support.affinity.co
Issued by R3
About this certificate
This digital certificate with serial number 04:01:d8:b8:1b:0b:32:19:ce:24:c1:ee:1c:a3:62:9d:f4:fa was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=support.affinity.co
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:01:d8:b8:1b:0b:32:19:ce:24:c1:ee:1c:a3:62:9d:f4:faSerial Number (int): 349077495272185511820163963729160217425146
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: a0:16:96:26:05:67:c7:5a:17:e3:7e:fc:6b:34:74:52:20:6e:03:90
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 75:b6:56:e7:c0:8a:5c:2f:07:87:13:18:f4:a4:14:85:af:68:6f:71
Fingerprint (sha256): 0b:78:8f:4b:e7:17:6a:22:20:d2:93:61:83:07:a0:25:77:be:83:e4:59:ad:43:89:64:6a:6b:8c:1f:0d:f0:f2
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate support.affinity.co
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for support.affinity.co
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
support.affinity.co
Other certificates including the domain name affinity.co
(limited to 100 certificates)
podcast.affinity.co
api-docs.affinity.co
api-docs.affinity.co
api-docs.affinity.co
api-docs.affinity.co
bearstatus.oostwestsl.com
www.affinity.co
support.affinity.co
bearstatus.oostwestsl.com
blog.affinity.co
support.affinity.co
blog.affinity.co
developer.affinity.co
remotestatus.dpconsulting.com
*.affinity.co
support.affinity.co
affinity.co
images.affinity.co
remotestatus.dpconsulting.com
bearstatus.oostwestsl.com
podcast.affinity.co
api-docs.affinity.co
api-docs.affinity.co
podcast.affinity.co
api-docs.affinity.co
support.affinity.co
support.affinity.co
bearstatus.oostwestsl.com
*.affinity.co
podcast.affinity.co
www.affinity.co
www.affinity.co
remotestatus.dpconsulting.com
remotestatus.dpconsulting.com
build.affinity.co
api-docs.affinity.co
support.affinity.co
support.affinity.co
support.affinity.co
support.affinity.co
minerva.care.ca
remotestatus.dpconsulting.com
go.affinity.co
*.affinity.co
go.affinity.co
go.affinity.co
support.affinity.co
bearstatus.oostwestsl.com
images.affinity.co
api-docs.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
www.affinity.co
bearstatus.oostwestsl.com
remotestatus.dpconsulting.com
mse.status.teletracking.com
www.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
support.affinity.co
developer.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
podcast.affinity.co
support.affinity.co
remotestatus.dpconsulting.com
developer.affinity.co
support.affinity.co
support.affinity.co
images.prod-dr.affinity.co
remotestatus.dpconsulting.com
support.affinity.co
bearstatus.oostwestsl.com
remotestatus.dpconsulting.com
remotestatus.dpconsulting.com
images.prod-dr.affinity.co
remotestatus.dpconsulting.com
podcast.affinity.co
*.affinity.co
remotestatus.dpconsulting.com
*.affinity.co
static.affinity.co
remotestatus.dpconsulting.com
bearstatus.oostwestsl.com
remotestatus.dpconsulting.com
developer.affinity.co
api-docs.affinity.co
support.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
trust.affinity.co
remotestatus.dpconsulting.com
www.affinity.co
api-docs.affinity.co
api-docs.affinity.co
map.affinity.co
vpn-dimi.affinity.co
podcast.affinity.co
podcast.affinity.co
go.affinity.co
api-docs.affinity.co
api-docs.affinity.co
api-docs.affinity.co
api-docs.affinity.co
bearstatus.oostwestsl.com
www.affinity.co
support.affinity.co
bearstatus.oostwestsl.com
blog.affinity.co
support.affinity.co
blog.affinity.co
developer.affinity.co
remotestatus.dpconsulting.com
*.affinity.co
support.affinity.co
affinity.co
images.affinity.co
remotestatus.dpconsulting.com
bearstatus.oostwestsl.com
podcast.affinity.co
api-docs.affinity.co
