managingregulationandrisk.live.ft.com
Issued by R3
About this certificate
This digital certificate with serial number 03:d3:84:c2:ac:56:74:43:1c:c6:c9:df:69:ce:b5:5c:01:e5 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=managingregulationandrisk.live.ft.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d3:84:c2:ac:56:74:43:1c:c6:c9:df:69:ce:b5:5c:01:e5Serial Number (int): 333312906112056975581803477592647248118245
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 67:b3:76:43:37:04:c9:cb:d5:12:92:ab:bd:8c:b0:93:71:d0:a0:c4
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c4:30:49:ca:64:f3:62:76:47:ae:17:7b:6b:86:a1:2c:8a:60:d8:48
Fingerprint (sha256): 04:38:9a:00:59:20:c9:88:af:be:5b:fa:e9:76:e8:9d:de:37:a0:d7:09:0a:8b:e4:5c:e1:ea:2d:9b:76:f0:e9
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate managingregulationandrisk.live.ft.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for managingregulationandrisk.live.ft.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
managingregulationandrisk.live.ft.com
Other certificates including the domain name ft.com
(limited to 100 certificates)
f4.shared.global.fastly.net
datasovereigntyandthecloud.live.ft.com
h2.shared.global.fastly.net
globalcarbonforum.live.ft.com
dns-vetting1c.map.fastly.net
e.ssl.fastly.net
ft-nbh-ise-01.osb.ft.com
cryptowinter.live.ft.com
o2.shared.global.fastly.net
dns-vetting2.map.fastly.net
akamaisecure3.qualtrics.com
dns-vetting1-mims-pawel.map.fastly.net
o2.shared.global.fastly.net
h2.shared.global.fastly.net
netzero-newyork.live.ft.com
futurecitiessingapore.live.ft.com
int-ic.glb.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
www.lantern.ft.com
dns-vetting1f.map.fastly.net
h2.shared.global.fastly.net
luxuryglobal.live.ft.com
energydecadeofdelivery.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
dns-vetting1d.map.fastly.net
forums.ft.com
discoverb2b.ft.com
dns-vetting1d.map.fastly.net
marketingservices.ft.com
santander.ft.com
etnotalks.live.ft.com
education.ft.com
www.ftbroadcast2.live.ft.com
luxuryglobal2021.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
intelligentbusiness2020.live.ft.com
f3.shared.global.fastly.net
banking.live.ft.com
dns-vetting1f.map.fastly.net
commoditiesglobal.live.ft.com
e1p-internal-sandbox.mrooms.net
intelligentdocumentprocessing.live.ft.com
futurecitieslondon.live.ft.com
dns-vetting1.map.fastly.net
indiainvestment.live.ft.com
pharma2022.live.ft.com
o2.shared.global.fastly.net
intelligentdocumentprocessing.live.ft.com
dns-vetting1h.map.fastly.net
heroku-ft-app-remove-long-pres-aiiucp.apps.in.ft.com
pharmaanalytics.live.ft.com
f4.shared.global.fastly.net
dns-vetting1g.map.fastly.net
o2.shared.global.fastly.net
leveragingdigitisation.live.ft.com
womeneurope2024.live.ft.com
dns-vetting1.map.fastly.net
futurecitiesjohannesburg.live.ft.com
industrialinnovation-europe.live.ft.com
climatecapitalfinance.live.ft.com
about.ft.com
r.ssl.fastly.net
eff22.live.ft.com
asiagreentech2023.live.ft.com
www.ft.com
ft.map.fastly.net
*.memb.ft.com
e1p-internal-sandbox.mrooms.net
