giannini.ucop.edu
Issued by R3
About this certificate
This digital certificate with serial number 04:8d:b9:83:f8:31:9f:a9:e4:52:2d:49:6b:ed:c5:c4:1c:ef was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=giannini.ucop.edu
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:8d:b9:83:f8:31:9f:a9:e4:52:2d:49:6b:ed:c5:c4:1c:efSerial Number (int): 396675549866971162605791740244837963930863
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: fc:c1:80:58:c2:c6:cb:eb:6e:02:ff:69:91:21:7a:23:07:b1:38:e7
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 0b:db:81:af:54:5c:da:fb:64:59:94:25:ee:91:c2:df:7b:b4:d7:83
Fingerprint (sha256): 09:22:75:e0:ab:e4:93:a4:44:21:16:93:ea:bc:69:e3:fd:bd:44:9d:5c:53:3f:c3:b3:fa:9b:70:7c:bd:84:f2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate giannini.ucop.edu
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for giannini.ucop.edu
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
giannini.ucop.edu
s.giannini.ucop.edu
s.giannini.ucop.edu
Other certificates including the domain name ucop.edu
(limited to 100 certificates)
firm.ucop.edu
ucars.ucop.edu
doscodes.ucop.edu
ucengage2014.ucop.edu
biprod.ucop.edu
ermd.ucop.edu
ajsqa.ucop.edu
danr.ucop.edu
climatechampions.ucop.edu
nartc.fcm.arizona.edu
ottwebapps.ucop.edu
5654831519760384-fe2.pantheonsite.io
5664902681198592-fe4.pantheonsite.io
iws-ucpath.ucop.edu
www.design-engineering.princeton.edu
ucs-ucb-prod.ucop.edu
isedev.ucop.edu
secure.ucop.edu
ucleads.ucop.edu
nxterra.ucop.edu
5737350726418432-fe4.pantheonsite.io
i9complete.ucop.edu
ajsdev.ucop.edu
5738275486564352-fe1.pantheonsite.io
www.blogs.earthjustice.org
cognos-training.ucop.edu
pts.ucop.edu
2021convention.ncte.org
its-skhalil-9.ucop.edu
webdev.colorado.edu
qa.eias.ucop.edu
virtual2.unlv.edu
5688160465977344-fe4.pantheonsite.io
qa.csg.ucop.edu
cognos-training.ucop.edu
keys.ucop.edu
accessqa.ucop.edu
vml.ucop.edu
ucop-system-notification.ucop.edu
dev.wellness.yale.edu
staging-secure.ucop.edu
ucpathmon.ucop.edu
vmp.ucop.edu
csgqa.ucop.edu
info-dev.calperformances.org
agd.nebrwesleyan.edu
timelogdev.ucop.edu
doorways.ucop.edu
dcsstage.ucop.edu
beta.ucop.edu
agd.nebrwesleyan.edu
5688160465977344-fe4.pantheonsite.io
roots.ucop.edu
5684666375864320-fe2.pantheonsite.io
nistmep.blogs.govdelivery.com
5738275486564352-fe1.pantheonsite.io
dev.embody.yale.edu
ucannualwagedev.ucop.edu
policy.ucop.edu
voip-edge.ucop.edu
siteimprove.ucop.edu
dev.wellness.yale.edu
tes.ucop.edu
ugappinfo.ucop.edu
uccoronc2019project.ucop.edu
*.was.devops.ucop.edu
cicsdev-ca-signed.ucop.edu
5737350726418432-fe4.pantheonsite.io
ois.ucop.edu
www.esc.rutgers.edu
safe.ucop.edu
giannini.ucop.edu
5654831519760384-fe2.pantheonsite.io
ise.dev.finapps.aws.ucop.edu
5742387179552768-fe1.pantheonsite.io
www.mesa.ucop.edu
hybrid.ucop.edu
dmsuat.ucop.edu
