answers.usa.gov
Issued by R3
About this certificate
This digital certificate with serial number 03:0f:10:21:fd:4c:84:c0:81:b6:c2:d7:9a:ff:1f:7d:df:31 was issued on by Let's Encrypt.
With 42 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=answers.usa.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0f:10:21:fd:4c:84:c0:81:b6:c2:d7:9a:ff:1f:7d:df:31Serial Number (int): 266462537430335762017667634084438247071537
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: af:72:00:15:90:12:3b:c3:e1:db:b4:f1:1c:69:de:4a:70:f6:8c:3d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 12:a4:23:37:2d:ce:9b:75:72:4c:eb:11:89:97:b7:de:5f:ea:04:58
Fingerprint (sha256): 06:63:74:00:d8:f3:0c:35:f4:f4:16:07:16:75:96:7e:14:0c:05:da:d3:f3:87:a1:ca:c5:46:74:04:b0:c0:e2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate answers.usa.gov
42
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for answers.usa.gov
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
answers.usa.gov
apps.gobiernousa.gov
apps.usa.gov
blog.gobiernousa.gov
businessusa.gov
consumeraction.gov
firstgov.gov
forms.gov
gobierno.usa.gov
gobiernousa.gov
gsa.gov
info.gov
kids.gov
m.gobiernousa.gov
m.gsa.gov
m.usa.gov
my.usa.gov
notice.usa.gov
notifications.usa.gov
promotions.usa.gov
publications.usa.gov
registry.usa.gov
respuestas.gobiernousa.gov
tell-us.usa.gov
tellus.usa.gov
us.gov
usa.gov
usagov.gov
vote.usa.gov
www.businessusa.gov
www.consumeraction.gov
www.feedback.usa.gov
www.firstgov.gov
www.forms.gov
www.gobierno.usa.gov
www.gobiernousa.gov
www.info.gov
www.kids.gov
www.my.usa.gov
www.promotions.usa.gov
www.us.gov
www.usagov.gov
apps.gobiernousa.gov
apps.usa.gov
blog.gobiernousa.gov
businessusa.gov
consumeraction.gov
firstgov.gov
forms.gov
gobierno.usa.gov
gobiernousa.gov
gsa.gov
info.gov
kids.gov
m.gobiernousa.gov
m.gsa.gov
m.usa.gov
my.usa.gov
notice.usa.gov
notifications.usa.gov
promotions.usa.gov
publications.usa.gov
registry.usa.gov
respuestas.gobiernousa.gov
tell-us.usa.gov
tellus.usa.gov
us.gov
usa.gov
usagov.gov
vote.usa.gov
www.businessusa.gov
www.consumeraction.gov
www.feedback.usa.gov
www.firstgov.gov
www.forms.gov
www.gobierno.usa.gov
www.gobiernousa.gov
www.info.gov
www.kids.gov
www.my.usa.gov
www.promotions.usa.gov
www.us.gov
www.usagov.gov
Other certificates including the domain name usa.gov
(limited to 100 certificates)
answers.usa.gov
1.usa.gov
kids.usa.gov
www.gobierno.usa.gov
analytics.usa.gov
cms.usa.gov
www.usa.gov
demo2.search.usa.gov
guineapig.staging.search.usa.gov
www.usa.gov
1.usa.gov
i14y.seagull.staging.search.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
answers.usa.gov
kibana.search.usa.gov
i14y.bird.staging.search.usa.gov
answers.usa.gov
search.usa.gov
go.usa.gov
api.usa.gov
i14y.seagull.staging.search.usa.gov
seagull.staging.search.usa.gov
sandpiper.staging.search.usa.gov
promotions.usa.gov
answers.usa.gov
1.usa.gov
1.usa.gov
hogfish.staging.search.usa.gov
usa.gov
vote.usa.gov
labs.usa.gov
answers.usa.gov
www.usa.gov
www.usa.gov
i14y.vanilla.staging.search.usa.gov
i14y.ox.staging.search.usa.gov
dachshund.staging.search.usa.gov
components.standards.usa.gov
bear.staging.search.usa.gov
redir.gsa.ctacdev.com
answers.usa.gov
i14y.bear.staging.search.usa.gov
1.usa.gov
secure0051.hubspot.com
www.usa.gov
*.sites.usa.gov
answers.usa.gov
beta.usa.gov
pusheen.staging.search.usa.gov
warthog.staging.search.usa.gov
components.standards.usa.gov
*.usa.gov
answers.usa.gov
answers.usa.gov
epa-notice.usa.gov
open.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
i14y.usa.gov
open.usa.gov
i14y.dachshund.staging.search.usa.gov
sa10gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
labs.usa.gov
answers.usa.gov
