blueoakranch.ucnrs.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:74:da:cb:68:bf:a1:91:e3:26:6f:ca:b8:5c:da:f4:77:1a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=blueoakranch.ucnrs.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:74:da:cb:68:bf:a1:91:e3:26:6f:ca:b8:5c:da:f4:77:1aSerial Number (int): 301100440222006177205434291187557978109722
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d4:3e:13:de:0f:4f:83:9f:c0:f0:22:92:5c:69:0d:e5:e3:01:9c:2a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ab:1d:c1:83:cd:2e:ee:bc:79:29:59:50:b5:7e:53:0d:00:72:ad:24
Fingerprint (sha256): 12:a7:56:e0:2a:87:2f:af:87:da:65:dc:57:95:63:86:e1:45:73:63:4c:2a:bd:13:0a:c7:98:5d:f8:a2:f6:a3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate blueoakranch.ucnrs.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for blueoakranch.ucnrs.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
blueoakranch.ucnrs.org
www.blueoakranch.ucnrs.org
www.blueoakranch.ucnrs.org
Other certificates including the domain name ucnrs.org
(limited to 100 certificates)
iseeci.ucnrs.org
sagehen.ucnrs.org
chi.ucnrs.org
medex.ucnrs.org
anzaborrego.ucnrs.org
sanjoaquin.ucnrs.org
*.ucnrs.org
sanjoaquin.ucnrs.org
ucnrs.org
anzaborrego.ucnrs.org
ca-ecology.ucnrs.org
stuntranch.ucnrs.org
paradisereserve.ucnrs.org
ca-ecology.ucnrs.org
iseeci.ucnrs.org
ecopreserve.ucnrs.org
iseeci.ucnrs.org
forest.ucnrs.org
ucnrs.org
burns.ucnrs.org
ucnrs.org
blueoakranch.ucnrs.org
iseeci.ucnrs.org
medex.ucnrs.org
burns.ucnrs.org
iseeci.ucnrs.org
burns.ucnrs.org
ca-ecology.ucnrs.org
ecopreserve.ucnrs.org
deepcanyon.ucnrs.org
bigcreekblog.ucnrs.org
stuntranch.ucnrs.org
paradisereserve.ucnrs.org
stuntranch.ucnrs.org
ca-ecology.ucnrs.org
ca-ecology.ucnrs.org
carpinteria.ucnrs.org
anzaborrego.ucnrs.org
ucnrs.org
granite.ucnrs.org
sagehen.ucnrs.org
granite.ucnrs.org
anzaborrego.ucnrs.org
bigcreekblog.ucnrs.org
ca-ecology.ucnrs.org
deepcanyon.ucnrs.org
chi.ucnrs.org
ca-ecology.ucnrs.org
ucnrs.org
ca-ecology.ucnrs.org
chi.ucnrs.org
granite.ucnrs.org
ecopreserve.ucnrs.org
james.ucnrs.org
blueoakranch.ucnrs.org
ca-ecology.ucnrs.org
sanjoaquin.ucnrs.org
iseeci.ucnrs.org
burns.ucnrs.org
james.ucnrs.org
ca-ecology.ucnrs.org
blueoakranch.ucnrs.org
sagehen.ucnrs.org
granites.ucnrs.net
james.ucnrs.org
medex.ucnrs.org
sanjoaquin.ucnrs.org
ucnrs.org
james.ucnrs.org
medex.ucnrs.org
blueoakranch.ucnrs.org
ca-ecology.ucnrs.org
csfrs.ucnrs.org
forest.ucnrs.org
ca-ecology.ucnrs.org
carpinteria.ucnrs.org
deepcanyon.ucnrs.org
ca-ecology.ucnrs.org
chi.ucnrs.org
ca-ecology.ucnrs.org
ca-ecology.ucnrs.org
ucnrs.org
james.ucnrs.org
burns.ucnrs.org
bigcreekblog.ucnrs.org
ca-ecology.ucnrs.org
blueoakranch.ucnrs.org
deepcanyon.ucnrs.org
granites.ucnrs.net
carpinteria.ucnrs.org
paradisereserve.ucnrs.org
paradisereserve.ucnrs.org
chi.ucnrs.org
anzaborrego.ucnrs.org
ca-ecology.ucnrs.org
stuntranch.ucnrs.org
paradisereserve.ucnrs.org
deepcanyon.ucnrs.org
anzaborrego.ucnrs.org
paradisereserve.ucnrs.org
sagehen.ucnrs.org
chi.ucnrs.org
medex.ucnrs.org
anzaborrego.ucnrs.org
sanjoaquin.ucnrs.org
*.ucnrs.org
sanjoaquin.ucnrs.org
ucnrs.org
anzaborrego.ucnrs.org
ca-ecology.ucnrs.org
