book.nuffield.dev.fridayengineering.net
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:7b:1e:a7:04:16:2a:fb:32:4b:c9:c6:75:46:b8:cb:41:10 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=book.nuffield.dev.fridayengineering.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:7b:1e:a7:04:16:2a:fb:32:4b:c9:c6:75:46:b8:cb:41:10Serial Number (int): 303232332962891053776497940300461228376336
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a5:77:a7:06:e0:7a:eb:33:f8:ce:a1:f6:8c:c7:5b:41:29:66:97:24
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7e:fd:e0:d6:fc:50:62:04:b3:c3:52:90:43:17:7a:a5:70:1c:59:33
Fingerprint (sha256): 08:0e:32:eb:c0:d3:36:4f:98:dc:20:1c:eb:0c:65:89:44:01:80:71:c1:d6:af:17:2d:f8:02:96:b3:1c:bd:78
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate book.nuffield.dev.fridayengineering.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for book.nuffield.dev.fridayengineering.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
book.nuffield.dev.fridayengineering.net
Other certificates including the domain name fridayengineering.net
(limited to 100 certificates)
www.nuffield.demo.fridayengineering.net
ssl377569.cloudflaressl.com
www.nuffield.ci.fridayengineering.net
sni147912.cloudflaressl.com
cms.nuffield.hospitalevents-qa.fridayengineering.net
ssl377567.cloudflaressl.com
puppet.tools.fridayengineering.net
payments.nuffield.qanext.fridayengineering.net
gympass.nuffield.qa.fridayengineering.net
clientreporting.fridayengineering.net
xmobile-hsbc.demo.fridayengineering.net
cms.nuffield.ops.fridayengineering.net
uicentre-mvp.testing.fridayengineering.net
tablet.nuffield.qa.fridayengineering.net
ssl377568.cloudflaressl.com
book.nuffield.uat.fridayengineering.net
payments.nuffield.uat.fridayengineering.net
ssl377567.cloudflaressl.com
ssl377569.cloudflaressl.com
nl.cmb.tealium.qa.fridayengineering.net
docker.tools.fridayengineering.net
payments.nuffield.devnext.fridayengineering.net
sni10404.cloudflaressl.com
prospects-nuffield-gyms-ci.fridayengineering.net
ssl377567.cloudflaressl.com
sni147912.cloudflaressl.com
ssl377567.cloudflaressl.com
fr.privatebank.testing.fridayengineering.net
qa.aetna.webstubs.tools.fridayengineering.net
fridaywebsite.dev.fridayengineering.net
www.nuffield.dev.fridayengineering.net
ssl377568.cloudflaressl.com
ssl377568.cloudflaressl.com
ssl377568.cloudflaressl.com
www.vhealth.aetna.dev.fridayengineering.net
ssl514287.cloudflaressl.com
gympass.nuffield.uat.fridayengineering.net
book.nuffield.dev.fridayengineering.net
ssl377569.cloudflaressl.com
physio-booking.nuffield.uat.fridayengineering.net
api-a-hsbc.staging.fridayengineering.net
book.nuffield.qanext.fridayengineering.net
web1.cmbpws.81.qa.fridayengineering.net
fridaywebsite.uat.fridayengineering.net
ssl514288.cloudflaressl.com
cms.nuffield.testing.fridayengineering.net
ssl377567.cloudflaressl.com
www.nuffield.qanext.fridayengineering.net
www.masthaven.testing.fridayengineering.net
library-a-hsbc.demo.fridayengineering.net
de.privatebank.testing.fridayengineering.net
cms.nuffield.dev.fridayengineering.net
love-staging.redcross.org.uk
library-a-hsbc.staging.fridayengineering.net
octopus.tools.fridayengineering.net
ssl377569.cloudflaressl.com
dashboard-a-hsbc.testing.fridayengineering.net
webstubs.tools.fridayengineering.net
ssl377569.cloudflaressl.com
physio-booking.nuffield.uat.fridayengineering.net
collector-a-hsbc.testing.fridayengineering.net
ssl377569.cloudflaressl.com
