home-api.planninglabs.nyc
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:7b:72:78:15:33:e2:5a:32:00:85:26:af:b6:5d:43:ac:c9 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=home-api.planninglabs.nyc
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:7b:72:78:15:33:e2:5a:32:00:85:26:af:b6:5d:43:ac:c9Serial Number (int): 303343744423739966151277101001193688378569
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 22:6f:a8:91:fd:a1:50:4c:8b:28:30:e5:dc:d7:9e:eb:8b:b2:17:23
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 21:78:7f:dd:46:5a:9a:69:f2:3e:41:c6:2a:96:db:83:49:9e:44:9c
Fingerprint (sha256): 04:b8:8c:82:3b:d0:1f:7a:e4:6b:5b:40:65:05:b5:6b:5f:8b:6a:e4:af:ae:3a:5c:9e:5e:b4:89:c3:57:45:92
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate home-api.planninglabs.nyc
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for home-api.planninglabs.nyc
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
home-api.planninglabs.nyc
Other certificates including the domain name planninglabs.nyc
(limited to 100 certificates)
maputnik-push.planninglabs.nyc
ui.planninglabs.nyc
layers-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
zap.planning.nyc.gov
regional-viz.planninglabs.nyc
roadview.planninglabs.nyc
ui.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ui.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
lotselector.planninglabs.nyc
search-api.planninglabs.nyc
ideas.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
zap-api-staging.planninglabs.nyc
ui.planninglabs.nyc
zola-canary.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
search-api.planninglabs.nyc
planninglabs.nyc
search-api.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-api.planninglabs.nyc
planninglabs.nyc
lucats.planninglabs.nyc
ceqr.app
roadview.planninglabs.nyc
roadview.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
planninglabs.nyc
applicant-portal-develop.planninglabs.nyc
planninglabs.nyc
zap-api-staging.planninglabs.nyc
factfinder-api.planninglabs.nyc
api.planninglabs.nyc
geosearch.planninglabs.nyc
maputnik-push.planninglabs.nyc
zola-staging.planninglabs.nyc
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
ceqr.app
home-api.planninglabs.nyc
waterfront-access.planninglabs.nyc
tiles.planninglabs.nyc
zola.planninglabs.nyc
zap.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zap-api-staging.planninglabs.nyc
zap.planning.nyc.gov
factfinder-api.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
tiles.planninglabs.nyc
tiles.planninglabs.nyc
roadview.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
planninglabs.nyc
nyc-factfinder.planninglabs.nyc
maputnik-push.planninglabs.nyc
planninglabs.nyc
zola-api.planninglabs.nyc
zola.planninglabs.nyc
communityprofiles.planning.nyc.gov
citymap.planninglabs.nyc
ideas.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
layers-api.planninglabs.nyc
planninglabs.nyc
factfinder-api.planninglabs.nyc
zola.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
geosearch.planninglabs.nyc
roadview.planninglabs.nyc
datacatalog.planninglabs.nyc
tiles.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ceqr.app
migration.planninglabs.nyc
home-api.planninglabs.nyc
maputnik-push.planninglabs.nyc
layers-api.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
home-api.planninglabs.nyc
zola-api.planninglabs.nyc
api.planninglabs.nyc
planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zola-canary.planninglabs.nyc
zap-api.planninglabs.nyc
layers-api-staging.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
tycs.planning.nyc.gov
ui.planninglabs.nyc
layers-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
zap.planning.nyc.gov
regional-viz.planninglabs.nyc
roadview.planninglabs.nyc
ui.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ui.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
lotselector.planninglabs.nyc
search-api.planninglabs.nyc
ideas.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
