idol.iowa.gov
Issued by Go Daddy Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 70:a2:61:f5:a2:40:c1:da was issued on by GoDaddy.com, Inc..
With 27 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
- Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)
Certificate Subject
CN=idol.iowa.gov
GoDaddy.com, Inc.
Organization:
GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
Organization unit: http://certs.godaddy.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 70:a2:61:f5:a2:40:c1:daSerial Number (int): 8116157186092089818
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: 0d:f2:2e:46:fa:13:44:7c:95:20:1a:32:c6:77:2b:0f:d6:b6:c3:55
AuthorityKeyId: 40:c2:bd:27:8e:cc:34:83:30:a2:33:d7:fb:6c:b3:f0:b4:2c:80:ce
Fingerprint (sha1): 06:9f:5c:23:c1:ec:c9:be:1d:2a:ad:c2:8f:83:95:fc:c1:53:cf:f5
Fingerprint (sha256): 06:70:5d:73:a2:78:ea:d5:3b:7b:56:3b:fb:88:a8:28:56:45:71:86:94:0c:22:7b:d4:46:bb:73:e9:de:16:0d
Issuing Certificate URL: http://certificates.godaddy.com/repository/gdig2.crt
Revocation information
OCSP Server: http://ocsp.godaddy.com/CRL Distribution Point: http://crl.godaddy.com/gdig2s1-11299.crl
Check the revocation status for certificate idol.iowa.gov
27
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for idol.iowa.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.iowaelevators.gov
amusementrides.iowa.gov
www.iowachildlabor.gov
iowaboilers.gov
iowachildlabor.gov
www.iowawage.gov
www.iowadivisionoflabor.gov
www.asbestos.iowa.gov
osha.iowaworkforcedevelopment.gov
osha.iowadivisionoflabor.gov
iadol.iowaworkforcedevelopment.gov
iowadivisionoflabor.gov
iowalabor.gov
iowaosha.gov
asbestos.iowa.gov
iowaelevators.gov
iowadol.gov
www.iowacontractor.gov
www.iowalabor.gov
www.iowaosha.gov
iowawage.gov
authoring.iowadivisionoflabor.gov
www.iowadol.gov
iowacontractor.gov
idol.iowa.gov
www.idol.iowa.gov
www.iowaboilers.gov
amusementrides.iowa.gov
www.iowachildlabor.gov
iowaboilers.gov
iowachildlabor.gov
www.iowawage.gov
www.iowadivisionoflabor.gov
www.asbestos.iowa.gov
osha.iowaworkforcedevelopment.gov
osha.iowadivisionoflabor.gov
iadol.iowaworkforcedevelopment.gov
iowadivisionoflabor.gov
iowalabor.gov
iowaosha.gov
asbestos.iowa.gov
iowaelevators.gov
iowadol.gov
www.iowacontractor.gov
www.iowalabor.gov
www.iowaosha.gov
iowawage.gov
authoring.iowadivisionoflabor.gov
www.iowadol.gov
iowacontractor.gov
idol.iowa.gov
www.idol.iowa.gov
www.iowaboilers.gov
Other certificates including the domain name iowa.gov
(limited to 100 certificates)
pottawattamiecounty.iowa.gov
mitchellcountyelections.iowa.gov
pocahontascountyiowa.gov
www.greenecounty.iowa.gov
earlychildhood.iowa.gov
ssl7.revizesites.com
elections101.iowa.gov
ssl8.revizesites.com
idacounty.iowa.gov
iris.iowa.gov
iowa.gov
www.cedarcounty.iowa.gov
incapsula.com
hsemdpreparedness.iowa.gov
pagecounty.iowa.gov
dhs.iowa.gov
delawarecounty.iowa.gov
harrisoncounty.iowa.gov
ssl3.revizesites.com
www.floodrisk.iowa.gov
fs.wdm.iowa.gov
ssl3.revizesites.com
login.iowa.gov
etranscript.iowa.gov
incapsula.com
incapsula.com
www.crawfordcounty.iowa.gov
norwalk.iowa.gov
incapsula.com
ileatraining.iowa.gov
incapsula.com
forms.cabarruscounty.us
dia.iowa.gov
clarkecountyiowa.org
san-f2.granicusgovaccess.net
ltgovernor.iowa.gov
hd.alborgdx.com
vaapp.iowa.gov
claycounty.iowa.gov
incapsula.com
ssl8.revizesites.com
www.wapellocounty.iowa.gov
googlehelp.iowa.gov
va.iowa.gov
lucascountyelections.iowa.gov
ssl8.revizesites.com
commerce.iowa.gov
www.idr.iowa.gov
filings.iowa.gov
incapsula.com
ssl3.revizesites.com
www.plb.iowa.gov
incapsula.com
datapro.plb.iowa.gov
incapsula.com
crawfordcounty.iowa.gov
