)
*.mx.us-west-2.dv-shared-stg.awsma.nyt.net
gai.rd.nyt.net
k0dvb.dv-dns.nyti.snd.nyt.net
sharedui.tech.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.twistlock.us-east1-01.prd.dvsp-gcp.nyt.net
*.dv-prd.us-east-1-01.dev.dvsp.nyt.net
*.kube-system.us-west1-01.stg.dvsp-gcp.nyt.net
*.b2b.us-east-1-01.stg.dvsp.nyt.net
*.content-tagging.us-west-2-01.stg.dvsp.nyt.net
misp.infosec-prd.awsma.nyt.net
ic-slackbot-prd.dv-prd.awsma.nyt.net
midmirror.stg.nyt.net
tech.nyt.net
jks-messaging-sub.messaging-dev.awsma.nyt.net
newsdev.nyt.net
nn-audience-api.messaging-dev.awsma.nyt.net
appcatalog.dev.nyt.net
commerce.commerce-dev.awsma.nyt.net
ckraken.auth.prd.nyt.net
*.dv-engagements-lab.us-east1-01.stg.dvsp-gcp.nyt.net
gmax.tech.nyt.net
*.payflow.us-east-1-01.stg.dvsp.nyt.net
*.twistlock.us-east1-01.sbx.dvsp-gcp.nyt.net
identity.tech.nyt.net
news.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
assets.nyt.net
ad-docs.nyt.net
slackapp.dev.nyt.net
*.account.us-east-1.dv-shared-prd.awsma.nyt.net
autoreplyslackbot.dv-demo-lab.awsma.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.account.us-west-2.dv-shared-stg.awsma.nyt.net
httpbin-us-east1.news.stg.nyt.net
account-fe.account.nyti.stg.nyt.net
hyphen.dev.nyt.net
zuo-grandcentral-stg-lb.spg-dev.awsma.nyt.net
features.tech.nyt.net
twistlock-dev.devsecops.dv.nyt.net
*.kube-public.us-east1-01.dev.dvsp-gcp.nyt.net
*.dv-dev.us-east-1.dv-shared-dev.awsma.nyt.net
app-platforms.tech.nyt.net
nss-console-prd.nyt.net
*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
*.dv-dns.us-east-1-01.sbx.dvsp.nyt.net
amp-docs.tech.nyt.net
*.kube-node-lease.us-west1-01.dev.dvsp-gcp.nyt.net
hyphen.tech.nyt.net
platform-stela.nyt.net
photo.nyt.net
pdf-invoices-bff.account.nyti.nyt.net
video-thumbnails.prd.nyt.net
nyt.net
*.auth-dev.us-west-2.dv-shared-dev.awsma.nyt.net
webgl.rd.nyt.net
edge.games.nyti.nyt.net
puzzles.dev.nyt.net
targeting.tech.nyt.net
activate-access-bff.account.nyti.stg.nyt.net
esx03-c01.prd.orf1.nyt.net
*.audio.us-east1-01.dev.dvsp-gcp.nyt.net
reader-revenue.tech.nyt.net
triage.dev.care-dev.awsma.nyt.net
mwcm-pub-lab-dev.growth-mc.nyti.stg.nyt.net
dossier.stg.nyt.net
*.games.us-east-1.dv-shared-dev.awsma.nyt.net
graphql-android.samizdat.nyti.nyt.net
lt0959-audience-api-rpc.messaging-dev.awsma.nyt.net
js1-messaging-sub-rpc.messaging-dev.awsma.nyt.net
p1-dev.dv.nyt.net
weddings-api.stg.nyt.net
*.tarplat.us-east1-01.dev.dvsp-gcp.nyt.net
meter.nyt.net
reactivation-dp.account.nyti.nyt.net
NYHQ-TEL-EXPWYC.lga2.nyt.net
user-attribute.auth.nyti.dev.nyt.net
leaderboards.games.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
wit.nyt.net
cookies.games.dev.nyt.net
*.messaging.dv-shared-dev.awsma.nyt.net
