photoset.widgets.migros.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:dc:d6:a9:1e:a1:45:6f:e2:44:b5:17:26:c6:cf:83:72:3a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=photoset.widgets.migros.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:dc:d6:a9:1e:a1:45:6f:e2:44:b5:17:26:c6:cf:83:72:3aSerial Number (int): 336484311428403778283797322278557865701946
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 31:ee:1c:fe:3d:b5:18:92:8a:3c:e8:4d:78:01:3f:a5:67:1c:11:45
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7f:b1:33:f0:29:1c:56:90:68:63:1a:17:66:e7:0e:ae:0b:c2:3b:10
Fingerprint (sha256): 03:dd:b3:0c:97:35:e0:05:63:ea:04:34:f5:66:db:33:04:09:bf:0d:91:5a:d5:a3:85:7b:8e:69:c7:1c:ae:95
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate photoset.widgets.migros.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for photoset.widgets.migros.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
photoset.widgets.migros.ch
uploader.widgets.migros.ch
uploader.widgets.migros.ch
Other certificates including the domain name migros.ch
(limited to 100 certificates)
secure03.stage.lithium.com
commentmatch.m-budget.migros.ch
secure06.lithium.com
mitarbeiteranlass.events.migros.ch
rsc.migros.ch
staging.prod.pema-coupons.mdb.migros.net
test-basel.migros.ch
secure06.lithium.com
photoset.widgets.migros.ch
secure03.stage.lithium.com
migusto.migros.ch
aus-der-region.migros.ch
test-mgo-api.migros.ch
secure03.stage.lithium.com
gmaare.elearning.migros.ch
meineidee-ext-s.gmsap.migros.ch
famigros.migros.ch
perimeter-dmz1-meineip.migros.ch
api.migros.ch
cadismobile.migros.ch
test-hybrid-app.migros.ch
pos-coupons-api.migros.ch
storybox.migros.ch
dev-basel.migros.ch
support.migros.ch
test-web-api.migros.ch
inveco-s.gmsap.migros.ch
konsumententagung.migros.ch
test-mom.migros.ch
portal.migroszh.ch
login.migros.ch
m-learning.migros.ch
secure03.stage.lithium.com
ca.status.clio.com
e3mobilege-test.gmge.migros.ch
photoset.widgets.migros.ch
staging.qual.mam.mdb.migros.net
admin.operations.migros.ch
mymigros.ch
m-learning-t.migros.ch
yellowworldtest.migros.ch
test-mobile-app-api.migros.ch
corporate.migros.ch
recipeapi-t.gmsap.migros.ch
mcrm.migros.ch
test-socialmedia.migros.ch
meineidee.gmsap.migros.ch
connect.gmz.migros.ch
mcds.migros.net
ucb10testews.migros.ch
live.qual.kms-portal.mdb.aws.migros.ch
dev-migipedia-backend.migros.ch
bb2status.mambu.com
storybox.migros.ch
test-help.migros.ch
*.gmaare.migros.ch
quiz-adr.migros.ch
secure06.lithium.com
tiptoimania.migros.ch
secure.clubs.migros.ch
terrasuisse.migros.ch
retitest-ews.migros.ch
ins-staging.migros.ch
jobs.migros.ch
test-winwin-vonuns-vonhier.migros.ch
mein.m-budget.migros.ch
sni.cloudflaressl.com
thehost.widgets.migros.ch
allowlist.sterda.com
report-download.migros.ch
proxy-mdb.migros.ch
test-corporate.migros.ch
ca.status.clio.com
test-auth.magnolia.migros.ch
meineidee-ext-t.gmsap.migros.ch
lyncaccess.datacenter-migros.ch