ltgovernor.iowa.gov
efs.iowa.gov
www.muscatinecountyiowa.gov
monroecounty.iowa.gov
incapsula.com
howardcounty.iowa.gov
idol.iowa.gov
ssl8.revizesites.com
fayettecounty.iowa.gov
vaapp.iowa.gov
yourlifeiowa.org
incapsula.com
www.admissions.iastate.edu
entaa.iowa.gov
www.pocahontas-county.com
yourlifeiowa.com
train-qa.iowa.gov
incapsula.com
claycounty.iowa.gov
incapsula.com
mail.norwalk.iowa.gov
incapsula.com
*.iowa.gov
incapsula.com
city-budget-explorer.iowa.gov
earlychildhood.iowa.gov
terracehill.iowa.gov
madisoncounty.iowa.gov
vpn2.iowa.gov
ssl7.revizesites.com
incapsula.com
san-d2.granicusgovaccess.net
emmetcounty.iowa.gov
ssl7.revizesites.com
incapsula.com
butlercoiowa.org
incapsula.com
guestaccess.iwd.iowa.gov
iowanewbornscreening.iowa.gov
ssl1.revizesites.com
dia.iowa.gov
san-e2.granicusgovaccess.net
desktop.iwd.iowa.gov
san-f2.granicusgovaccess.net
mitchellcountyelections.iowa.gov
pocahontascountyiowa.gov
www.greenecounty.iowa.gov
earlychildhood.iowa.gov
ssl7.revizesites.com
elections101.iowa.gov
ssl8.revizesites.com
idacounty.iowa.gov
iris.iowa.gov
iowa.gov
www.cedarcounty.iowa.gov
incapsula.com
hsemdpreparedness.iowa.gov
pagecounty.iowa.gov
dhs.iowa.gov
delawarecounty.iowa.gov
harrisoncounty.iowa.gov
ssl3.revizesites.com
www.floodrisk.iowa.gov
fs.wdm.iowa.gov
ssl3.revizesites.com
login.iowa.gov
etranscript.iowa.gov
incapsula.com
incapsula.com
www.crawfordcounty.iowa.gov
norwalk.iowa.gov
incapsula.com
ileatraining.iowa.gov
incapsula.com
forms.cabarruscounty.us
dia.iowa.gov
clarkecountyiowa.org
san-f2.granicusgovaccess.net
ltgovernor.iowa.gov
hd.alborgdx.com
vaapp.iowa.gov
claycounty.iowa.gov
incapsula.com
ssl8.revizesites.com
www.wapellocounty.iowa.gov
googlehelp.iowa.gov
va.iowa.gov
lucascountyelections.iowa.gov
ssl8.revizesites.com
commerce.iowa.gov
www.idr.iowa.gov
filings.iowa.gov
incapsula.com
ssl3.revizesites.com
www.plb.iowa.gov
incapsula.com
datapro.plb.iowa.gov
incapsula.com
crawfordcounty.iowa.gov
ltgovernor.iowa.gov
efs.iowa.gov
www.muscatinecountyiowa.gov
monroecounty.iowa.gov
incapsula.com
howardcounty.iowa.gov
idol.iowa.gov
ssl8.revizesites.com
fayettecounty.iowa.gov
vaapp.iowa.gov
yourlifeiowa.org
incapsula.com
www.admissions.iastate.edu
entaa.iowa.gov
www.pocahontas-county.com
yourlifeiowa.com
train-qa.iowa.gov
incapsula.com
claycounty.iowa.gov
incapsula.com
mail.norwalk.iowa.gov
incapsula.com
*.iowa.gov
incapsula.com
city-budget-explorer.iowa.gov
earlychildhood.iowa.gov
terracehill.iowa.gov
madisoncounty.iowa.gov
vpn2.iowa.gov
ssl7.revizesites.com
incapsula.com
san-d2.granicusgovaccess.net
emmetcounty.iowa.gov
ssl7.revizesites.com
incapsula.com
butlercoiowa.org
incapsula.com
guestaccess.iwd.iowa.gov
iowanewbornscreening.iowa.gov
ssl1.revizesites.com
dia.iowa.gov
san-e2.granicusgovaccess.net
desktop.iwd.iowa.gov
san-f2.granicusgovaccess.net
Certificate
The complete raw certificate details for idol.iowa.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIwjCCB6qgAwIBAgIIcKJh9aJAwdowDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1 cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMjMxMTA3MTkxNjM2WhcN MjQxMjA4MTkxNjM2WjAYMRYwFAYDVQQDEw1pZG9sLmlvd2EuZ292MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtObTOjy5VeOJbR89s6sWN0CdAR2d41Ez 5JNu212jqyIQ9l5psCEY/KgdPAn69CgfUtTNG6xMuGp4e8zwpZXmfUrKnsv5RMWv i4jA1X1vfewzDCaK+g8LXXbmpwonlvlKGQKdVULs89hWENI+0Jnceg1OYV7GSsEu mqk9TD4xpUTfKW5qTRKxQFIbKDn+H0B+R6eu1hXBiZ7c7Fb6c8TFCBg6zUfXWuoM C3RvgVMaT4ks8myYdeP4iQFpcm/n0Iqj6Qvu2Hbtttx+6GBgisepGOh0tR0jtM1N OqeOg0regMdQk7b+SamNn5+Pmy+JU7WBCXIg7t6FzA1VrN/pEKbYbwIDAQABo4IF