i14y.luke.staging.search.usa.gov
www.my.usa.gov
panda.staging.search.usa.gov
answers.usa.gov
business.usa.gov
cms.usa.gov
goldfinch.staging.search.usa.gov
answers.usa.gov
gobierno.usa.gov
www.usa.gov
open.usa.gov
i14y.chinchilla.staging.search.usa.gov
answers.usa.gov
search.usa.gov
toothpick.staging.search.usa.gov
answers.usa.gov
sa55gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
i14y.hogfish.staging.search.usa.gov
open-staging.usa.gov
redir.gsa.ctacdev.com
i14y.auk.staging.search.usa.gov
i14y.hedgehog.staging.search.usa.gov
vote.usa.gov
www.usa.gov
search.usa.gov
porcupine.staging.search.usa.gov
answers.usa.gov
epa-notice.usa.gov
lets-encrypt.infr.search.usa.gov
toothpick.staging.search.usa.gov
snowflake.staging.search.usa.gov
i14y.dachshund.staging.search.usa.gov
sa159gl.wpc.edgecastcdn.net
1.usa.gov
kids.usa.gov
www.gobierno.usa.gov
analytics.usa.gov
cms.usa.gov
www.usa.gov
demo2.search.usa.gov
guineapig.staging.search.usa.gov
www.usa.gov
1.usa.gov
i14y.seagull.staging.search.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
answers.usa.gov
kibana.search.usa.gov
i14y.bird.staging.search.usa.gov
answers.usa.gov
search.usa.gov
go.usa.gov
api.usa.gov
i14y.seagull.staging.search.usa.gov
seagull.staging.search.usa.gov
sandpiper.staging.search.usa.gov
promotions.usa.gov
answers.usa.gov
1.usa.gov
1.usa.gov
hogfish.staging.search.usa.gov
usa.gov
vote.usa.gov
labs.usa.gov
answers.usa.gov
www.usa.gov
www.usa.gov
i14y.vanilla.staging.search.usa.gov
i14y.ox.staging.search.usa.gov
dachshund.staging.search.usa.gov
components.standards.usa.gov
bear.staging.search.usa.gov
redir.gsa.ctacdev.com
answers.usa.gov
i14y.bear.staging.search.usa.gov
1.usa.gov
secure0051.hubspot.com
www.usa.gov
*.sites.usa.gov
answers.usa.gov
beta.usa.gov
pusheen.staging.search.usa.gov
warthog.staging.search.usa.gov
components.standards.usa.gov
*.usa.gov
answers.usa.gov
answers.usa.gov
epa-notice.usa.gov
open.usa.gov
answers.usa.gov
sa66gl.wpc.edgecastcdn.net
i14y.usa.gov
open.usa.gov
i14y.dachshund.staging.search.usa.gov
sa10gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
labs.usa.gov
answers.usa.gov
i14y.luke.staging.search.usa.gov
www.my.usa.gov
panda.staging.search.usa.gov
answers.usa.gov
business.usa.gov
cms.usa.gov
goldfinch.staging.search.usa.gov
answers.usa.gov
gobierno.usa.gov
www.usa.gov
open.usa.gov
i14y.chinchilla.staging.search.usa.gov
answers.usa.gov
search.usa.gov
toothpick.staging.search.usa.gov
answers.usa.gov
sa55gl.wpc.edgecastcdn.net
lemonade.staging.search.usa.gov
i14y.hogfish.staging.search.usa.gov
open-staging.usa.gov
redir.gsa.ctacdev.com
i14y.auk.staging.search.usa.gov
i14y.hedgehog.staging.search.usa.gov
vote.usa.gov
www.usa.gov
search.usa.gov
porcupine.staging.search.usa.gov
answers.usa.gov
epa-notice.usa.gov
lets-encrypt.infr.search.usa.gov
toothpick.staging.search.usa.gov
snowflake.staging.search.usa.gov
i14y.dachshund.staging.search.usa.gov
sa159gl.wpc.edgecastcdn.net
Certificate
The complete raw certificate details for answers.usa.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH3jCCBsagAwIBAgISAw8QIf1MhMCBtsLXmv8ffd8xMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMDEyMDQwNTQ0MTNaFw0yMTAzMDQwNTQ0MTNaMBoxGDAWBgNVBAMT D2Fuc3dlcnMudXNhLmdvdjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB AJsuwZuI+YGvV5ZixB7lMH8mnerQRbhEeOHMPggODNM6Iib1k0JKXExLJzJ+WyH5 9SWtHpWND7jPcIaeldDVLHjenWrbRquiQKZ9OIzCBd9EUOAdJ9egGtN0fMPozwzE wWJzNPIDobc+4iAd/ZGWAu0FOCMW0qsZZdqyDawB2zb0LjW9LNdTzwQCDsfyTcVr Wc5W+Olq0GjNRRgvUtZCq7iUp6qYN6hX7u8Y9n8Ipxqkb2u9k3Dczg31SKkI9Vts ODzrbPMwwLMz8TNlOuouEVbNZiBgzcxhVeYijj1/oXEtj2m/1B6iWA/RNu8P/Z8M tbiGA3dkHb2swiwJJzKU5u59HQPfOGxunH0G9yFniBpO1lmGhB+7nbF4vQav+BEs