na21-1.cdn.salesforce-communities.com
Issued by R3
About this certificate
This digital certificate with serial number 03:cf:eb:50:e0:8f:c5:ac:44:06:2c:f2:e9:c1:2e:bc:41:88 was issued on by Let's Encrypt.
With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=na21-1.cdn.salesforce-communities.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:cf:eb:50:e0:8f:c5:ac:44:06:2c:f2:e9:c1:2e:bc:41:88Serial Number (int): 332088096265323695154057513487340215746952
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 5d:15:54:78:c9:ba:3d:1f:05:d3:d1:22:06:a1:d8:d4:a2:f8:e8:06
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 3a:e1:f6:5b:7c:99:3c:6e:bf:4a:bd:f8:e8:61:7c:b8:18:12:66:be
Fingerprint (sha256): 09:06:c3:7d:22:8b:8e:27:ee:62:28:82:d0:63:4f:ea:7b:4b:e3:e0:79:be:59:b3:c0:7e:d0:48:d1:c9:49:ea
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate na21-1.cdn.salesforce-communities.com
14
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for na21-1.cdn.salesforce-communities.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aie.my.army.mil
bap.epa.gov
beta.trade.gov
childprotectionregistry.delaware.gov
legacy.export.gov
my.army.mil
na21-1.cdn.salesforce-communities.com
salesforce.trade.gov
salesforcetest.nycers.org
www.privacyshield.gov
www.qhpcertification.cms.gov
www.salesforcecoe.ohio.gov
www.selectusa.gov
www.stopfakes.gov
bap.epa.gov
beta.trade.gov
childprotectionregistry.delaware.gov
legacy.export.gov
my.army.mil
na21-1.cdn.salesforce-communities.com
salesforce.trade.gov
salesforcetest.nycers.org
www.privacyshield.gov
www.qhpcertification.cms.gov
www.salesforcecoe.ohio.gov
www.selectusa.gov
www.stopfakes.gov
Other certificates including the domain name salesforce-communities.com
(limited to 100 certificates)
um1-2.cdn.salesforce-communities.com
*.cs109.force.com
*.cs54.force.com
prod.3.slot.cdn.salesforce-communities.com
*.cs55.force.com
*.na151.force.com
prod.4.slot.cdn.salesforce-communities.com
*.na202.force.com
na96-2.cdn.salesforce-communities.com
prod.29.slot.cdn.salesforce-communities.com
o.ssl.fastly.net
*.cs54.force.com
o.ssl.fastly.net
*.na85.force.com
prod.2.slot.cdn.salesforce-communities.com
um1-2.cdn.salesforce-communities.com
prod.22.slot.cdn.salesforce-communities.com
eu9-1.cdn.salesforce-communities.com
eu12-1.cdn.salesforce-communities.com
prod.6.slot.cdn.salesforce-communities.com
prod.26.slot.cdn.salesforce-communities.com
na35-1.cdn.salesforce-communities.com
prod.9.slot.cdn.salesforce-communities.com
ap6-1.cdn.salesforce-communities.com
*.eu27.force.com
eu18-2.cdn.salesforce-communities.com
gs0-2.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
eu17-2.cdn.salesforce-communities.com
*.cs30.force.com
ap5-1.cdn.salesforce-communities.com
eu12-1.cdn.salesforce-communities.com
*.na127.force.com
prod.35.slot.cdn.salesforce-communities.com
*.cs81.force.com
prod.7.slot.cdn.salesforce-communities.com
eu26-2.cdn.salesforce-communities.com
prod.34.slot.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
prod.50.slot.cdn.salesforce-communities.com
*.na64.force.com
prod.37.slot.cdn.salesforce-communities.com
prod.5.slot.cdn.salesforce-communities.com
*.cs34.force.com
*.na72.force.com
prod.27.slot.cdn.salesforce-communities.com
prod.7.slot.cdn.salesforce-communities.com
um1-2.cdn.salesforce-communities.com