scienceatstake.com
ft.com
dns-vetting1g.map.fastly.net
r.ssl.fastly.net
o2.shared.global.fastly.net
dns-vetting1e.map.fastly.net
dns-vetting2.map.fastly.net
api.workfit.com
sendgrid.trytuesday.com
zenith.ft.com
dns-vetting1e.map.fastly.net
heroku-ft-app-at-4199-remove-c-f4qu5g.apps.in.ft.com
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
retirementstrategies.live.ft.com
acceleratingequality.live.ft.com
santander.ft.com
i.subs.ft.com
inboundjapan.live.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
app-review-1772.apps.in.ft.com
dns-vetting1-mims-pawel.map.fastly.net
corporateculture.live.ft.com
streamliningbusiness.live.ft.com
dns-vetting1e.map.fastly.net
managingregulationandrisk.live.ft.com
futureinvestmentprofessional.live.ft.com
hcltechatdavosceo.live.ft.com
datasovereigntyandthecloud.live.ft.com
h2.shared.global.fastly.net
globalcarbonforum.live.ft.com
dns-vetting1c.map.fastly.net
e.ssl.fastly.net
ft-nbh-ise-01.osb.ft.com
cryptowinter.live.ft.com
o2.shared.global.fastly.net
dns-vetting2.map.fastly.net
akamaisecure3.qualtrics.com
dns-vetting1-mims-pawel.map.fastly.net
o2.shared.global.fastly.net
h2.shared.global.fastly.net
netzero-newyork.live.ft.com
futurecitiessingapore.live.ft.com
int-ic.glb.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
www.lantern.ft.com
dns-vetting1f.map.fastly.net
h2.shared.global.fastly.net
luxuryglobal.live.ft.com
energydecadeofdelivery.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
dns-vetting1d.map.fastly.net
forums.ft.com
discoverb2b.ft.com
dns-vetting1d.map.fastly.net
marketingservices.ft.com
santander.ft.com
etnotalks.live.ft.com
education.ft.com
www.ftbroadcast2.live.ft.com
luxuryglobal2021.live.ft.com
dns-vetting1-mims-pawel.map.fastly.net
intelligentbusiness2020.live.ft.com
f3.shared.global.fastly.net
banking.live.ft.com
dns-vetting1f.map.fastly.net
commoditiesglobal.live.ft.com
e1p-internal-sandbox.mrooms.net
intelligentdocumentprocessing.live.ft.com
futurecitieslondon.live.ft.com
dns-vetting1.map.fastly.net
indiainvestment.live.ft.com
pharma2022.live.ft.com
o2.shared.global.fastly.net
intelligentdocumentprocessing.live.ft.com
dns-vetting1h.map.fastly.net
heroku-ft-app-remove-long-pres-aiiucp.apps.in.ft.com
pharmaanalytics.live.ft.com
f4.shared.global.fastly.net
dns-vetting1g.map.fastly.net
o2.shared.global.fastly.net
leveragingdigitisation.live.ft.com
womeneurope2024.live.ft.com
dns-vetting1.map.fastly.net
futurecitiesjohannesburg.live.ft.com
industrialinnovation-europe.live.ft.com
climatecapitalfinance.live.ft.com
about.ft.com
r.ssl.fastly.net
eff22.live.ft.com
asiagreentech2023.live.ft.com
www.ft.com
ft.map.fastly.net
*.memb.ft.com
e1p-internal-sandbox.mrooms.net
scienceatstake.com
ft.com
dns-vetting1g.map.fastly.net
r.ssl.fastly.net
o2.shared.global.fastly.net
dns-vetting1e.map.fastly.net
dns-vetting2.map.fastly.net
api.workfit.com
sendgrid.trytuesday.com
zenith.ft.com
dns-vetting1e.map.fastly.net
heroku-ft-app-at-4199-remove-c-f4qu5g.apps.in.ft.com
h2.shared.global.fastly.net
dns-vetting1g.map.fastly.net
retirementstrategies.live.ft.com
