us.shop.movember.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:60:07:de:8b:da:f5:d9:27:5d:e2:57:dd:be:9d:41:62:30 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=us.shop.movember.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:60:07:de:8b:da:f5:d9:27:5d:e2:57:dd:be:9d:41:62:30Serial Number (int): 294014425142166682261104571460241225507376
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ce:75:78:b8:f8:71:c1:d8:16:4d:9c:2a:1f:d3:ca:e5:20:5f:ec:05
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 74:12:a6:1c:92:b5:b6:5f:32:1d:d6:0f:c2:42:4f:b0:fe:75:75:a5
Fingerprint (sha256): 21:0f:20:8b:3c:54:51:10:7a:24:44:3e:02:45:59:7b:71:87:a9:d9:3c:e5:9b:ae:d1:74:21:d4:5c:d7:d1:5d
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate us.shop.movember.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for us.shop.movember.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
us.shop.movember.com
Other certificates including the domain name movember.com
(limited to 100 certificates)
www.movember.com
ca.shop.movember.com
app.classquest.com.br
api.familyman.test.movember.com
toolkit.movember.com
community.movember.com
us.shop.movember.com
broadcast.movember.com
us.movember.com
cloud.email.movember.com
form.mymoons.mx
wonday.co
api.familyman.movember.com
h.ssl.shopify.com
*.movember.com
uat.movember.com
dr.movember.com
selfservice.movember.com
brushly.bullet-mobile.store
mo.movember.co
www.movember.com
cms.familyman.test.movember.com
api.aotg.staging.movember.com
selfservice.movember.com
selfservice.uat.movember.com
shop.ca.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
uat.movember.com
dr.movember.com
mo.movember.co
*.staging.movember.com
meninmind.test.movember.com
nz.shop.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
uat.movember.com
selfservice.movember.com
*.uat.movember.com
meninmind.test.movember.com
api.familyman.test.movember.com
mo.movember.co
api.meninmind.movember.com
petetest2.test.movember.com
ca.shop.movember.com
api.meninmind.test.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
dr.movember.com
api.meninmind.movember.com
api.movember.com
uk.shop.movember.com
mo.movember.co
*.mrporter.p.uat.movember.com
*.movember.com
truenorthtracker.test.movember.com
t5.mobx.agency
uk.shop.movember.com
awards.movember.com
talent.gravitonweb.com
cms.familyman.test.movember.com
us.shop.movember.com
uat.movember.com
us.shop.movember.com
*.staging.movember.com
mo.movember.co
mo.movember.co
pierinasanchez.nyc
api.meninmind.test.movember.com
uat.movember.com
dr.movember.com
ca.shop.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
familyman.test.movember.com
uat.movember.com
uat.movember.com
mo.movember.co
www.movember.com
h.ssl.shopify.com
www.filipmarko.se
nz.shop.movember.com
business.etable.app
api.aotg.movember.com
uk.shop.movember.com
sonarqube.movember.com
uat.movember.com
uk.shop.movember.com
www.movember.com
uat.movember.com
*.demo.movember.com
*.uat.movember.com
dr.movember.com
cms.familyman.test.movember.com
demo.movember.com
mo.movember.co
*.staging.movember.com
nuts.movember.com
selfservice.uat.movember.com
mo.movember.co
selfservice.movember.com
h.ssl.shopify.com
www.movember.com
ca.shop.movember.com
app.classquest.com.br
api.familyman.test.movember.com
toolkit.movember.com
community.movember.com
us.shop.movember.com
broadcast.movember.com
us.movember.com
cloud.email.movember.com
form.mymoons.mx
wonday.co
api.familyman.movember.com
h.ssl.shopify.com
*.movember.com
uat.movember.com
dr.movember.com
selfservice.movember.com
brushly.bullet-mobile.store
mo.movember.co
www.movember.com
cms.familyman.test.movember.com
api.aotg.staging.movember.com
selfservice.movember.com
selfservice.uat.movember.com
shop.ca.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
uat.movember.com
dr.movember.com
mo.movember.co
*.staging.movember.com
meninmind.test.movember.com
nz.shop.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
uat.movember.com
selfservice.movember.com
*.uat.movember.com
meninmind.test.movember.com
api.familyman.test.movember.com
mo.movember.co
api.meninmind.movember.com
petetest2.test.movember.com
ca.shop.movember.com
api.meninmind.test.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
dr.movember.com
api.meninmind.movember.com
api.movember.com
uk.shop.movember.com
mo.movember.co
*.mrporter.p.uat.movember.com
*.movember.com
truenorthtracker.test.movember.com
t5.mobx.agency
uk.shop.movember.com
awards.movember.com
talent.gravitonweb.com
cms.familyman.test.movember.com