stuntranch.ucnrs.org
paradisereserve.ucnrs.org
ca-ecology.ucnrs.org
iseeci.ucnrs.org
ecopreserve.ucnrs.org
iseeci.ucnrs.org
forest.ucnrs.org
ucnrs.org
burns.ucnrs.org
ucnrs.org
blueoakranch.ucnrs.org
iseeci.ucnrs.org
medex.ucnrs.org
burns.ucnrs.org
iseeci.ucnrs.org
burns.ucnrs.org
ca-ecology.ucnrs.org
ecopreserve.ucnrs.org
deepcanyon.ucnrs.org
bigcreekblog.ucnrs.org
stuntranch.ucnrs.org
paradisereserve.ucnrs.org
stuntranch.ucnrs.org
ca-ecology.ucnrs.org
ca-ecology.ucnrs.org
carpinteria.ucnrs.org
anzaborrego.ucnrs.org
ucnrs.org
granite.ucnrs.org
sagehen.ucnrs.org
granite.ucnrs.org
anzaborrego.ucnrs.org
bigcreekblog.ucnrs.org
ca-ecology.ucnrs.org
deepcanyon.ucnrs.org
chi.ucnrs.org
ca-ecology.ucnrs.org
ucnrs.org
ca-ecology.ucnrs.org
chi.ucnrs.org
granite.ucnrs.org
ecopreserve.ucnrs.org
james.ucnrs.org
blueoakranch.ucnrs.org
ca-ecology.ucnrs.org
sanjoaquin.ucnrs.org
iseeci.ucnrs.org
burns.ucnrs.org
james.ucnrs.org
ca-ecology.ucnrs.org
blueoakranch.ucnrs.org
sagehen.ucnrs.org
granites.ucnrs.net
james.ucnrs.org
medex.ucnrs.org
sanjoaquin.ucnrs.org
ucnrs.org
james.ucnrs.org
medex.ucnrs.org
blueoakranch.ucnrs.org
ca-ecology.ucnrs.org
csfrs.ucnrs.org
forest.ucnrs.org
ca-ecology.ucnrs.org
carpinteria.ucnrs.org
deepcanyon.ucnrs.org
ca-ecology.ucnrs.org
chi.ucnrs.org
ca-ecology.ucnrs.org
ca-ecology.ucnrs.org
ucnrs.org
james.ucnrs.org
burns.ucnrs.org
bigcreekblog.ucnrs.org
ca-ecology.ucnrs.org
blueoakranch.ucnrs.org
deepcanyon.ucnrs.org
granites.ucnrs.net
carpinteria.ucnrs.org
paradisereserve.ucnrs.org
paradisereserve.ucnrs.org
chi.ucnrs.org
anzaborrego.ucnrs.org
ca-ecology.ucnrs.org
stuntranch.ucnrs.org
paradisereserve.ucnrs.org
deepcanyon.ucnrs.org
anzaborrego.ucnrs.org
paradisereserve.ucnrs.org
Certificate
The complete raw certificate details for blueoakranch.ucnrs.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgISA3Tay2i/oZHjJm/KuFza9HcaMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMTMxNzE0MDVaFw0y MDAzMTIxNzE0MDVaMCExHzAdBgNVBAMTFmJsdWVvYWtyYW5jaC51Y25ycy5vcmcw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHkNIT3xWlWWwIKESYyBBf qB4NCE25MhROtUjJ6aPfiQ8RqnTqG8zUR3OHryOKilCmEBgDziW1pu4/o2ruvlJi sIrcJLttZDGgsCr2siJ9oqAmoTNRJbn1nexn14iWcTkuebZWTgoNwGwH1rOeC4sY M5tOJjZkiRwTT1Q0chjMcLmK/EHUI5/G4HcR+Q70I+cfsuLSzn1k6C/2XrFlpy59 h/f8hu8s9vOh7ujJ4sCq4AUonsa0ZInwXyAnq94qD/a46l+0c2qyzJQZXhMe0o/Z ktn1E5/CYALJoVFQGZ1fLqZ55ON4hOVh9K0neYiswC7+tJc9jWWiidfVQmnhgXCZ AgMBAAGjggKJMIIChTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNQ+E94PT4OfwPAi klxpDeXjAZwqMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsG AQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNl bmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNl bmNyeXB0Lm9yZy8wPQYDVR0RBDYwNIIWYmx1ZW9ha3JhbmNoLnVjbnJzLm9yZ4Ia d3d3LmJsdWVvYWtyYW5jaC51Y25ycy5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEw NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j cnlwdC5vcmcwggEGBgorBgEEAdZ5AgQCBIH3BIH0APIAdwBvU3asMfAxGdiZAKRR Ff93FRwR2QLBACkGjbIImjfZEwAAAW8Ad77TAAAEAwBIMEYCIQDURsTxozNKWwNj SIlDYLwVJ2Qw+wJipIcMB40JkF7CiAIhALQTRQnUBu9UAUB2d1UdIx3P4ehJ9c3b 9zf1p1b0c2KZAHcAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFv AHe+nAAABAMASDBGAiEAuZIX8WrMj4BcuUsWh/xtRRtrFjdp6o/OnLtuybgmmd8C IQDZY2x5K1+3fORAouOQYgPQtp4qrYIYKumjzNnmtM+DyTANBgkqhkiG9w0BAQsF AAOCAQEARDXyf0d16jf666uU9KgJQ0VgEk2zK/237SQYjWbQ7kdmJkBPs+bR8LYr xyioCnTz12UvM4pcadgvEiTsJ/EyeI/70SbH2yC76sdAu6uby6marCAIJ0EwrWMQ 7HQMoaw5w8tCg2NhrCI5E4fSrigik7we+XnIHVw6pJ0y0Ib1whrEZtof7GbX4VaJ Xa3/7pt29OAzHf58+f0HQC9UvBLSplyGLFvakW5sqGkhTs7DNJe5OYL0kxqzEqR/ mFu2GJV0xapgGIld6agpd9+QjcoIc2qZYsq2iYHWIjaxZ7QuZQJ/X/3TOMzHYZkJ HHRsqbtVywkGgnI4K/6qh8gA162tIg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5DSE98VpVlsCChEmMgQ X6geDQhNuTIUTrVIyemj34kPEap06hvM1Edzh68jiopQphAYA84ltabuP6Nq7r5S YrCK3CS7bWQxoLAq9rIifaKgJqEzUSW59Z3sZ9eIlnE5Lnm2Vk4KDcBsB9aznguL GDObTiY2ZIkcE09UNHIYzHC5ivxB1COfxuB3EfkO9CPnH7Li0s59ZOgv9l6xZacu fYf3/IbvLPbzoe7oyeLAquAFKJ7GtGSJ8F8gJ6veKg/2uOpftHNqssyUGV4THtKP 2ZLZ9ROfwmACyaFRUBmdXy6meeTjeITlYfStJ3mIrMAu/rSXPY1loonX1UJp4YFw mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 301100440222006177205434291187557978109722 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-13 17:14:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-12 17:14:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blueoakranch.ucnrs.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25192836395479492491086143854499360011789038132371115515750083606210359307166219796208636698441365028343037245443517758464715014046551986188752250812349449963854383373139350594203687712292268722752283988343817706645913329756270132471417746305998262254269112242219375491367659457731037591489920590073176085421347132139634841791245862753956017475769059392751375223422712357030870764404602927132714265421366466444011548252238916373002664064653292064633058421880892205023945005448853427417094058280190235299958901368536728621237216608080164235998025796579227899541855996473922833255311318384990459164614937561738028085401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d43e13de0f4f839fc0f022925c690de5e3019c2a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blueoakranch.ucnrs.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blueoakranch.ucnrs.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f20077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f0077bed30000040300483046022100d446c4f1a3334a5b036348894360bc15276430fb0262a4870c078d09905ec288022100b4134509d406ef5401407677551d231dcfe1e849f5cddbf737f5a756f4736299007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f0077be9c0000040300483046022100b99217f16acc8f805cb94b1687fc6d451b6b163769ea8fce9cbb6ec9b82699df022100d9636c792b5fb77ce440a2e3906203d0b69e2aad82182ae9a3ccd9e6b4cf83c9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004435f27f4775ea37faebab94f4a809434560124db32bfdb7ed24188d66d0ee476626404fb3e6d1f0b62bc728a80a74f3d7652f338a5c69d82f1224ec27f132788ffbd126c7db20bbeac740bbab9bcba99aac2008274130ad6310ec740ca1ac39c3cb42836361ac22391387d2ae282293bc1ef979c81d5c3aa49d32d086f5c21ac466da1fec66d7e156895dadffee9b76f4e0331dfe7cf9fd07402f54bc12d2a65c862c5bda916e6ca869214ecec33497b93982f4931ab312a47f985bb6189574c5aa6018895de9a82977df908dca08736a9962cab68981d62236b167b42e65027f5ffdd338ccc76199091c746ca9bb55cb09068272382bfeaa87c800d7adad22