architecture.carleton.ca
Issued by R3
About this certificate
This digital certificate with serial number 03:23:d3:cc:b4:2d:52:10:a4:66:75:14:f8:ab:9c:df:0c:35 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=architecture.carleton.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:23:d3:cc:b4:2d:52:10:a4:66:75:14:f8:ab:9c:df:0c:35Serial Number (int): 273528270627607738375527876638155240049717
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6f:02:94:b4:4c:39:3c:b2:08:b9:44:c3:e6:9d:3e:d9:4c:39:e3:ad
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): af:ed:5a:79:e6:e4:53:f2:b2:f0:f3:6a:c0:d5:06:c9:07:1b:9a:87
Fingerprint (sha256): 07:d4:2d:06:ea:36:2b:2a:a8:66:af:ec:c2:3b:ae:13:d0:02:54:b5:cc:f9:7c:36:98:bd:f9:e6:d2:5c:28:85
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate architecture.carleton.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for architecture.carleton.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
architecture.carleton.ca
Other certificates including the domain name carleton.ca
(limited to 100 certificates)
atlas-wiki.physics.carleton.ca
finint01.cunet.carleton.ca
*.carleton.ca
planforgood.carleton.ca
timreview.carleton.ca
ccs-casdev3.carleton.ca
sciencedev.physics.carleton.ca
ir.library.carleton.ca
alumnimentors.carleton.ca
mimcufed.carleton.ca
cqads.carleton.ca
*.nwrc.carleton.ca
hotsoft.carleton.ca
gogs.carleton.ca
cas5.carleton.ca
ssscdev2.physics.carleton.ca
ojs.library.carleton.ca
mycareer.carleton.ca
inuktutlexicon.gcrc.carleton.ca
hotsoft.carleton.ca
nextcalendar.carleton.ca
itsgit.carleton.ca
owncloud.carleton.ca
linux.doe.carleton.ca
lakehurontreaties.gcrc.carleton.ca
scienceapps1.carleton.ca
banweb77.cunet.carleton.ca
cas5.carleton.ca
banweb53.cunet.carleton.ca
san-6-s10.tlsprovisioning.exacttarget.com
scienceapps.carleton.ca
journals.carleton.ca
cas5dev.carleton.ca
cg.scs.carleton.ca
sssc.carleton.ca
mvp.soft.carleton.ca
mailhost.math.carleton.ca
tpa.carleton.ca
science.carleton.ca
cas.carleton.ca
*.carleton.ca
gogs.carleton.ca
awc.carleton.ca
cutv.carleton.ca
*.scs.carleton.ca
its-apidev1.carleton.ca
docman.carleton.ca
itsccw02.cunet.carleton.ca
elections.ccss.carleton.ca
*.carleton.ca
mailhost.math.carleton.ca
cas5dev.carleton.ca
chernode.mae.carleton.ca
ssoman.carleton.ca
sssc.carleton.ca
wiki.math.carleton.ca
vlt.carleton.ca
bandoc02.cunet.carleton.ca
cqads-vm01.carleton.ca
tpa.carleton.ca
jupyterhub.physics.carleton.ca
doclib.carleton.ca
cqads-vm01.carleton.ca
simreporting.carleton.ca
banstg01.cunet.carleton.ca
science.carleton.ca
mattermost.carleton.ca
portalclonetest.carleton.ca
ccsadc04.cunet.carleton.ca
sikuatlas.gcrc.carleton.ca
architecture.carleton.ca
deap-radiopurity.physics.carleton.ca
lakehurontreaties.gcrc.carleton.ca
deapdb.physics.carleton.ca
honoursprojects.physics.carleton.ca
dges.carleton.ca
mvp.soft.carleton.ca
itsrds05.cunet.carleton.ca
gracilis.glel.carleton.ca
itsgit.carleton.ca
u-itsadc02.cunet-uat.carleton.ca
enrichment.math.carleton.ca
planforgood.carleton.ca
www.cuol.ca
sprottcareers.carleton.ca
iggrc.carleton.ca
adminweb.carleton.ca
ccss.carleton.ca
webwork.math.carleton.ca
people.math.carleton.ca
cutv.carleton.ca
earthsci.carleton.ca
sssc.carleton.ca
rcsctx.carleton.ca
rcs-citrix5.carleton.ca
deap-deltav.physics.carleton.ca
