rewards.digitalocean.com
Issued by R3
About this certificate
This digital certificate with serial number 04:75:ad:83:5e:ff:c8:1e:3a:13:9c:11:57:5a:9f:33:53:20 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=rewards.digitalocean.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:75:ad:83:5e:ff:c8:1e:3a:13:9c:11:57:5a:9f:33:53:20Serial Number (int): 388492819217761663048534396595741836661536
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 15:b5:c4:a8:9e:8f:ad:34:dd:c6:7d:f7:77:f5:8f:88:cd:bc:44:a3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c4:2f:3c:89:e8:73:54:fa:56:77:d5:97:ed:7c:d8:47:d7:61:49:1d
Fingerprint (sha256): 06:02:c2:59:26:ce:96:ab:e0:97:d0:0b:56:4b:1e:21:3b:6c:3c:92:34:4f:a0:46:61:eb:f0:04:72:d5:a0:39
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate rewards.digitalocean.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rewards.digitalocean.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rewards.digitalocean.com
Other certificates including the domain name digitalocean.com
(limited to 100 certificates)
www.demo-tourismconnects.ca
india.polo-development.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ideas.digitalocean.com
tsunami.digitalocean.com
digitalocean.com
investors.digitalocean.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
betastatus.digitalocean.com
pages.support.digitalocean.com
www.demo-tourismconnects.ca
p.ssl.fastly.net
p.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dctrack01.nyc3.internal.digitalocean.com
go.rescuevocations.org
m.ssl.fastly.net
groove.digitalocean.com
trinityu.trinityconsultants.com
email.comms.digitalocean.com
investor.digitalocean.com
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.visitor-friendlyalberta.ca
anchor.digitalocean.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
groove.digitalocean.com
rewards.digitalocean.com
www.visitor-friendlyalberta.ca
m.ssl.fastly.net
au.lakeshore.com
dns-vetting1k.map.fastly.net
www.frailtycertification.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.trainwithpassion.ca
www.visitorfriendlyalberta.ca
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
brand.digitalocean.com
ssl3926.cloudflare.com
www.visitor-friendlyalberta.ca
investors.digitalocean.com
p.ssl.fastly.net
emss.goldfin.ca
www.ekgguy.com
www.learn-rto8.com
www.demo-tourismconnects.ca
dns-vetting2.map.fastly.net
p.ssl.fastly.net
www.visitor-friendlyalberta.ca
www.digitalocean.com
m.ssl.fastly.net
www.visitorfriendlyalberta.ca
ssl503536.cloudflaressl.com
dns-vetting1-mims-pawel.map.fastly.net
m.ssl.fastly.net
www.digitalocean.com
www.visitor-friendlyalberta.ca
b-0.hexagon-cdn.com
events.digitalocean.com
awesome-actions.com
digitalocean.com
www.visitor-friendlyalberta.ca
www.visitorfriendlyalberta.ca
rewards.digitalocean.com
dns-vetting2.map.fastly.net
www.visitorfriendlyalberta.ca
www.digitalocean.com
*.internal.digitalocean.com
m.ssl.fastly.net
dns-vetting2.map.fastly.net
ideas.digitalocean.com
prod-codd-admin.sfo3.internal.digitalocean.com
marketplace-frontend-nyc1.digitalocean.com
www.visitorfriendlyalberta.ca
dns-vetting1k.map.fastly.net
anchor.digitalocean.com
www.trainwithpassion.ca
m.ssl.fastly.net
www.eatandlearnnm.com
www.learn-rto8.com
betastatus.digitalocean.com
ssl503536.cloudflaressl.com
m.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dns-vetting1k.map.fastly.net
