recipeapi-t.gmsap.migros.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:b9:ab:08:4e:f4:30:bf:dc:bf:43:eb:5d:e8:36:00:63:f0 was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=recipeapi-t.gmsap.migros.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:b9:ab:08:4e:f4:30:bf:dc:bf:43:eb:5d:e8:36:00:63:f0Serial Number (int): 324516436802683152539546190990007620101104
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 08:78:ad:a1:a2:93:7e:c4:74:f8:3d:6a:a3:8f:f0:9a:11:dd:0a:fd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 4e:dd:9c:dd:ec:ee:4a:6c:e1:14:21:ea:77:4c:24:5e:fd:37:9c:ac
Fingerprint (sha256): 04:95:2e:c1:b9:69:3e:96:f6:c4:88:b0:e5:5f:1d:b1:c9:8b:fe:52:b8:db:83:35:8d:d4:7a:fc:cc:0a:74:e0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate recipeapi-t.gmsap.migros.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for recipeapi-t.gmsap.migros.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
recipeapi-t.gmsap.migros.ch
Other certificates including the domain name migros.ch
(limited to 100 certificates)
secure03.stage.lithium.com
commentmatch.m-budget.migros.ch
secure06.lithium.com
mitarbeiteranlass.events.migros.ch
rsc.migros.ch
staging.prod.pema-coupons.mdb.migros.net
test-basel.migros.ch
secure06.lithium.com
photoset.widgets.migros.ch
secure03.stage.lithium.com
migusto.migros.ch
aus-der-region.migros.ch
test-mgo-api.migros.ch
secure03.stage.lithium.com
gmaare.elearning.migros.ch
meineidee-ext-s.gmsap.migros.ch
famigros.migros.ch
perimeter-dmz1-meineip.migros.ch
api.migros.ch
cadismobile.migros.ch
test-hybrid-app.migros.ch
pos-coupons-api.migros.ch
storybox.migros.ch
dev-basel.migros.ch
support.migros.ch
test-web-api.migros.ch
inveco-s.gmsap.migros.ch
konsumententagung.migros.ch
test-mom.migros.ch
portal.migroszh.ch
login.migros.ch
m-learning.migros.ch
secure03.stage.lithium.com
ca.status.clio.com
e3mobilege-test.gmge.migros.ch
photoset.widgets.migros.ch
staging.qual.mam.mdb.migros.net
admin.operations.migros.ch
mymigros.ch
m-learning-t.migros.ch
yellowworldtest.migros.ch
test-mobile-app-api.migros.ch
corporate.migros.ch
recipeapi-t.gmsap.migros.ch
mcrm.migros.ch
test-socialmedia.migros.ch
meineidee.gmsap.migros.ch
connect.gmz.migros.ch
mcds.migros.net
ucb10testews.migros.ch
live.qual.kms-portal.mdb.aws.migros.ch
dev-migipedia-backend.migros.ch
bb2status.mambu.com
storybox.migros.ch
test-help.migros.ch
*.gmaare.migros.ch
quiz-adr.migros.ch
secure06.lithium.com
tiptoimania.migros.ch
secure.clubs.migros.ch
terrasuisse.migros.ch
retitest-ews.migros.ch
ins-staging.migros.ch
jobs.migros.ch
test-winwin-vonuns-vonhier.migros.ch
mein.m-budget.migros.ch
sni.cloudflaressl.com
thehost.widgets.migros.ch
allowlist.sterda.com
report-download.migros.ch
proxy-mdb.migros.ch
test-corporate.migros.ch
ca.status.clio.com
test-auth.magnolia.migros.ch
meineidee-ext-t.gmsap.migros.ch
lyncaccess.datacenter-migros.ch
dev-vaud.migros.ch
dev-cdn.migros.ch
api.migros.ch
admin.logistikplattform.migros.ch
live.prod.image-upload.mdb.aws.migros.ch
image-upload.mdb.migros.net
secure03.stage.lithium.com
cert-test.migros.ch
rc-mobile-app.migros.ch
mylogin.migros.ch
test-hybrid-app.migros.ch
p99.migros.ch
proxy-mdb.migros.ch
auth.migros.ch
ca.status.clio.com
wartung.migros.ch
staging.prod.pema-coupons.mdb.aws.migros.ch
natro.gmaare.migros.ch
impuls.migros.ch
allowlist.sterda.com
recipeapi-s.gmsap.migros.ch