zap-api-staging.planninglabs.nyc
ui.planninglabs.nyc
zola-canary.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
search-api.planninglabs.nyc
planninglabs.nyc
search-api.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-api.planninglabs.nyc
planninglabs.nyc
lucats.planninglabs.nyc
ceqr.app
roadview.planninglabs.nyc
roadview.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
planninglabs.nyc
applicant-portal-develop.planninglabs.nyc
planninglabs.nyc
zap-api-staging.planninglabs.nyc
factfinder-api.planninglabs.nyc
api.planninglabs.nyc
geosearch.planninglabs.nyc
maputnik-push.planninglabs.nyc
zola-staging.planninglabs.nyc
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
ceqr.app
home-api.planninglabs.nyc
waterfront-access.planninglabs.nyc
tiles.planninglabs.nyc
zola.planninglabs.nyc
zap.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zap-api-staging.planninglabs.nyc
zap.planning.nyc.gov
factfinder-api.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
tiles.planninglabs.nyc
tiles.planninglabs.nyc
roadview.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
planninglabs.nyc
nyc-factfinder.planninglabs.nyc
maputnik-push.planninglabs.nyc
planninglabs.nyc
zola-api.planninglabs.nyc
zola.planninglabs.nyc
communityprofiles.planning.nyc.gov
citymap.planninglabs.nyc
ideas.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
layers-api.planninglabs.nyc
planninglabs.nyc
factfinder-api.planninglabs.nyc
zola.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
geosearch.planninglabs.nyc
roadview.planninglabs.nyc
datacatalog.planninglabs.nyc
tiles.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ceqr.app
migration.planninglabs.nyc
home-api.planninglabs.nyc
maputnik-push.planninglabs.nyc
layers-api.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
home-api.planninglabs.nyc
zola-api.planninglabs.nyc
api.planninglabs.nyc
planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zola-canary.planninglabs.nyc
zap-api.planninglabs.nyc
layers-api-staging.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
tycs.planning.nyc.gov
Certificate
The complete raw certificate details for home-api.planninglabs.nyc in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGajCCBVKgAwIBAgISA3tyeBUz4loyAIUmr7ZdQ6zJMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MDEyMzAxMjRaFw0x OTA2MzAyMzAxMjRaMCQxIjAgBgNVBAMTGWhvbWUtYXBpLnBsYW5uaW5nbGFicy5u eWMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5QjNETa3BtWThnOnd TXDt2CdU+uLwfay1YQ/KZSXEgMJa/08ChOpWMepS1OjER5NTiHHNiBLf+7sHoADe 8nzCtOYtJ4enahikHhdFpcidXgxWSS3SG2LwCW5+HFp4OZH5BpelzKgJnvG+1Hxx leHjD/XFq56Szni9lACDWfq1YsZ79J7PWhqdOa3DKVgsK61YNGI0SjaNDvKgpj2b JmtwlyO5h9NDL5T9docgZdKibqu/BnkvZfAM8Ts1tllMQ8A/xZdxTxQZQdzBpnVS AldCvdFoSTsdHgZS9qUq7ufOLpPTt6LqCsABokuWHx+TuQVwmz3t0Wz4L+it1LY6 pKxcOYFZC7pSe3HC9nDEMrQvIKi4og80ejOh14cB4OGFOJQJhTOSy0iS2s5OHrxZ cc3P9cLi1Fu9OfIiWd95P0z3wFMbgSl6TBLPVtHd/pdsl80A4y3kFdZNu0tzL9JC GyWZegmX8yQIhKxPBZOnvElYqZjdBLle1+dQI8sr7h9Y1Rbg07Zck2qc0d3J5yPp xqMFUYBlulT1O+8gFmiH4IPyhFQnwPzlZpMsRXC5G/P2l9u2bKb99zqPp7LkpGsX Kd67wQMZH/t/pRo/IARJPwmJ2LLicgzgbQm7tpIMGM075bIW7FIeEgvTK2hDiyPK 5nM5jvLsAqLw3In2LF2cdc0ngwIDAQABo4ICbjCCAmowDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBQib6iR/aFQTIsoMOXc157ri7IXIzAfBgNVHSMEGDAWgBSoSmpjBH3d uubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6 Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6 Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCQGA1UdEQQdMBuCGWhvbWUt YXBpLnBsYW5uaW5nbGFicy5ueWMwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYB BAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v cmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDiaUuuJujpQAnohhu2O4PUPuf+ dIj7pI8okwGd3fHb/gAAAWnbWbmvAAAEAwBHMEUCIQDHfhAC+XwqAN7+j2DSv0gq VBnU4vgvwL1j+IRyFAls9QIgQdHN9yQIgdK3Z9cB2NDG991smpqBlp3jJJF+rH1b sB0AdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWnbWbwdAAAE AwBHMEUCIQD1NiBwmC1FPUBgggXZKUJOjQQWnlBkJY3PVyQ2f6qb3AIgbShmuDRW