lire-ui.auth.nyti.stg.nyt.net
hybrid-renderer.news.sbx.nyt.net
du-bot-newsroom.dev.nyt.net
esx01-c01.stg.lga1.nyt.net
puzzles.dev.nyt.net
static.auth.stg.nyt.net
annotations.rd.nyt.net
srlt3-push-send-service.messaging-dev.awsma.nyt.net
weddings-api-internal.stg.nyt.net
activate-access-bff-dev.nyt.net
jobs-dev.dv.nyt.net
climate.rd.nyt.net
workdayuserguides.nyt.net
grc.nyt.net
me12-audience-api-rpc.messaging-dev.awsma.nyt.net
frm01.nyt.net
*.wirecutter.us-east-1.dv-shared-stg.awsma.nyt.net
webgl-dev.rd.nyt.net
gai.rd.nyt.net
k0dvb.dv-dns.nyti.snd.nyt.net
sharedui.tech.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.twistlock.us-east1-01.prd.dvsp-gcp.nyt.net
*.dv-prd.us-east-1-01.dev.dvsp.nyt.net
*.kube-system.us-west1-01.stg.dvsp-gcp.nyt.net
*.b2b.us-east-1-01.stg.dvsp.nyt.net
*.content-tagging.us-west-2-01.stg.dvsp.nyt.net
misp.infosec-prd.awsma.nyt.net
ic-slackbot-prd.dv-prd.awsma.nyt.net
midmirror.stg.nyt.net
tech.nyt.net
jks-messaging-sub.messaging-dev.awsma.nyt.net
newsdev.nyt.net
nn-audience-api.messaging-dev.awsma.nyt.net
appcatalog.dev.nyt.net
commerce.commerce-dev.awsma.nyt.net
ckraken.auth.prd.nyt.net
*.dv-engagements-lab.us-east1-01.stg.dvsp-gcp.nyt.net
gmax.tech.nyt.net
*.payflow.us-east-1-01.stg.dvsp.nyt.net
*.twistlock.us-east1-01.sbx.dvsp-gcp.nyt.net
identity.tech.nyt.net
news.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
assets.nyt.net
ad-docs.nyt.net
slackapp.dev.nyt.net
*.account.us-east-1.dv-shared-prd.awsma.nyt.net
autoreplyslackbot.dv-demo-lab.awsma.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.account.us-west-2.dv-shared-stg.awsma.nyt.net
httpbin-us-east1.news.stg.nyt.net
account-fe.account.nyti.stg.nyt.net
hyphen.dev.nyt.net
zuo-grandcentral-stg-lb.spg-dev.awsma.nyt.net
features.tech.nyt.net
twistlock-dev.devsecops.dv.nyt.net
*.kube-public.us-east1-01.dev.dvsp-gcp.nyt.net
*.dv-dev.us-east-1.dv-shared-dev.awsma.nyt.net
app-platforms.tech.nyt.net
nss-console-prd.nyt.net
*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
*.dv-dns.us-east-1-01.sbx.dvsp.nyt.net
amp-docs.tech.nyt.net
*.kube-node-lease.us-west1-01.dev.dvsp-gcp.nyt.net
hyphen.tech.nyt.net
platform-stela.nyt.net
photo.nyt.net
pdf-invoices-bff.account.nyti.nyt.net
video-thumbnails.prd.nyt.net
nyt.net
*.auth-dev.us-west-2.dv-shared-dev.awsma.nyt.net
webgl.rd.nyt.net
edge.games.nyti.nyt.net
puzzles.dev.nyt.net
targeting.tech.nyt.net
activate-access-bff.account.nyti.stg.nyt.net
esx03-c01.prd.orf1.nyt.net
*.audio.us-east1-01.dev.dvsp-gcp.nyt.net
reader-revenue.tech.nyt.net
triage.dev.care-dev.awsma.nyt.net
mwcm-pub-lab-dev.growth-mc.nyti.stg.nyt.net
dossier.stg.nyt.net
*.games.us-east-1.dv-shared-dev.awsma.nyt.net
graphql-android.samizdat.nyti.nyt.net
