tzoleipzig.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:62:af:50:58:22:22:98:b0:96:82:91:51:c2:c7:a2:af:cd was issued on by Let's Encrypt.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=tzoleipzig.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:62:af:50:58:22:22:98:b0:96:82:91:51:c2:c7:a2:af:cdSerial Number (int): 382029847755860508797678171142316695400397
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 7f:f7:e1:91:0f:e6:30:12:32:a5:0a:be:2e:f4:bc:dc:c7:20:d0:9d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 6a:99:71:38:67:4f:90:62:eb:7e:62:d0:47:65:1c:d4:70:56:f9:32
Fingerprint (sha256): 0a:04:e7:57:9d:20:b0:e5:68:fa:67:04:6c:cd:68:f3:1e:cb:86:23:5d:54:49:1e:7f:f9:95:66:e1:b1:0d:f7
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate tzoleipzig.de
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tzoleipzig.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tzo-leipzig.com
tzo-leipzig.eu
tzoleipzig.com
tzoleipzig.de
tzoleipzig.eu
tzoleipzig.isp-vhost04.domservice.de
www.tzo-leipzig.com
www.tzo-leipzig.eu
www.tzoleipzig.com
www.tzoleipzig.de
www.tzoleipzig.eu
tzo-leipzig.eu
tzoleipzig.com
tzoleipzig.de
tzoleipzig.eu
tzoleipzig.isp-vhost04.domservice.de
www.tzo-leipzig.com
www.tzo-leipzig.eu
www.tzoleipzig.com
www.tzoleipzig.de
www.tzoleipzig.eu
Other certificates including the domain name tzoleipzig.de
(limited to 100 certificates)
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.isp-vhost04.domservice.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.isp-vhost04.domservice.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
Certificate
The complete raw certificate details for tzoleipzig.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHHjCCBgagAwIBAgISBGKvUFgiIpiwloKRUcLHoq/NMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDEwMTAxNTJaFw0y MDAxMzAwMTAxNTJaMBgxFjAUBgNVBAMTDXR6b2xlaXB6aWcuZGUwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDDPT5m08SW9XXN0NOY2LBihgCQUt/xnVQ9 ozMLjOHV715Rlkz87k/fSQ91UZU+PAw2znUCbDVRz9vZDS4Q1Wre/1zA5FBj+fHu pBeVSfFXcr4i01Hvo19ekLGBG0fA0eNsS3NFcxnKH05V8Lxziu8pwxjx7J/5qN/M IKNYHlE72f6c2aTErN9/pVCr3RUTosF36O9EkhKmdYnuXnU2TDx6vXw0md3hnrC2 9h5DXlOyBeNi0/bY3WGW+BndCY+JtkTruT43RMaX2P5xgoeEwwaI9YCK6eKMrJ+V sSM0a0sao5HJyEYYFPpaaFwV1oezE4dcOoY1CW3PDL5o+F1P9WNRNOXk8DWOXPnm 5lncebr4Gs0nwfSZZjd24uuaF6eBf7h/Ar8KFklLFTVFKDqjwsBTxaHLK/WtT7KN fDhYthDpF11xCn0ohpcUf5dS5da2CO2Lohfz0+YjkdOBxdxgceUGHqp+PwKCe95p Y9+Djj90fTMnV0b8iWi2TH6ULykWll8Fzs35q88yCyLa69XOGIarlKA2WytbLgvY Fvk0PRniUat7Q7weJ6Gbv8y4PSCHZ1D09HCyCiXeJDh72rNfuwwWbmJsXjsLYcJJ 6zPNsJIWrZbCplbOrpBMMQ3O8fS9W36mNkzIKO0aXpUga5hHJ/24paQOgomjcNUM Tlnr6+A6mQIDAQABo4IDLjCCAyowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR/9+GR D+YwEjKlCr4u9LzcxyDQnTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMIHjBgNVHREEgdswgdiCD3R6by1sZWlwemlnLmNv bYIOdHpvLWxlaXB6aWcuZXWCDnR6b2xlaXB6aWcuY29tgg10em9sZWlwemlnLmRl gg10em9sZWlwemlnLmV1giR0em9sZWlwemlnLmlzcC12aG9zdDA0LmRvbXNlcnZp Y2UuZGWCE3d3dy50em8tbGVpcHppZy5jb22CEnd3dy50em8tbGVpcHppZy5ldYIS d3d3LnR6b2xlaXB6aWcuY29tghF3d3cudHpvbGVpcHppZy5kZYIRd3d3LnR6b2xl aXB6aWcuZXUwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEE AdZ5AgQCBIH1BIHyAPAAdgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFF WAAAAW4kspCNAAAEAwBHMEUCIFSvpo7dMxJGZK20MLMCWT3wQymwzxjtfjMBjdHd VFRVAiEA+QiiStcJTPanrAQBSa510uxZig0luSXVyKlVYJ8RNAsAdgAHt1wb5X1o //Gwxh0jFce65ld8V5S3au68YToaadOiHAAAAW4kspCtAAAEAwBHMEUCIQDgf6v3 cdTQmeGkVn/5MowA9kwfaFQdNIjnF0G6cjUpnwIgbM1FSwmNMKEpNlIdKUvgydCP ejswMQfw31qB7krf5AgwDQYJKoZIhvcNAQELBQADggEBADYG0uWZnLKOb7vN1lRw X14zwwE0PlzhuZOOa8xhSLo+I04mD0V+jmS3YH1tvjPItGYL999silSUbQHvVPg9 SK9i0NvLgZnH5blcMULqwjWgpFcbbref0z/TqAmjRG8PWRArCdkrMES2BA5+yATR GwEAbv1ooFQQe/6pIs52hsfFrw/+5iFcTIJTjrwMvYEpOVikb53OLCJ9g7GPJab/ ynliLWNAqo1GljeFlPNgOdaHNFCL1bn1BwLDIExCmYopAgnA8etgayRJj9L9aZZ5 n45kogKF0SYNDlsgjIV7mk1umkVZ9uApw+qUtTSJBDoxGxTIm86/LHvG83R0xNnw edg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwz0+ZtPElvV1zdDTmNiw