retitest-ews.migros.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:bd:5c:73:df:2d:6e:7d:58:ec:d2:92:32:51:ed:ec:f7:10 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=retitest-ews.migros.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bd:5c:73:df:2d:6e:7d:58:ec:d2:92:32:51:ed:ec:f7:10Serial Number (int): 325773115759665857114142985426325172188944
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7a:c8:d6:39:9e:d0:e8:f9:7e:59:c4:c6:ee:00:ca:70:9b:96:5d:34
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 77:44:8b:0b:7e:86:04:0b:6c:d7:f2:61:82:d6:b8:62:8d:5d:90:cd
Fingerprint (sha256): 05:7f:bf:3e:dd:8a:e0:28:2c:32:ac:80:77:3a:a8:a2:58:6d:ab:9a:00:63:8f:a4:9c:a2:da:d8:3f:dc:44:6a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate retitest-ews.migros.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for retitest-ews.migros.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
retitest-ews.migros.ch
Other certificates including the domain name migros.ch
(limited to 100 certificates)
secure03.stage.lithium.com
commentmatch.m-budget.migros.ch
secure06.lithium.com
mitarbeiteranlass.events.migros.ch
rsc.migros.ch
staging.prod.pema-coupons.mdb.migros.net
test-basel.migros.ch
secure06.lithium.com
photoset.widgets.migros.ch
secure03.stage.lithium.com
migusto.migros.ch
aus-der-region.migros.ch
test-mgo-api.migros.ch
secure03.stage.lithium.com
gmaare.elearning.migros.ch
meineidee-ext-s.gmsap.migros.ch
famigros.migros.ch
perimeter-dmz1-meineip.migros.ch
api.migros.ch
cadismobile.migros.ch
test-hybrid-app.migros.ch
pos-coupons-api.migros.ch
storybox.migros.ch
dev-basel.migros.ch
support.migros.ch
test-web-api.migros.ch
inveco-s.gmsap.migros.ch
konsumententagung.migros.ch
test-mom.migros.ch
portal.migroszh.ch
login.migros.ch
m-learning.migros.ch
secure03.stage.lithium.com
ca.status.clio.com
e3mobilege-test.gmge.migros.ch
photoset.widgets.migros.ch
staging.qual.mam.mdb.migros.net
admin.operations.migros.ch
mymigros.ch
m-learning-t.migros.ch
yellowworldtest.migros.ch
test-mobile-app-api.migros.ch
corporate.migros.ch
recipeapi-t.gmsap.migros.ch
mcrm.migros.ch
test-socialmedia.migros.ch
meineidee.gmsap.migros.ch
connect.gmz.migros.ch
mcds.migros.net
ucb10testews.migros.ch
live.qual.kms-portal.mdb.aws.migros.ch
dev-migipedia-backend.migros.ch
bb2status.mambu.com
storybox.migros.ch
test-help.migros.ch
*.gmaare.migros.ch
quiz-adr.migros.ch
secure06.lithium.com
tiptoimania.migros.ch
secure.clubs.migros.ch
terrasuisse.migros.ch
retitest-ews.migros.ch
ins-staging.migros.ch
jobs.migros.ch
test-winwin-vonuns-vonhier.migros.ch
mein.m-budget.migros.ch
sni.cloudflaressl.com
thehost.widgets.migros.ch
allowlist.sterda.com
report-download.migros.ch
proxy-mdb.migros.ch
test-corporate.migros.ch
ca.status.clio.com
test-auth.magnolia.migros.ch
meineidee-ext-t.gmsap.migros.ch
lyncaccess.datacenter-migros.ch
dev-vaud.migros.ch
dev-cdn.migros.ch
api.migros.ch
admin.logistikplattform.migros.ch
live.prod.image-upload.mdb.aws.migros.ch
image-upload.mdb.migros.net
secure03.stage.lithium.com
cert-test.migros.ch
rc-mobile-app.migros.ch
mylogin.migros.ch
test-hybrid-app.migros.ch
p99.migros.ch
proxy-mdb.migros.ch
auth.migros.ch
ca.status.clio.com
wartung.migros.ch
staging.prod.pema-coupons.mdb.aws.migros.ch
natro.gmaare.migros.ch
impuls.migros.ch
allowlist.sterda.com
recipeapi-s.gmsap.migros.ch
