*.worm.leafo.net
Issued by R3
About this certificate
This digital certificate with serial number 03:78:c9:12:1b:df:2e:1a:0c:39:6d:a4:eb:eb:53:a2:9b:0c was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.worm.leafo.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:78:c9:12:1b:df:2e:1a:0c:39:6d:a4:eb:eb:53:a2:9b:0cSerial Number (int): 302438010679596784612354533656595869637388
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 3b:74:89:ff:21:7e:6f:ce:81:0f:a6:3a:60:d0:ea:b3:56:ce:d0:8d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a3:60:de:01:09:b3:b0:d9:82:65:72:fa:3c:4e:51:50:2f:b8:e6:ea
Fingerprint (sha256): 1c:70:fc:48:7e:16:9e:91:f2:6e:47:56:e5:e8:7d:14:c0:23:12:91:59:3f:ab:c5:21:f5:09:0d:65:88:7b:6a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate *.worm.leafo.net
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.worm.leafo.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.aws.leafo.net
*.cool.leafo.net
*.cool2.leafo.net
*.hamlet.leafo.net
*.leafo.net
*.linode.leafo.net
*.moonrocks.leafo.net
*.ovh.leafo.net
*.pokemon.leafo.net
*.rit.leafo.net
*.scratch.leafo.net
*.worm.leafo.net
leafo.net
*.cool.leafo.net
*.cool2.leafo.net
*.hamlet.leafo.net
*.leafo.net
*.linode.leafo.net
*.moonrocks.leafo.net
*.ovh.leafo.net
*.pokemon.leafo.net
*.rit.leafo.net
*.scratch.leafo.net
*.worm.leafo.net
leafo.net
Other certificates including the domain name leafo.net
(limited to 100 certificates)
pp.leafo.net
leafo.net
leafo.net
qm.leafo.net
frankiesmileshow.leafo.net
qm.leafo.net
medieve.leafo.net
corel.leafo.net
www.ase.leafo.net
zack.leafo.net
leafo.net
leafo.net
qm.leafo.net
www.compohub.leafo.net
wyrm.leafo.net
cedar-woods-com.leafo.net
worm.leafo.net
*.hamlet.leafo.net
*.worm.leafo.net
papersonata.leafo.net
gz.leafo.net
hamlet.leafo.net
corel.leafo.net
tyr.leafo.net
tay.leafo.net
www.tswiki.leafo.net
zack.leafo.net
*.aws.leafo.net
ase.leafo.net
qm.leafo.net
compohub.leafo.net
compohub.net
ravey.leafo.net
leafo.net
pokemon.leafo.net
ase.leafo.net
www.tay.leafo.net
gz.leafo.net
corel.leafo.net
mail.vermis.leafo.net
ase.leafo.net
scite.leafo.net
leafo.net
qm.leafo.net
archeia.leafo.net
blog2.leafo.net
gr.apedick.com
leafo.net
zack.leafo.net
pp.leafo.net
www.medieve.leafo.net
leafo.net
leafo.net
pp.leafo.net
medieve.leafo.net
zack.leafo.net
raziel.leafo.net
compohub.net
qm.leafo.net
mail.drule.leafo.net
qm.leafo.net
compohub.net
corel.leafo.net
mail.tay.leafo.net
soap.leafo.net
www.drule.leafo.net
ase.leafo.net
qm.leafo.net
www.worm.leafo.net
medieve.leafo.net
zack.leafo.net
compohub.net
blog2.leafo.net
leafo.net
www.scite.leafo.net
pp.leafo.net
gz.leafo.net
corel.leafo.net
gz.leafo.net
medieve.leafo.net
*.moonrocks.leafo.net
leafo.net
wyrm.leafo.net
www.vb.leafo.net
leafo.net
www.corel.leafo.net
zack.leafo.net
leafo.net
mail.leafo.net
corel.leafo.net
www.moonscript.org
zack.leafo.net
corel.leafo.net
leafo.net
mail.tri.leafo.net
corel.leafo.net
zack.leafo.net
www.papersonata.leafo.net
pp.leafo.net
compohub.net
leafo.net
leafo.net
qm.leafo.net
frankiesmileshow.leafo.net
qm.leafo.net
medieve.leafo.net
corel.leafo.net
www.ase.leafo.net
zack.leafo.net
leafo.net
leafo.net
qm.leafo.net
www.compohub.leafo.net
wyrm.leafo.net
cedar-woods-com.leafo.net