prod.19.slot.cdn.salesforce-communities.com
prod.18.slot.cdn.salesforce-communities.com
*.na36.force.com
prod.16.slot.cdn.salesforce-communities.com
*.na36.force.com
prod.33.slot.cdn.salesforce-communities.com
na21-1.cdn.salesforce-communities.com
prod.4.slot.cdn.salesforce-communities.com
prod.22.slot.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
*.na107.force.com
*.na86.force.com
prod.37.slot.cdn.salesforce-communities.com
prod.18.slot.cdn.salesforce-communities.com
prod.25.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
eu26-2.cdn.salesforce-communities.com
mobile1.t.force.com
prod.5.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
*.eu46.force.com
*.cs4.force.com
prod.13.slot.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
eu6-1.cdn.salesforce-communities.com
prod.3.slot.cdn.salesforce-communities.com
prod.2.slot.cdn.salesforce-communities.com
*.na34.force.com
*.cs15.force.com
*.na152.force.com
00001.salesforce-communities.cdn.t.siteforce.com
*.cs15.force.com
*.cs173.force.com
eu10-1.cdn.salesforce-communities.com
*.eu25.force.com
*.na18.force.com
prod.1.slot.cdn.salesforce-communities.com
prod.49.slot.cdn.salesforce-communities.com
prod.25.slot.cdn.salesforce-communities.com
*.na38.force.com
eu14-2.cdn.salesforce-communities.com
00001.salesforce-communities.cdn.t.siteforce.com
*.na137.force.com
prod.8.slot.cdn.salesforce-communities.com
prod.33.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
prod.38.slot.cdn.salesforce-communities.com
prod.5.slot.cdn.salesforce-communities.com
prod.35.slot.cdn.salesforce-communities.com
prod.13.slot.cdn.salesforce-communities.com
*.na1.force.com
na38-1.cdn.salesforce-communities.com
*.cs109.force.com
*.cs54.force.com
prod.3.slot.cdn.salesforce-communities.com
*.cs55.force.com
*.na151.force.com
prod.4.slot.cdn.salesforce-communities.com
*.na202.force.com
na96-2.cdn.salesforce-communities.com
prod.29.slot.cdn.salesforce-communities.com
o.ssl.fastly.net
*.cs54.force.com
o.ssl.fastly.net
*.na85.force.com
prod.2.slot.cdn.salesforce-communities.com
um1-2.cdn.salesforce-communities.com
prod.22.slot.cdn.salesforce-communities.com
eu9-1.cdn.salesforce-communities.com
eu12-1.cdn.salesforce-communities.com
prod.6.slot.cdn.salesforce-communities.com
prod.26.slot.cdn.salesforce-communities.com
na35-1.cdn.salesforce-communities.com
prod.9.slot.cdn.salesforce-communities.com
ap6-1.cdn.salesforce-communities.com
*.eu27.force.com
eu18-2.cdn.salesforce-communities.com
gs0-2.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
eu17-2.cdn.salesforce-communities.com
*.cs30.force.com
ap5-1.cdn.salesforce-communities.com
eu12-1.cdn.salesforce-communities.com
*.na127.force.com
prod.35.slot.cdn.salesforce-communities.com
*.cs81.force.com
prod.7.slot.cdn.salesforce-communities.com
eu26-2.cdn.salesforce-communities.com
prod.34.slot.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
prod.50.slot.cdn.salesforce-communities.com
*.na64.force.com
prod.37.slot.cdn.salesforce-communities.com
prod.5.slot.cdn.salesforce-communities.com
*.cs34.force.com
*.na72.force.com
prod.27.slot.cdn.salesforce-communities.com
prod.7.slot.cdn.salesforce-communities.com
um1-2.cdn.salesforce-communities.com
prod.19.slot.cdn.salesforce-communities.com
prod.18.slot.cdn.salesforce-communities.com
*.na36.force.com
prod.16.slot.cdn.salesforce-communities.com
