rch.ist
Issued by R3
About this certificate
This digital certificate with serial number 03:bf:1d:ac:b5:49:f0:94:72:87:99:38:3f:1a:21:b3:c4:0b was issued on by Let's Encrypt.
With 20 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=rch.ist
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bf:1d:ac:b5:49:f0:94:72:87:99:38:3f:1a:21:b3:c4:0bSerial Number (int): 326370234241091667000765765478533775475723
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ec:7e:5f:71:97:9c:6f:4b:4c:65:4e:8f:10:06:a5:3c:8f:42:b3:1c
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 69:53:d1:08:b6:9a:a2:67:ca:ea:f6:2a:d2:29:d2:17:98:9c:cc:44
Fingerprint (sha256): 04:e7:d1:f6:96:f2:9c:09:3b:fe:81:04:c2:62:b8:11:6b:fc:b8:68:15:d3:51:17:e5:a2:f1:82:df:f6:95:4f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate rch.ist
20
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rch.ist
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.ana.rch.ist
*.ana.rchi.st
*.barricadeinn.squ.at
*.duairc.com
*.grangegorman.squ.at
*.rch.ist
*.rchi.st
*.seomraspraoi.org
*.shane.sh
*.squ.at
*.squatte.rs
*.unicorns.su
duairc.com
rch.ist
rchi.st
seomraspraoi.org
shane.sh
squ.at
squatte.rs
unicorns.su
*.ana.rchi.st
*.barricadeinn.squ.at
*.duairc.com
*.grangegorman.squ.at
*.rch.ist
*.rchi.st
*.seomraspraoi.org
*.shane.sh
*.squ.at
*.squatte.rs
*.unicorns.su
duairc.com
rch.ist
rchi.st
seomraspraoi.org
shane.sh
squ.at
squatte.rs
unicorns.su
Other certificates including the domain name rch.ist
(limited to 100 certificates)
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
ana.rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
ana.rch.ist
rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
ana.rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
ana.rch.ist
rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
ana.rch.ist
rch.ist
rch.ist
rch.ist
ana.rch.ist
Certificate
The complete raw certificate details for rch.ist in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG6jCCBdKgAwIBAgISA78drLVJ8JRyh5k4Pxohs8QLMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTYxNzAxMTlaFw0yNDAzMTUxNzAxMThaMBIxEDAOBgNVBAMT B3JjaC5pc3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI/SYuFzRj DFbKIuQxLv4HQQ90d6vvCSa0aeqBRTtpAuRrWwOVDhfS8jYasT8U9gyTZlojyS9l 6K3+XitAkzcSiPDQUbviX1EP96dtM9jEV+CTw7f4Th9/a9tpamYALbPOywRsXpP0 gVYFhWPjsavwennNmlmnxmrF6/i0Ktfwr9XhLmmvJ3OdV3byMkfmYRV+88I6vc+J QLvUbGyJzTlRNKuQVku9X4ta6H0colCxQmbzRUiOhMBt+UFLYl7FODpYqNs2DOth vdwIwCK5IYVd6hD5+rho7MNkbeF4rpcyj97oVMqE7Q3nuBVLdDv1vS6TFqyrCL2X WmX/THn//3m0P/UXtIpxnaIY7L6h947//bYVivlAB9ZgsjNQiMm2D2V+JR3kXvfX BTfL7S3zRsciUqZDEBo+53l0u1z73IcBLDxn8rASUwNenwWglFSxhPBRyXzSIfCX 48014zBn9FTSdLTV0JHQsvZ4OrPr8nx8n/ijZJfSE24MXZqnnx4KB36ZyRQ71HJO lhSfJQefoamNMuW09WGLr6R+l2MkvoYLbHwXaMtGEzg8yeWBj4gL831QHxKkBFN8 LsPmaG6wP50oqLaCnsOIElFIv6a0Je9fecnT8qseJrUVf1GIt8vH+L2QYRW2zu3C lO/IneNHS4qk8crpxFuxeWgI2oHPBC+RrwIDAQABo4IDGDCCAxQwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBTsfl9xl5xvS0xlTo8QBqU8j0KzHDAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzCCAR8GA1UdEQSCARYwggESgg0qLmFuYS5yY2guaXN0gg0qLmFu YS5yY2hpLnN0ghUqLmJhcnJpY2FkZWlubi5zcXUuYXSCDCouZHVhaXJjLmNvbYIV Ki5ncmFuZ2Vnb3JtYW4uc3F1LmF0ggkqLnJjaC5pc3SCCSoucmNoaS5zdIISKi5z ZW9tcmFzcHJhb2kub3JnggoqLnNoYW5lLnNogggqLnNxdS5hdIIMKi5zcXVhdHRl LnJzgg0qLnVuaWNvcm5zLnN1ggpkdWFpcmMuY29tggdyY2guaXN0ggdyY2hpLnN0 ghBzZW9tcmFzcHJhb2kub3JngghzaGFuZS5zaIIGc3F1LmF0ggpzcXVhdHRlLnJz ggt1bmljb3Jucy5zdTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkC BAIEgfUEgfIA8AB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB jHPKL7wAAAQDAEYwRAIgUahB6Jp2jmkVUUhprqC3f05622jJchN15K03admZ1H0C IDQroQ/XsgsXhkugG8KMySLUkra/5Y5OYG727o+wai1EAHcAdv+IPwq2+5VRwmHM 9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGMc8owNAAABAMASDBGAiEA0DhLLHpUTBwB oojKh6HGUyxEQfCThjqbOqNlhWp5/qQCIQDaMZ9JM/pCLVbGfuArLgCzmnmkNytX 1QOCQ52krfmtvzANBgkqhkiG9w0BAQsFAAOCAQEABEF4xv1RGM0ISy1whuX+SEdD 0GBCeh3O9bvwVySvxGnSFWknmO/wy4Irs/AdrLXHCGrCf/PdhlCQJJU60go0lUEP 2nuc18tuaij8JJmWadnph7hLV48E5F92yAPydar7LB2XEuzsctlV2QbT4GlP0hJT elSzGYaLKGz5ULk/+/g9aM1KNhKvmnesjRORXPOJ72CO2mYWp0JqPs4XRLmm+WzK H/T3umGxI9IixknY63FIkYodPv68FOfBNbomgRCJ7eG16DiBR7fIcAc80WaoHlW0 MqaiAebZxPfktGIFqALy1iIr8R0hnuU/5yz57W3sQ7MVw7vnbLIDiGrpwor96g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyP0mLhc0YwxWyiLkMS7+ B0EPdHer7wkmtGnqgUU7aQLka1sDlQ4X0vI2GrE/FPYMk2ZaI8kvZeit/l4rQJM3 Eojw0FG74l9RD/enbTPYxFfgk8O3+E4ff2vbaWpmAC2zzssEbF6T9IFWBYVj47Gr 8Hp5zZpZp8Zqxev4tCrX8K/V4S5prydznVd28jJH5mEVfvPCOr3PiUC71Gxsic05 