hereforgood.carleton.ca
ngn.sce.carleton.ca
banweb03.cunet.carleton.ca
ccss.carleton.ca
finint01.cunet.carleton.ca
*.carleton.ca
planforgood.carleton.ca
timreview.carleton.ca
ccs-casdev3.carleton.ca
sciencedev.physics.carleton.ca
ir.library.carleton.ca
alumnimentors.carleton.ca
mimcufed.carleton.ca
cqads.carleton.ca
*.nwrc.carleton.ca
hotsoft.carleton.ca
gogs.carleton.ca
cas5.carleton.ca
ssscdev2.physics.carleton.ca
ojs.library.carleton.ca
mycareer.carleton.ca
inuktutlexicon.gcrc.carleton.ca
hotsoft.carleton.ca
nextcalendar.carleton.ca
itsgit.carleton.ca
owncloud.carleton.ca
linux.doe.carleton.ca
lakehurontreaties.gcrc.carleton.ca
scienceapps1.carleton.ca
banweb77.cunet.carleton.ca
cas5.carleton.ca
banweb53.cunet.carleton.ca
san-6-s10.tlsprovisioning.exacttarget.com
scienceapps.carleton.ca
journals.carleton.ca
cas5dev.carleton.ca
cg.scs.carleton.ca
sssc.carleton.ca
mvp.soft.carleton.ca
mailhost.math.carleton.ca
tpa.carleton.ca
science.carleton.ca
cas.carleton.ca
*.carleton.ca
gogs.carleton.ca
awc.carleton.ca
cutv.carleton.ca
*.scs.carleton.ca
its-apidev1.carleton.ca
docman.carleton.ca
itsccw02.cunet.carleton.ca
elections.ccss.carleton.ca
*.carleton.ca
mailhost.math.carleton.ca
cas5dev.carleton.ca
chernode.mae.carleton.ca
ssoman.carleton.ca
sssc.carleton.ca
wiki.math.carleton.ca
vlt.carleton.ca
bandoc02.cunet.carleton.ca
cqads-vm01.carleton.ca
tpa.carleton.ca
jupyterhub.physics.carleton.ca
doclib.carleton.ca
cqads-vm01.carleton.ca
simreporting.carleton.ca
banstg01.cunet.carleton.ca
science.carleton.ca
mattermost.carleton.ca
portalclonetest.carleton.ca
ccsadc04.cunet.carleton.ca
sikuatlas.gcrc.carleton.ca
architecture.carleton.ca
deap-radiopurity.physics.carleton.ca
lakehurontreaties.gcrc.carleton.ca
deapdb.physics.carleton.ca
honoursprojects.physics.carleton.ca
dges.carleton.ca
mvp.soft.carleton.ca
itsrds05.cunet.carleton.ca
gracilis.glel.carleton.ca
itsgit.carleton.ca
u-itsadc02.cunet-uat.carleton.ca
enrichment.math.carleton.ca
planforgood.carleton.ca
www.cuol.ca
sprottcareers.carleton.ca
iggrc.carleton.ca
adminweb.carleton.ca
ccss.carleton.ca
webwork.math.carleton.ca
people.math.carleton.ca
cutv.carleton.ca
earthsci.carleton.ca
sssc.carleton.ca
rcsctx.carleton.ca
rcs-citrix5.carleton.ca
deap-deltav.physics.carleton.ca
hereforgood.carleton.ca
ngn.sce.carleton.ca
banweb03.cunet.carleton.ca
ccss.carleton.ca
Certificate
The complete raw certificate details for architecture.carleton.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAyPTzLQtUhCkZnUU+Kuc3ww1MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjYxODA5MzhaFw0yNDAxMjQxODA5MzdaMCMxITAfBgNVBAMT GGFyY2hpdGVjdHVyZS5jYXJsZXRvbi5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALzHa2K3uZ6dE2bGCSNJrSbyJKT1UG6ThxNgc8psFSb9bw3Y1cdE LJrQWXKMEoldaODB8g1U5SjKQ1f0VIFHwP+yqECsOgAWdGOa5XqcTkoiFcJ8fTrD iV4WvGk8Wlqkms4jftsxclU9RqPPxQQwjM9m4I/Wb3Qy5uVwHI6X3K91YLt1fwEm Yuyu280Bb9i51gN6VyzkyaXFyg5B3bzCl0sO3foTXPdvnyjx+VC/UF7xkAFW/3nq XXK9PwRC1nA67oCPPczxXwUeN0Sl3QV8yb5nxEGAd92B8WKHPk3XNTnT0rilBbyr BmUDQUNxjteT34efbRmnw35T0uzsfU+mACkCAwEAAaOCAhswggIXMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUbwKUtEw5PLIIuUTD5p0+2Uw5460wHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYYXJjaGl0ZWN0dXJlLmNhcmxldG9uLmNh MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA 2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGLbWRpRAAABAMARzBF AiEAnI7MmGrYINVG31oB5i+InjLZMRrr2CqoAd+HKcuhGJkCIAblM7QG0PgEFkX8 pb+ErtwDRrUpOMUu1p6Agu0aQSLQAHcA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGLbWRpQQAABAMASDBGAiEAvfxz/Q6yY+bGs4LsQXHN1Cr7eKgZ Cy3yQ1lmyzkB0foCIQCOpf0ZmkGbYX8kWmDV8mbxC7lsaTC3ZjCC3RBtHpe9AjAN BgkqhkiG9w0BAQsFAAOCAQEATh+YLPASjzyZn8qzPfjFI3lzn58uDztH11nYRbPw CnHtMdz0PkmnKQ/MyFQIaRlGRS/Sq60V0nHgcnVoip2IjB6Ziq3Fy14A2lulx43K voRb1XpUJqybCb8zfe5Og3FgeI0LUrQNDcMJhgVQ7SIxT3iLsgLBXK34XrmZd4gp E68xnR63luQsRmYhZHocS5VL2KuZibWZcEq7gqKgUEHO10X74cQ2jFI2PtEw3yzm 8sAlAkgyG81vOzKqN280gvbzfPT1iM3EwEBvWu6mh3A8xlM8IG9Pr/h0o6SsnSV+ 5ihmW5mlvmwMTOrQ58DWiDcu43XAMV7z1jyOCM51w7U8dw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMdrYre5np0TZsYJI0mt JvIkpPVQbpOHE2BzymwVJv1vDdjVx0QsmtBZcowSiV1o4MHyDVTlKMpDV/RUgUfA /7KoQKw6ABZ0Y5rlepxOSiIVwnx9OsOJXha8aTxaWqSaziN+2zFyVT1Go8/FBDCM z2bgj9ZvdDLm5XAcjpfcr3Vgu3V/ASZi7K7bzQFv2LnWA3pXLOTJpcXKDkHdvMKX Sw7d+hNc92+fKPH5UL9QXvGQAVb/eepdcr0/BELWcDrugI89zPFfBR43RKXdBXzJ vmfEQYB33YHxYoc+Tdc1OdPSuKUFvKsGZQNBQ3GO15Pfh59tGafDflPS7Ox9T6YA KQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 273528270627607738375527876638155240049717 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 18:09:38 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-24 18:09:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'architecture.carleton.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23831138741857586715827425916880137256499007708862458829392719136346773264947448941791877030498802611232082515636001510600897987073849249765924191765141983417103570844766988856001079700309280498215225511936359460713660119648424710346849972466176658461994227033142038497688705050606484274571736242866977964430911586270014256183422908806620671775703880616108655121817024010999350724230548967617552191557634804109889651216800762321250530098342061937296178564148672477148190152767757258753207106953799808023497511029945487598417611397659490523571592778860754170284793247675812729593733410351919464796503356698497588265001 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6f0294b44c393cb208b944c3e69d3ed94c39e3ad . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'architecture.carleton.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b6d64694400000403004730450221009c8ecc986ad820d546df5a01e62f889e32d9311aebd82aa801df8729cba11899022006e533b406d0f8041645fca5bf84aedc0346b52938c52ed69e8082ed1a4122d0007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b6d6469410000040300483046022100bdfc73fd0eb263e6c6b382ec4171cdd42afb78a8190b2df2435966cb3901d1fa0221008ea5fd199a419b617f245a60d5f266f10bb96c6930b7663082dd106d1e97bd02 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004e1f982cf0128f3c999fcab33df8c52379739f9f2e0f3b47d759d845b3f00a71ed31dcf43e49a7290fccc85408691946452fd2abad15d271e07275688a9d888c1e998aadc5cb5e00da5ba5c78dcabe845bd57a5426ac9b09bf337dee4e837160788d0b52b40d0dc309860550ed22314f788bb202c15cadf85eb99977882913af319d1eb796e42c466621647a1c4b954bd8ab9989b599704abb82a2a05041ced745fbe1c4368c52363ed130df2ce6f2c0250248321bcd6f3b32aa376f3482f6f37cf4f588cdc4c0406f5aeea687703cc6533c206f4faff874a3a4ac9d257ee628665b99a5be6c0c4cead0e7c0d688372ee375c0315ef3d63c8e08ce75c3b53c77