m-payment.pos.migros.ch
fragments.migros.ch
ostern.migros.ch
commentmatch.m-budget.migros.ch
secure06.lithium.com
mitarbeiteranlass.events.migros.ch
rsc.migros.ch
staging.prod.pema-coupons.mdb.migros.net
test-basel.migros.ch
secure06.lithium.com
photoset.widgets.migros.ch
secure03.stage.lithium.com
migusto.migros.ch
aus-der-region.migros.ch
test-mgo-api.migros.ch
secure03.stage.lithium.com
gmaare.elearning.migros.ch
meineidee-ext-s.gmsap.migros.ch
famigros.migros.ch
perimeter-dmz1-meineip.migros.ch
api.migros.ch
cadismobile.migros.ch
test-hybrid-app.migros.ch
pos-coupons-api.migros.ch
storybox.migros.ch
dev-basel.migros.ch
support.migros.ch
test-web-api.migros.ch
inveco-s.gmsap.migros.ch
konsumententagung.migros.ch
test-mom.migros.ch
portal.migroszh.ch
login.migros.ch
m-learning.migros.ch
secure03.stage.lithium.com
ca.status.clio.com
e3mobilege-test.gmge.migros.ch
photoset.widgets.migros.ch
staging.qual.mam.mdb.migros.net
admin.operations.migros.ch
mymigros.ch
m-learning-t.migros.ch
yellowworldtest.migros.ch
test-mobile-app-api.migros.ch
corporate.migros.ch
recipeapi-t.gmsap.migros.ch
mcrm.migros.ch
test-socialmedia.migros.ch
meineidee.gmsap.migros.ch
connect.gmz.migros.ch
mcds.migros.net
ucb10testews.migros.ch
live.qual.kms-portal.mdb.aws.migros.ch
dev-migipedia-backend.migros.ch
bb2status.mambu.com
storybox.migros.ch
test-help.migros.ch
*.gmaare.migros.ch
quiz-adr.migros.ch
secure06.lithium.com
tiptoimania.migros.ch
secure.clubs.migros.ch
terrasuisse.migros.ch
retitest-ews.migros.ch
ins-staging.migros.ch
jobs.migros.ch
test-winwin-vonuns-vonhier.migros.ch
mein.m-budget.migros.ch
sni.cloudflaressl.com
thehost.widgets.migros.ch
allowlist.sterda.com
report-download.migros.ch
proxy-mdb.migros.ch
test-corporate.migros.ch
ca.status.clio.com
test-auth.magnolia.migros.ch
meineidee-ext-t.gmsap.migros.ch
lyncaccess.datacenter-migros.ch
dev-vaud.migros.ch
dev-cdn.migros.ch
api.migros.ch
admin.logistikplattform.migros.ch
live.prod.image-upload.mdb.aws.migros.ch
image-upload.mdb.migros.net
secure03.stage.lithium.com
cert-test.migros.ch
rc-mobile-app.migros.ch
mylogin.migros.ch
test-hybrid-app.migros.ch
p99.migros.ch
proxy-mdb.migros.ch
auth.migros.ch
ca.status.clio.com
wartung.migros.ch
staging.prod.pema-coupons.mdb.aws.migros.ch
natro.gmaare.migros.ch
impuls.migros.ch
allowlist.sterda.com
recipeapi-s.gmsap.migros.ch
m-payment.pos.migros.ch
fragments.migros.ch
ostern.migros.ch
Certificate
The complete raw certificate details for recipeapi-t.gmsap.migros.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISA7mrCE70ML/cv0PrXeg2AGPwMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAyMjIxMDMzMDBaFw0yNDA1MjIxMDMyNTlaMCYxJDAiBgNVBAMT G3JlY2lwZWFwaS10Lmdtc2FwLm1pZ3Jvcy5jaDCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBANyfVDoFi2/z/Bnf4Bva+BKgWHUCQuL3U29aJaMSCmGvbs0J /6f/kCeXiUkHg6d23ov/ibP9oM807UttevLbhhqGfEjoZ+6nQDxCi8nDB1yFNqVT 1wRELSRejTZ5YW7TdX246pJCHG4sNh/Sm6pKT8VMLCAedUAUkKcxaJIT5Jj/Rr8j 5rvxL8kCMxNMsxruAt4CcYj7vCIYfaOdEBckvotxGBmazxCd6+ETBNWafA6sdG7/ BJsV0+RrlcbNzlYd9cBrqpSyyGZ2bHIMahMcYuAz4W8ElO2GLU8C0b6HqJrzhehP +PMc8KlCoGQdS/+nWC/BTsQ9evzHyLMzW3RIPakCAwEAAaOCAh0wggIZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQUCHitoaKTfsR0+D1qo4/wmhHdCv0wHwYDVR0jBBgw FoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUF BzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9y