YoYAkFLf8Z1UPaMzC4zh1e9eUZZM/O5P30kPdVGVPjwMNs51Amw1Uc/b2Q0uENVq 3v9cwORQY/nx7qQXlUnxV3K+ItNR76NfXpCxgRtHwNHjbEtzRXMZyh9OVfC8c4rv KcMY8eyf+ajfzCCjWB5RO9n+nNmkxKzff6VQq90VE6LBd+jvRJISpnWJ7l51Nkw8 er18NJnd4Z6wtvYeQ15TsgXjYtP22N1hlvgZ3QmPibZE67k+N0TGl9j+cYKHhMMG iPWAiunijKyflbEjNGtLGqORychGGBT6WmhcFdaHsxOHXDqGNQltzwy+aPhdT/Vj UTTl5PA1jlz55uZZ3Hm6+BrNJ8H0mWY3duLrmhengX+4fwK/ChZJSxU1RSg6o8LA U8Whyyv1rU+yjXw4WLYQ6RddcQp9KIaXFH+XUuXWtgjti6IX89PmI5HTgcXcYHHl Bh6qfj8CgnveaWPfg44/dH0zJ1dG/Ilotkx+lC8pFpZfBc7N+avPMgsi2uvVzhiG q5SgNlsrWy4L2Bb5ND0Z4lGre0O8Hiehm7/MuD0gh2dQ9PRwsgol3iQ4e9qzX7sM Fm5ibF47C2HCSeszzbCSFq2WwqZWzq6QTDENzvH0vVt+pjZMyCjtGl6VIGuYRyf9 uKWkDoKJo3DVDE5Z6+vgOpkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 382029847755860508797678171142316695400397 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-01 01:01:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-30 01:01:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tzoleipzig.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 796506580482617496938527377942141891397791178643847984383290833242187040265936411798014211702281143051804612575654233021743504957921299236197391748644792130101332514014277277410752324378542345652175741893894025976721472566419070801556964014788334670132118442146675466354058613348887721712635953961520719221812861033004531722649186013035138106637976950221628848427759976229765188387947165207500934335677136996307486359593616597296653677306049747953309057134234958944952407710455202461701653945129371613786184429064356856594192440242149139437514880831357184551952651341130524697180067077290662414746177271494580188151955299426212660140052238666879826929827657119950382569524223616753799353071448357367392289361970715933034158318053176371263037458866716518378693940339966334116490438246976837232078014164096606093587109433335253956672443833412689345246497125385514218891662003228612325889449660175981393059156293131194502617001766096456429112793808825380550748967280735663779056583065640206005173657378668365755699387101005166540934089341729400025763439155443681458630243430032894382464439046822041384569198717998302901281962433463488857455248074318671857440973923971238101534089172950873961466512826840029144806783597753759605003926169 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7ff7e1910fe6301232a50abe2ef4bcdcc720d09d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (219 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzo-leipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzo-leipzig.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.isp-vhost04.domservice.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzo-leipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzo-leipzig.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzoleipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzoleipzig.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzoleipzig.eu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016e24b2908d0000040300473045022054afa68edd33124664adb430b302593df04329b0cf18ed7e33018dd1dd545455022100f908a24ad7094cf6a7ac040149ae75d2ec598a0d25b925d5c8a955609f11340b00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016e24b290ad0000040300473045022100e07fabf771d4d099e1a4567ff9328c00f64c1f68541d3488e71741ba7235299f02206ccd454b098d30a12936521d294be0c9d08f7a3b303107f0df5a81ee4adfe408 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003606d2e5999cb28e6fbbcdd654705f5e33c301343e5ce1b9938e6bcc6148ba3e234e260f457e8e64b7607d6dbe33c8b4660bf7df6c8a54946d01ef54f83d48af62d0dbcb8199c7e5b95c3142eac235a0a4571b6eb79fd33fd3a809a3446f0f59102b09d92b3044b6040e7ec804d11b01006efd68a054107bfea922ce7686c7c5af0ffee6215c4c82538ebc0cbd81293958a46f9dce2c227d83b18f25a6ffca79622d6340aa8d4696378594f36039d68734508bd5b9f50702c3204c42998a290209c0f1eb606b24498fd2fd6996799f8e64a20285d1260d0e5b208c857b9a4d6e9a4559f6e029c3ea94b53489043a311b14c89bcebf2c7bc6f37474c4d9f079d8