www.ogb.state.al.us

Issued by R3

About this certificate

This digital certificate with serial number 04:bb:65:2a:87:07:d6:be:95:50:dc:f2:0c:09:4d:ba:d9:b4 was issued on by Let's Encrypt.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.ogb.state.al.us

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:bb:65:2a:87:07:d6:be:95:50:dc:f2:0c:09:4d:ba:d9:b4
Serial Number (int): 412216419184045168043777450888430182128052
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 90:ff:af:11:eb:3d:d9:ba:5d:91:ef:7c:cb:d9:ab:4c:1f:7b:c3:25
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 31:da:95:4c:14:13:fa:da:04:08:a7:b4:b7:75:98:00:60:cf:d3:b7
Fingerprint (sha256): 11:e9:d0:38:83:37:1c:8d:1f:56:24:97:e5:16:b0:30:18:e8:de:d0:a0:bf:b1:8f:52:b7:09:88:c4:6f:06:f9

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.ogb.state.al.us

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.ogb.state.al.us

Public Key Algorithm

RSA

Key Size

3072

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

alenv.gsa.state.al.us
eforms.ogb.state.al.us
gsa.alabama.gov
gsa.state.al.us
ogb.alabama.gov
ogb.state.al.us
www.gsa.alabama.gov
www.gsa.state.al.us
www.ogb.alabama.gov
www.ogb.state.al.us
www2.gsa.state.al.us
www2.ogb.state.al.us

Other certificates including the domain name state.al.us

(limited to 100 certificates)
bcl.adph.state.al.us
hblb.alabama.gov
insurealabama.adph.state.al.us
siis.state.al.us
epcr-dashboard.adph.state.al.us
eforms.ogb.state.al.us
alatrauma.adph.state.al.us
www.ogb.state.al.us
vpnhq.adph.state.al.us
elrpnbs.adph.state.al.us
purchasing.alabama.gov
www.ogb.state.al.us
adphnotes2.state.al.us
dph1.adph.state.al.us
alex.state.al.us
ctf.alabama.gov
alex.state.al.us
emsis.state.al.us
epcr-submission.adph.state.al.us
*.dot.state.al.us
www.ago.state.al.us
phit.adph.state.al.us
alsteve.adph.state.al.us
amhc.alabama.gov
evergreen.apls.state.al.us
elrpnbs.adph.state.al.us
moodle.accessdl.state.al.us
*.aidb.state.al.us
sonicwall.ogb.alabama.gov
ctf.alabama.gov
map.ogb.state.al.us
dph.state.al.us
alison.legislature.state.al.us
paroles.state.al.us
dph5.adph.state.al.us
hie.adph.state.al.us
eforms.ogb.state.al.us
evergreen.apls.state.al.us
elrtnbs.adph.state.al.us
vpndr.adph.state.al.us
moodle.accessdl.state.al.us
curemd.adph.state.al.us
doc.alabama.gov
aplsws1.apls.state.al.us
alnbs.adph.state.al.us
map.gsa.state.al.us
immhie.adph.state.al.us
acis.alabama.gov
insurealabama.adph.state.al.us
bcl.adph.state.al.us
eforms.ogb.state.al.us
chiro.alabama.gov
alex.state.al.us
arts.alabama.gov
map.ogb.state.al.us
ems.adph.state.al.us
arc-sos.state.al.us
alert2.adph.state.al.us
accessdl.state.al.us
WellnessAppointments.adph.state.al.us
map.ogb.state.al.us
phit.adph.state.al.us
www.ogb.state.al.us
vcse.adph.state.al.us
curemd.adph.state.al.us
adphnotes2.state.al.us
eforms.ogb.state.al.us
dph5.adph.state.al.us
www.ogb.state.al.us
eforms.ogb.state.al.us
update.adph.state.al.us
moodle.accessdl.state.al.us
development.ogb.state.al.us
www.ago.state.al.us
insurealabama.adph.state.al.us
dph4.adph.state.al.us
WellnessAppointments.adph.state.al.us
map.ogb.state.al.us
hblb.alabama.gov
keys.adph.state.al.us
aplus.apls.state.al.us
ph.state.al.us
acis.alabama.gov
emsis.state.al.us
smtpgateway.adph.state.al.us
www.ogb.state.al.us
gis.adph.state.al.us
neosrv.adph.state.al.us
alex.state.al.us
eforms.ogb.state.al.us
fiche-app.adph.state.al.us
*.dot.state.al.us
alex.state.al.us
*.dot.state.al.us
www.algotraffic.com
bard.apls.state.al.us
adph-ehr-test.adph.state.al.us
*.aidb.state.al.us
map.ogb.state.al.us
mobile01.adph.state.al.us