dev-vaud.migros.ch
dev-cdn.migros.ch
api.migros.ch
admin.logistikplattform.migros.ch
live.prod.image-upload.mdb.aws.migros.ch
image-upload.mdb.migros.net
secure03.stage.lithium.com
cert-test.migros.ch
rc-mobile-app.migros.ch
mylogin.migros.ch
test-hybrid-app.migros.ch
p99.migros.ch
proxy-mdb.migros.ch
auth.migros.ch
ca.status.clio.com
wartung.migros.ch
staging.prod.pema-coupons.mdb.aws.migros.ch
natro.gmaare.migros.ch
impuls.migros.ch
allowlist.sterda.com
recipeapi-s.gmsap.migros.ch
m-payment.pos.migros.ch
fragments.migros.ch
ostern.migros.ch
commentmatch.m-budget.migros.ch
secure06.lithium.com
mitarbeiteranlass.events.migros.ch
rsc.migros.ch
staging.prod.pema-coupons.mdb.migros.net
test-basel.migros.ch
secure06.lithium.com
photoset.widgets.migros.ch
secure03.stage.lithium.com
migusto.migros.ch
aus-der-region.migros.ch
test-mgo-api.migros.ch
secure03.stage.lithium.com
gmaare.elearning.migros.ch
meineidee-ext-s.gmsap.migros.ch
famigros.migros.ch
perimeter-dmz1-meineip.migros.ch
api.migros.ch
cadismobile.migros.ch
test-hybrid-app.migros.ch
pos-coupons-api.migros.ch
storybox.migros.ch
dev-basel.migros.ch
support.migros.ch
test-web-api.migros.ch
inveco-s.gmsap.migros.ch
konsumententagung.migros.ch
test-mom.migros.ch
portal.migroszh.ch
login.migros.ch
m-learning.migros.ch
secure03.stage.lithium.com
ca.status.clio.com
e3mobilege-test.gmge.migros.ch
photoset.widgets.migros.ch
staging.qual.mam.mdb.migros.net
admin.operations.migros.ch
mymigros.ch
m-learning-t.migros.ch
yellowworldtest.migros.ch
test-mobile-app-api.migros.ch
corporate.migros.ch
recipeapi-t.gmsap.migros.ch
mcrm.migros.ch
test-socialmedia.migros.ch
meineidee.gmsap.migros.ch
connect.gmz.migros.ch
mcds.migros.net
ucb10testews.migros.ch
live.qual.kms-portal.mdb.aws.migros.ch
dev-migipedia-backend.migros.ch
bb2status.mambu.com
storybox.migros.ch
test-help.migros.ch
*.gmaare.migros.ch
quiz-adr.migros.ch
secure06.lithium.com
tiptoimania.migros.ch
secure.clubs.migros.ch
terrasuisse.migros.ch
retitest-ews.migros.ch
ins-staging.migros.ch
jobs.migros.ch
test-winwin-vonuns-vonhier.migros.ch
mein.m-budget.migros.ch
sni.cloudflaressl.com
thehost.widgets.migros.ch
allowlist.sterda.com
report-download.migros.ch
proxy-mdb.migros.ch
test-corporate.migros.ch
ca.status.clio.com
test-auth.magnolia.migros.ch
meineidee-ext-t.gmsap.migros.ch
lyncaccess.datacenter-migros.ch
dev-vaud.migros.ch
dev-cdn.migros.ch
api.migros.ch
admin.logistikplattform.migros.ch
live.prod.image-upload.mdb.aws.migros.ch
image-upload.mdb.migros.net
secure03.stage.lithium.com
cert-test.migros.ch
rc-mobile-app.migros.ch
mylogin.migros.ch
test-hybrid-app.migros.ch
p99.migros.ch
proxy-mdb.migros.ch
auth.migros.ch
ca.status.clio.com
wartung.migros.ch
staging.prod.pema-coupons.mdb.aws.migros.ch
natro.gmaare.migros.ch
impuls.migros.ch
allowlist.sterda.com
recipeapi-s.gmsap.migros.ch
m-payment.pos.migros.ch
fragments.migros.ch
ostern.migros.ch