auth.masthaven.ci.fridayengineering.net
collector-a-hsbc.staging.fridayengineering.net
payments.nuffield.uat.fridayengineering.net
dashboard-a-hsbc.staging.fridayengineering.net
ssl377569.cloudflaressl.com
network.cmbpws.hsbc.testing.fridayengineering.net
ssl377568.cloudflaressl.com
www.nuffield.classbooking-dev.fridayengineering.net
de.privatebank.ci.fridayengineering.net
authoring.rcslt.uat.fridayengineering.net
sni10404.cloudflaressl.com
serverless.fridayengineering.net
ssl377567.cloudflaressl.com
cg2015-gc-hsbc.demo.fridayengineering.net
authoring.rcslt.uat.fridayengineering.net
*.wearefriday.com
book.nuffield.devnext.fridayengineering.net
ssl377569.cloudflaressl.com
spectre.tools.fridayengineering.net
fr.privatebank.testing.fridayengineering.net
www.masthaven.prototype.fridayengineering.net
ssl377567.cloudflaressl.com
acl-a-hsbc.demo.fridayengineering.net
git.wearefriday.com
gympass.nuffield.dev.fridayengineering.net
www.nuffield.uat.fridayengineering.net
fridaywebsite.dev.fridayengineering.net
id-a-hsbc.staging.fridayengineering.net
cms.nuffield.qanext.fridayengineering.net
authoring.rcslt.uat.fridayengineering.net
sni10404.cloudflaressl.com
sni10404.cloudflaressl.com
octopus.tools.fridayengineering.net
uicentre-admin-dce-hsbc-testing.fridayengineering.net
ssl377569.cloudflaressl.com
fr.privatebank.testing.fridayengineering.net
webstubs.tools.fridayengineering.net
www.nuffield.aws.fridayengineering.net
ssl377569.cloudflaressl.com
www.nuffield.ci.fridayengineering.net
sni147912.cloudflaressl.com
cms.nuffield.hospitalevents-qa.fridayengineering.net
ssl377567.cloudflaressl.com
puppet.tools.fridayengineering.net
payments.nuffield.qanext.fridayengineering.net
gympass.nuffield.qa.fridayengineering.net
clientreporting.fridayengineering.net
xmobile-hsbc.demo.fridayengineering.net
cms.nuffield.ops.fridayengineering.net
uicentre-mvp.testing.fridayengineering.net
tablet.nuffield.qa.fridayengineering.net
ssl377568.cloudflaressl.com
book.nuffield.uat.fridayengineering.net
payments.nuffield.uat.fridayengineering.net
ssl377567.cloudflaressl.com
ssl377569.cloudflaressl.com
nl.cmb.tealium.qa.fridayengineering.net
docker.tools.fridayengineering.net
payments.nuffield.devnext.fridayengineering.net
sni10404.cloudflaressl.com
prospects-nuffield-gyms-ci.fridayengineering.net
ssl377567.cloudflaressl.com
sni147912.cloudflaressl.com
ssl377567.cloudflaressl.com
fr.privatebank.testing.fridayengineering.net
qa.aetna.webstubs.tools.fridayengineering.net
fridaywebsite.dev.fridayengineering.net
www.nuffield.dev.fridayengineering.net
ssl377568.cloudflaressl.com
ssl377568.cloudflaressl.com
ssl377568.cloudflaressl.com
www.vhealth.aetna.dev.fridayengineering.net
ssl514287.cloudflaressl.com
gympass.nuffield.uat.fridayengineering.net
book.nuffield.dev.fridayengineering.net
ssl377569.cloudflaressl.com
physio-booking.nuffield.uat.fridayengineering.net
api-a-hsbc.staging.fridayengineering.net
book.nuffield.qanext.fridayengineering.net
web1.cmbpws.81.qa.fridayengineering.net
fridaywebsite.uat.fridayengineering.net
ssl514288.cloudflaressl.com
cms.nuffield.testing.fridayengineering.net
ssl377567.cloudflaressl.com
www.nuffield.qanext.fridayengineering.net
www.masthaven.testing.fridayengineering.net
library-a-hsbc.demo.fridayengineering.net
de.privatebank.testing.fridayengineering.net
cms.nuffield.dev.fridayengineering.net
love-staging.redcross.org.uk
library-a-hsbc.staging.fridayengineering.net
octopus.tools.fridayengineering.net