ca-ecology.ucnrs.org
www.bodywerks-medspa.com
rsamldev.ucop.edu
sp.ucop.edu
giannini.ucop.edu
dev.irapinfocenter.ucop.edu
5742387179552768-fe1.pantheonsite.io
ottwebapps.ucop.edu
*.negotiators-handbook.ucop.edu
sas112.ucop.edu
5738275486564352-fe1.pantheonsite.io
5737350726418432-fe4.pantheonsite.io
pts.ucop.edu
ucimmtoolkit.ucop.edu
itinnovate.ucop.edu
www.extension.ucdavis.edu
2fadmin.govdelivery.com
5742387179552768-fe1.pantheonsite.io
cl.ucop.edu
qa.rgpodonate.ucop.edu
ppsqa.ucop.edu
ugappinfo.ucop.edu
ucars.ucop.edu
doscodes.ucop.edu
ucengage2014.ucop.edu
biprod.ucop.edu
ermd.ucop.edu
ajsqa.ucop.edu
danr.ucop.edu
climatechampions.ucop.edu
nartc.fcm.arizona.edu
ottwebapps.ucop.edu
5654831519760384-fe2.pantheonsite.io
5664902681198592-fe4.pantheonsite.io
iws-ucpath.ucop.edu
www.design-engineering.princeton.edu
ucs-ucb-prod.ucop.edu
isedev.ucop.edu
secure.ucop.edu
ucleads.ucop.edu
nxterra.ucop.edu
5737350726418432-fe4.pantheonsite.io
i9complete.ucop.edu
ajsdev.ucop.edu
5738275486564352-fe1.pantheonsite.io
www.blogs.earthjustice.org
cognos-training.ucop.edu
pts.ucop.edu
2021convention.ncte.org
its-skhalil-9.ucop.edu
webdev.colorado.edu
qa.eias.ucop.edu
virtual2.unlv.edu
5688160465977344-fe4.pantheonsite.io
qa.csg.ucop.edu
cognos-training.ucop.edu
keys.ucop.edu
accessqa.ucop.edu
vml.ucop.edu
ucop-system-notification.ucop.edu
dev.wellness.yale.edu
staging-secure.ucop.edu
ucpathmon.ucop.edu
vmp.ucop.edu
csgqa.ucop.edu
info-dev.calperformances.org
agd.nebrwesleyan.edu
timelogdev.ucop.edu
doorways.ucop.edu
dcsstage.ucop.edu
beta.ucop.edu
agd.nebrwesleyan.edu
5688160465977344-fe4.pantheonsite.io
roots.ucop.edu
5684666375864320-fe2.pantheonsite.io
nistmep.blogs.govdelivery.com
5738275486564352-fe1.pantheonsite.io
dev.embody.yale.edu
ucannualwagedev.ucop.edu
policy.ucop.edu
voip-edge.ucop.edu
siteimprove.ucop.edu
dev.wellness.yale.edu
tes.ucop.edu
ugappinfo.ucop.edu
uccoronc2019project.ucop.edu
*.was.devops.ucop.edu
cicsdev-ca-signed.ucop.edu
5737350726418432-fe4.pantheonsite.io
ois.ucop.edu
www.esc.rutgers.edu
safe.ucop.edu
giannini.ucop.edu
5654831519760384-fe2.pantheonsite.io
ise.dev.finapps.aws.ucop.edu
5742387179552768-fe1.pantheonsite.io
www.mesa.ucop.edu
hybrid.ucop.edu
dmsuat.ucop.edu
ca-ecology.ucnrs.org
www.bodywerks-medspa.com
rsamldev.ucop.edu
sp.ucop.edu
giannini.ucop.edu
dev.irapinfocenter.ucop.edu
5742387179552768-fe1.pantheonsite.io
ottwebapps.ucop.edu
*.negotiators-handbook.ucop.edu
sas112.ucop.edu
5738275486564352-fe1.pantheonsite.io
5737350726418432-fe4.pantheonsite.io
pts.ucop.edu
ucimmtoolkit.ucop.edu
itinnovate.ucop.edu
www.extension.ucdavis.edu
2fadmin.govdelivery.com
5742387179552768-fe1.pantheonsite.io
cl.ucop.edu
qa.rgpodonate.ucop.edu
ppsqa.ucop.edu
ugappinfo.ucop.edu
Certificate