worm.leafo.net
*.hamlet.leafo.net
*.worm.leafo.net
papersonata.leafo.net
gz.leafo.net
hamlet.leafo.net
corel.leafo.net
tyr.leafo.net
tay.leafo.net
www.tswiki.leafo.net
zack.leafo.net
*.aws.leafo.net
ase.leafo.net
qm.leafo.net
compohub.leafo.net
compohub.net
ravey.leafo.net
leafo.net
pokemon.leafo.net
ase.leafo.net
www.tay.leafo.net
gz.leafo.net
corel.leafo.net
mail.vermis.leafo.net
ase.leafo.net
scite.leafo.net
leafo.net
qm.leafo.net
archeia.leafo.net
blog2.leafo.net
gr.apedick.com
leafo.net
zack.leafo.net
pp.leafo.net
www.medieve.leafo.net
leafo.net
leafo.net
pp.leafo.net
medieve.leafo.net
zack.leafo.net
raziel.leafo.net
compohub.net
qm.leafo.net
mail.drule.leafo.net
qm.leafo.net
compohub.net
corel.leafo.net
mail.tay.leafo.net
soap.leafo.net
www.drule.leafo.net
ase.leafo.net
qm.leafo.net
www.worm.leafo.net
medieve.leafo.net
zack.leafo.net
compohub.net
blog2.leafo.net
leafo.net
www.scite.leafo.net
pp.leafo.net
gz.leafo.net
corel.leafo.net
gz.leafo.net
medieve.leafo.net
*.moonrocks.leafo.net
leafo.net
wyrm.leafo.net
www.vb.leafo.net
leafo.net
www.corel.leafo.net
zack.leafo.net
leafo.net
mail.leafo.net
corel.leafo.net
www.moonscript.org
zack.leafo.net
corel.leafo.net
leafo.net
mail.tri.leafo.net
corel.leafo.net
zack.leafo.net
www.papersonata.leafo.net
pp.leafo.net
compohub.net
Certificate
The complete raw certificate details for *.worm.leafo.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgISA3jJEhvfLhoMOW2k6+tTopsMMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjAxNzMyMzRaFw0yNDA2MTgxNzMyMzNaMBsxGTAXBgNVBAMM ECoud29ybS5sZWFmby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDpskURlAwGret7wlpZDxRz5Y1TTPOXmtBLccrfAZkQIyZN64IyLdyKOURIASeh ai6To5UOPtYdj4fsAIQcJlyODMW89mpwRmJ21Ney9GdQuimisERRCU6ZmCSxjX65 SSrH9SEXqi2S4aNANs1xk3o6OS/gHt9kxwvdZciSnwjOvRxGqmb6EbBLaaRL4sMe IpS9IekgA7bMJ/5PNaPL6UZS45CWC+BN1WxxvAk0zs4fAvPikLpxJQNNRyE71ivR cYBTNy8EdHVIRY9NWBAUKUwvVPf1wareWafMwL8roybLDbLDIo6qdyUS7tXGg0vd OgpO7bDkJkHe0x+mLdZ7Rf2xAgMBAAGjggLvMIIC6zAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFDt0if8hfm/OgQ+mOmDQ6rNWztCNMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMIH2BgNVHREEge4wgeuCDyouYXdzLmxlYWZvLm5ldIIQKi5jb29sLmxlYWZv Lm5ldIIRKi5jb29sMi5sZWFmby5uZXSCEiouaGFtbGV0LmxlYWZvLm5ldIILKi5s ZWFmby5uZXSCEioubGlub2RlLmxlYWZvLm5ldIIVKi5tb29ucm9ja3MubGVhZm8u bmV0gg8qLm92aC5sZWFmby5uZXSCEyoucG9rZW1vbi5sZWFmby5uZXSCDyoucml0 LmxlYWZvLm5ldIITKi5zY3JhdGNoLmxlYWZvLm5ldIIQKi53b3JtLmxlYWZvLm5l dIIJbGVhZm8ubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGO XSLwDQAABAMASDBGAiEAuDkB4QMFzo/qzQgjsYktS2kZ0ILKmITZhTEE0ym95pkC IQClsE4WoP830K5IjygnPu2Qaa+typngs+bjAcn0QQZgWwB2ADtTd3U+LbmATosw Wwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjl0i8BUAAAQDAEcwRQIhAOyST+MZVKL5 sZvEfO6D8Ip99IN5vVittU6Gvau2HtiGAiBVsQ8LKjYU7XDchzA02Qb6gYy/Cfau PO6/eH12ovEP4TANBgkqhkiG9w0BAQsFAAOCAQEALuzxC1DPrTOA/+1SpIcWiF/v N3IqBEgdT02CFmh6eo2yU70Rs9YX7hZGfq5PRw/3zFT01Vh4Cewp3ymUezK6sgT0 XnYcK6lJOjuvvKcbEpfaYnupNDzfx5zzooJq1RuFJNzDQlVv2UtM7WNXVvodneVX CMxN1hidkvKX8cOYFXCUPlz69c5O36vTro8wgLvgsPMsHSs40ql3dbEpIfajGAUD yC4ZA02oETKgDEeZdkmn2FFzxQi4dvX6jtilaQJIPB8bkaDBPAd4cewnQaV9qdx1 x45kwdcLgIz5ecW5r/XI6Y/DYfDlA1iyHVkrFWmvc/B5q42Jm9n0m6XwnOpIhg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bJFEZQMBq3re8JaWQ8U