acceleratingequality.live.ft.com
santander.ft.com
i.subs.ft.com
inboundjapan.live.ft.com
o2.shared.global.fastly.net
r.ssl.fastly.net
app-review-1772.apps.in.ft.com
dns-vetting1-mims-pawel.map.fastly.net
corporateculture.live.ft.com
streamliningbusiness.live.ft.com
dns-vetting1e.map.fastly.net
managingregulationandrisk.live.ft.com
futureinvestmentprofessional.live.ft.com
hcltechatdavosceo.live.ft.com
Certificate
The complete raw certificate details for managingregulationandrisk.live.ft.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGDCCBQCgAwIBAgISA9OEwqxWdEMcxsnfac61XAHlMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjAxNjU0MjlaFw0yNDAzMTkxNjU0MjhaMDAxLjAsBgNVBAMT JW1hbmFnaW5ncmVndWxhdGlvbmFuZHJpc2subGl2ZS5mdC5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC6x733WWNWnWo8XRBipmytEbFri2LUmPH8 WC8VGQ/HSTLFPfv/nijsTjrfILBwo9HW1ilp4trLE2kKnDIuQ7pty0ku47aslcFb Mn9m6JHIQfJHNXQoyUwB2rns6maUHZvkJAde7j4KREwtqlJivrd+wcfz0H/tyaMW riDoQ/l/rUOlE8GiFTV2JdwFtuqY3sPNZhiwNQ9kBmqssXA7D3ClNeCzZ/8A7D3A e96BKhV+3OpdNL/xzDMBzv3HkPV6W+JN4iVWmRiyz6QTMgtNOQseLYvJkcJyZV03 A5XNlHij86G/LkCIXZfBb625sr5dX2YJzkjbjkH0KztyCKC6MJXFGF00saC3HNb3 0p7tWSN1JRyFgMAZ4JLSF/caeg9EEoghNtvkOC83a8xVII15/Mfq5FDkoh/QaP4K Nd80gDfKQjqXEBYuE91EWE9SQYVC80g6M7DI5xf+afor3QdOw3uD2dSzfts2bDlv B2MhpklOWY8kIFIGOiMwvHPfDGgtxnMPT7h6Hr3ol/bwAHN3isMo6qqdwBhLixlc 0FxNyK/OWLxChY/99Dhp9q1yB4oKefwqnVpl485/Hg3qKtI1GsSZBabPJ8C1AJ7g IB/OzR1n9mGSGs1gGAlSVp0Ni0DepbMt60Y+y2yaiJeKDibiArWyFYoLaL7GKStO 8jOHzQAmrwIDAQABo4ICKDCCAiQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRns3ZD NwTJy9USkqu9jLCTcdCgxDAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTC xjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNy Lm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAwBgNVHREE KTAngiVtYW5hZ2luZ3JlZ3VsYXRpb25hbmRyaXNrLmxpdmUuZnQuY29tMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAO1N3dT4t uYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGMiF1e1wAABAMARzBFAiEA3Nm4 yQDor0OHL8ImZH5u1Fs988FyLmLC0WAxTgtdzPACID5QpBSV/RbN5IRJqS4DepGD WHLEB6T750Qwzf3mwp2uAHcAKdA6G7Z0qnEc0wNbZVfBT4qni0/oOJRJ7KRT+US9 JGgAAAGMiF1frQAABAMASDBGAiEA09F0snX2gnP6WsyIO2BA7ihzWhynReHgSNM7 A1wtrvwCIQCHgTbsqoJN33N4NJtBkJn4hWvm2ZPc9f0br0D+x00RvTANBgkqhkiG 9w0BAQsFAAOCAQEAn3IekUiiyEySFMktZ6UTf+5z6CHcESRghZzr6VDkL2PTEQz4 UeeAClID+RhfYGbWlIxTJI9lg9vXVsLAbyT67HmIpcsMf+1IcXrvDyDcZiVeU782 uwedxGLryrv2oS1WFNYHoCJCzY/WYbWyVUoVy6xQ6v4vMZ0SCAakMZLmqEZ15tU1 7H8YJKiShdjmoN9sm1pM7/i89nlWSjFgxmuO3QWu6lIyYzwGo3YIIIoYoUnFr83Y ApLMkp5KKsU057rxJNpHvl0Hh0xfNukCUZixxytBLDgdSoSv7FrcxSzV4XSaPBCt 24CtD1wKFm+9eLzlAygI3oAx4v40FjEzNY2ZIw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuse991ljVp1qPF0QYqZs rRGxa4ti1Jjx/FgvFRkPx0kyxT37/54o7E463yCwcKPR1tYpaeLayxNpCpwyLkO6 bctJLuO2rJXBWzJ/ZuiRyEHyRzV0KMlMAdq57OpmlB2b5CQHXu4+CkRMLapSYr63 fsHH89B/7cmjFq4g6EP5f61DpRPBohU1diXcBbbqmN7DzWYYsDUPZAZqrLFwOw9w pTXgs2f/AOw9wHvegSoVftzqXTS/8cwzAc79x5D1elviTeIlVpkYss+kEzILTTkL Hi2LyZHCcmVdNwOVzZR4o/Ohvy5AiF2XwW+tubK+XV9mCc5I245B9Cs7cgigujCV xRhdNLGgtxzW99Ke7VkjdSUchYDAGeCS0hf3GnoPRBKIITbb5DgvN2vMVSCNefzH 