m-payment.pos.migros.ch
fragments.migros.ch
ostern.migros.ch
commentmatch.m-budget.migros.ch
secure06.lithium.com
mitarbeiteranlass.events.migros.ch
rsc.migros.ch
staging.prod.pema-coupons.mdb.migros.net
test-basel.migros.ch
secure06.lithium.com
photoset.widgets.migros.ch
secure03.stage.lithium.com
migusto.migros.ch
aus-der-region.migros.ch
test-mgo-api.migros.ch
secure03.stage.lithium.com
gmaare.elearning.migros.ch
meineidee-ext-s.gmsap.migros.ch
famigros.migros.ch
perimeter-dmz1-meineip.migros.ch
api.migros.ch
cadismobile.migros.ch
test-hybrid-app.migros.ch
pos-coupons-api.migros.ch
storybox.migros.ch
dev-basel.migros.ch
support.migros.ch
test-web-api.migros.ch
inveco-s.gmsap.migros.ch
konsumententagung.migros.ch
test-mom.migros.ch
portal.migroszh.ch
login.migros.ch
m-learning.migros.ch
secure03.stage.lithium.com
ca.status.clio.com
e3mobilege-test.gmge.migros.ch
photoset.widgets.migros.ch
staging.qual.mam.mdb.migros.net
admin.operations.migros.ch
mymigros.ch
m-learning-t.migros.ch
yellowworldtest.migros.ch
test-mobile-app-api.migros.ch
corporate.migros.ch
recipeapi-t.gmsap.migros.ch
mcrm.migros.ch
test-socialmedia.migros.ch
meineidee.gmsap.migros.ch
connect.gmz.migros.ch
mcds.migros.net
ucb10testews.migros.ch
live.qual.kms-portal.mdb.aws.migros.ch
dev-migipedia-backend.migros.ch
bb2status.mambu.com
storybox.migros.ch
test-help.migros.ch
*.gmaare.migros.ch
quiz-adr.migros.ch
secure06.lithium.com
tiptoimania.migros.ch
secure.clubs.migros.ch
terrasuisse.migros.ch
retitest-ews.migros.ch
ins-staging.migros.ch
jobs.migros.ch
test-winwin-vonuns-vonhier.migros.ch
mein.m-budget.migros.ch
sni.cloudflaressl.com
thehost.widgets.migros.ch
allowlist.sterda.com
report-download.migros.ch
proxy-mdb.migros.ch
test-corporate.migros.ch
ca.status.clio.com
test-auth.magnolia.migros.ch
meineidee-ext-t.gmsap.migros.ch
lyncaccess.datacenter-migros.ch
dev-vaud.migros.ch
dev-cdn.migros.ch
api.migros.ch
admin.logistikplattform.migros.ch
live.prod.image-upload.mdb.aws.migros.ch
image-upload.mdb.migros.net
secure03.stage.lithium.com
cert-test.migros.ch
rc-mobile-app.migros.ch
mylogin.migros.ch
test-hybrid-app.migros.ch
p99.migros.ch
proxy-mdb.migros.ch
auth.migros.ch
ca.status.clio.com
wartung.migros.ch
staging.prod.pema-coupons.mdb.aws.migros.ch
natro.gmaare.migros.ch
impuls.migros.ch
allowlist.sterda.com
recipeapi-s.gmsap.migros.ch
m-payment.pos.migros.ch
fragments.migros.ch
ostern.migros.ch
Certificate
The complete raw certificate details for retitest-ews.migros.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgISA71cc98tbn1Y7NKSMlHt7PcQMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjkwNDQzMDVaFw0yNDAzMjgwNDQzMDRaMCExHzAdBgNVBAMT FnJldGl0ZXN0LWV3cy5taWdyb3MuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDFepGR638hekO9C7lXWkw3ybMPSxwLVxdsuzvyTMDbcxvW6mhclbhl RXIOV8azxGENY658+FFxjAXpXkLX+0wXOPzAYk8d0SMNqG8Jxgit9MM/t+X+Gj4A XdDg3HnRBo6Jvb0snqMGLXWt7936xb9V9nfN7gmM21/68OH/Fx/8nNcnizVCg9F+ nUzr/hD/2W7njfiPR7v0S57hi+0i1MCTRxj2Fn2R+C2weGu6tOswAbx6EeYf+49R mzmMsQY3UYsfI1nGsxgfQiI6SadQOzEFEeMwls9K6FmPUL4Ysfgg4yeNqGgk2ZVg MV+WPdKQRQdnkOCHos8MxLsKscRUa4/HAgMBAAGjggIYMIICFDAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC MAAwHQYDVR0OBBYEFHrI1jme0Oj5flnExu4AynCbll00MB8GA1UdIwQYMBaAFBQu sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s ZW5jci5vcmcvMCEGA1UdEQQaMBiCFnJldGl0ZXN0LWV3cy5taWdyb3MuY2gwEwYD