*.na36.force.com
prod.33.slot.cdn.salesforce-communities.com
na21-1.cdn.salesforce-communities.com
prod.4.slot.cdn.salesforce-communities.com
prod.22.slot.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
*.na107.force.com
*.na86.force.com
prod.37.slot.cdn.salesforce-communities.com
prod.18.slot.cdn.salesforce-communities.com
prod.25.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
eu26-2.cdn.salesforce-communities.com
mobile1.t.force.com
prod.5.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
*.eu46.force.com
*.cs4.force.com
prod.13.slot.cdn.salesforce-communities.com
eu18-2.cdn.salesforce-communities.com
eu6-1.cdn.salesforce-communities.com
prod.3.slot.cdn.salesforce-communities.com
prod.2.slot.cdn.salesforce-communities.com
*.na34.force.com
*.cs15.force.com
*.na152.force.com
00001.salesforce-communities.cdn.t.siteforce.com
*.cs15.force.com
*.cs173.force.com
eu10-1.cdn.salesforce-communities.com
*.eu25.force.com
*.na18.force.com
prod.1.slot.cdn.salesforce-communities.com
prod.49.slot.cdn.salesforce-communities.com
prod.25.slot.cdn.salesforce-communities.com
*.na38.force.com
eu14-2.cdn.salesforce-communities.com
00001.salesforce-communities.cdn.t.siteforce.com
*.na137.force.com
prod.8.slot.cdn.salesforce-communities.com
prod.33.slot.cdn.salesforce-communities.com
prod.16.slot.cdn.salesforce-communities.com
prod.38.slot.cdn.salesforce-communities.com
prod.5.slot.cdn.salesforce-communities.com
prod.35.slot.cdn.salesforce-communities.com
prod.13.slot.cdn.salesforce-communities.com
*.na1.force.com
na38-1.cdn.salesforce-communities.com
Certificate
The complete raw certificate details for na21-1.cdn.salesforce-communities.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgISA8/rUOCPxaxEBizy6cEuvEGIMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMTEyMDYxNjQ1MDVaFw0yMjAzMDYxNjQ1MDRaMDAxLjAsBgNVBAMT JW5hMjEtMS5jZG4uc2FsZXNmb3JjZS1jb21tdW5pdGllcy5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu8CYtsWy2ybDBxCHMQNTmFCqR9DbQMWtP 8dzHV4j5up3TveKzVu3ZDPglNjQsXpgUkXtMD9J4TAf7EmNtYs9z4N3lK2M7YEMe TLm0YtmhNq9bm85jlHyh5VKElIA239iN07DPlYdxys4Sy+3ONkU8NYqF2Pa6UvRr znQPvAMDW3T7tGUOfwissOI0sY47paucPUCMz9oQJIf2P5InLKpwLFpQTMdji7Rn arRFL/pRVxW/Zw1pw/WXNcD1i0DpiHYCDVdzq/cQVRDsuV0k7WKuQcJNllguGEMU 8RS1xbM4EpGKnslV1361mXyqiDOxqxNCUYW/DN9hcT6f0/4ji+xBAgMBAAGjggKP MIICizAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFF0VVHjJuj0fBdPRIgah2NSi+OgG MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkw RzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAC hhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIBUAYDVR0RBIIBRzCCAUOCD2FpZS5t eS5hcm15Lm1pbIILYmFwLmVwYS5nb3aCDmJldGEudHJhZGUuZ292giRjaGlsZHBy b3RlY3Rpb25yZWdpc3RyeS5kZWxhd2FyZS5nb3aCEWxlZ2FjeS5leHBvcnQuZ292 ggtteS5hcm15Lm1pbIIlbmEyMS0xLmNkbi5zYWxlc2ZvcmNlLWNvbW11bml0aWVz LmNvbYIUc2FsZXNmb3JjZS50cmFkZS5nb3aCGXNhbGVzZm9yY2V0ZXN0Lm55Y2Vy cy5vcmeCFXd3dy5wcml2YWN5c2hpZWxkLmdvdoIcd3d3LnFocGNlcnRpZmljYXRp b24uY21zLmdvdoIad3d3LnNhbGVzZm9yY2Vjb2Uub2hpby5nb3aCEXd3dy5zZWxl Y3R1c2EuZ292ghF3d3cuc3RvcGZha2VzLmdvdjBMBgNVHSAERTBDMAgGBmeBDAEC ATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl bmNyeXB0Lm9yZzATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC AQEAmCErQ8fdHek8o4BScU3ucUdy59/vXnOhvXOlFVLaIXBuw8LxCjW4bPrt947z Flwa08C2ZtZtlt2kPupwDPaZf6NHEI0HO0IVqzbYJLSYZE0AUOPjvvbOEoAgTKl/ VhWbI5T9K8+UbAXip3XYdyQks+4Gfsh7/Ua3AOjaFzh7kqXHQIxL3SJdwjLu+VEv pJZcKRwQzF5hvMwS+XYEzDyUzves+3MARcjEfU+rWY6amQun7LjS8KNSxpOV+B9Q B2flmSNFDgPm38Y4p/HLOhfHNg1Hwpxj98GAwFW47jQddytY8P+XgzO4Slj6cS1l pregJzgIufNF35IkTK08/2u81Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvAmLbFstsmwwcQhzEDU 5hQqkfQ20DFrT/Hcx1eI+bqd073is1bt2Qz4JTY0LF6YFJF7TA/SeEwH+xJjbWLP c+Dd5StjO2BDHky5tGLZoTavW5vOY5R8oeVShJSANt/YjdOwz5WHccrOEsvtzjZF PDWKhdj2ulL0a850D7wDA1t0+7RlDn8IrLDiNLGOO6WrnD1AjM/aECSH9j+SJyyq cCxaUEzHY4u0Z2q0RS/6UVcVv2cNacP1lzXA9YtA6Yh2Ag1Xc6v3EFUQ7LldJO1i rkHCTZZYLhhDFPEUtcWzOBKRip7JVdd+tZl8qogzsasTQlGFvwzfYXE+n9P+I4vs QQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 332088096265323695154057513487340215746952 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-06 16:45:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-06 16:45:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'na21-1.cdn.salesforce-communities.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22083887016071640650117812421881484478271230165299732083113567522309024033443670572393670734291854830450820551087869884299655929310633494170401406325231984291553463977960313287566428577910224624670638200852393375440802673484193468428108216852955912163542288165900609175976219222234812523058993197196406785233863962308219755014524047863819043840837302466267593955166871115025647218680611395895293347459600877761068362335695008656595347006155636633264618323638815496603543938661798017944932454374361798842975073041303602799361940110693484729192753756674264485290326973531064662790757032067163262813406218227586454776897 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5d155478c9ba3d1f05d3d12206a1d8d4a2f8e806 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (327 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aie.my.army.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bap.epa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.trade.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'childprotectionregistry.delaware.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legacy.export.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.army.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'na21-1.cdn.salesforce-communities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salesforce.trade.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salesforcetest.nycers.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privacyshield.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qhpcertification.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.salesforcecoe.ohio.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.selectusa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stopfakes.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0098212b43c7dd1de93ca38052714dee714772e7dfef5e73a1bd73a51552da21706ec3c2f10a35b86cfaedf78ef3165c1ad3c0b666d66d96dda43eea700cf6997fa347108d073b4215ab36d824b498644d0050e3e3bef6ce1280204ca97f56159b2394fd2bcf946c05e2a775d8772424b3ee067ec87bfd46b700e8da17387b92a5c7408c4bdd225dc232eef9512fa4965c291c10cc5e61bccc12f97604cc3c94cef7acfb730045c8c47d4fab598e9a990ba7ecb8d2f0a352c69395f81f500767e59923450e03e6dfc638a7f1cb3a17c7360d47c29c63f7c180c055b8ee341d772b58f0ff978333b84a58fa712d65a6b7a0273808b9f345df92244cad3cff6bbcd5