My5pLmxlbmNyLm9yZy8wJgYDVR0RBB8wHYIbcmVjaXBlYXBpLXQuZ21zYXAubWln cm9zLmNoMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB 8gDwAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGN0JccSAAA BAMARzBFAiBn9oYwitjDA8RJz4w3yn/qL3ickdYXYUwSCrPLnozZhQIhAJTt+xi9 AR5UHKRBjCwxSmdQAOy07yZAoxDBpmLDRj7bAHYAouK/1h7eLy8HoNZObTen3GVD sMa1LqLat4r4mm31F9gAAAGN0JccewAABAMARzBFAiEA8StKVnGOT56JSqa8IDlq eG6vGi/t7LuWnfFOn6QjYNMCICD2LqFb++AWX7XosOeIRuLFsvTWF8x42qhmRq7j FC8OMA0GCSqGSIb3DQEBCwUAA4IBAQCatPE9WcL8tljGBFHRWZBS/ksOEoSm7KX5 py8CGuFTuLFtbzz7ICBDODA0Ta/5ZlFrWGnA7JS1mL8dlhEFuQD8g1CbAXExA1NH zxQ8F6Zq61datetg7R/UI6o5QPbz82j5vp5p9ADsx1T+M3ESqANo4p+UlpXIe/1d FFTQrBGBgE6b/n9o5DH+gfwcyjjh/Zas333OK4K20ORNsnI979vZ9bBeQxZm6p59 n2gDei0kb2/AXMN+mMZe7AnG6vQOmR0cl00CzUzcUwMZ1b660gKkB/+5wkCIoO0y cTXD/v8CPV5m22Bx5qsLogx7Sv4Vf8a95sWhc404+TCXrjM+3F5X -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J9UOgWLb/P8Gd/gG9r4 EqBYdQJC4vdTb1oloxIKYa9uzQn/p/+QJ5eJSQeDp3bei/+Js/2gzzTtS2168tuG GoZ8SOhn7qdAPEKLycMHXIU2pVPXBEQtJF6NNnlhbtN1fbjqkkIcbiw2H9KbqkpP xUwsIB51QBSQpzFokhPkmP9GvyPmu/EvyQIzE0yzGu4C3gJxiPu8Ihh9o50QFyS+ i3EYGZrPEJ3r4RME1Zp8Dqx0bv8EmxXT5GuVxs3OVh31wGuqlLLIZnZscgxqExxi 4DPhbwSU7YYtTwLRvoeomvOF6E/48xzwqUKgZB1L/6dYL8FOxD16/MfIszNbdEg9 qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 324516436802683152539546190990007620101104 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-22 10:33:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-22 10:32:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'recipeapi-t.gmsap.migros.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27850995155803495759984775402845610486982463330813408877758292963248369827241618690585942606362123748047303858135509156234997988757161826709427694926492291141980202901788507452875757120652922747068306252110914013339125757148856607353862263793943145672250398678985140658904389994544430903614577631477077388778368531548533867188266018752687266523150195202586312610009832998530058607583211615333503372523352614755428839497258291525204443198781391026189741776511129463669605007661364229460076101443984893936237775624525116442760855957226448869646657590634142490547025079103407573904993290799413480014127516254894310309289 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0878ada1a2937ec474f83d6aa38ff09a11dd0afd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recipeapi-t.gmsap.migros.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018dd0971c480000040300473045022067f686308ad8c303c449cf8c37ca7fea2f789c91d617614c120ab3cb9e8cd98502210094edfb18bd011e541ca4418c2c314a675000ecb4ef2640a310c1a662c3463edb007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018dd0971c7b0000040300473045022100f12b4a56718e4f9e894aa6bc20396a786eaf1a2fedecbb969df14e9fa42360d3022020f62ea15bfbe0165fb5e8b0e78846e2c5b2f4d617cc78daa86646aee3142f0e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009ab4f13d59c2fcb658c60451d1599052fe4b0e1284a6eca5f9a72f021ae153b8b16d6f3cfb2020433830344daff966516b5869c0ec94b598bf1d961105b900fc83509b017131035347cf143c17a66aeb575ab5eb60ed1fd423aa3940f6f3f368f9be9e69f400ecc754fe337112a80368e29f949695c87bfd5d1454d0ac1181804e9bfe7f68e431fe81fc1cca38e1fd96acdf7dce2b82b6d0e44db2723defdbd9f5b05e431666ea9e7d9f68037a2d246f6fc05cc37e98c65eec09c6eaf40e991d1c974d02cd4cdc530319d5bebad202a407ffb9c24088a0ed327135c3feff023d5e66db6071e6ab0ba20c7b4afe157fc6bde6c5a1738d38f93097ae333edc5e57