www.defense.gov
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:1e:0d:e0:0e:d3:57:b2:3d:ca:d8:15:3e:77:e5:97:c7:8a was issued on by Let's Encrypt.
With 50 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.defense.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:1e:0d:e0:0e:d3:57:b2:3d:ca:d8:15:3e:77:e5:97:c7:8aSerial Number (int): 271563772142048426969599154823892932478858
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 76:86:b2:45:7e:2f:ec:ce:df:0c:fa:f4:ec:d2:42:63:aa:22:4b:5f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): a6:08:c5:a6:20:a7:be:d4:8b:48:5d:c9:92:03:4f:db:8f:36:ff:00
Fingerprint (sha256): 20:dd:de:cb:60:16:ef:52:a6:6c:3d:c7:f4:e6:d6:58:a3:3f:e5:d0:62:ae:c5:a5:d9:81:f8:2d:86:1e:03:19
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.defense.gov
50
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.defense.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
2017dodtransition.defense.gov
actuary.defense.gov
afd.defense.gov
archive.defense.gov
armedforcessports.defense.gov
atsdio.defense.gov
basicresearch.defense.gov
business.defense.gov
cmo.defense.gov
comptroller.defense.gov
ctip.defense.gov
dacowits.defense.gov
data.defense.gov
dbb.defense.gov
dcips.defense.gov
dcmo.defense.gov
diversity.defense.gov
dod.defense.gov
dodcertpmo.defense.gov
dodcio.defense.gov
dodsioo.defense.gov
dpcld.defense.gov
dpclo.defense.gov
energy.defense.gov
execsec.defense.gov
history.defense.gov
innovation.defense.gov
irt.defense.gov
jamrs.defense.gov
jnlwp.defense.gov
jsc.defense.gov
la.defense.gov
militarypay.defense.gov
minerva.defense.gov
opa.defense.gov
open.defense.gov
ousdi.defense.gov
policy.defense.gov
prhome.defense.gov
ra.defense.gov
recovery.defense.gov
rfpb.defense.gov
rwtf.defense.gov
servicedesk.defense.gov
valor.defense.gov
vwac.defense.gov
www.business.defense.gov
www.businessdefense.gov
www.defense.gov
www.dod.defense.gov
actuary.defense.gov
afd.defense.gov
archive.defense.gov
armedforcessports.defense.gov
atsdio.defense.gov
basicresearch.defense.gov
business.defense.gov
cmo.defense.gov
comptroller.defense.gov
ctip.defense.gov
dacowits.defense.gov
data.defense.gov
dbb.defense.gov
dcips.defense.gov
dcmo.defense.gov
diversity.defense.gov
dod.defense.gov
dodcertpmo.defense.gov
dodcio.defense.gov
dodsioo.defense.gov
dpcld.defense.gov
dpclo.defense.gov
energy.defense.gov
execsec.defense.gov
history.defense.gov
innovation.defense.gov
irt.defense.gov
jamrs.defense.gov
jnlwp.defense.gov
jsc.defense.gov
la.defense.gov
militarypay.defense.gov
minerva.defense.gov
opa.defense.gov
open.defense.gov
ousdi.defense.gov
policy.defense.gov
prhome.defense.gov
ra.defense.gov
recovery.defense.gov
rfpb.defense.gov
rwtf.defense.gov
servicedesk.defense.gov
valor.defense.gov
vwac.defense.gov
www.business.defense.gov
www.businessdefense.gov
www.defense.gov
www.dod.defense.gov
Other certificates including the domain name defense.gov
(limited to 100 certificates)
search.usa.gov
www.defense.gov
www.defense.gov
media-dev.defense.gov
media-dev.defense.gov
www.defense.gov
media-dev.defense.gov
search.usa.gov
media-dev.defense.gov
www.defense.gov
www.defense.gov
media-dev.defense.gov
helpdesk.defense.gov
search.usa.gov
media-dev.defense.gov
*.defense.gov
www.defense.gov
search.usa.gov
www.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
www.defense.gov
search.usa.gov
okdbv.search.usa.gov
search.usa.gov
media-dev.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
media-dev.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
www.defense.gov
stats.defense.gov
www.defense.gov
www.defense.gov
static.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
www.defense.gov
search.usa.gov
search.usa.gov
www.defense.gov
stats.defense.gov
www.defense.gov
stats.defense.gov
