opentis.uvt.cz

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:f3:37:40:13:ce:b2:72:2d:c5:83:e3:6f:46:fc:23:95:2f was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=opentis.uvt.cz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:f3:37:40:13:ce:b2:72:2d:c5:83:e3:6f:46:fc:23:95:2f
Serial Number (int): 431211199137338160122835393919001735435567
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: ce:13:e9:f3:18:e8:00:56:e3:ac:33:da:fc:ce:4c:b4:4a:2d:e0:34
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 37:56:48:ca:65:16:34:4d:b5:55:b1:0c:4e:66:88:01:de:95:5d:e6
Fingerprint (sha256): 24:76:6e:91:a3:c2:2b:21:73:43:c2:79:43:f6:ee:ff:15:37:bc:87:fa:7c:20:7c:03:1f:57:7b:db:45:d9:13

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate opentis.uvt.cz

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for opentis.uvt.cz

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

opentis.uvt.cz
tiki.uvt.cz
tiki2.uvt.cz

Other certificates including the domain name uvt.cz

(limited to 100 certificates)
opentis.uvt.cz
phpmyadmin.hosting.uvt.cz
letest1.uvt.cz
tv.uvt.cz
tiki.uvt.cz
opentis.uvt.cz
spravait.uvt.cz
uvt.cz
mail.uvt.cz
uvt.cz
opentis.uvt.cz
opentis.uvt.cz
centreon.uvt.cz
letest1.uvt.cz
mail.uvt.cz
uvt.cz
ncb.uvt.cz
git.uvt.cz
ncb.uvt.cz
ncb.uvt.cz
mail.uvt.cz
psw.uvt.cz
opentis.uvt.cz
centreon.uvt.cz
opentis.uvt.cz
tv.uvt.cz
uvt.cz
git.uvt.cz
opentis.uvt.cz
psw.uvt.cz
mail.uvt.cz
tv.uvt.cz
centreon.uvt.cz
tv.uvt.cz
letest1.uvt.cz
uvt.cz
opentis.uvt.cz
spravait.uvt.cz
spravait.uvt.cz
phpmyadmin.hosting.uvt.cz
git.uvt.cz
centreon.uvt.cz
uvt.cz
mail.uvt.cz
chat.uvt.cz
uvt.cz
git.uvt.cz
opentis2.uvt.cz
syspass.uvt.cz
spravait.uvt.cz
opentis.uvt.cz
centreon.uvt.cz
mail.uvt.cz
tiki.uvt.cz
phpmyadmin.hosting.uvt.cz
opentis.uvt.cz
mail.uvt.cz
opentis.uvt.cz
ncb.uvt.cz
git.uvt.cz
phpmyadmin.hosting.uvt.cz
centreon.uvt.cz
opentis.uvt.cz
centreon.uvt.cz
spravait.uvt.cz
centreon.uvt.cz
spravait.uvt.cz
opentis2.uvt.cz
centreon.uvt.cz
phpmyadmin.hosting.uvt.cz
opentis.uvt.cz
opentis2.uvt.cz
uvt.cz
opentis.uvt.cz
chat.uvt.cz
tiki.uvt.cz
mail.uvt.cz
tiki.uvt.cz
opentis.uvt.cz
mail.uvt.cz
centreon.uvt.cz
tv.uvt.cz
opentis.uvt.cz
mail.uvt.cz
mail.uvt.cz
ncb.uvt.cz
tv.uvt.cz
spravait.uvt.cz
ncb.uvt.cz
uvt.cz
opentis.uvt.cz
uvt.cz
syspass.uvt.cz
centreon.uvt.cz
centreon.uvt.cz
tv.uvt.cz
spravait.uvt.cz
mail.uvt.cz
tv.uvt.cz
opentis.uvt.cz