6uRQ5KIf0Gj+CjXfNIA3ykI6lxAWLhPdRFhPUkGFQvNIOjOwyOcX/mn6K90HTsN7 g9nUs37bNmw5bwdjIaZJTlmPJCBSBjojMLxz3wxoLcZzD0+4eh696Jf28ABzd4rD KOqqncAYS4sZXNBcTcivzli8QoWP/fQ4afatcgeKCnn8Kp1aZePOfx4N6irSNRrE mQWmzyfAtQCe4CAfzs0dZ/ZhkhrNYBgJUladDYtA3qWzLetGPstsmoiXig4m4gK1 shWKC2i+xikrTvIzh80AJq8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 333312906112056975581803477592647248118245 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 16:54:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-19 16:54:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'managingregulationandrisk.live.ft.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 761996907948032653242684564993767944196488724606689187242766408037952628134919980163231364885791413490264290635150948327495536297215734873341076281912985824619353849605530389441371800229633596740863661316243672632376335218309848790295660346370966403496304085241839704404477010927258695360700032181941306914571568664902829618416367151900115104155611837043096000648630150018008371529670561004875401236489155472238411479143080942699305447941298901252438647802322115475445171802454327156999945875682262191060010509890342307734263242380567547574125371187665642997825667150355150964280124768660217284025080026847768927002618608949163793625374292296678206393389758522706658258620985327781756764791982473159075719833021133365318832266621849031064598882828315289573547586313017429802809762793342680531770133239679403103855369132564394928947306922272024088999134186786128612702130137654640842390521620054597181253134550380511664365440882300185658567153976723270735622277187680103178057653192250764198947795044697063170075087976135571040354549015859959479947985611479983149176436101915571598323132828053610336316526209107760129659938190501836579345701415111587090463115648277149913727158909098657527520975280604039731512510765451219810297849519 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 67b376433704c9cbd51292abbd8cb09371d0a0c4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'managingregulationandrisk.live.ft.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c885d5ed70000040300473045022100dcd9b8c900e8af43872fc226647e6ed45b3df3c1722e62c2d160314e0b5dccf002203e50a41495fd16cde48449a92e037a91835872c407a4fbe74430cdfde6c29dae00770029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018c885d5fad0000040300483046022100d3d174b275f68273fa5acc883b6040ee28735a1ca745e1e048d33b035c2daefc022100878136ecaa824ddf7378349b419099f8856be6d993dcf5fd1baf40fec74d11bd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009f721e9148a2c84c9214c92d67a5137fee73e821dc112460859cebe950e42f63d3110cf851e7800a5203f9185f6066d6948c53248f6583dbd756c2c06f24faec7988a5cb0c7fed48717aef0f20dc66255e53bf36bb079dc462ebcabbf6a12d5614d607a02242cd8fd661b5b2554a15cbac50eafe2f319d120806a43192e6a84675e6d535ec7f1824a89285d8e6a0df6c9b5a4ceff8bcf679564a3160c66b8edd05aeea5232633c06a37608208a18a149c5afcdd80292cc929e4a2ac534e7baf124da47be5d07874c5f36e9025198b1c72b412c381d4a84afec5adcc52cd5e1749a3c10addb80ad0f5c0a166fbd78bce5032808de8031e2fe34163133358d9923