www.defense.gov
kb.defense.gov
media-dev.defense.gov
dd306dce-f242-4dfc-b2c3-3eb39d5d44b9.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
kb.defense.gov
www.defense.gov
search.usa.gov
www.defense.gov
www.defense.gov
www.defense.gov
www.defense.gov
www.defense.gov
gfm.ousdi.defense.gov
search.usa.gov
search.usa.gov
www.defense.gov
stats.defense.gov
media-dev.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
dd306dce-f242-4dfc-b2c3-3eb39d5d44b9.defense.gov
search.usa.gov
search.usa.gov
stats.defense.gov
www.defense.gov
www.defense.gov
media-dev.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
search.usa.gov
search.usa.gov
search.usa.gov
media-dev.defense.gov
search.usa.gov
www.defense.gov
search.usa.gov
www.defense.gov
www.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
www.defense.gov
www.defense.gov
media-dev.defense.gov
media-dev.defense.gov
www.defense.gov
media-dev.defense.gov
search.usa.gov
media-dev.defense.gov
www.defense.gov
www.defense.gov
media-dev.defense.gov
helpdesk.defense.gov
search.usa.gov
media-dev.defense.gov
*.defense.gov
www.defense.gov
search.usa.gov
www.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
www.defense.gov
search.usa.gov
okdbv.search.usa.gov
search.usa.gov
media-dev.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
media-dev.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
www.defense.gov
stats.defense.gov
www.defense.gov
www.defense.gov
static.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
www.defense.gov
search.usa.gov
search.usa.gov
www.defense.gov
stats.defense.gov
www.defense.gov
stats.defense.gov
www.defense.gov
kb.defense.gov
media-dev.defense.gov
dd306dce-f242-4dfc-b2c3-3eb39d5d44b9.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
kb.defense.gov
www.defense.gov
search.usa.gov
www.defense.gov
www.defense.gov
www.defense.gov
www.defense.gov
www.defense.gov
gfm.ousdi.defense.gov
search.usa.gov
search.usa.gov
www.defense.gov
stats.defense.gov
media-dev.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
dd306dce-f242-4dfc-b2c3-3eb39d5d44b9.defense.gov
search.usa.gov
search.usa.gov
stats.defense.gov
www.defense.gov
www.defense.gov
media-dev.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
search.usa.gov
search.usa.gov
search.usa.gov
search.usa.gov
media-dev.defense.gov
search.usa.gov
www.defense.gov
search.usa.gov
www.defense.gov
www.defense.gov
www.defense.gov
www.defense.gov
search.usa.gov
search.usa.gov
Certificate
The complete raw certificate details for www.defense.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKADCCCOigAwIBAgISAx4N4A7TV7I9ytgVPnfll8eKMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA5MDYxNjE2NTBaFw0x ODEyMDUxNjE2NTBaMBoxGDAWBgNVBAMTD3d3dy5kZWZlbnNlLmdvdjCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKm/Idd49oDuTjkV0WzU7vb6agvjwoEk AO+9jqje8G35FsFHMMuRac62ZhGLM0PJnC9Zx0ttjxKr2nbIzlVBsdZPcEEWD5CT K4k6fZFg80qBD8qe/Mu82AD6iOh8tT5gwJzrk4C0uL27uJyAx6aLFCXWUuiD94GK UVgP+aw7YbVXodn6dwqLqHCWN04K5pgyR7lPQkB7H6zaxBQl9ESqRcAkHvdPnYFu JA8cgZ1XhsmpZJfzJM76UExjHRlzXtnYyPbqUFGg0LzrU+12aGrHzQOnKJKYDMUz dNUmk43Z5ASBug+3+WtOEMfmDZ+mDFrSlvediRkuVIGmFB0w2Vg2Uq0CAwEAAaOC Bw4wggcKMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUdoayRX4v7M7fDPr07NJCY6oi S18wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu b3JnLzCCBA8GA1UdEQSCBAYwggQCgh0yMDE3ZG9kdHJhbnNpdGlvbi5kZWZlbnNl LmdvdoITYWN0dWFyeS5kZWZlbnNlLmdvdoIPYWZkLmRlZmVuc2UuZ292ghNhcmNo aXZlLmRlZmVuc2UuZ292gh1hcm1lZGZvcmNlc3Nwb3J0cy5kZWZlbnNlLmdvdoIS YXRzZGlvLmRlZmVuc2UuZ292ghliYXNpY3Jlc2VhcmNoLmRlZmVuc2UuZ292ghRi dXNpbmVzcy5kZWZlbnNlLmdvdoIPY21vLmRlZmVuc2UuZ292ghdjb21wdHJvbGxl ci5kZWZlbnNlLmdvdoIQY3RpcC5kZWZlbnNlLmdvdoIUZGFjb3dpdHMuZGVmZW5z ZS5nb3aCEGRhdGEuZGVmZW5zZS5nb3aCD2RiYi5kZWZlbnNlLmdvdoIRZGNpcHMu