registry.appuio.ch
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:99:94:02:7f:83:fa:7a:e9:20:9c:59:5a:9e:04:cb:bd:01 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=registry.appuio.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:99:94:02:7f:83:fa:7a:e9:20:9c:59:5a:9e:04:cb:bd:01Serial Number (int): 313596798648476638264062087723131968666881
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b3:c8:38:7f:f1:a1:f3:cc:7f:02:3b:bd:bc:0a:5d:9a:61:97:50:12
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 32:1d:62:22:e2:45:d8:fc:20:04:cd:0a:0e:72:99:8a:28:54:c2:0e
Fingerprint (sha256): 2a:8a:e2:cc:e8:93:cf:3d:6d:54:a5:d2:9d:91:64:7b:85:61:08:ac:dc:e5:cb:ec:fd:02:97:6e:86:77:b0:4f
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate registry.appuio.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for registry.appuio.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
registry.appuio.ch
Other certificates including the domain name appuio.ch
(limited to 100 certificates)
register.appuio.ch
logging.appuio.ch
logging.appuio.ch
letsencrypt.appuio.ch
console.lab.appuio.ch
logging.appuio.ch
charts.appuio.ch
logging.appuio.ch
console.appuio.ch
metrics.appuio.ch
register.appuio.ch
registry.appuio.ch
metrics.appuio.ch
console.appuio.ch
console.appuio.ch
console.appuio.ch
registry.appuio.ch
test.appuio.ch
community.appuio.ch
status.appuio.ch
community.appuio.ch
charts.appuio.ch
registry.appuio.ch
registry.appuio.ch
docs.appuio.ch
forum.appuio.ch
logging.appuio.ch
logging.appuio.ch
registry.appuio.ch
appuio.ch
registry.appuio.ch
console.appuio.ch
console.lab.appuio.ch
register.appuio.ch
letsencrypt.appuio.ch
letsencrypt.lab.appuio.ch
console.appuio.ch
docs.appuio.ch
appuio.ch
registry.appuio.ch
console.lab.appuio.ch
console-lab-aws-eu-central-1.appuio.ch
registry.appuio.ch
registry.appuio.ch
metrics.appuio.ch
registry.appuio.ch
metrics.appuio.ch
metrics.appuio.ch
appuio.ch
appuio.ch
console.appuio.ch
status.appuio.ch
console.appuio.ch
console.lab.appuio.ch
control.vshn.net
console.lab.appuio.ch
register.appuio.ch
registry.appuio.ch
console.appuio.ch
console.appuio.ch
metrics.appuio.ch
logging.appuio.ch
community.appuio.ch
logging.appuio.ch
console.lab.appuio.ch
test.appuio.ch
metrics.appuio.ch
registry.appuio.ch
console.appuio.ch
registry.appuio.ch
console-dcs1.appuio.ch
appuio.ch
metrics.appuio.ch
console.appuio.ch
registry.appuio.ch
docs.appuio.ch
community.appuio.ch
logging.appuio.ch
logging.appuio.ch
console.appdirect-prod.appuio.ch
appuio.ch
status.appuio.ch
console.appuio.ch
console.appuio.ch
console.appuio.ch
appuio.ch
console.appdirect-prod.appuio.ch
logging.appuio.ch
metrics.appuio.ch
appuio.ch
status.appuio.ch
appuio.ch
logging.appuio.ch
status.appuio.ch
console.lab.appuio.ch
console.appuio.ch
status.appuio.ch
console-dcs1.appuio.ch
status.appuio.ch
forum.appuio.ch
logging.appuio.ch
logging.appuio.ch
letsencrypt.appuio.ch
console.lab.appuio.ch
logging.appuio.ch
charts.appuio.ch
logging.appuio.ch
console.appuio.ch
metrics.appuio.ch
register.appuio.ch
registry.appuio.ch
metrics.appuio.ch
console.appuio.ch
console.appuio.ch
console.appuio.ch
registry.appuio.ch
test.appuio.ch
community.appuio.ch
status.appuio.ch
community.appuio.ch
charts.appuio.ch
registry.appuio.ch
registry.appuio.ch
docs.appuio.ch
forum.appuio.ch
logging.appuio.ch
logging.appuio.ch
registry.appuio.ch
appuio.ch
registry.appuio.ch