VR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwBIsONr 2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYy0GP1QAAAEAwBIMEYCIQDq 8VGNIiIe6zl72yO9ZXp7d/RPEBK+6nvmfLYW1Hta2QIhAMWQ9x/vCzZ7w27HMY1O Wn0g66GGo4j+3nWidJmzMY9mAHUAouK/1h7eLy8HoNZObTen3GVDsMa1LqLat4r4 mm31F9gAAAGMtBj9UQAABAMARjBEAiA5DWnOXuyKOKkIkFlBOPrE/mF5yzk4kyWl GFWsuIkM6gIgF9DhN240H34E6iIMfYfAg8vTSfifOZ0cxU89ry0rFDMwDQYJKoZI hvcNAQELBQADggEBACYMwR92yTRTqH9Jor0VQn7YjiCck/fNno0XdN0Qb2DFwVub K0GzVlhnVTVerI1JRVb9OWpzT3FYM4oYwCPASS9taRDnfW6iSf92JOwClTsOZoyU l5bndF0TXUUS+wm2y1//wgg07Y110JeymLV216GSnUk+NjQ0ajo2q0VCKk1fnHyj w7LOoRQbATaYQAjSIIoLTJaauQ2qh6pM+ZoQK/9UCuixi0utw4CBQ4XIk0TcCxoD Ff+fJcoldH9SF18Dy6+03C5BkDh+GNbYcxluxlnptX3Cyu8SFaL0Mdeklk0HGShx KoXWqYKG3dyFxzvOFA5za+OtJ2AHqgt/8AFTmWg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXqRket/IXpDvQu5V1pM N8mzD0scC1cXbLs78kzA23Mb1upoXJW4ZUVyDlfGs8RhDWOufPhRcYwF6V5C1/tM Fzj8wGJPHdEjDahvCcYIrfTDP7fl/ho+AF3Q4Nx50QaOib29LJ6jBi11re/d+sW/ VfZ3ze4JjNtf+vDh/xcf/JzXJ4s1QoPRfp1M6/4Q/9lu5434j0e79Eue4YvtItTA k0cY9hZ9kfgtsHhrurTrMAG8ehHmH/uPUZs5jLEGN1GLHyNZxrMYH0IiOkmnUDsx BRHjMJbPSuhZj1C+GLH4IOMnjahoJNmVYDFflj3SkEUHZ5Dgh6LPDMS7CrHEVGuP xwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325773115759665857114142985426325172188944 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-29 04:43:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-28 04:43:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'retitest-ews.migros.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24929386923813865767665146203630761431369168014607350918313773409642636829123293463461105292071952514934040999603942635511699191887926420079153565902153648789118831653489609153355105135502561994712676451741335380247260114729076348473845283215211801938504905217709132520458248981031055559592732933675087693621683171362244965577126275048108824553963409576942768166307831978751164138647067537093489588069833228255505907234455262756349678840967478586220267382905144945472628087374397164912016387363585112637432773988682416586891924972917543964588647277324728146934095674153636899711460026095632102603575732682591272931271 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7ac8d6399ed0e8f97e59c4c6ee00ca709b965d34 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retitest-ews.migros.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cb418fd500000040300483046022100eaf1518d22221eeb397bdb23bd657a7b77f44f1012beea7be67cb616d47b5ad9022100c590f71fef0b367bc36ec7318d4e5a7d20eba186a388fede75a27499b3318f66007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cb418fd5100000403004630440220390d69ce5eec8a38a90890594138fac4fe6179cb39389325a51855acb8890cea022017d0e1376e341f7e04ea220c7d87c083cbd349f89f399d1cc54f3daf2d2b1433 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00260cc11f76c93453a87f49a2bd15427ed88e209c93f7cd9e8d1774dd106f60c5c15b9b2b41b356586755355eac8d494556fd396a734f7158338a18c023c0492f6d6910e77d6ea249ff7624ec02953b0e668c949796e7745d135d4512fb09b6cb5fffc20834ed8d75d097b298b576d7a1929d493e3634346a3a36ab45422a4d5f9c7ca3c3b2cea1141b0136984008d2208a0b4c969ab90daa87aa4cf99a102bff540ae8b18b4badc380814385c89344dc0b1a0315ff9f25ca25747f52175f03cbafb4dc2e4190387e18d6d873196ec659e9b57dc2caef1215a2f431d7a4964d071928712a85d6a98286dddc85c73bce140e736be3ad276007aa0b7ff001539968