ZGVmZW5zZS5nb3aCEGRjbW8uZGVmZW5zZS5nb3aCFWRpdmVyc2l0eS5kZWZlbnNl LmdvdoIPZG9kLmRlZmVuc2UuZ292ghZkb2RjZXJ0cG1vLmRlZmVuc2UuZ292ghJk b2RjaW8uZGVmZW5zZS5nb3aCE2RvZHNpb28uZGVmZW5zZS5nb3aCEWRwY2xkLmRl ZmVuc2UuZ292ghFkcGNsby5kZWZlbnNlLmdvdoISZW5lcmd5LmRlZmVuc2UuZ292 ghNleGVjc2VjLmRlZmVuc2UuZ292ghNoaXN0b3J5LmRlZmVuc2UuZ292ghZpbm5v dmF0aW9uLmRlZmVuc2UuZ292gg9pcnQuZGVmZW5zZS5nb3aCEWphbXJzLmRlZmVu c2UuZ292ghFqbmx3cC5kZWZlbnNlLmdvdoIPanNjLmRlZmVuc2UuZ292gg5sYS5k ZWZlbnNlLmdvdoIXbWlsaXRhcnlwYXkuZGVmZW5zZS5nb3aCE21pbmVydmEuZGVm ZW5zZS5nb3aCD29wYS5kZWZlbnNlLmdvdoIQb3Blbi5kZWZlbnNlLmdvdoIRb3Vz ZGkuZGVmZW5zZS5nb3aCEnBvbGljeS5kZWZlbnNlLmdvdoIScHJob21lLmRlZmVu c2UuZ292gg5yYS5kZWZlbnNlLmdvdoIUcmVjb3ZlcnkuZGVmZW5zZS5nb3aCEHJm cGIuZGVmZW5zZS5nb3aCEHJ3dGYuZGVmZW5zZS5nb3aCF3NlcnZpY2VkZXNrLmRl ZmVuc2UuZ292ghF2YWxvci5kZWZlbnNlLmdvdoIQdndhYy5kZWZlbnNlLmdvdoIY d3d3LmJ1c2luZXNzLmRlZmVuc2UuZ292ghd3d3cuYnVzaW5lc3NkZWZlbnNlLmdv doIPd3d3LmRlZmVuc2UuZ292ghN3d3cuZG9kLmRlZmVuc2UuZ292MIH+BgNVHSAE gfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhp cyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5n IFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZp Y2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVw b3NpdG9yeS8wggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQBvU3asMfAxGdiZAKRR Ff93FRwR2QLBACkGjbIImjfZEwAAAWWv4vLtAAAEAwBGMEQCIC0TIotlf7ASyKKB RS17t7XDSkzbj/rvq96vpS77W9Y3AiAgqROtnOK7I0Uece6ZHOuQWj+g3AdcG/2R DK1tkSRj0gB3ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABZa/i 9JgAAAQDAEgwRgIhAK6H5CME+A8WCflYDFFjbEgtNNpSO8RoHnluF+A28ETMAiEA jTVPv5dhHnzOF3iHcJqJAlU+9QEAQxjiiBXYSVQ89uYwDQYJKoZIhvcNAQELBQAD ggEBAGtMy0pvKNvq+OwxAacjHazupOJkBOrGjK/YVyLBqEcDK4rlqFsGwmwjtTPF /2TOg3lR1VRKvYgWBxxs6gsl0CWiP8lq5lOE3w/mfW70FYZ5B7qUmmuHZoLAjApp AjHvmRgLO3QIIOGvJuyijvFoAzWE1cXcK61MXMDMml9X/RWxmMPBG+vCQeKP2G2U iF4vWSdf1z8P0vKog8hmGJGpJApSdG+JJ7PfjsRFMSqynkrKLneS3XPs05OM0r/c ON2eozL4R3fVupCB4p7OtKV1BJghqkPbJfiaZgWbsEWWdmeEaL8lQRMbjmJGiwV3 /N0rk7eAlXHFGvw60lEqnOcPxGM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb8h13j2gO5OORXRbNTu 9vpqC+PCgSQA772OqN7wbfkWwUcwy5FpzrZmEYszQ8mcL1nHS22PEqvadsjOVUGx 1k9wQRYPkJMriTp9kWDzSoEPyp78y7zYAPqI6Hy1PmDAnOuTgLS4vbu4nIDHposU JdZS6IP3gYpRWA/5rDthtVeh2fp3CouocJY3TgrmmDJHuU9CQHsfrNrEFCX0RKpF wCQe90+dgW4kDxyBnVeGyalkl/MkzvpQTGMdGXNe2djI9upQUaDQvOtT7XZoasfN A6cokpgMxTN01SaTjdnkBIG6D7f5a04Qx+YNn6YMWtKW952JGS5UgaYUHTDZWDZS rQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 271563772142048426969599154823892932478858 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-06 16:16:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-05 16:16:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.defense.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21428524336949755369638765218179452888904973169006420566254050587003875995517744148003228160813976958858680298174435340500162339085246334020674693403480959653029212917023626729473762826116910464996999125612747343609702784657070653708138427326022344512855014734904680629410672671213241244955043765349489570559936919543041376597688974177675417791150950812566803138996148369219319552248961737874839262873042928265256774716355164645388676158967229825114489296503541447825257980431414144495563553196107881316918041694667186364708552517798239752589386425481304553475002761061447627326187341076019130367236433759342482051757 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7686b2457e2feccedf0cfaf4ecd24263aa224b5f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1030 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '2017dodtransition.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'actuary.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'afd.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'archive.