c+WNU0zzl5rQS3HK3wGZECMmTeuCMi3cijlESAEnoWouk6OVDj7WHY+H7ACEHCZc jgzFvPZqcEZidtTXsvRnULoporBEUQlOmZgksY1+uUkqx/UhF6otkuGjQDbNcZN6 Ojkv4B7fZMcL3WXIkp8Izr0cRqpm+hGwS2mkS+LDHiKUvSHpIAO2zCf+TzWjy+lG UuOQlgvgTdVscbwJNM7OHwLz4pC6cSUDTUchO9Yr0XGAUzcvBHR1SEWPTVgQFClM L1T39cGq3lmnzMC/K6Mmyw2ywyKOqnclEu7VxoNL3ToKTu2w5CZB3tMfpi3We0X9 sQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 302438010679596784612354533656595869637388 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-20 17:32:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-18 17:32:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.worm.leafo.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29501433171592437312185716236969562785720503324764659274403476753268963155357009687071443716536190313483320231693402050982890749962665487626770524190408513879247965694049422566970917787844145953298990932032626705743079688376721823240756535895123755427513241907285961278991105042931881839551370846500314986608703672833223233615251578661708322778464582747735197623176657682096853707416368583836686004817062216489277888700282860684416678746080484963845466666442160851265619980853929655177321947428457983071627797236047173596891021476896065788856908083696266003483810888041351256896871004719284817785413791045632752221617 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3b7489ff217e6fce810fa63a60d0eab356ced08d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (238 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aws.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cool.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cool2.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hamlet.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.linode.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.moonrocks.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ovh.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pokemon.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rit.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.scratch.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worm.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leafo.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e5d22f00d0000040300483046022100b83901e10305ce8feacd0823b1892d4b6919d082ca9884d9853104d329bde699022100a5b04e16a0ff37d0ae488f28273eed9069afadca99e0b3e6e301c9f44106605b0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e5d22f0150000040300473045022100ec924fe31954a2f9b19bc47cee83f08a7df48379bd58adb54e86bdabb61ed886022055b10f0b2a3614ed70dc873034d906fa818cbf09f6ae3ceebf787d76a2f10fe1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002eecf10b50cfad3380ffed52a48716885fef37722a04481d4f4d8216687a7a8db253bd11b3d617ee16467eae4f470ff7cc54f4d5587809ec29df29947b32bab204f45e761c2ba9493a3bafbca71b1297da627ba9343cdfc79cf3a2826ad51b8524dcc342556fd94b4ced635756fa1d9de55708cc4dd6189d92f297f1c3981570943e5cfaf5ce4edfabd3ae8f3080bbe0b0f32c1d2b38d2a97775b12921f6a3180503c82e19034da81132a00c47997649a7d85173c508b876f5fa8ed8a56902483c1f1b91a0c13c077871ec2741a57da9dc75c78e64c1d70b808cf979c5b9aff5c8e98fc361f0e50358b21d592b1569af73f079ab8d899bd9f49ba5f09cea4886