Certificate
The complete raw certificate details for photoset.widgets.migros.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGhzCCBW+gAwIBAgISA9zWqR6hRW/iRLUXJsbPg3I6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MjIyMjAwMTNaFw0x OTExMjAyMjAwMTNaMCUxIzAhBgNVBAMTGnBob3Rvc2V0LndpZGdldHMubWlncm9z LmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlR2/ANXnv126WNeS nNmqYRuMAafAf2LeuoKZk5tsCK6n8wphKBuXXl98YC+4S5lk0dQJ8k4RO9/dopHf nQhIAQBvsHOK9YxrfZydT6TKEqazj7W/SL2IB7gjUV7KB+TM20qTJqoD3ZkxsaD/ xcImV2Ywyct+9UlcBIrDCtsJW27HTyjpemcTx10ES3rVI5FludrXddUHhNF6dvmN 9U5k1+teq6oIdRPYDoxj4idouYG8dzJPM7+poxV7APNiEGMLBbARUREhmulopKWj 8h1dL3lta+f5l2/EYtKNZDB69RPM0G2A9eTlm/lthGavKjVjLftRuPinVMD5MCKf 1qdDbMGXfCRALug4aLYtigfwUwDve/M9KFB6b4Qiiw2oWbrcKGdjqnyZQypRdLOY iqahNAomG4n3lW3fcJNP7AOXqeT5KW4nf00rKFmCm3l5cGItNGwurEEJTo5MMukH Dy1vGilWGIQ3x2unaUeMN/kKAAIsMQ2Ozutmz+cbWJn/fLLBumnSgOXTHZKRXywl 4le09dQo4T/Zno0zW/FZi/7qBMI8sC1Dk78fkVWWBY3pRch/uzUpMtid0xiyDPdl T5wFbWSMgmFBODGxKcapHDLNNyT602esaLZyUwbuIg7d7lyWh+oWnDvnMcUFm7vf UORpTdQOMtjdZsV8YCjrXqsIxgUCAwEAAaOCAoowggKGMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd BgNVHQ4EFgQUMe4c/j21GJKKPOhNeAE/pWccEUUwHwYDVR0jBBgwFoAUqEpqYwR9 3brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRw Oi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRw Oi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzBBBgNVHREEOjA4ghpwaG90 b3NldC53aWRnZXRzLm1pZ3Jvcy5jaIIadXBsb2FkZXIud2lkZ2V0cy5taWdyb3Mu Y2gwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQC BIH0BIHxAO8AdgDiaUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWy7 jxjFAAAEAwBHMEUCIFyeCtLkgEb21P8bRPN+1cPQnkpZP/EkByHxbYsQCmuYAiEA 6hlFjpJLR2S8aZOBOA7/1Ca76b9SYogWTsPSPjtndlcAdQBj8tvN6DvMLM8LcoQn V2szpI1hd4+9daY4scdoVEvYjQAAAWy7jxi4AAAEAwBGMEQCICWnkU/MhK/MXtaN Ie0bPHVemkX4oy65MgkAl3/o2YUiAiB+FvJVfzxwm532nsCN8Pk5pzTY/WOPBdnk ZtTmj0/CujANBgkqhkiG9w0BAQsFAAOCAQEADKC7p8X7Eb1Z9gwuY7Iug9/8brmq vpu0/hLs+I72jTQTNb8qOihQ1Oen9H23ruz9GDadjynTesfTkKAU30F7s+oko/m4 Un7Ctd4VenwmMP87VjwcBxKyVXiIepPLIPL1q9sfw5NgB0zJKngJZOsd9O4mx6h9 Uy8O/wv2qGaDCYGBwh4Gsn3YtibkUhq/9bgL4UhNbx7YCup0cwxb2J5tyQK8UxWO xhwofAbEzZKTQgmuhyZI6FDLZLPTvpL7xyx7VoINEwrcWM+bwTG5XC890PHyFri7 qT6b+jac8/d3aZqMdYmw6AWrL+wAt2Ogx1w8bRLexfd9xGydhNzojARqxQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlR2/ANXnv126WNeSnNmq YRuMAafAf2LeuoKZk5tsCK6n8wphKBuXXl98YC+4S5lk0dQJ8k4RO9/dopHfnQhI AQBvsHOK9YxrfZydT6TKEqazj7W/SL2IB7gjUV7KB+TM20qTJqoD3ZkxsaD/xcIm V2Ywyct+9UlcBIrDCtsJW27HTyjpemcTx10ES3rVI5FludrXddUHhNF6dvmN9U5k 1+teq6oIdRPYDoxj4idouYG8dzJPM7+poxV7APNiEGMLBbARUREhmulopKWj8h1d L3lta+f5l2/EYtKNZDB69RPM0G2A9eTlm/lthGavKjVjLftRuPinVMD5MCKf1qdD bMGXfCRALug4aLYtigfwUwDve/M9KFB6b4Qiiw2oWbrcKGdjqnyZQypRdLOYiqah NAomG4n3lW3fcJNP7AOXqeT5KW4nf00rKFmCm3l5cGItNGwurEEJTo5MMukHDy1v GilWGIQ3x2unaUeMN/kKAAIsMQ2Ozutmz+cbWJn/fLLBumnSgOXTHZKRXywl4le0 9dQo4T/Zno0zW/FZi/7qBMI8sC1Dk78fkVWWBY3pRch/uzUpMtid0xiyDPdlT5wF bWSMgmFBODGxKcapHDLNNyT602esaLZyUwbuIg7d7lyWh+oWnDvnMcUFm7vfUORp TdQOMtjdZsV8YCjrXqsIxgUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336484311428403778283797322278557865701946 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-22 22:00:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-20 22:00:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'photoset.widgets.migros.