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'armedforcessports.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'atsdio.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'basicresearch.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'business.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmo.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'comptroller.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ctip.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dacowits.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dbb.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dcips.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dcmo.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diversity.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dod.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dodcertpmo.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dodcio.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dodsioo.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dpcld.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dpclo.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'energy.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'execsec.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'history.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'innovation.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'irt.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jamrs.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jnlwp.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jsc.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'la.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'militarypay.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'minerva.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opa.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'open.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ousdi.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'policy.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prhome.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ra.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recovery.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rfpb.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rwtf.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicedesk.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valor.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vwac.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.business.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.businessdefense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.defense.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dod.defense.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000165afe2f2ed000004030046304402202d13228b657fb012c8a281452d7bb7b5c34a4cdb8ffaefabdeafa52efb5bd637022020a913ad9ce2bb23451e71ee991ceb905a3fa0dc075c1bfd910cad6d912463d2007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000165afe2f4980000040300483046022100ae87e42304f80f1609f9580c51636c482d34da523bc4681e796e17e036f044cc0221008d354fbf97611e7cce177887709a8902553ef501004318e28815d849543cf6e6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006b4ccb4a6f28dbeaf8ec3101a7231daceea4e26404eac68cafd85722c1a847032b8ae5a85b06c26c23b533c5ff64ce837951d5544abd8816071c6cea0b25d025a23fc96ae65384df0fe67d6ef415867907ba949a6b876682c08c0a690231ef99180b3b740820e1af26eca28ef168033584d5c5dc2bad4c5cc0cc9a5f57fd15b198c3c11bebc241e28fd86d94885e2f59275fd73f0fd2f2a883c8661891a9240a52746f8927b3df8ec445312ab29e4aca2e7792dd73ecd3938cd2bfdc38dd9ea332f84777d5ba9081e29eceb4a575049821aa43db25f89a66059bb0459676678468bf2541131b8e62468b0577fcdd2b93b7809571c51afc3ad2512a9ce70fc463