api-docs.affinity.co
podcast.affinity.co
api-docs.affinity.co
support.affinity.co
support.affinity.co
bearstatus.oostwestsl.com
*.affinity.co
podcast.affinity.co
www.affinity.co
www.affinity.co
remotestatus.dpconsulting.com
remotestatus.dpconsulting.com
build.affinity.co
api-docs.affinity.co
support.affinity.co
support.affinity.co
support.affinity.co
support.affinity.co
minerva.care.ca
remotestatus.dpconsulting.com
go.affinity.co
*.affinity.co
go.affinity.co
go.affinity.co
support.affinity.co
bearstatus.oostwestsl.com
images.affinity.co
api-docs.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
www.affinity.co
bearstatus.oostwestsl.com
remotestatus.dpconsulting.com
mse.status.teletracking.com
www.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
support.affinity.co
developer.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
podcast.affinity.co
support.affinity.co
remotestatus.dpconsulting.com
developer.affinity.co
support.affinity.co
support.affinity.co
images.prod-dr.affinity.co
remotestatus.dpconsulting.com
support.affinity.co
bearstatus.oostwestsl.com
remotestatus.dpconsulting.com
remotestatus.dpconsulting.com
images.prod-dr.affinity.co
remotestatus.dpconsulting.com
podcast.affinity.co
*.affinity.co
remotestatus.dpconsulting.com
*.affinity.co
static.affinity.co
remotestatus.dpconsulting.com
bearstatus.oostwestsl.com
remotestatus.dpconsulting.com
developer.affinity.co
api-docs.affinity.co
support.affinity.co
api-docs.affinity.co
remotestatus.dpconsulting.com
trust.affinity.co
remotestatus.dpconsulting.com
www.affinity.co
api-docs.affinity.co
api-docs.affinity.co
map.affinity.co
vpn-dimi.affinity.co
podcast.affinity.co
podcast.affinity.co
go.affinity.co
Certificate
The complete raw certificate details for support.affinity.co in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGLDCCBRSgAwIBAgISBAHYuBsLMhnOJMHuHKNinfT6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzAxMjMyMzM5MjJaFw0yMzA0MjMyMzM5MjFaMB4xHDAaBgNVBAMT E3N1cHBvcnQuYWZmaW5pdHkuY28wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQC0qTh7k+lpTgJVtnU0mAbH4s8vckTPMc8HOg+jwQBDeuvE4N3P3sKkwM8s RraJSrFWgNA9H0nfZEeqcmJfGC6Xs/mUW+pbFNzd2OA4GywmrXzYP2gLY1O3R8Bz 4AKCFfo+1CDsr9rYSYHSehjEUKTvwsAAPdbFw+slfCSElRiW8aspBJFuN66pJMar g4EP7G4MQ8vhdgKXpWt+hVpyFiYbesGEhNi+pukpjyGiF8enSKPg1KtoWBVGCwv0 jd7ABI0nLx/n84i/S1AncyVZU+RcW8n+8EPBLXASHzTtxWuHgi7Lwf7jp2rdmiL6 2W2kgPRuUQcVbE4Z/gE+1mHpfhSL+8AgJx+Nt/BBMsk1+Hs3afXIrU+bjOz8zIrD H0bR/EIEJFQ41xFDG6eJcaOnW3QnIrgy7+8FkTAzhUgOCoa989xP4DrbD36+wH+f Q2TGRn+Q1rNLpkOPRbBD6lCFNPW9cjqqC3OIi99YktzqIcFUE2c97ZndwYulN+TZ 6ewjmrgfcVzRIIcJ7TM9xZjW6bmHXMgJnWD0RL9pww/WqS7jD63BBOCajbca1cId 10Do4bPCFjpk5HaCDcQtC0vSGeGQzzCAl31C663YR/2MFIjVPmRnFNr2fLAYpeV6 GAg7e+fi0V8OBNLDMZvjHawypGbnBdgoDWJEmpwoOJ2+wSAVwwIDAQABo4ICTjCC AkowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSgFpYmBWfHWhfjfvxrNHRSIG4DkDAf BgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcw IQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYW aHR0cDovL3IzLmkubGVuY3Iub3JnLzAeBgNVHREEFzAVghNzdXBwb3J0LmFmZmlu aXR5LmNvMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkA AAGF4TcZEQAABAMARzBFAiEAjcCWnCrWzcSm8d7Ck3XWjG9AgK1y8j1v1DajLO5K 2gsCIFsJthNB+MIlrb0ePcxDAvIKJH/CQXXk/dgiXPrlDgooAHYA6D7Q2j71BjUy 51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGF4TcZBwAABAMARzBFAiEAo+/4hsG2 zQ5lAn8PHL3ZeKALRWQ0y3hDNZNb+BS27/MCIHFU4CAjg7X3k+N1EmH/0lGMRGQZ tKwd5zFFc6MAwNFMMA0GCSqGSIb3DQEBCwUAA4IBAQA6NM6fEyylqouDMGbKO6GY pEX3dABFa/yCV4AsmtaPtLds/KqSnSGwz7e2jWATGpxMz29EtHZajR7i5E5bJLyQ aFzr1Ipd3n6TnszyeK6uJ9yfWmRBuxpHBCW3ttYiGAXASK29aZKckDaUNMrt448T LRM2NvZzcCkljO3Sd3+WTHGGRyMGrldREYqtuC5BUlkWCac2ZFvNb6mPDOFSphdr