lt0959-audience-api-rpc.messaging-dev.awsma.nyt.net
js1-messaging-sub-rpc.messaging-dev.awsma.nyt.net
p1-dev.dv.nyt.net
weddings-api.stg.nyt.net
*.tarplat.us-east1-01.dev.dvsp-gcp.nyt.net
meter.nyt.net
reactivation-dp.account.nyti.nyt.net
NYHQ-TEL-EXPWYC.lga2.nyt.net
user-attribute.auth.nyti.dev.nyt.net
leaderboards.games.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
wit.nyt.net
cookies.games.dev.nyt.net
*.messaging.dv-shared-dev.awsma.nyt.net
lire-ui.auth.nyti.stg.nyt.net
hybrid-renderer.news.sbx.nyt.net
du-bot-newsroom.dev.nyt.net
esx01-c01.stg.lga1.nyt.net
puzzles.dev.nyt.net
static.auth.stg.nyt.net
annotations.rd.nyt.net
srlt3-push-send-service.messaging-dev.awsma.nyt.net
weddings-api-internal.stg.nyt.net
activate-access-bff-dev.nyt.net
jobs-dev.dv.nyt.net
climate.rd.nyt.net
workdayuserguides.nyt.net
grc.nyt.net
me12-audience-api-rpc.messaging-dev.awsma.nyt.net
frm01.nyt.net
*.wirecutter.us-east-1.dv-shared-stg.awsma.nyt.net
webgl-dev.rd.nyt.net
Certificate
The complete raw certificate details for *.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgISBBklsZMB6EhIurkHePl4qZTJMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMjA2MDYxOTE0NTFaFw0yMjA5MDQxOTE0NTBaMEMxQTA/BgNVBAMM OCouZGF0YS1jb2xsZWN0aW9ucy51cy1lYXN0LTEuZHYtc2hhcmVkLXByZC5hd3Nt YS5ueXQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0XG63YC RVmaQLI4y3vE7Tc3vhFQjOIoau0RthIR4uYOdJrV6xwXMF/FTUmdFSMlK47jKN4z jS1L1AwYbBbRsDVvmcQ36uJkzeAC6gEhs+HQdSWNXxHXS7jqRvrzm9HG33aIzFFd c8i1uph1mB1wzhBi/u8Varo4As4cOgeB7EgdwL/ecoBRACInY0OKayzvpBp+48AJ mK37Mp92N6oHf9FMq06+5ljh6Vij8hlZpvhhGYdP5w29YNST57Nhl505RWHhxU+7 phubI5ix16xXGJmNqIpBfvipoeDgEpZM0pO4O7590Rrb9HMy5cdzvAKCUOYouoYT enjjLF8kw02+vQIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRO xtgwq8K68ceLibrF9YGfbExnEzAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+d ixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxl bmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzB7BgNV HREEdDBygjgqLmRhdGEtY29sbGVjdGlvbnMudXMtZWFzdC0xLmR2LXNoYXJlZC1w cmQuYXdzbWEubnl0Lm5ldII2ZGF0YS1jb2xsZWN0aW9ucy51cy1lYXN0LTEuZHYt c2hhcmVkLXByZC5hd3NtYS5ueXQubmV0MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAKXm+8J45OSHwVnOfY6V3 5b5XfZxgCvj5TV0mXCVdx4QAAAGBOqfpxgAABAMARjBEAiAwRf8DeExl80G1wViR VcWlB4S6y4hP899vHB/IYBlP7QIgVc3G1a0sDJYb5mveq8+X7TM6G0aUTslrOvnE HZ4KepsAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAYE6p+so AAAEAwBHMEUCICcUsiKcdZPB6/ErT5pFEMCwWg0Dswwuux4OLp1c1E2uAiEAquvO KqS4xTRdDwta5+ChhGZf2D1PIetl3con4zwS5t8wDQYJKoZIhvcNAQELBQADggEB AGevI5sIJy2GYz/5piTdahMi+hDUVdGhpXkR47GmfnaXc3vTtoJEvZmJg6Mbt9/h thFlbx9cbBd6p/3MAq7/TjOqqFocJ/RbijQlZHH6gTUCv55gGnPrzEo9LaA6X6S5 4ujahcSYDQP6UcEmsE1AH/RkyHhiZzr4IepZ0F8aPVehKruq7SwIeBKRmtEwwDse 