Certificate

The complete raw certificate details for www.ogb.state.al.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgISBLtlKocH1r6VUNzyDAlNutm0MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA3MTIxMzAxMzNaFw0yMzEwMTAxMzAxMzJaMB4xHDAaBgNVBAMT
E3d3dy5vZ2Iuc3RhdGUuYWwudXMwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK
AoIBgQC4oIQTyiPPFhZfx2h2ca5o/gzADSD/xs8mweIuzOhWlxv0mJsAqNwdhW2L
k59qFHyIJ1UEZO3UdGT7k63e0lZkwp4muBhoZRg8UwC/R51PG6E8vILkVQh0S9Fz
2bZPfoyWtpYDVeMDqAh/CjxopPVt/iWUMKB1HkMYNJMtjsVVHjoYzey+BWKIm3Od
LVwrVXhP+PX7lUV8B9IV1ZjjhQHnuKp/MNh3j2QaOI0uAB7YmuhgVKckyrEIaTeA
9M3F4zfLIIbPD5rGXebG6vLW+muvudcrmg4hCkikBRoaI55oSBvL176amNJqiQye
C9APXjwgbk+spTO71JAFp8H2hjA1s8Hd0O6rhwP4z9nF/7NwLp2seagmBh/jrqHU
VBW9RxNvwUWNoHYI0C/9GU4QkRPa+nUpgJaltYMTAnSe1x5jVNSz1lyfuYZi4DW1
ZtJc5ptGxlYbfKlKasCAlS5EKY61Qg/pvcWJssRx8ogRcI/12RVBFTYerOxXwBJL
cxLPV78CAwEAAaOCAvUwggLxMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUkP+vEes9
2bpdke98y9mrTB97wyUwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYw
VQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5v
cmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgf4GA1UdEQSB
9jCB84IVYWxlbnYuZ3NhLnN0YXRlLmFsLnVzghZlZm9ybXMub2diLnN0YXRlLmFs
LnVzgg9nc2EuYWxhYmFtYS5nb3aCD2dzYS5zdGF0ZS5hbC51c4IPb2diLmFsYWJh
bWEuZ292gg9vZ2Iuc3RhdGUuYWwudXOCE3d3dy5nc2EuYWxhYmFtYS5nb3aCE3d3
dy5nc2Euc3RhdGUuYWwudXOCE3d3dy5vZ2IuYWxhYmFtYS5nb3aCE3d3dy5vZ2Iu
c3RhdGUuYWwudXOCFHd3dzIuZ3NhLnN0YXRlLmFsLnVzghR3d3cyLm9nYi5zdGF0
ZS5hbC51czATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQE
gfEA7wB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiUpoQK4A
AAQDAEcwRQIhAKLGiMUJdxOT7Y9UeGqGZjrJkJizq0HROYtLG1GPrMqAAiBXvNW1
mIa2su1DBqP+fkAUmkRjcupYQzZJTlDdk9CZNAB1AK33vvp8/xDIi509nB4+GGq0
Zyldz7EMJMqFhjTr3IKKAAABiUpoQN4AAAQDAEYwRAIgVp7D40NZLOfP3w3CdOKc
DdjrtX1ODm2VOwWHu06TQlMCIHYz0DykRH/pcWn58iWpKG3zDaI7HJmkiSg/0eMc
tZOpMA0GCSqGSIb3DQEBCwUAA4IBAQClyMl6pCl1/IfnlH9YjyO4wrDeGgeVeJjz
nGZqSoZ7RbcOmrmQGXbagjuuKNIFl+PyMQNaJzC0VlfVACg53PBWyMhrOr0u27EG
EM/VOryDbXHtnxnAGiR3zSOjoscSOEs4Ku9UVOVcxFBA4jgYi2KEzlNU+/kftZJJ
pWoXjuHEm/FjEuliDtNeuGKq7ZDXYHlX7kuTKC+YPUqwxeQ86ZtUOFWlqpMvZX0+
YQ11FppLEbeNQCRMX/vSY9+RnL1XvOG04MBYzUbgvaIRLthxEMdV8+MWpVnPq6pm
IESlYCRFT8/NaxsDOOkfVAoEFT5D3a+fR4RGoN2mBz18eHjkHQU9
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAuKCEE8ojzxYWX8dodnGu
aP4MwA0g/8bPJsHiLszoVpcb9JibAKjcHYVti5OfahR8iCdVBGTt1HRk+5Ot3tJW
ZMKeJrgYaGUYPFMAv0edTxuhPLyC5FUIdEvRc9m2T36MlraWA1XjA6gIfwo8aKT1
bf4llDCgdR5DGDSTLY7FVR46GM3svgViiJtznS1cK1V4T/j1+5VFfAfSFdWY44UB
57iqfzDYd49kGjiNLgAe2JroYFSnJMqxCGk3gPTNxeM3yyCGzw+axl3mxury1vpr
r7nXK5oOIQpIpAUaGiOeaEgby9e+mpjSaokMngvQD148IG5PrKUzu9SQBafB9oYw
NbPB3dDuq4cD+M/Zxf+zcC6drHmoJgYf466h1FQVvUcTb8FFjaB2CNAv/RlOEJET
2vp1KYCWpbWDEwJ0ntceY1TUs9Zcn7mGYuA1tWbSXOabRsZWG3ypSmrAgJUuRCmO
tUIP6b3FibLEcfKIEXCP9dkVQRU2HqzsV8ASS3MSz1e/AgMBAAE=
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 412216419184045168043777450888430182128052