The complete raw certificate details for giannini.ucop.edu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBDCCBOygAwIBAgISBI25g/gxn6nkUi1Ja+3FxBzvMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA2MDYwMjA1MjZaFw0yNDA5MDQwMjA1MjVaMBwxGjAYBgNVBAMT EWdpYW5uaW5pLnVjb3AuZWR1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAinKwDj5vtFykrSAPNtua+S0/c0udY6bOB9XcET9hf35jswszFsAGW8PlmlLQ opxcv1fcpP8J6BQXDk6QlsC83mn4uU8l7fX1qu790r3VvTh4QuxmaxqIOeLGDtMo TATegTM5xBnt6QCRly3eYWRF+tWJ1fhn4D2eVChXuQ2OKEfp92z2P0QVlIU4jiqc Vrc1WuzHH9gZh9dt89GtUP4jtse5RnlW2W2g5x8/s+DVZgTix2TULUgtGiqiHkSb rWGnWb+kxrEZPj3tDukSIIJiAMjqnPO1uzCyG1BiEjkNviSm6T5vXkz4j1knPP1V RUiwqsz5oNKjKyO87stL++KW+E5AsS5ScEfhnd43nQoEgSv/udNodVXWfA7o6o7Y IjtmLhUGZynEZNuAxpjpJ/gwtUKWtm7mcmUymRex14ILjsFieIxH86zD9fRKx1v7 o7IZQa2Ashf2AM8nsLgX6FuwlMgfk6iYEMpwFldppW+zHEIhYqJ6I319fM5wLuU4 RW4eYHnQf9UPBPYnmIYC75yyXS+engXfL1KiNjA3QIrQeU+u6HoOBLoWqqAfy4xH cBLHjJsZyvzdLCON5rcS87r8tzpVvG2+8ISqnFfLKNgKtOl94b64oWi8GJqm5C9P w3vnsMRbMaOG4D5PGY1uuRDWSEX3whUMpZ2aRqtxwrW1WWMCAwEAAaOCAigwggIk MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU/MGAWMLGy+tuAv9pkSF6IwexOOcwHwYD VR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEG CCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0 dHA6Ly9yMy5pLmxlbmNyLm9yZy8wMQYDVR0RBCowKIIRZ2lhbm5pbmkudWNvcC5l ZHWCE3MuZ2lhbm5pbmkudWNvcC5lZHUwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEE BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDuzdBk1dsazsVct520zROiModGfLzs3sNR SFlGcR+1mwAAAY/rgii6AAAEAwBHMEUCIQDQbiejChCYdSPT+oi5W3juZkykn2oU 5j9VpB6oGQcGggIgeLeuULsH5aeRcN/Erp3jNPRyxzpRPD0uPg5cK/O88PwAdgDf 4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAY/rgimIAAAEAwBHMEUC IQD69cgxEMpAshjSggW0jb5gn6nA/YiwCFug7Kfc6Q6FQgIgByH/XehGbbvjdzdW 4TkOfgat2FRllQcKZtvYqhYE1tcwDQYJKoZIhvcNAQELBQADggEBAAANyphF7Kx9 TDOUOuOSPFjpQKFGGhAFGLFKZS7kRdu9hJSsgrcGpkpoFTSRmJsQULneT2bGBbTI eOTxUs4yP9f0+Q6JnEXujSu0zrGSJaDMMlHO22pmxy6Tv9oDhiibvtxZnK08YI64 43TvkpezRsV5NBR8oFBVUnEzOWG5QqHxznA7kJsJ3OZFKN7P5um6LwJ23b5vvkyI 90ah9aySUTrKYJNMLwvAexzxAB/Mq7waXazcUvlKIPIigiHJyPBb8Hi3Ddnnr2Vu eMtbly09OlN44nMMFFMo7jz9NeO4pddnPi7lrb3aNNWmqtrxBISr35YJ8y1s3KRD fKSEtIQONRU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAinKwDj5vtFykrSAPNtua +S0/c0udY6bOB9XcET9hf35jswszFsAGW8PlmlLQopxcv1fcpP8J6BQXDk6QlsC8 3mn4uU8l7fX1qu790r3VvTh4QuxmaxqIOeLGDtMoTATegTM5xBnt6QCRly3eYWRF +tWJ1fhn4D2eVChXuQ2OKEfp92z2P0QVlIU4jiqcVrc1WuzHH9gZh9dt89GtUP4j tse5RnlW2W2g5x8/s+DVZgTix2TULUgtGiqiHkSbrWGnWb+kxrEZPj3tDukSIIJi AMjqnPO1uzCyG1BiEjkNviSm6T5vXkz4j1knPP1VRUiwqsz5oNKjKyO87stL++KW +E5AsS5ScEfhnd43nQoEgSv/udNodVXWfA7o6o7YIjtmLhUGZynEZNuAxpjpJ/gw tUKWtm7mcmUymRex14ILjsFieIxH86zD9fRKx1v7o7IZQa2Ashf2AM8nsLgX6Fuw lMgfk6iYEMpwFldppW+zHEIhYqJ6I319fM5wLuU4RW4eYHnQf9UPBPYnmIYC75yy XS+engXfL1KiNjA3QIrQeU+u6HoOBLoWqqAfy4xHcBLHjJsZyvzdLCON5rcS87r8 tzpVvG2+8ISqnFfLKNgKtOl94b64oWi8GJqm5C9Pw3vnsMRbMaOG4D5PGY1uuRDW