cTCCBW0wDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwDgYDVR0PAQH/BAQDAgWgMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu Z29kYWRkeS5jb20vZ2RpZzJzMS0xMTI5OS5jcmwwXQYDVR0gBFYwVDBIBgtghkgB hv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFk ZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0 aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcy LmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjCCAlgGA1UdEQSC Ak8wggJLghV3d3cuaW93YWVsZXZhdG9ycy5nb3aCF2FtdXNlbWVudHJpZGVzLmlv d2EuZ292ghZ3d3cuaW93YWNoaWxkbGFib3IuZ292gg9pb3dhYm9pbGVycy5nb3aC Emlvd2FjaGlsZGxhYm9yLmdvdoIQd3d3Lmlvd2F3YWdlLmdvdoIbd3d3Lmlvd2Fk aXZpc2lvbm9mbGFib3IuZ292ghV3d3cuYXNiZXN0b3MuaW93YS5nb3aCIW9zaGEu aW93YXdvcmtmb3JjZWRldmVsb3BtZW50LmdvdoIcb3NoYS5pb3dhZGl2aXNpb25v ZmxhYm9yLmdvdoIiaWFkb2wuaW93YXdvcmtmb3JjZWRldmVsb3BtZW50LmdvdoIX aW93YWRpdmlzaW9ub2ZsYWJvci5nb3aCDWlvd2FsYWJvci5nb3aCDGlvd2Fvc2hh LmdvdoIRYXNiZXN0b3MuaW93YS5nb3aCEWlvd2FlbGV2YXRvcnMuZ292ggtpb3dh ZG9sLmdvdoIWd3d3Lmlvd2Fjb250cmFjdG9yLmdvdoIRd3d3Lmlvd2FsYWJvci5n b3aCEHd3dy5pb3dhb3NoYS5nb3aCDGlvd2F3YWdlLmdvdoIhYXV0aG9yaW5nLmlv d2FkaXZpc2lvbm9mbGFib3IuZ292gg93d3cuaW93YWRvbC5nb3aCEmlvd2Fjb250 cmFjdG9yLmdvdoINaWRvbC5pb3dhLmdvdoIRd3d3Lmlkb2wuaW93YS5nb3aCE3d3 dy5pb3dhYm9pbGVycy5nb3YwHQYDVR0OBBYEFA3yLkb6E0R8lSAaMsZ3Kw/WtsNV MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDuzdBk1dsazsVct520zROiModG fLzs3sNRSFlGcR+1mwAAAYurNyHhAAAEAwBHMEUCIFYb4vWiI0DEnaf3vOtUrwJy aPy/0CvkEyrn9uPcHRwgAiEA5CwxPNqVGTw5vfuKrCi82cAQxzLUaI8IdHpAiUQ0 0EoAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYurNyKFAAAE AwBIMEYCIQDfwtsdreo5igNOB7G7jO1SXvRgSnUnC8kpbW5lxt9tJAIhAMgOuMed fBop5DLa8VpOzSHjapYtzn1hXi1yMMxJ+crSAHUAVYHUwhaQNgFK6gubVzxT8MDk OHhwJQgXL6OqHQcT0wwAAAGLqzclMgAABAMARjBEAiBN0/CUiBrGzIApVjP7yAvd 5cXTMTzspTirYCbCxiIPKgIgENbdnPL57ZAKVAwDzJclgGNSsJJMDc4HWVZFpxP7 7TMwDQYJKoZIhvcNAQELBQADggEBABdery7eL6V7uocXymsk0vVH68TIFHVkT0+z KtA6iYK4z9NaQti8j77D5+iN/Tj9Hy4BjDjHxbzlsBg4arnXtTt/e3k9JrlMIWJu OAxyr18JF6SsJ4s6WGUlmvHoM+LJO6TbyMn3G3XPpSSVC1FSJAnkkmQ+ZTP85VZL bfVARZ5SWt5IZnGaIY34PDL6xDiI+j0jbmaAUTEZ0hO41pTSk8CTQAw96WpXwaFM GhSuMQUMtzm2jP7vNTb8gDPX6jqfirA+1lvSIZdxYG2Bq2vjf5FnxR4+GcI7ARYD CxS6D847jCVoB+lnMVaApu4e5Cta+d561tvQP/jRq6sXGnWCotU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtObTOjy5VeOJbR89s6sW N0CdAR2d41Ez5JNu212jqyIQ9l5psCEY/KgdPAn69CgfUtTNG6xMuGp4e8zwpZXm fUrKnsv5RMWvi4jA1X1vfewzDCaK+g8LXXbmpwonlvlKGQKdVULs89hWENI+0Jnc eg1OYV7GSsEumqk9TD4xpUTfKW5qTRKxQFIbKDn+H0B+R6eu1hXBiZ7c7Fb6c8TF CBg6zUfXWuoMC3RvgVMaT4ks8myYdeP4iQFpcm/n0Iqj6Qvu2Hbtttx+6GBgisep GOh0tR0jtM1NOqeOg0regMdQk7b+SamNn5+Pmy+JU7WBCXIg7t6FzA1VrN/pEKbY bwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8116157186092089818 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GoDaddy.com, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.godaddy.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go Daddy Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-07 19:16:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-08 19:16:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'idol.iowa.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22836718996621638669506449908596417889162108126388096493297253745896529733936812137061356081281119275300713691360261975952495994941800407570254497022632469094115889852475245718883465532045555494713533134938650042199162525537803379112920287733783020883622358949011802125893450057160424276622459065895084873641485285831473549348229695183566075369409183569329056098860617276854939785388961516577039619372832196045430755088111424194790847229581956378479394803481466789763373009795545111524890149468055335949120859451113807440243743277005932132759209999306876739782138701479700823485228473353628912475325114436614219028591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.godaddy.com/gdig2s1-11299.