u2+dq0jTlgRhmNVUft20oFnQd4Jw20I7SL4vi8ic5RGm9mSexbApX9cV9vrDEzE+ 1SwPaxVf4BnOCuAymijszPbftdeKgRNXU4TvM7nmJM903myTtD4uGAVfq2PRbBxK y2ViAlD9E5dBgCRoQqguXvXvwjHH48tNgBCAenc4l7Zg++v8P+ncpngD7ek5Qfgb U2+z8h+3Oai+iqORTnXQdxAZzDmBLBmIkH6Yyzu/W2GRTC7wkCsJy/VxkpPljZnJ C31V4aC5FoxuuTPwNsFNi2r460r7CegTRtWRJd7OaTvXAgMBAAGjggQEMIIEADAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFK9yABWQEjvD4du08Rxp3kpw9ow9MB8GA1Ud IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw Oi8vcjMuaS5sZW5jci5vcmcvMIICxQYDVR0RBIICvDCCAriCD2Fuc3dlcnMudXNh LmdvdoIUYXBwcy5nb2JpZXJub3VzYS5nb3aCDGFwcHMudXNhLmdvdoIUYmxvZy5n b2JpZXJub3VzYS5nb3aCD2J1c2luZXNzdXNhLmdvdoISY29uc3VtZXJhY3Rpb24u Z292ggxmaXJzdGdvdi5nb3aCCWZvcm1zLmdvdoIQZ29iaWVybm8udXNhLmdvdoIP Z29iaWVybm91c2EuZ292ggdnc2EuZ292gghpbmZvLmdvdoIIa2lkcy5nb3aCEW0u Z29iaWVybm91c2EuZ292ggltLmdzYS5nb3aCCW0udXNhLmdvdoIKbXkudXNhLmdv doIObm90aWNlLnVzYS5nb3aCFW5vdGlmaWNhdGlvbnMudXNhLmdvdoIScHJvbW90 aW9ucy51c2EuZ292ghRwdWJsaWNhdGlvbnMudXNhLmdvdoIQcmVnaXN0cnkudXNh LmdvdoIacmVzcHVlc3Rhcy5nb2JpZXJub3VzYS5nb3aCD3RlbGwtdXMudXNhLmdv doIOdGVsbHVzLnVzYS5nb3aCBnVzLmdvdoIHdXNhLmdvdoIKdXNhZ292LmdvdoIM dm90ZS51c2EuZ292ghN3d3cuYnVzaW5lc3N1c2EuZ292ghZ3d3cuY29uc3VtZXJh Y3Rpb24uZ292ghR3d3cuZmVlZGJhY2sudXNhLmdvdoIQd3d3LmZpcnN0Z292Lmdv doINd3d3LmZvcm1zLmdvdoIUd3d3LmdvYmllcm5vLnVzYS5nb3aCE3d3dy5nb2Jp ZXJub3VzYS5nb3aCDHd3dy5pbmZvLmdvdoIMd3d3LmtpZHMuZ292gg53d3cubXku dXNhLmdvdoIWd3d3LnByb21vdGlvbnMudXNhLmdvdoIKd3d3LnVzLmdvdoIOd3d3 LnVzYWdvdi5nb3YwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEw KDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwEwYKKwYB BAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJAX0nAjsG7huPMmU4/N VaQ6hW6qNAxEnb84wBi0wed1UwwHZSkAmmelsLkeAAFtPHKqTnnN7cbHAL3iRWQ4 5Fh/2+KEF6eEnMY8F8SEV5ANCg1ujjaQl6QtTNQ4Ea+PhJHA7jhDDZfQz0XSjx7R bqTnMbAldejvc6JgyFdr1ztPGYv7FPYTUelpm7kHxWJ0llbss656zN5VwLciDWAA M+2C7hIARNQX+bHcJ7hwrrUxv4RMZcG/8slVLTxahP8CWimj7DAhhZ3gStO8QpfD Ft07ajlzxLtLh7iIU7IR4Yg4vmmf8pzw9EWA45vcBp6/3Rh7arbdIargWtwAtwUT crM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmy7Bm4j5ga9XlmLEHuUw fyad6tBFuER44cw+CA4M0zoiJvWTQkpcTEsnMn5bIfn1Ja0elY0PuM9whp6V0NUs eN6dattGq6JApn04jMIF30RQ4B0n16Aa03R8w+jPDMTBYnM08gOhtz7iIB39kZYC 7QU4IxbSqxll2rINrAHbNvQuNb0s11PPBAIOx/JNxWtZzlb46WrQaM1FGC9S1kKr uJSnqpg3qFfu7xj2fwinGqRva72TcNzODfVIqQj1W2w4POts8zDAszPxM2U66i4R Vs1mIGDNzGFV5iKOPX+hcS2Pab/UHqJYD9E27w/9nwy1uIYDd2QdvazCLAknMpTm 7n0dA984bG6cfQb3IWeIGk7WWYaEH7udsXi9Bq/4ESy7b52rSNOWBGGY1VR+3bSg WdB3gnDbQjtIvi+LyJzlEab2ZJ7FsClf1xX2+sMTMT7VLA9rFV/gGc4K4DKaKOzM 9t+114qBE1dThO8zueYkz3TebJO0Pi4YBV+rY9FsHErLZWICUP0Tl0GAJGhCqC5e 9e/CMcfjy02AEIB6dziXtmD76/w/6dymeAPt6TlB+BtTb7PyH7c5qL6Ko5FOddB3 EBnMOYEsGYiQfpjLO79bYZFMLvCQKwnL9XGSk+WNmckLfVXhoLkWjG65M/A2wU2L avjrSvsJ6BNG1ZEl3s5pO9cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266462537430335762017667634084438247071537 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-04 05:44:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-04 05:44:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'answers.usa.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 633089943740047430000155154027384426571617053586162417002139045637639397494647523376206301411710154262796909563792366867072433973397114494421538603756560580234354637809070876529491918923081831603692171708395211597957270662401671783131226830596605608506126174374408442612527655804029622507731368582532102804188028872174901179891535260804500976512887647984018522362775482771430802839959728556567553724850130617096146928021646193431411290167819439994720780197788254229901198839961715685264343516099279864904544989066355726667455148808528306718059121587811489295290648800012714043073989808995874