franchiseprograms.statefarm.com
Issued by R3
About this certificate
This digital certificate with serial number 03:ac:19:5c:ed:9e:13:e7:91:5e:40:6f:69:1b:55:ae:0a:b8 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=franchiseprograms.statefarm.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ac:19:5c:ed:9e:13:e7:91:5e:40:6f:69:1b:55:ae:0a:b8Serial Number (int): 319899138116343049662768920323289261148856
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 49:24:38:2e:5a:5c:5b:bf:92:ee:29:76:45:58:2b:0e:86:1f:8d:af
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b0:8b:ec:21:ae:8e:b4:1d:d5:08:b0:fe:8c:30:7d:cd:b8:45:42:1b
Fingerprint (sha256): 0e:57:7c:15:fb:f3:f3:1b:89:c8:3d:8a:a7:14:61:e1:21:93:32:85:e3:c4:ef:66:66:25:07:76:37:a9:0a:0a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate franchiseprograms.statefarm.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for franchiseprograms.statefarm.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
franchiseprograms.statefarm.com
Other certificates including the domain name statefarm.com
(limited to 100 certificates)
claims-prep.test.statefarm.com
apps-prep.test.statefarm.com
iwh.statefarm.com
forlife.statefarm.com
ex90dev1vin2.statefarm.com
ildap.prod.statefarm.com
cebuatadm.statefarm.com
sflws13p1.tcisp.statefarm.com
securedatamgmt.statefarm.com
eBank.statefarm.com
onlineapps-imaging.statefarm.com
checkout.hub.claims.statefarm.com
quotes.statefarm.com
arsondog.statefarm.com
sfrun.statefarm.com
cebuat.statefarm.com
cebuat.statefarm.com
b2b.statefarm.com
aexp.auto.statefarm.com
www.statefarm.com
services.tcidv.statefarm.com
online2.statefarm.com
edocuments.statefarm.com
www.neighborhoodofgood.statefarm.com
portfolio.statefarm.com
es.statefarm.com
hub.claims.sandbox.statefarm.com
utility-prep.test.statefarm.com
coleschallenge.statefarm.com
iwh.statefarm.com
worlds22.statefarm.com
online3.statefarm.com
communication.statefarm.com
www-prep.test.statefarm.com
banksvc.statefarm.com
cebuat.statefarm.com
checkout.hub.claims.statefarm.com
commercialcard.statefarm.com
roadsideassistance.claims.test.statefarm.com
iwh.statefarm.com
bank.statefarm.com
sflsweb.statefarm.com
auth.statefarm.com
common.statefarm.com
opportunity.statefarm.com
api.claims.sandbox.c1.statefarm
cromsvcs-prep.test.statefarm.com
chat.statefarm.com
cebuat.statefarm.com
e.statefarm.com
base.statefarm.com
banksvc.statefarm.com
common.statefarm.com
fire.statefarm.com
vehicleloan.statefarm.com
developer.statefarm.com
iwh.statefarm.com
communication.statefarm.com
quotes.statefarm.com
b2cwa.tcidv.statefarm.com
photovideocapture.claims.test.statefarm.com
SECCTF.STATEFARM.COM
learningcenter.statefarm.com
assocmgmt-prep.test.statefarm.com
phase0-xx.test.statefarm.com
www.developer.statefarm.com
apps-prep.test.statefarm.com
sfvdiFrstBdom.statefarm.com
sfvdifrstbdom.tcisp.statefarm.com
sfmeet.statefarm.com
online4.tcidv.statefarm.com
banksvc-prep.test.statefarm.com
chat.statefarm.com
developer.statefarm.com
www.tcidv.statefarm.com
statefarm.com
launch-dev.policy-view.test.statefarm.com
sfcmgtest.test.statefarm.com
health-prep.test.statefarm.com
forlife.statefarm.com
checkout.hub.claims.statefarm.com
mft.statefarm.com
rating.statefarm.com
meetus.statefarm.com
franchiseprograms.statefarm.com
qaa-prep.test.statefarm.com
cdnlog.statefarm.com
cromsvcs.statefarm.com
iwh-staging.statefarm.com
mail71.tcisp.statefarm.com
www.statefarm.com
auth.test.statefarm.com
assocmgmt.statefarm.com