www.pathwaylearningnetwork.com
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
india.polo-development.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
ideas.digitalocean.com
tsunami.digitalocean.com
digitalocean.com
investors.digitalocean.com
p.ssl.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
betastatus.digitalocean.com
pages.support.digitalocean.com
www.demo-tourismconnects.ca
p.ssl.fastly.net
p.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dctrack01.nyc3.internal.digitalocean.com
go.rescuevocations.org
m.ssl.fastly.net
groove.digitalocean.com
trinityu.trinityconsultants.com
email.comms.digitalocean.com
investor.digitalocean.com
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.visitor-friendlyalberta.ca
anchor.digitalocean.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
groove.digitalocean.com
rewards.digitalocean.com
www.visitor-friendlyalberta.ca
m.ssl.fastly.net
au.lakeshore.com
dns-vetting1k.map.fastly.net
www.frailtycertification.com
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
m.ssl.fastly.net
m.ssl.fastly.net
www.trainwithpassion.ca
www.visitorfriendlyalberta.ca
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
brand.digitalocean.com
ssl3926.cloudflare.com
www.visitor-friendlyalberta.ca
investors.digitalocean.com
p.ssl.fastly.net
emss.goldfin.ca
www.ekgguy.com
www.learn-rto8.com
www.demo-tourismconnects.ca
dns-vetting2.map.fastly.net
p.ssl.fastly.net
www.visitor-friendlyalberta.ca
www.digitalocean.com
m.ssl.fastly.net
www.visitorfriendlyalberta.ca
ssl503536.cloudflaressl.com
dns-vetting1-mims-pawel.map.fastly.net
m.ssl.fastly.net
www.digitalocean.com
www.visitor-friendlyalberta.ca
b-0.hexagon-cdn.com
events.digitalocean.com
awesome-actions.com
digitalocean.com
www.visitor-friendlyalberta.ca
www.visitorfriendlyalberta.ca
rewards.digitalocean.com
dns-vetting2.map.fastly.net
www.visitorfriendlyalberta.ca
www.digitalocean.com
*.internal.digitalocean.com
m.ssl.fastly.net
dns-vetting2.map.fastly.net
ideas.digitalocean.com
prod-codd-admin.sfo3.internal.digitalocean.com
marketplace-frontend-nyc1.digitalocean.com
www.visitorfriendlyalberta.ca
dns-vetting1k.map.fastly.net
anchor.digitalocean.com
www.trainwithpassion.ca
m.ssl.fastly.net
www.eatandlearnnm.com
www.learn-rto8.com
betastatus.digitalocean.com
ssl503536.cloudflaressl.com
m.ssl.fastly.net
m.ssl.fastly.net
dns-vetting1k.map.fastly.net
www.visitor-friendlyalberta.ca
dns-vetting1k.map.fastly.net
www.pathwaylearningnetwork.com
dns-vetting1k.map.fastly.net
p.ssl.fastly.net
Certificate
The complete raw certificate details for rewards.digitalocean.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISBHWtg17/yB46E5wRV1qfM1MgMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjgxMzEwNDFaFw0yMzEyMjcxMzEwNDBaMCMxITAfBgNVBAMT GHJld2FyZHMuZGlnaXRhbG9jZWFuLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALc9xMkR/SNo+UnlV0dymE9MgzYB1ynY7nPm81tLyZlc1TZNIvfy vQJ66GMrv0VIqVEbqCpgUWWqyulqO+gt0DCX2fa07zcv3Z3A/FjDHUPxTJB2f9DA a4aUqwu1q8ed8pt63DyZYd162Qrln7hKhjw36wGmzlfc2G9cTEZ5ge5eFQMRr+9Q p9IUnk2m1arLSjL/ekqYewRegRunb7/lt/UsdSBIwfcXgB5kAQRL+TBc6Bhf5gbN P5rQzoabzafCvh0XbCt83lmO+SaqbEWG4Gu/0jRDAMwqggdwcCDgVN0Zzh3wjbfs GTv/7JQ1q6vvigF0585ZqbwEkNaU+YE/QK8CAwEAAaOCAhkwggIVMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUFbXEqJ6PrTTdxn33d/WPiM28RKMwHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYcmV3YXJkcy5kaWdpdGFsb2NlYW4uY29t MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYA tz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGK3CCnvgAABAMARzBF AiAi0zzJ8Me13r9kKouY3XKskEo9TVM6mW+lT6hyCULIoQIhAPsQZ/15sbFaPg8i 0+HrpwmA1U4teP35xuZKywfm/giAAHUAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvS K8E6V6NS61IAAAGK3CCn0AAABAMARjBEAiApPgtbKXlUIhbGZ/5NibC/xGWRUv4u mYsra6CEpaeZ7gIgSR1J8jkgK5vB2Zxn0uAUWt+CTcZdZDkCy3Np4J8asXwwDQYJ KoZIhvcNAQELBQADggEBACQeH+69A20GDkr+9z0bchc8n92dJkMmXF/7IFEi7EPj eaoEhsOXXmtYvL+Aq0wrsczQIdAUYX+Vc1hLFIXi2ZuwvTmKa+qgscEqW1YDzCYD NaZ6nfKwXm2Utx32IRIkWmX1m7DIxsTtyV8ZyP59TF289btKQaN4h9awOyVE0cJJ sLO2YPzAE68gcemk1Hf6wLAjCJ30UBHYeQx0hBbBZroD5TgEdTHiVxTBPrdyZqTv fJS7v48S1a6Uoling9yNfggFWpjOU0mNYXQ8x49098FXmbMc+piChI0ukJfXADyK 4VlQzOn5hgwjgiYQTY5OWdNAWGDQJHVDpFpXFa+a0Ek= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz3EyRH9I2j5SeVXR3KY T0yDNgHXKdjuc+bzW0vJmVzVNk0i9/K9AnroYyu/RUipURuoKmBRZarK6Wo76C3Q MJfZ9rTvNy/dncD8WMMdQ/FMkHZ/0MBrhpSrC7Wrx53ym3rcPJlh3XrZCuWfuEqG PDfrAabOV9zYb1xMRnmB7l4VAxGv71Cn0hSeTabVqstKMv96Sph7BF6BG6dvv+W3 9Sx1IEjB9xeAHmQBBEv5MFzoGF/mBs0/mtDOhpvNp8K+HRdsK3zeWY75JqpsRYbg a7/SNEMAzCqCB3BwIOBU3RnOHfCNt+wZO//slDWrq++KAXTnzlmpvASQ1pT5gT9A rwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 388492819217761663048534396595741836661536 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 13:10:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-27 13:10:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rewards.digitalocean.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23132069086583654420214523057883512405036056336047730036576312782552821802938883066434881947429792979249345715312615734960933520378448662841968109956081977329800528125489753444372063953076549003420729037475662322525949451855785940692562869166738141004624673045547331794478762850429413712175523204144051775814689894837267445403882952347408277744364289781769864174351637958530577629324757299164811948062464792094572001789211170737042623631776190530544179052565621011628810988524343059896067318831348396423780632213040692736781771386883413758199243648324780909607990811917310890810114551992426297126144502247153087758511 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 15b5c4a89e8fad34ddc67df777f58f88cdbc44a3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rewards.digitalocean.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018adc20a7be0000040300473045022022d33cc9f0c7b5debf642a8b98dd72ac904a3d4d533a996fa54fa8720942c8a1022100fb1067fd79b1b15a3e0f22d3e1eba70980d54e2d78fdf9c6e64acb07e6fe08800075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018adc20a7d000000403004630440220293e0b5b2979542216c667fe4d89b0bfc4659152fe2e998b2b6ba084a5a799ee0220491d49f239202b9bc1d99c67d2e0145adf824dc65d643902cb7369e09f1ab17c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00241e1feebd036d060e4afef73d1b72173c9fdd9d2643265c5ffb205122ec43e379aa0486c3975e6b58bcbf80ab4c2bb1ccd021d014617f9573584b1485e2d99bb0bd398a6beaa0b1c12a5b5603cc260335a67a9df2b05e6d94b71df62112245a65f59bb0c8c6c4edc95f19c8fe7d4c5dbcf5bb4a41a37887d6b03b2544d1c249b0b3b660fcc013af2071e9a4d477fac0b023089df45011d8790c748416c166ba03e538047531e25714c13eb77266a4ef7c94bbbf8f12d5ae94a258a783dc8d7e08055a98ce53498d61743cc78f74f7c15799b31cfa9882848d2e9097d7003c8ae15950cce9f9860c238226104d8e4e59d3405860d0247543a45a5715af9ad049