856910547390942975839008015567493642832020276824318306964296393739367771236914907996065545977194228181406990711440884703857562841919353803058162205930304450182250023497762227855050590718114375017224485611363851893581158874085641478410385288057876638130277680901705261554556184766690175997642372698166112246751397238414649436238433058698491501399429822668599333843926810207981872258645995341585156180420276112777269618119553931299535882665092213390427441571537178796810966932841448754292527011935580375170376205445425743208656098879764491028077482116013520878088054482194122261786349430113400588266277098710426033638107525853433297903517514711 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) af72001590123bc3e1dbb4f11c69de4a70f68c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (700 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'answers.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.gobiernousa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.gobiernousa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'businessusa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'consumeraction.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstgov.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'forms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gobierno.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gobiernousa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gsa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'info.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kids.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.gobiernousa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.gsa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'notice.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'notifications.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'promotions.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publications.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'registry.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'respuestas.gobiernousa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tell-us.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tellus.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usagov.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vote.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.businessusa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.consumeraction.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.feedback.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firstgov.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.forms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gobierno.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gobiernousa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.info.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kids.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.my.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.promotions.usa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.us.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usagov.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009017d27023b06ee1b8f326538fcd55a43a856eaa340c449dbf38c018b4c1e775530c076529009a67a5b0b91e00016d3c72aa4e79cdedc6c700bde2456438e4587fdbe28417a7849cc63c17c48457900d0a0d6e8e369097a42d4cd43811af8f8491c0ee38430d97d0cf45d28f1ed16ea4e731b02575e8ef73a260c8576bd73b4f198bfb14f61351e9699bb907c562749656ecb3ae7accde55c0b7220d600033ed82ee120044d417f9b1dc27b870aeb531bf844c65c1bff2c9552d3c5a84ff025a29a3ec3021859de04ad3bc4297c316dd3b6a3973c4bb4b87b88853b211e18838be699ff29cf0f44580e39bdc069ebfdd187b6ab6dd21aae05adc00b7051372b3