RMH4tsvqLMFwlcVFtaNQWQuAJlvYWB1A8A6jPEqgRlzoz5+ieUIsRsaNzrI11DpL 7a+o6SF+anIL1xB7scET4vEoVu3KtEu7eUrZyzWAmsoFw8ng3kGBPNl2a7MG+FGO -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtKk4e5PpaU4CVbZ1NJgG x+LPL3JEzzHPBzoPo8EAQ3rrxODdz97CpMDPLEa2iUqxVoDQPR9J32RHqnJiXxgu l7P5lFvqWxTc3djgOBssJq182D9oC2NTt0fAc+ACghX6PtQg7K/a2EmB0noYxFCk 78LAAD3WxcPrJXwkhJUYlvGrKQSRbjeuqSTGq4OBD+xuDEPL4XYCl6VrfoVachYm G3rBhITYvqbpKY8hohfHp0ij4NSraFgVRgsL9I3ewASNJy8f5/OIv0tQJ3MlWVPk XFvJ/vBDwS1wEh807cVrh4Iuy8H+46dq3Zoi+tltpID0blEHFWxOGf4BPtZh6X4U i/vAICcfjbfwQTLJNfh7N2n1yK1Pm4zs/MyKwx9G0fxCBCRUONcRQxuniXGjp1t0 JyK4Mu/vBZEwM4VIDgqGvfPcT+A62w9+vsB/n0NkxkZ/kNazS6ZDj0WwQ+pQhTT1 vXI6qgtziIvfWJLc6iHBVBNnPe2Z3cGLpTfk2ensI5q4H3Fc0SCHCe0zPcWY1um5 h1zICZ1g9ES/acMP1qku4w+twQTgmo23GtXCHddA6OGzwhY6ZOR2gg3ELQtL0hnh kM8wgJd9Quut2Ef9jBSI1T5kZxTa9nywGKXlehgIO3vn4tFfDgTSwzGb4x2sMqRm 5wXYKA1iRJqcKDidvsEgFcMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 349077495272185511820163963729160217425146 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-23 23:39:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-23 23:39:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'support.affinity.co' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 737032650846767514269273588660689678715083223557297661789111092223366413575301272404355204115720710507798724748951146333475545167354325368845044647290247300687866927535694336473595982451517430110103989067623268884981833998677982248408903555156231005015161304005756697469414536143410188843975064683634196745142637794140724732236944690872088972634176648321173578581863847081616761682202084584767592681728745686013980913781068228726277177638792410701367105774850560366113392196221828972146725042578865834062994806598456329935455896016714082141619137656811272478427115139985751615487087228023570472782881519761036012591819885007550103811119167332954561282741374914078119082394420779548612746964462992179501959176939639409928934423188387881494216244199680576538921368054936246566724407839842505040083756561511248184778992236186738277817408054266861327873096904221930232292427716731905397859231425310651162965282411829206127656138006239544306708967163370803560111755609698433606023553855689584734788325610766279919747057269349786614584720782460845351683474352437016852507848491797220421711621168423650207100630350747970997216856214662914142158298877013156186307454524401831039788643363678529673119374220840212596501390374318613669921953219 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a01696260567c75a17e37efc6b347452206e0390 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'support.affinity.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000185e137191100000403004730450221008dc0969c2ad6cdc4a6f1dec29375d68c6f4080ad72f23d6fd436a32cee4ada0b02205b09b61341f8c225adbd1e3dcc4302f20a247fc24175e4fdd8225cfae50e0a28007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000185e13719070000040300473045022100a3eff886c1b6cd0e65027f0f1cbdd978a00b456434cb784335935bf814b6eff302207154e0202383b5f793e3751261ffd2518c446419b4ac1de7314573a300c0d14c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003a34ce9f132ca5aa8b833066ca3ba198a445f77400456bfc8257802c9ad68fb4b76cfcaa929d21b0cfb7b68d60131a9c4ccf6f44b4765a8d1ee2e44e5b24bc90685cebd48a5dde7e939eccf278aeae27dc9f5a6441bb1a470425b7b6d6221805c048adbd69929c90369434caede38f132d133636f6737029258cedd2777f964c7186472306ae5751118aadb82e4152591609a736645bcd6fa98f0ce152a6176b44c1f8b6cbea2cc17095c545b5a350590b80265bd8581d40f00ea33c4aa0465ce8cf9fa279422c46c68dceb235d43a4bedafa8e9217e6a720bd7107bb1c113e2f12856edcab44bbb794ad9cb35809aca05c3c9e0de41813cd9766bb306f8518e