9is6E9ZbQd6lYFIRLgq3JANrrlhvWgpJU7vkfxKKgc8DB+g3AiKbrEHm7I4vCzCi CsEO7ddCvB34kobGNh3wVNgIGhNF1tw/2TFeaXq5C0uoow5cCMVgzzawf3iDBvxc gxDikDUvsH4nYns+dgRo550= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0XG63YCRVmaQLI4y3vE 7Tc3vhFQjOIoau0RthIR4uYOdJrV6xwXMF/FTUmdFSMlK47jKN4zjS1L1AwYbBbR sDVvmcQ36uJkzeAC6gEhs+HQdSWNXxHXS7jqRvrzm9HG33aIzFFdc8i1uph1mB1w zhBi/u8Varo4As4cOgeB7EgdwL/ecoBRACInY0OKayzvpBp+48AJmK37Mp92N6oH f9FMq06+5ljh6Vij8hlZpvhhGYdP5w29YNST57Nhl505RWHhxU+7phubI5ix16xX GJmNqIpBfvipoeDgEpZM0pO4O7590Rrb9HMy5cdzvAKCUOYouoYTenjjLF8kw02+ vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 357006306354117778532569848844648861766857 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-06 19:14:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-04 19:14:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24650877804462922290260481645973403256481023255644096945499149758072444526544463017300622491882139152580037107721926250412825123686298661119262691860812639590757259956171823814294568233008739426878394629639469914027311382822509657261082229649108085496952330225617460084870642283298471376138353670077004253283579981051826778876629989250910082018230240494181474802876669948267737422348380144850673944366801273771094020784482081324524013943782981194987652359018977263726898258805244871522209224188157955795246731705858158356009148563435941639525045727555756835417521654509480729073376712411459268839528026135673294405309 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4ec6d830abc2baf1c78b89bac5f5819f6c4c6713 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data-collections.us-east-1.dv-shared-prd.awsma.nyt.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc784000001813aa7e9c6000004030046304402203045ff03784c65f341b5c1589155c5a50784bacb884ff3df6f1c1fc860194fed022055cdc6d5ad2c0c961be66bdeabcf97ed333a1b46944ec96b3af9c41d9e0a7a9b0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001813aa7eb28000004030047304502202714b2229c7593c1ebf12b4f9a4510c0b05a0d03b30c2ebb1e0e2e9d5cd44dae022100aaebce2aa4b8c5345d0f0b5ae7e0a184665fd83d4f21eb65ddca27e33c12e6df . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0067af239b08272d86633ff9a624dd6a1322fa10d455d1a1a57911e3b1a67e7697737bd3b68244bd998983a31bb7dfe1b611656f1f5c6c177aa7fdcc02aeff4e33aaa85a1c27f45b8a34256471fa813502bf9e601a73ebcc4a3d2da03a5fa4b9e2e8da85c4980d03fa51c126b04d401ff464c87862673af821ea59d05f1a3d57a12abbaaed2c087812919ad130c03b1ef62b3a13d65b41dea56052112e0ab724036bae586f5a0a4953bbe47f128a81cf0307e83702229bac41e6ec8e2f0b30a20ac10eedd742bc1df89286c6361df054d8081a1345d6dc3fd9315e697ab90b4ba8a30e5c08c560cf36b07f788306fc5c8310e290352fb07e27627b3e760468e79d