us.shop.movember.com
uat.movember.com
us.shop.movember.com
*.staging.movember.com
mo.movember.co
mo.movember.co
pierinasanchez.nyc
api.meninmind.test.movember.com
uat.movember.com
dr.movember.com
ca.shop.movember.com
san-30-s12.tlsprovisioning.exacttarget.com
familyman.test.movember.com
uat.movember.com
uat.movember.com
mo.movember.co
www.movember.com
h.ssl.shopify.com
www.filipmarko.se
nz.shop.movember.com
business.etable.app
api.aotg.movember.com
uk.shop.movember.com
sonarqube.movember.com
uat.movember.com
uk.shop.movember.com
www.movember.com
uat.movember.com
*.demo.movember.com
*.uat.movember.com
dr.movember.com
cms.familyman.test.movember.com
demo.movember.com
mo.movember.co
*.staging.movember.com
nuts.movember.com
selfservice.uat.movember.com
mo.movember.co
selfservice.movember.com
h.ssl.shopify.com
www.movember.com
Certificate
The complete raw certificate details for us.shop.movember.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISA2AH3ova9dknXeJX3b6dQWIwMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MDkwMzEzMDBaFw0x NzExMDcwMzEzMDBaMB8xHTAbBgNVBAMTFHVzLnNob3AubW92ZW1iZXIuY29tMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s+OP4FjICFkqg81YdoSTJ8g y8TjJbj1hJn5h4muQziQ9heZv3NPy9r2FralSlj70xiLuFWyGIMHZW3aSsyu3hLH iMKCZhFoEKo6P5rZnrLvHoj1xkPTrWLzBzWT15Oj5K+r/ilee+2vqnDqI1+PuTzV kg743TkvA8VMLuQu4HQMnLG+P7ZcrrmgYbyMgW9ORW/8/fRd24C0Wviy5c2c8kvL oXLnmfPMJP4jRJuV0cyCVRDYt0whANsoapINyXX2pdD3Ha9ourfdsFc3WwkePmSF ZUyx/0l89+4RbakY/lGPfkiafDQUsNs6/l/x6r46HDCSXvoTHpwTdiqwj88bpQID AQABo4ICFDCCAhAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTOdXi4+HHB2BZNnCof 08rlIF/sBTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j cnlwdC5vcmcvMB8GA1UdEQQYMBaCFHVzLnNob3AubW92ZW1iZXIuY29tMIH+BgNV HSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcC ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGb VGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5 aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0 aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcv cmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAELwbi1s6XbEYndjf8JWSlit Z1aG8GJe2Jp2LggRk7UMIpio6e2Cqpt8CsegLkE1EzkqbXhYKahw5aI7rPjtQZAL oHZc5TLeVAAUMqgjIoSl/Pgf/qdz0sL7kWD6n+W0gDhj2vz+NhAv2iSCM5uBKrUs dntNJH3MfLEIVpfnNsQo/9lIgY62vcEyogyE1XC6oCWnHP0E6uIYYV8rU8audRY5 BmxUFEAdX6azbVIExSa6XLJ4z+ZJIFf6Yr8llV1nZSe3NwVg6wfZ608V08OdMUm2 QZg5ecOS+NR76cawLRWsbTiJbG9RsVy8qPviK7UaHfsXwbsA9KwrMj+Abveoq0Y= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s+OP4FjICFkqg81YdoS TJ8gy8TjJbj1hJn5h4muQziQ9heZv3NPy9r2FralSlj70xiLuFWyGIMHZW3aSsyu 3hLHiMKCZhFoEKo6P5rZnrLvHoj1xkPTrWLzBzWT15Oj5K+r/ilee+2vqnDqI1+P uTzVkg743TkvA8VMLuQu4HQMnLG+P7ZcrrmgYbyMgW9ORW/8/fRd24C0Wviy5c2c 8kvLoXLnmfPMJP4jRJuV0cyCVRDYt0whANsoapINyXX2pdD3Ha9ourfdsFc3Wwke PmSFZUyx/0l89+4RbakY/lGPfkiafDQUsNs6/l/x6r46HDCSXvoTHpwTdiqwj88b pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 294014425142166682261104571460241225507376 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-09 03:13:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-07 03:13:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'us.shop.movember.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29642112870904087751744309327666340757949777172331877613751360801811043227278610660319009641015905182891684231333160103903961410299558114372128519118812202607528459202613241331919684770112044277675173970129026714058992891726966977905086860827514171357931220795277413358613127352321486082355063540919444320373803760232982671281371348298879176719763885659658424730661037927364420917976780529206955959107950419592074735747276625768311431059852157124465157384069468629035385038743268770298887099498524152562458595052368982757093386501137180459257703938123038614353809918576380524300414980111572103280756967463918421089189 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ce7578b8f871c1d8164d9c2a1fd3cae5205fec05 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.shop.movember.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042f06e2d6ce976c46277637fc2564a58ad675686f0625ed89a762e081193b50c2298a8e9ed82aa9b7c0ac7a02e413513392a6d785829a870e5a23bacf8ed41900ba0765ce532de54001432a8232284a5fcf81ffea773d2c2fb9160fa9fe5b4803863dafcfe36102fda2482339b812ab52c767b4d247dcc7cb1085697e736c428ffd948818eb6bdc132a20c84d570baa025a71cfd04eae218615f2b53c6ae751639066c5414401d5fa6b36d5204c526ba5cb278cfe6492057fa62bf25955d676527b7370560eb07d9eb4f15d3c39d3149b641983979c392f8d47be9c6b02d15ac6d38896c6f51b15cbca8fbe22bb51a1dfb17c1bb00f4ac2b323f806ef7a8ab46