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-12 13:01:33 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-10 13:01:32 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.ogb.state.al.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 4189883653222007033159384427638965469860642322641355756781160484063473017764614763696586978489634710070643320155656030108698754269506290224228534444337191142306450401677974313759709043979685263281619890287043208775037589022917087451252019135311631551699682975542875243569901327049429696862533706486437569877049414154428341716139932920423390915478528359417071709031059219052970126599248520530106859273625843023205810967387728884447787162199330510527333225632771781163518759414183385802159276390645270633368032059277204026167819986624387688953761300116156908893725271719983159936032473888560273479456739544663169030542058774655127030742419293041968514001157400143593335174490481758905489836724000463400060235466038976595311165386762021775200712640797849020148763768447087207682482437655836626778403277281668388027115460308866207154908599796280023614201586511834190058715898239197875082739096594231278398476458058909048441362367
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							90ffaf11eb3dd9ba5d91ef7ccbd9ab4c1f7bc325
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alenv.gsa.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eforms.ogb.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gsa.alabama.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gsa.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ogb.alabama.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ogb.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gsa.alabama.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gsa.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ogb.alabama.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ogb.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.gsa.state.al.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.ogb.state.al.us'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001894a6840ae0000040300473045022100a2c688c509771393ed8f54786a86663ac99098b3ab41d1398b4b1b518facca80022057bcd5b59886b6b2ed4306a3fe7e40149a446372ea584336494e50dd93d09934007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001894a6840de00000403004630440220569ec3e343592ce7cfdf0dc274e29c0dd8ebb57d4e0e6d953b0587bb4e93425302207633d03ca4447fe97169f9f225a9286df30da23b1c99a489283fd1e31cb593a9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a5c8c97aa42975fc87e7947f588f23b8c2b0de1a07957898f39c666a4a867b45b70e9ab9901976da823bae28d20597e3f231035a2730b45657d5002839dcf056c8c86b3abd2edbb10610cfd53abc836d71ed9f19c01a2477cd23a3a2c712384b382aef5454e55cc45040e238188b6284ce5354fbf91fb59249a56a178ee1c49bf16312e9620ed35eb862aaed90d7607957ee4b93282f983d4ab0c5e43ce99b543855a5aa932f657d3e610d75169a4b11b78d40244c5ffbd263df919cbd57bce1b4e0c058cd46e0bda2112ed87110c755f3e316a559cfabaa662044a56024454fcfcd6b1b0338e91f540a04153e43ddaf9f478446a0dda6073d7c7878e41d053d