SEX3whUMpZ2aRqtxwrW1WWMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 396675549866971162605791740244837963930863 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 02:05:26 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-04 02:05:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'giannini.ucop.edu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 564818557424822188175468678018630321951074710741178759138123663858692394624278011665250073539349236948080437622317665914282447580209915892817928629701554947955184955604053771526533881068095258337205936823800165148781327473049354967417192143868405960381156886999295888943088163430165713966813764423116967779039554366268873379460880786086235149886647016137428195333479946658050335199410553318806961445505123830773550503127630687641424638815446212104848853626383722486047383802812801775929183537503016093765967761806243955859671514546989354935776000711845151546336589169399164868896294480283702363819084718151689314410238831673021853198198755395803041971021777403592716700639572079470356473632606276713792839820255492880297869838271097939947229708457267115530375833772393429220932689693365715761870770475627127893492133702903498407501392531177844979819478411366850641972610686723811313127214092274519215200589068428538857486967423747688801373380185539314689052739028598363263215483285088435524459257079671628237173069909277798314271795190948492888471223494138174078042875218922550306998974708499216160526427811443934483435299841804921800559792217089768099135367781159357726972980684702189638422032223048707873763930996286866191197493603 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fcc18058c2c6cbeb6e02ff6991217a2307b138e7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giannini.ucop.edu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's.giannini.ucop.edu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018feb8228ba0000040300473045022100d06e27a30a10987523d3fa88b95b78ee664ca49f6a14e63f55a41ea819070682022078b7ae50bb07e5a79170dfc4ae9de334f472c73a513c3d2e3e0e5c2bf3bcf0fc007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018feb8229880000040300473045022100faf5c83110ca40b218d28205b48dbe609fa9c0fd88b0085ba0eca7dce90e854202200721ff5de8466dbbe3773756e1390e7e06add8546595070a66dbd8aa1604d6d7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00000dca9845ecac7d4c33943ae3923c58e940a1461a100518b14a652ee445dbbd8494ac82b706a64a68153491989b1050b9de4f66c605b4c878e4f152ce323fd7f4f90e899c45ee8d2bb4ceb19225a0cc3251cedb6a66c72e93bfda0386289bbedc599cad3c608eb8e374ef9297b346c57934147ca050555271333961b942a1f1ce703b909b09dce64528decfe6e9ba2f0276ddbe6fbe4c88f746a1f5ac92513aca60934c2f0bc07b1cf1001fccabbc1a5dacdc52f94a20f2228221c9c8f05bf078b70dd9e7af656e78cb5b972d3d3a5378e2730c145328ee3cfd35e3b8a5d7673e2ee5adbdda34d5a6aadaf10484abdf9609f32d6cdca4437ca484b4840e3515