Certificate

The complete raw certificate details for opentis.uvt.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgISBPM3QBPOsnItxYPjb0b8I5UvMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEwMjUwNzI1MzBaFw0x
OTAxMjMwNzI1MzBaMBkxFzAVBgNVBAMTDm9wZW50aXMudXZ0LmN6MIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1+L3xfSvMirlKHGxKg3QLFGG3ihpuJ7M
+hxQljGHEXhXzjy4MMPeVQM9GGekwqzX4z7KEBw6Rqc3tG+p4eXI2KnUEam98Nc1
s+qXO8MjnAWH0dP/sYgpRyWYBPSyrJSYQhGgshiQrCSRXH5xiDfR9qi9+eDs0J2Q
xi6Ocze5Vtt/HwcNT1YXd2V6wUh5KvNDy4FjXNkus1aWjH5bf6vhUhJ7K6ruj+PV
dHR6NkdZH5Wbzmn/mRyUAPunzvfZDHfXzb8WyOMTlV/gzDZaf7gOEv5DtWTgVbF4
a5vuiFS+L6NXKaHeJ7/enNwmb+mWjsnfu7zeGd3HL+6qzrXZUqjJ4fhurqdQ/hpK
vh4+O53ultqZXLsaTSy5ZCahRfWOZyZQ785qUaxa2o2FBTFlwBm0lRxbE5hn+dEG
YlOxWPjjpnbwrsGhBPCTbw622HlzYAT1gRoecbI+WJeI9+pZNBNSQXDM6L699lQ2
KoVBfyhFRE3dVoIeH6jdQ3cmk5K/hIbMRyDLurVvMN5/u2ZZ608bcNX2kD4arcYQ
2sbnh/VKhgnYnQTgcccDd1Vpio5zlydw0pLSJpI6Zv3vmtj7Hg6JmYRKj0BXs+cI
fEbBWsF0Pz3Oo7fEBbhdr4B3cRZjVIxhCd1igjbOfcqAxkEEZewvqwHgHqdn/Yh2
PP200uQpn+MCAwEAAaOCAzEwggMtMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUzhPp
8xjoAFbjrDPa/M5MtEot4DQwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo
7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnLzA0BgNVHREELTArgg5vcGVudGlzLnV2dC5jeoIL
dGlraS51dnQuY3qCDHRpa2kyLnV2dC5jejCB/gYDVR0gBIH2MIHzMAgGBmeBDAEC
ATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0
c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUg
bWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBv
bmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZv
dW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMIIBBAYK
KwYBBAHWeQIEAgSB9QSB8gDwAHYAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV5
5hB7zFYAAAFmqlQcYgAABAMARzBFAiA6ydqKyGQLqoclAl+bIX7KRhCq3X7LMkxT
PO94M4JoggIhAP+mfgydz5/XcdUhwkeyZNAEjWRS9VMeQGdm6MBLwbR4AHYAKTxR
llTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFmqlQcUwAABAMARzBFAiEA
5u9a7gD9oSTZN2hT5tSltVy/ECWsRsTY1XvIwZr0gHwCIB095scEBiEotIDvAnNz
w7Z8ismx/rV2roRyFC7BFIQfMA0GCSqGSIb3DQEBCwUAA4IBAQCFat9O+KLWRRrk
t8lfVoIHq8IFlj7uLS1HoGTBHnC1Su5GVeH/F1dDHd/RVFfWgPtDfXkXfKIia5SB
DQcfk5FClX8XoF/eORsK03PWvkJglYn6khtlDqxl68u7RrbLnncoJhydKnhHDEng
qJ++oalOAgZdR0gArOrfLJj7ZYfFYp8rfc94igbNg54renWuV2aKYFGFyGMgDe6G
IUaAxasWnhNrVDDNJScosEQ6jIsm5VIjik/KMbJh6zWK0877fJXct9lVheffEqZ1
ZlaFBFOU4dK9p2gx2jhdkb7f3x02Mrb1fjMuA0sJri2tYsXCTLvrGTchctnDOYzB
S0caL90c
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1+L3xfSvMirlKHGxKg3Q
LFGG3ihpuJ7M+hxQljGHEXhXzjy4MMPeVQM9GGekwqzX4z7KEBw6Rqc3tG+p4eXI
2KnUEam98Nc1s+qXO8MjnAWH0dP/sYgpRyWYBPSyrJSYQhGgshiQrCSRXH5xiDfR
9qi9+eDs0J2Qxi6Ocze5Vtt/HwcNT1YXd2V6wUh5KvNDy4FjXNkus1aWjH5bf6vh
UhJ7K6ruj+PVdHR6NkdZH5Wbzmn/mRyUAPunzvfZDHfXzb8WyOMTlV/gzDZaf7gO
Ev5DtWTgVbF4a5vuiFS+L6NXKaHeJ7/enNwmb+mWjsnfu7zeGd3HL+6qzrXZUqjJ
4fhurqdQ/hpKvh4+O53ultqZXLsaTSy5ZCahRfWOZyZQ785qUaxa2o2FBTFlwBm0
lRxbE5hn+dEGYlOxWPjjpnbwrsGhBPCTbw622HlzYAT1gRoecbI+WJeI9+pZNBNS
QXDM6L699lQ2KoVBfyhFRE3dVoIeH6jdQ3cmk5K/hIbMRyDLurVvMN5/u2ZZ608b