UTSrkFZLvV+LWuh9HKJQsUJm80VIjoTAbflBS2JexTg6WKjbNgzrYb3cCMAiuSGF XeoQ+fq4aOzDZG3heK6XMo/e6FTKhO0N57gVS3Q79b0ukxasqwi9l1pl/0x5//95 tD/1F7SKcZ2iGOy+ofeO//22FYr5QAfWYLIzUIjJtg9lfiUd5F731wU3y+0t80bH IlKmQxAaPud5dLtc+9yHASw8Z/KwElMDXp8FoJRUsYTwUcl80iHwl+PNNeMwZ/RU 0nS01dCR0LL2eDqz6/J8fJ/4o2SX0hNuDF2ap58eCgd+mckUO9RyTpYUnyUHn6Gp jTLltPVhi6+kfpdjJL6GC2x8F2jLRhM4PMnlgY+IC/N9UB8SpARTfC7D5mhusD+d KKi2gp7DiBJRSL+mtCXvX3nJ0/KrHia1FX9RiLfLx/i9kGEVts7twpTvyJ3jR0uK pPHK6cRbsXloCNqBzwQvka8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 326370234241091667000765765478533775475723 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-16 17:01:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-15 17:01:18 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rch.ist' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 819963026067063334889401870824649755808816909542497023139882594395214124432941812678001564036442927231484581476066270429888587502189378881911416344821561886546281304738607628341036019657146373757554029120434882789812911252229847709821873842167168388889405516891829840740866708415987057548783749916653538986399110224614136033300598195064676449027615683374506170295694714362110776647230435010915580067540163313746590338488191896634477443310039140318193242354049391665902917658328807696187204806941819076032877808659563739060668710351518481537991307820714088049252586616839516544554970339967242441604038288187430846679350571520451270522399342683955189170964147655034927948590214698366370626014532550204254357067689840450242500076810171345678518866442425755549234970606933828938735238771446942365113928052248632462252498755049912882377504648952937005429283352018834801909266788124427958649090857625964380775195492536126835042166917404757485632469664036689085025593610243494005840298072835116381551374624202986645239874184964015681425953946253321653274647902796965279797397180487498135653582543646747787358452542506397381613174942901700950406348939148705020732303671602896108092155000844580628170310526921952192324223863375470486453457327 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ec7e5f71979c6f4b4c654e8f1006a53c8f42b31c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (278 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ana.rch.ist' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ana.rchi.st' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.barricadeinn.squ.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.duairc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.grangegorman.squ.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rch.ist' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rchi.st' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.seomraspraoi.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shane.sh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.squ.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.squatte.rs' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.unicorns.su' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'duairc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rch.ist' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rchi.st' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seomraspraoi.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shane.sh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'squ.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'squatte.rs' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unicorns.su' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c73ca2fbc0000040300463044022051a841e89a768e6915514869aea0b77f4e7adb68c9721375e4ad3769d999d47d0220342ba10fd7b20b17864ba01bc28cc922d492b6bfe58e4e606ef6ee8fb06a2d4400770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c73ca30340000040300483046022100d0384b2c7a544c1c01a288ca87a1c6532c4441f093863a9b3aa365856a79fea4022100da319f4933fa422d56c67ee02b2e00b39a79a4372b57d50382439da4adf9adbf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00044178c6fd5118cd084b2d7086e5fe484743d060427a1dcef5bbf05724afc469d215692798eff0cb822bb3f01dacb5c7086ac27ff3dd86509024953ad20a3495410fda7b9cd7cb6e6a28fc24999669d9e987b84b578f04e45f76c803f275aafb2c1d9712ecec72d955d906d3e0694fd212537a54b319868b286cf950b93ffbf83d68cd4a3612af9a77ac8d13915cf389ef608eda6616a7426a3ece1744b9a6f96cca1ff4f7ba61b123d222c649d8eb7148918a1d3efebc14e7c135ba26811089ede1b5e8388147b7c870073cd166a81e55b432a6a201e6d9c4f7e4b46205a802f2d6222bf11d219ee53fe72cf9ed6dec43b315c3bbe76cb203886ae9c28afdea