console.appuio.ch
console.lab.appuio.ch
register.appuio.ch
letsencrypt.appuio.ch
letsencrypt.lab.appuio.ch
console.appuio.ch
docs.appuio.ch
appuio.ch
registry.appuio.ch
console.lab.appuio.ch
console-lab-aws-eu-central-1.appuio.ch
registry.appuio.ch
registry.appuio.ch
metrics.appuio.ch
registry.appuio.ch
metrics.appuio.ch
metrics.appuio.ch
appuio.ch
appuio.ch
console.appuio.ch
status.appuio.ch
console.appuio.ch
console.lab.appuio.ch
control.vshn.net
console.lab.appuio.ch
register.appuio.ch
registry.appuio.ch
console.appuio.ch
console.appuio.ch
metrics.appuio.ch
logging.appuio.ch
community.appuio.ch
logging.appuio.ch
console.lab.appuio.ch
test.appuio.ch
metrics.appuio.ch
registry.appuio.ch
console.appuio.ch
registry.appuio.ch
console-dcs1.appuio.ch
appuio.ch
metrics.appuio.ch
console.appuio.ch
registry.appuio.ch
docs.appuio.ch
community.appuio.ch
logging.appuio.ch
logging.appuio.ch
console.appdirect-prod.appuio.ch
appuio.ch
status.appuio.ch
console.appuio.ch
console.appuio.ch
console.appuio.ch
appuio.ch
console.appdirect-prod.appuio.ch
logging.appuio.ch
metrics.appuio.ch
appuio.ch
status.appuio.ch
appuio.ch
logging.appuio.ch
status.appuio.ch
console.lab.appuio.ch
console.appuio.ch
status.appuio.ch
console-dcs1.appuio.ch
status.appuio.ch
forum.appuio.ch
Certificate
The complete raw certificate details for registry.appuio.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWzCCBUOgAwIBAgISA5mUAn+D+nrpIJxZWp4Ey70BMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMDgxMjAyNTJaFw0x OTA2MDYxMjAyNTJaMB0xGzAZBgNVBAMTEnJlZ2lzdHJ5LmFwcHVpby5jaDCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPHX0J4torhq7+snSsbB8Bj9s1cd sPcmcC1jRvR6ziFXF3v7kxzakXXwzGH8tolXIiRym6ppcsWlR1+3vqsQjPVb1mzw 1x/rUGIm9z2vx1FzRG0+Do1+CDuC3IxbF5BG2d9OeRQpOY8IIl2zEiF7UzKgoiLa /dW/O7dpoJIaMpBLqW5tlDM6YbObW3VVrDAZDBsEu46lhfyYWuCpkNr9jXjl8dEV LSZhbrtpu5PbTqZKRRWSCnTTgY1xd4PM/cXeQcEU64HHDnyZIh+OW+PMBEo1/DUn SEMzOZ4LJGk6EjXekKoD3O6tNn/69XpOC/1OYLyS33Q+PLENS5K107by2NcS24Rg wChtrv+5AwS3HZrjcDNTsi57eJchAPHxdSRcx8uDlKdm/BPiG4+k8Bh/fmv57F/d 6npu9feffYlmuTjt+G0GIVg4sdWVmeIEd4PA2kCGY+901jOznJD/0hEBgQMSotPv mH6Bz3i363I4GmeFbz6xbtwwQIDyeIEJWWcZJhL04HgZXBLBDT0c6/TMnas7J6wZ sKF0cGd0qhYDEnHkntTs9iYJTocmit/FJX9rpFOe7jPfIBMVne51YYtufNmESei3 cCHXFZXG+D2wioQhk340u2Xj2Rq2Ub2Ex1a5HyDnlrbbTvfV3ENTpm8QWVz9ALJo 1Ag/ytsujBCTovu5AgMBAAGjggJmMIICYjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FLPIOH/xofPMfwI7vbwKXZphl1ASMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIIScmVnaXN0cnkuYXBw dWlvLmNoMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHW eQIEAgSB9ASB8QDvAHYA4mlLribo6UAJ6IYbtjuD1D7n/nSI+6SPKJMBnd3x2/4A AAFpXWYzsgAABAMARzBFAiEAw06OJCE4i+vukjH1tLiGuE29TSg3iHxhLrePWtBG BqUCIHLqhUEdBpsRF9RuRLqKXrpSVItSRJVObWPcw7dzIxPcAHUAY/Lbzeg7zCzP C3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFpXWYz0AAABAMARjBEAiAn7RiCMEAg Q0d4YcWj8GF9epjzW5CPj17xptUXEVT+vgIgMDezVK8Vtd9rGBRWyxMfZX19Lpbp xkWAD92FuwsqpCUwDQYJKoZIhvcNAQELBQADggEBAFPs1JCpPqwIU54QHZYfts7K PgRC0eOqRuueR4035mtCyylJMuAYbIu+rxu46y7/Btz3oG0mhtxMNL+pwEcBj9M6 Nb7Xtyq5razWwxvyC4vX+m0SK6BSEAXkw0o6Qah3YohhQJklkPJ6VVG9/tLZ80KD Xh6Q0TPc0bRQNTbcm0jPKwlHfmEM5FKuJWe5ryaY5rz3LWw8VvlLZ7gh4thKITS6 hD7tKx6vvxQr45zIlfbaNbkMc26cIsRo+dIqI3GhVM+zoV0Wi2YcxiTrwPiTdnUW yr21Kt8X2iDpKZr3/NU7buoXGBGEYoRCXMwLAUC1vQBL8fodEzWiK6FIZ4BvqcE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8dfQni2iuGrv6ydKxsHw GP2zVx2w9yZwLWNG9HrOIVcXe/uTHNqRdfDMYfy2iVciJHKbqmlyxaVHX7e+qxCM 