ssl377569.cloudflaressl.com
dashboard-a-hsbc.testing.fridayengineering.net
webstubs.tools.fridayengineering.net
ssl377569.cloudflaressl.com
physio-booking.nuffield.uat.fridayengineering.net
collector-a-hsbc.testing.fridayengineering.net
ssl377569.cloudflaressl.com
auth.masthaven.ci.fridayengineering.net
collector-a-hsbc.staging.fridayengineering.net
payments.nuffield.uat.fridayengineering.net
dashboard-a-hsbc.staging.fridayengineering.net
ssl377569.cloudflaressl.com
network.cmbpws.hsbc.testing.fridayengineering.net
ssl377568.cloudflaressl.com
www.nuffield.classbooking-dev.fridayengineering.net
de.privatebank.ci.fridayengineering.net
authoring.rcslt.uat.fridayengineering.net
sni10404.cloudflaressl.com
serverless.fridayengineering.net
ssl377567.cloudflaressl.com
cg2015-gc-hsbc.demo.fridayengineering.net
authoring.rcslt.uat.fridayengineering.net
*.wearefriday.com
book.nuffield.devnext.fridayengineering.net
ssl377569.cloudflaressl.com
spectre.tools.fridayengineering.net
fr.privatebank.testing.fridayengineering.net
www.masthaven.prototype.fridayengineering.net
ssl377567.cloudflaressl.com
acl-a-hsbc.demo.fridayengineering.net
git.wearefriday.com
gympass.nuffield.dev.fridayengineering.net
www.nuffield.uat.fridayengineering.net
fridaywebsite.dev.fridayengineering.net
id-a-hsbc.staging.fridayengineering.net
cms.nuffield.qanext.fridayengineering.net
authoring.rcslt.uat.fridayengineering.net
sni10404.cloudflaressl.com
sni10404.cloudflaressl.com
octopus.tools.fridayengineering.net
uicentre-admin-dce-hsbc-testing.fridayengineering.net
ssl377569.cloudflaressl.com
fr.privatebank.testing.fridayengineering.net
webstubs.tools.fridayengineering.net
www.nuffield.aws.fridayengineering.net
Certificate
The complete raw certificate details for book.nuffield.dev.fridayengineering.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGMjCCBRqgAwIBAgISA3sepwQWKvsyS8nGdUa4y0EQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjEyMDMwMzQ2MDBaFw0x NzAzMDMwMzQ2MDBaMDIxMDAuBgNVBAMTJ2Jvb2subnVmZmllbGQuZGV2LmZyaWRh eWVuZ2luZWVyaW5nLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB ANYd+uZGrDduR8WB2r7vm3qWWNiLMo87dfNuLTPLQG7lBxHbKfe93vLdNuoXNQSO 5KLoE7sPyNBh6COMzoEUBznnT8hRhKKfJKUNv4H/733MRmuXTO1LwwB7p04Ojw/H jTee3ST6dyYwLpEAnI5n7onTUjvW9YrEl6mC2UA7jOGAzTITkyiKvNQlRIcMiHSk 2MwxSZh2YhsTw5ZRCYJzDOg1eq9AWt23KDvCk40PL69BE13yC/aRrnRBymVOkDjV greKIr8usjE8hGKmQAXvyRQOMxGv6nbz77NNOkbk5k0KhzdggCPrbNXC7MNYN0EP vCrDxKOfSFWUEzrshhL226i6yUSVRcIHUUzpfV7XoFg8T+o5PiHIiIup3sgMuPYj s8/wxizJIBc9OTuvXexS751VWrGBvgjDRc+ZEBaUts6b2qDnlb79MjJwXHs4cQX2 OD8WJhRKlOn3jsOod7WPzCGFpvX6kV8WQ/yd/cIQUiqON4DyHM73ViSoG+QznhxQ SmujGIwmEnJ3myUMpaQl+Fp6j6mDRI4e173iH4aFF14GEsyhnvhHmQoiuahayWlV twvhicYiUeiVbGXcAfeia/yqEjLNHEjEwGd2Fpv/r7DrdGHVr/K33mOrY7u5Lqjj 07d+n/9lf8CDqwPg0OxFaC6RUOH5u46Pp/9+EKYRgdmvAgMBAAGjggIoMIICJDAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFKV3pwbgeusz+M6h9ozHW0EpZpckMB8GA1Ud IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEBBGQwYjAvBggr BgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLwYI KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMDIG A1UdEQQrMCmCJ2Jvb2subnVmZmllbGQuZGV2LmZyaWRheWVuZ2luZWVyaW5nLm5l dDCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcC AjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24g YnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0 aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5 cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQBPO4PAHVE5k1a/ OqHOVNWVLCMu+QXXKql0i2OQar84tQAzSOXGehUB+jhhHPPIrK0C8TmZr4FcOcw4 urGnXpJhxw2grRSN9zBo88LwA1sdzelSC9ou9rCxW1BPVYC0o2zMqF5CVnGQzUFo f0rcW/D7yBo05uWapfYqPjXio+xc6wukEGPpl16l8z55QE7r3ADKPHKWvHep6Zhh qIHmaDefeQDTXFIp1e/WzU6LhYI05HbEW0/ja07dCMBkOEzP8JI84sl44kwBOAcx Gu6ogrtsD6ku6ViYJCgR6Kbu0hn/wQ/ZeojPBahw+7nBPqrHzLeeM3gUcqKaDV8q oE7IHfQF -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1h365kasN25HxYHavu+b epZY2Isyjzt1824tM8tAbuUHEdsp973e8t026hc1BI7kougTuw/I0GHoI4zOgRQH OedPyFGEop8kpQ2/gf/vfcxGa5dM7UvDAHunTg6PD8eNN57dJPp3JjAukQCcjmfu idNSO9b1isSXqYLZQDuM4YDNMhOTKIq81CVEhwyIdKTYzDFJmHZiGxPDllEJgnMM 6DV6r0Ba3bcoO8KTjQ8vr0ETXfIL9pGudEHKZU6QONWCt4oivy6yMTyEYqZABe/J FA4zEa/qdvPvs006RuTmTQqHN2CAI+ts1cLsw1g3QQ+8KsPEo59IVZQTOuyGEvbb qLrJRJVFwgdRTOl9XtegWDxP6jk+IciIi6neyAy49iOzz/DGLMkgFz05O69d7FLv nVVasYG+CMNFz5kQFpS2zpvaoOeVvv0yMnBcezhxBfY4PxYmFEqU6feOw6h3tY/M IYWm9fqRXxZD/J39whBSKo43gPIczvdWJKgb5DOeHFBKa6MYjCYScnebJQylpCX4 WnqPqYNEjh7XveIfhoUXXgYSzKGe+EeZCiK5qFrJaVW3C+GJxiJR6JVsZdwB96Jr /KoSMs0cSMTAZ3YWm/+vsOt0YdWv8rfeY6tju7kuqOPTt36f/2V/wIOrA+DQ7EVo LpFQ4fm7jo+n/34QphGB2a8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303232332962891053776497940300461228376336 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-03 03:46:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-03 03:46:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'book.nuffield.dev.fridayengineering.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 873521596338207365128787794460405417913967336840356048094714979178351559888004867166097260806800884313468246584832600942603731687863994784764059779836270991139833190899784366904718300742805136198646946372110415559588007395734288741243870836395268244648437090649627850589708714493135598962307320313357501573690091347814057537535791592582959826254179931550347912626994133140908649192136751279950145949147973794508964969037565429171085668877101819187311118043019995744434929955702606680897454544061656311974259762622782407039106911666503162156112138354188332942010527418345903963669385594112436605444464203931335263303233026599797543258221049010667945977677507054262483284011026053494197122782724906499921508035357967213033881049671275167492927498823823226302850163046617743633797036260040432050705056084439568316600200801578428339296005286017985049853380797747236082012203825625191770993564064602000241150541931292680945509291804917219187309649010153564217217471741793883283653402369765289149670326973087411926194914524647033006312887317700803783236933165657183392918043518302291783283191785320473519180639268597728004399392520380666871622984665821712532450458846679281094804492551830651425555039150752645841330729987924985794028231087 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a577a706e07aeb33f8cea1f68cc75b4129669724 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'book.nuffield.dev.fridayengineering.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004f3b83c01d51399356bf3aa1ce54d5952c232ef905d72aa9748b63906abf38b5003348e5c67a1501fa38611cf3c8acad02f13999af815c39cc38bab1a75e9261c70da0ad148df73068f3c2f0035b1dcde9520bda2ef6b0b15b504f5580b4a36ccca85e42567190cd41687f4adc5bf0fbc81a34e6e59aa5f62a3e35e2a3ec5ceb0ba41063e9975ea5f33e79404eebdc00ca3c7296bc77a9e99861a881e668379f7900d35c5229d5efd6cd4e8b858234e476c45b4fe36b4edd08c064384ccff0923ce2c978e24c013807311aeea882bb6c0fa92ee95898242811e8a6eed219ffc10fd97a88cf05a870fbb9c13eaac7ccb79e33781472a29a0d5f2aa04ec81df405