cNX2kD4arcYQ2sbnh/VKhgnYnQTgcccDd1Vpio5zlydw0pLSJpI6Zv3vmtj7Hg6J
mYRKj0BXs+cIfEbBWsF0Pz3Oo7fEBbhdr4B3cRZjVIxhCd1igjbOfcqAxkEEZewv
qwHgHqdn/Yh2PP200uQpn+MCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 431211199137338160122835393919001735435567
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-25 07:25:30 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-23 07:25:30 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'opentis.uvt.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 880740459394979748264702239593921407721617747000397073503346554047407766812788730333464849380576055631422100879783680948158868483203813065723810170351228494627341212419311541919034022727961412787183227306444640327912729843492792088068801191582782990431912122712626545949015206847663201097986814640573361154199440450421425800969729314061118155701329225893667118832979795140970117864819552381752181915545218991372678121721383683788185580991498464739282947859158795043345678240055364370223819122831187504886768441589451175097587602081940885308158825619204039614836993436104195542771357019061273379103745669251762559515262173749282571772572061546684404127738013420517976193191203491338802087058374024295218256603189859050719651666887931712934820233823515481343883454948768836859794427704861938732504324749582813478800189841656339910925474848609960320040327268599131251409628551280469873525174490696426393627822669145810666423782732523624092911344415524083099368622724604833802374424514122839826689708532532101396287465805527437409736718872216207347148456553863710195702260188539275176453919255025504553836496225481874000024473622961941095237258084923445946764772112033152651466954581817498788966335730688564973435440681240368053515558883
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ce13e9f318e80056e3ac33dafcce4cb44a2de034
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opentis.uvt.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiki.uvt.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tiki2.uvt.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000166aa541c62000004030047304502203ac9da8ac8640baa8725025f9b217eca4610aadd7ecb324c533cef7833826882022100ffa67e0c9dcf9fd771d521c247b264d0048d6452f5531e406766e8c04bc1b478007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000166aa541c530000040300473045022100e6ef5aee00fda124d9376853e6d4a5b55cbf1025ac46c4d8d57bc8c19af4807c02201d3de6c704062128b480ef027373c3b67c8ac9b1feb576ae8472142ec114841f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00856adf4ef8a2d6451ae4b7c95f568207abc205963eee2d2d47a064c11e70b54aee4655e1ff1757431ddfd15457d680fb437d79177ca2226b94810d071f939142957f17a05fde391b0ad373d6be42609589fa921b650eac65ebcbbb46b6cb9e7728261c9d2a78470c49e0a89fbea1a94e02065d474800aceadf2c98fb6587c5629f2b7dcf788a06cd839e2b7a75ae57668a605185c863200dee86214680c5ab169e136b5430cd252728b0443a8c8b26e552238a4fca31b261eb358ad3cefb7c95dcb7d95585e7df12a675665685045394e1d2bda76831da385d91bedfdf1d3632b6f57e332e034b09ae2dad62c5c24cbbeb19372172d9c3398cc14b471a2fdd1c