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114413.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.godaddy.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.godaddy.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.godaddy.com/repository/gdig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 40c2bd278ecc348330a233d7fb6cb3f0b42c80ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (591 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaelevators.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amusementrides.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowachildlabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaboilers.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowachildlabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowawage.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadivisionoflabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.asbestos.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'osha.iowaworkforcedevelopment.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'osha.iowadivisionoflabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iadol.iowaworkforcedevelopment.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadivisionoflabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowalabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaosha.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asbestos.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaelevators.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadol.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacontractor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowalabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaosha.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowawage.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'authoring.iowadivisionoflabor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadol.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacontractor.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idol.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idol.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaboilers.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0df22e46fa13447c95201a32c6772b0fd6b6c355 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bab3721e100000403004730450220561be2f5a22340c49da7f7bceb54af027268fcbfd02be4132ae7f6e3dc1d1c20022100e42c313cda95193c39bdfb8aac28bcd9c010c732d4688f08747a40894434d04a00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bab3722850000040300483046022100dfc2db1dadea398a034e07b1bb8ced525ef4604a75270bc9296d6e65c6df6d24022100c80eb8c79d7c1a29e432daf15a4ecd21e36a962dce7d615e2d7230cc49f9cad20075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018bab372532000004030046304402204dd3f094881ac6cc80295633fbc80bdde5c5d3313ceca538ab6026c2c6220f2a022010d6dd9cf2f9ed900a540c03cc9725806352b0924c0dce07595645a713fbed33 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00175eaf2ede2fa57bba8717ca6b24d2f547ebc4c81475644f4fb32ad03a8982b8cfd35a42d8bc8fbec3e7e88dfd38fd1f2e018c38c7c5bce5b018386ab9d7b53b7f7b793d26b94c21626e380c72af5f0917a4ac278b3a5865259af1e833e2c93ba4dbc8c9f71b75cfa524950b51522409e492643e6533fce5564b6df540459e525ade4866719a218df83c32fac43888fa3d236e6680513119d213b8d694d293c093400c3de96a57c1a14c1a14ae31050cb739b68cfeef3536fc8033d7ea3a9f8ab03ed65bd2219771606d81ab6be37f9167c51e3e19c23b0116030b14ba0fce3b8c256807e967315680a6ee1ee42b5af9de7ad6dbd03ff8d1abab171a7582a2d5