t9jsUEQFcHmVqSwYafsY14qclutNuPxTNzEwDQYJKoZIhvcNAQELBQADggEBAEMm Dvq2QTaD3HxofWQMA5s4xG7j1bhmK1SJQFxUqpQA+tIy5iYypBB+yc2qhnbQCddg tbUCBfW2Q1Yx6zq5NHWsslCvZAc0IY8sJEkhAd9XxZB3a6d7na3+S53wcuPsSGVb lVImx9Ak5mSAX4UoLtVMHKH0HAlHhTwZBk9W/ldNJW0UxeEU17KcZyRA+ewsxGpx MXPA/4eLRfR2PtN/GfTU8oQX5x8naaOfJbMoe7CEP4rPqno60qSIfiFGUrB3MUij QxMOP0AgnYBAMslof4svI9SZjAN6EM7bD15V7/Ai/dYQ3AxpNq0qEz18I5QDgMvf 3x7IjHeOBF29S72dNk4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuUIzRE2twbVk4Zzp3U1w 7dgnVPri8H2stWEPymUlxIDCWv9PAoTqVjHqUtToxEeTU4hxzYgS3/u7B6AA3vJ8 wrTmLSeHp2oYpB4XRaXInV4MVkkt0hti8AlufhxaeDmR+QaXpcyoCZ7xvtR8cZXh 4w/1xaueks54vZQAg1n6tWLGe/Sez1oanTmtwylYLCutWDRiNEo2jQ7yoKY9myZr cJcjuYfTQy+U/XaHIGXSom6rvwZ5L2XwDPE7NbZZTEPAP8WXcU8UGUHcwaZ1UgJX Qr3RaEk7HR4GUvalKu7nzi6T07ei6grAAaJLlh8fk7kFcJs97dFs+C/ordS2OqSs XDmBWQu6UntxwvZwxDK0LyCouKIPNHozodeHAeDhhTiUCYUzkstIktrOTh68WXHN z/XC4tRbvTnyIlnfeT9M98BTG4EpekwSz1bR3f6XbJfNAOMt5BXWTbtLcy/SQhsl mXoJl/MkCISsTwWTp7xJWKmY3QS5XtfnUCPLK+4fWNUW4NO2XJNqnNHdyecj6caj BVGAZbpU9TvvIBZoh+CD8oRUJ8D85WaTLEVwuRvz9pfbtmym/fc6j6ey5KRrFyne u8EDGR/7f6UaPyAEST8Jidiy4nIM4G0Ju7aSDBjNO+WyFuxSHhIL0ytoQ4sjyuZz OY7y7AKi8NyJ9ixdnHXNJ4MCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303343744423739966151277101001193688378569 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-01 23:01:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-30 23:01:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'home-api.planninglabs.nyc' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 755789127200906830200300496052563576293628775340861455554295962482701994223462556207436032646899539961251605363031074621266180950559050313418726516171410076515212918822331332979600559369617641164537123950220627319402570451083265192715895061430149913969743358377575829336945459529828240728734324871228001958866402249137949634896924442272260740569567155019649971091263766791865972257535010338765668553591777831278242995099526371156863247778704137599768363401649760895575159603624680942433097236915777911731004499839658694267492376879973770565013405553437131620608004232381413404092179251647792711638604482269079840825696985097196414866168793964713373424885733706592732355962983284509470183337666281440547503825593450318921175718509568595277207364402884213089047102434054247339999538384983791559844468538347263495449991787079178553973601048786320685262126364248676999284445039792557748371527364872331452216554644297897186382714960983650256354645963502533976928372938395216338666673005806069264140037371725664898565905253075905599084387275899093174319659583057889335370231255994116495098801615921722790271284195810251655783905180600590273429328031910567707657090792090254711060694332310561160155175146429489361421643581489060986250667907 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 226fa891fda1504c8b2830e5dcd79eeb8bb21723 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'home-api.planninglabs.nyc' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000169db59b9af0000040300473045022100c77e1002f97c2a00defe8f60d2bf482a5419d4e2f82fc0bd63f8847214096cf5022041d1cdf7240881d2b767d701d8d0c6f7dd6c9a9a81969de324917eac7d5bb01d00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000169db59bc1d0000040300473045022100f5362070982d453d40608205d929424e8d04169e5064258dcf5724367faa9bdc02206d2866b83456b7d8ec504405707995a92c1869fb18d78a9c96eb4db8fc533731 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0043260efab6413683dc7c687d640c039b38c46ee3d5b8662b5489405c54aa9400fad232e62632a4107ec9cdaa8676d009d760b5b50205f5b6435631eb3ab93475acb250af640734218f2c24492101df57c590776ba77b9dadfe4b9df072e3ec48655b955226c7d024e664805f85282ed54c1ca1f41c0947853c19064f56fe574d256d14c5e114d7b29c672440f9ec2cc46a713173c0ff878b45f4763ed37f19f4d4f28417e71f2769a39f25b3287bb0843f8acfaa7a3ad2a4887e214652b0773148a343130e3f40209d804032c9687f8b2f23d4998c037a10cedb0f5e55eff022fdd610dc0c6936ad2a133d7c23940380cbdfdf1ec88c778e045dbd4bbd9d364e