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 608341003349562938900616313132545866396349949054372796889992945222464887459119510038589001437083399204276675494537475204456047429202283079024939965586287153593380213058731552975515395289307034892015921464752120610823002911526130999349337197870049094282337704663297839301879243464279060930941195466464995424545085228422353622747828767429106615849421426691726946322671373998765193521166897278850629137679936108325659676549300756786012514634767614789569065100347184431903219341343579199675998807178981238785810690379449385568240744812588589893307853532924956984674518899872695874931800541919681615089314648509597535997422053158941548161724020487735717339569674873678920307866623880045705189829115441822369409243091559996383579748280507014063330231745894278646765329451297442827514850208853540758942087590286561985119369548154525312668923908387464738783444769658547007840142893746445174682390978950976732337405034315564248463467849864863075194042769723619544539380828397871245263350314625606378901558464113753912061896023706311482047603752106017587764869056983756873074072650976834316799847277035432610215192177051979865228594538033438149403653924134060978360302940668419124734398137929980270524004084222532759877765952622798160276276741 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 31ee1cfe3db518928a3ce84d78013fa5671c1145 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photoset.widgets.migros.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uploader.widgets.migros.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016cbb8f18c5000004030047304502205c9e0ad2e48046f6d4ff1b44f37ed5c3d09e4a593ff1240721f16d8b100a6b98022100ea19458e924b4764bc699381380effd426bbe9bf526288164ec3d23e3b67765700750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016cbb8f18b80000040300463044022025a7914fcc84afcc5ed68d21ed1b3c755e9a45f8a32eb9320900977fe8d9852202207e16f2557f3c709b9df69ec08df0f939a734d8fd638f05d9e466d4e68f4fc2ba . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000ca0bba7c5fb11bd59f60c2e63b22e83dffc6eb9aabe9bb4fe12ecf88ef68d341335bf2a3a2850d4e7a7f47db7aeecfd18369d8f29d37ac7d390a014df417bb3ea24a3f9b8527ec2b5de157a7c2630ff3b563c1c0712b25578887a93cb20f2f5abdb1fc39360074cc92a780964eb1df4ee26c7a87d532f0eff0bf6a86683098181c21e06b27dd8b626e4521abff5b80be1484d6f1ed80aea74730c5bd89e6dc902bc53158ec61c287c06c4cd92934209ae872648e850cb64b3d3be92fbc72c7b56820d130adc58cf9bc131b95c2f3dd0f1f216b8bba93e9bfa369cf3f777699a8c7589b0e805ab2fec00b763a0c75c3c6d12dec5f77dc46c9d84dce88c046ac5