dvntservice.test.statefarm.com
findjobs.statefarm.com
becomeanagent.statefarm.com
tcixx.statefarm.com
access.tcidv.statefarm.com
test.statefarm.com
mvp.statefarm.com
apps-prep.test.statefarm.com
iwh.statefarm.com
forlife.statefarm.com
ex90dev1vin2.statefarm.com
ildap.prod.statefarm.com
cebuatadm.statefarm.com
sflws13p1.tcisp.statefarm.com
securedatamgmt.statefarm.com
eBank.statefarm.com
onlineapps-imaging.statefarm.com
checkout.hub.claims.statefarm.com
quotes.statefarm.com
arsondog.statefarm.com
sfrun.statefarm.com
cebuat.statefarm.com
cebuat.statefarm.com
b2b.statefarm.com
aexp.auto.statefarm.com
www.statefarm.com
services.tcidv.statefarm.com
online2.statefarm.com
edocuments.statefarm.com
www.neighborhoodofgood.statefarm.com
portfolio.statefarm.com
es.statefarm.com
hub.claims.sandbox.statefarm.com
utility-prep.test.statefarm.com
coleschallenge.statefarm.com
iwh.statefarm.com
worlds22.statefarm.com
online3.statefarm.com
communication.statefarm.com
www-prep.test.statefarm.com
banksvc.statefarm.com
cebuat.statefarm.com
checkout.hub.claims.statefarm.com
commercialcard.statefarm.com
roadsideassistance.claims.test.statefarm.com
iwh.statefarm.com
bank.statefarm.com
sflsweb.statefarm.com
auth.statefarm.com
common.statefarm.com
opportunity.statefarm.com
api.claims.sandbox.c1.statefarm
cromsvcs-prep.test.statefarm.com
chat.statefarm.com
cebuat.statefarm.com
e.statefarm.com
base.statefarm.com
banksvc.statefarm.com
common.statefarm.com
fire.statefarm.com
vehicleloan.statefarm.com
developer.statefarm.com
iwh.statefarm.com
communication.statefarm.com
quotes.statefarm.com
b2cwa.tcidv.statefarm.com
photovideocapture.claims.test.statefarm.com
SECCTF.STATEFARM.COM
learningcenter.statefarm.com
assocmgmt-prep.test.statefarm.com
phase0-xx.test.statefarm.com
www.developer.statefarm.com
apps-prep.test.statefarm.com
sfvdiFrstBdom.statefarm.com
sfvdifrstbdom.tcisp.statefarm.com
sfmeet.statefarm.com
online4.tcidv.statefarm.com
banksvc-prep.test.statefarm.com
chat.statefarm.com
developer.statefarm.com
www.tcidv.statefarm.com
statefarm.com
launch-dev.policy-view.test.statefarm.com
sfcmgtest.test.statefarm.com
health-prep.test.statefarm.com
forlife.statefarm.com
checkout.hub.claims.statefarm.com
mft.statefarm.com
rating.statefarm.com
meetus.statefarm.com
franchiseprograms.statefarm.com
qaa-prep.test.statefarm.com
cdnlog.statefarm.com
cromsvcs.statefarm.com
iwh-staging.statefarm.com
mail71.tcisp.statefarm.com
www.statefarm.com
auth.test.statefarm.com
assocmgmt.statefarm.com
dvntservice.test.statefarm.com
findjobs.statefarm.com
becomeanagent.statefarm.com
tcixx.statefarm.com
access.tcidv.statefarm.com
test.statefarm.com
mvp.statefarm.com
Certificate
The complete raw certificate details for franchiseprograms.statefarm.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgISA6wZXO2eE+eRXkBvaRtVrgq4MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjcxMDUwMDlaFw0yMzEyMjYxMDUwMDhaMCoxKDAmBgNVBAMT H2ZyYW5jaGlzZXByb2dyYW1zLnN0YXRlZmFybS5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDGtOo/LNGmGvXYRIDNbKCQfLvC6EByK3EQcBE44wXN 9qE3N4IbSMXsBBUTjSlBnD8ruo3zJbSE4aPvEp/OF0rn92osV9/Q1fa8wrEr2Oo/ WWKZXYlFqCJI4PW6eohDdiLgA1KjyBi601Fp3VF5bGBL5xAn1b55PhBgA3VG12ln piG3RoL8MH7UlgFF646JnWYArJ8JIUoMEhekea6V6M/6z880LlQfCHjjeYuuGVSN cCbHvNuSjqiwPwdxwc9EG/TL16Ytl4pjDbow7wzTsTdTLaI8udv7iusexK5x/SZ9 9dt0mENZVj+LTxJcsq1z6t6MU25PbOTjJE51VCbBlo5HAgMBAAGjggIgMIICHDAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFEkkOC5aXFu/ku4pdkVYKw6GH42vMB8GA1Ud IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw Oi8vcjMuaS5sZW5jci5vcmcvMCoGA1UdEQQjMCGCH2ZyYW5jaGlzZXByb2dyYW1z LnN0YXRlZmFybS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5 AgQCBIH0BIHxAO8AdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAA AYrWeaEIAAAEAwBHMEUCIQD1LMeUsXP6j5eXaWzw+13CLaVWahHKXNCB+u9HfWJG wAIgYSNFB10snkTw/fJQvQVPPNPM3B098O6CM0DlkZIbbR0AdQB6MoxU2LcttiDq OOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYrWeaEPAAAEAwBGMEQCIDjCOn8wOSzx adJ8bbYPFhcBTgQr/r4BhWI7Q4rKzPIqAiBNETBXo+ovK/4kJAR0qanJYe/wEUxP vAhx4OmAi6z/ozANBgkqhkiG9w0BAQsFAAOCAQEAkC/9xI0/NGWJfcLj4g0XrWy2 trciXnwtrO0vDwtBAcuRLY+dvXYTjW5/dms1PC1Evvu0sZNvBEDfHEkAWWM+iKEO YhGp1ZRZK7FqdlPmYKtXnGLt+r+JMKSzR3GXpv9Q+eMBSonqxrtaM1PiLo+HAseG OWtuBKizn5svDwyv2aJhCUt/342OqJE8isIdqgvfYanNqxT7ERC5uU4XwVCyiFMF 2qzOum0+r9XK40w3h+YhNDJVZoBziK2hH6nuzBzzZSxgPFysHXl2XQBXn+naqpu8 qxHS3z8K8BagTJy4YdFDqjUO2ggxm+H9mnMXXgEYp0rtiNwM/5Sf7K+njqi4EA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrTqPyzRphr12ESAzWyg kHy7wuhAcitxEHAROOMFzfahNzeCG0jF7AQVE40pQZw/K7qN8yW0hOGj7xKfzhdK 5/dqLFff0NX2vMKxK9jqP1limV2JRagiSOD1unqIQ3Yi4ANSo8gYutNRad1ReWxg S+cQJ9W+eT4QYAN1RtdpZ6Yht0aC/DB+1JYBReuOiZ1mAKyfCSFKDBIXpHmulejP +s/PNC5UHwh443mLrhlUjXAmx7zbko6osD8HccHPRBv0y9emLZeKYw26MO8M07E3 Uy2iPLnb+4rrHsSucf0mffXbdJhDWVY/i08SXLKtc+rejFNuT2zk4yROdVQmwZaO RwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 319899138116343049662768920323289261148856 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-27 10:50:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 10:50:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'franchiseprograms.statefarm.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25084396907830817272087402285860113863744221668543921598488463841340839098265754259218203188581386433761140355259070134115579718274313149563030609438109358014048313064832036927248032096807851277024035829584227024272063075822965703885630457039503098635656060316626546541310262838924460666630352404321057603034290179242571311742276405396373953786703526860756231320684749037219663595544910555288265049334331150242621456374723328490273636531019661643950095774112379218897713799301633962511750019191484917625403016693671933029997820222645594706490651623436413304253031507546319611836434946355567725320559964263710685826631 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4924382e5a5c5bbf92ee297645582b0e861f8daf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'franchiseprograms.statefarm.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018ad679a1080000040300473045022100f52cc794b173fa8f9797696cf0fb5dc22da5566a11ca5cd081faef477d6246c00220612345075d2c9e44f0fdf250bd054f3cd3ccdc1d3df0ee823340e591921b6d1d0075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ad679a10f0000040300463044022038c23a7f30392cf169d27c6db60f1617014e042bfebe0185623b438acaccf22a02204d113057a3ea2f2bfe24240474a9a9c961eff0114c4fbc0871e0e9808bacffa3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00902ffdc48d3f3465897dc2e3e20d17ad6cb6b6b7225e7c2daced2f0f0b4101cb912d8f9dbd76138d6e7f766b353c2d44befbb4b1936f0440df1c490059633e88a10e6211a9d594592bb16a7653e660ab579c62edfabf8930a4b3477197a6ff50f9e3014a89eac6bb5a3353e22e8f8702c786396b6e04a8b39f9b2f0f0cafd9a261094b7fdf8d8ea8913c8ac21daa0bdf61a9cdab14fb1110b9b94e17c150b2885305daacceba6d3eafd5cae34c3787e62134325566807388ada11fa9eecc1cf3652c603c5cac1d79765d00579fe9daaa9bbcab11d2df3f0af016a04c9cb861d143aa350eda08319be1fd9a73175e0118a74aed88dc0cff949fecafa78ea8b810