9VvWbPDXH+tQYib3Pa/HUXNEbT4OjX4IO4LcjFsXkEbZ3055FCk5jwgiXbMSIXtT MqCiItr91b87t2mgkhoykEupbm2UMzphs5tbdVWsMBkMGwS7jqWF/Jha4KmQ2v2N eOXx0RUtJmFuu2m7k9tOpkpFFZIKdNOBjXF3g8z9xd5BwRTrgccOfJkiH45b48wE SjX8NSdIQzM5ngskaToSNd6QqgPc7q02f/r1ek4L/U5gvJLfdD48sQ1LkrXTtvLY 1xLbhGDAKG2u/7kDBLcdmuNwM1OyLnt4lyEA8fF1JFzHy4OUp2b8E+Ibj6TwGH9+ a/nsX93qem719599iWa5OO34bQYhWDix1ZWZ4gR3g8DaQIZj73TWM7OckP/SEQGB AxKi0++YfoHPeLfrcjgaZ4VvPrFu3DBAgPJ4gQlZZxkmEvTgeBlcEsENPRzr9Myd qzsnrBmwoXRwZ3SqFgMSceSe1Oz2JglOhyaK38Ulf2ukU57uM98gExWd7nVhi258 2YRJ6LdwIdcVlcb4PbCKhCGTfjS7ZePZGrZRvYTHVrkfIOeWtttO99XcQ1OmbxBZ XP0AsmjUCD/K2y6MEJOi+7kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 313596798648476638264062087723131968666881 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-08 12:02:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-06 12:02:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'registry.appuio.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 986633470518218895774215358019665826114368745867529804508452048830977400236674555916060395069392877583534932093709543137089516982722202406925068130392474278391480155271635317656507173402322064213046051948184396078543929053337784468438292935174216424018501769542842644162729792645729430428560126918823702174293555449784705115031610285976478055315811464165905971026284155654047996510220095451905518355020236465093229451688913089216044075564140013851005018782919935961858717645303569396872379443021826742331546038694179928122709790047591862609915518746703650926601483423221260670357289666106565693919594530595020626407185127611417787864732554326976833439205685353929300737527529529828358622881649892655512422649782386365706762459791890777648601886071322622193092785914375620143377183989436174535939888907000036151351513736443636906793500295157503388714831383000266685641828534579529664035783533575819621845772145290523744475412552429177911927259640586464482342934212425805190106968178567019978110300519901138364089015431558902414914506847355250164147247806924979807022126353156388240868806948834329212018844491883580055212735863401302538468992011317500442153235543000267900948100922953668405680986586262794136126038581030405068376177593 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b3c8387ff1a1f3cc7f023bbdbc0a5d9a61975012 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'registry.appuio.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001695d6633b20000040300473045022100c34e8e2421388bebee9231f5b4b886b84dbd4d2837887c612eb78f5ad04606a5022072ea85411d069b1117d46e44ba8a5eba52548b5244954e6d63dcc3b7732313dc00750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001695d6633d00000040300463044022027ed188230402043477861c5a3f0617d7a98f35b908f8f5ef1a6d5171154febe02203037b354af15b5df6b181456cb131f657d7d2e96e9c645800fdd85bb0b2aa425 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0053ecd490a93eac08539e101d961fb6ceca3e0442d1e3aa46eb9e478d37e66b42cb294932e0186c8bbeaf1bb8eb2eff06dcf7a06d2686dc4c34bfa9c047018fd33a35bed7b72ab9adacd6c31bf20b8bd7fa6d122ba0521005e4c34a3a41a87762886140992590f27a5551bdfed2d9f342835e1e90d133dcd1b4503536dc9b48cf2b09477e610ce452ae2567b9af2698e6bcf72d6c3c56f94b67b821e2d84a2134ba843eed2b1eafbf142be39cc895f6da35b90c736e9c22c468f9d22a2371a154cfb3a15d168b661cc624ebc0f893767516cabdb52adf17da20e9299af7fcd53b6eea171811846284425ccc0b0140b5bd004bf1fa1d1335a22ba14867806fa9c1