retallack.org.uk
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:66:77:86:2c:00:cd:ab:ce:e6:91:ce:bd:a8:8c:8d:fa:cf was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=retallack.org.uk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:66:77:86:2c:00:cd:ab:ce:e6:91:ce:bd:a8:8c:8d:fa:cfSerial Number (int): 296204534012983586559976466238288755030735
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f7:05:70:40:1e:59:8e:6a:9e:b1:85:7c:28:6b:f9:43:1f:41:ee:27
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 2e:f3:42:94:71:92:3e:d4:5b:aa:c5:5a:aa:b0:20:5b:a9:4d:07:ba
Fingerprint (sha256): 2c:07:ed:b4:e3:28:73:40:fa:d9:28:a5:bc:4d:ff:bc:28:bc:c7:47:f7:cb:a0:0d:af:15:5c:bf:f0:ce:e7:be
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate retallack.org.uk
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for retallack.org.uk
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hippy.retallack.org.uk
home.retallack.org.uk
mail.retallack.org.uk
retallack.org.uk
www.retallack.org.uk
home.retallack.org.uk
mail.retallack.org.uk
retallack.org.uk
www.retallack.org.uk
Other certificates including the domain name retallack.org.uk
(limited to 100 certificates)
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
www.retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
www.retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
retallack.org.uk
Certificate
The complete raw certificate details for retallack.org.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGszCCBZugAwIBAgISA2Z3hiwAzavO5pHOvaiMjfrPMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDYwMDA5MjhaFw0y MDA3MDUwMDA5MjhaMBsxGTAXBgNVBAMTEHJldGFsbGFjay5vcmcudWswggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMmZS3SSmmZlZAfBUejYFfnU1fF3sV 7qLn1n9qgOI0rbLcJH8E5Bf+pcpbjS0tC8oTXUPPI2HG1yAUkpeWDMD+HkZ4FROv eQTPc/WM6G2c1a2Wf3hIrbU3xH1s6iNN9RQCVj36oXqKvNfcRHzfsJ8eurtlZSCL Sm0k1iseWW5IAFl/+5pXQBg5N4fiIzAllh8IDo3rxdXuMumvhp/5iL7tg6re4SHT Wg1ACpFccxH2CCfuDUcHqd1786NGCwGE53eQNCd9WnZEwvKcUwMUY0bEXR0h70r+ J+KalvdZKDxpH8Qye0CMUSAlyrhg+VM9wHpmgk6EZQLNTvi/hmbO9OYYtk8g7NKv TnLHYyiMV0JpVx2XE7zI3IpfdDkJ0q9ht4JWzqxrKfaHJm2SofL1qbWMEZtH+nMH G5VN0rFfSmHxq++F+S9vyxYF8EB1w1GX0/Xkni9D9dVW998tIXn1yU0GTUBYh19n cbQxS/tHMe8CciSrapb0O9fVNbHCozhlqJDB7UPhnC6+lRXDXUQHmakhPv6UCgxV unhir1KoUGwygDfT21Kd8z3ET0snl/QlXi9ZFrHzfxudgxTWYhcmP4mgKfSTsKNn glf625Uusw20UCuNr4QP3V0WFquT7eqDdVbc+QNHSOT4sdPA1AY997PoGNgyr6qz QVIJqSHcwLlL1QIDAQABo4ICwDCCArwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT3 BXBAHlmOap6xhXwoa/lDH0HuJzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMHcGA1UdEQRwMG6CFmhpcHB5LnJldGFsbGFj ay5vcmcudWuCFWhvbWUucmV0YWxsYWNrLm9yZy51a4IVbWFpbC5yZXRhbGxhY2su b3JnLnVrghByZXRhbGxhY2sub3JnLnVrghR3d3cucmV0YWxsYWNrLm9yZy51azBM BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQE gfEA7wB2AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vyQVRuAAABcU0JA+8A AAQDAEcwRQIhAIQubSZShjBsx3b/kQdiQYovnmr9KpaEMWrJ95q4ohiTAiBMl6n4 u6Z/pgA8mbIhDWdJ/zl8LzXse5ZMFkHGiEM5qQB1ALIeBcyLos2KIE6HZvkruYol IGdr2vpw57JJUy3vi5BeAAABcU0JA+AAAAQDAEYwRAIgMxxQlaupJc02+IRet10u wp2sM+jWgeRGob5QIDwgzioCIFEa9Z3QXq/aJVOtrnZoFFSX1pZpqdfeI8bKEOa5 7UH5MA0GCSqGSIb3DQEBCwUAA4IBAQB4KTor/C5d7jXiFy35sayDe5PG7LhRh+i/ 101lSVZrASzkXn/NEK0JKrNNrYfBdXXwfkfDFh8G/v26fxTBxqUvSS1Ww+3+I2mj X7b7DaCsZTjrC5P/SV4Bbnr+2ltSi45RdI33Wu29Bm4wrpfJa7xf/mfR0ftuqQUt TQAanr54K52d7d1Fm7NNUXic0uZAIZ6pK2aiuc2gZi9DzxV0QK6dH8oFDzqZl3zK s5M4Xix1Dnn82Gkwyd60cDk3hhjxGXfhnWcIfcMcZPldoccpZAvToTV9fAKht9b2 XbOHBl4bgV/Bvhee1lskKAz1EYGow6GtqUktpXSbX/72HYM8vFL+ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzJmUt0kppmZWQHwVHo2B X51NXxd7Fe6i59Z/aoDiNK2y3CR/BOQX/qXKW40tLQvKE11DzyNhxtcgFJKXlgzA /h5GeBUTr3kEz3P1jOhtnNWtln94SK21N8R9bOojTfUUAlY9+qF6irzX3ER837Cf Hrq7ZWUgi0ptJNYrHlluSABZf/uaV0AYOTeH4iMwJZYfCA6N68XV7jLpr4af+Yi+ 7YOq3uEh01oNQAqRXHMR9ggn7g1HB6nde/OjRgsBhOd3kDQnfVp2RMLynFMDFGNG xF0dIe9K/ifimpb3WSg8aR/EMntAjFEgJcq4YPlTPcB6ZoJOhGUCzU74v4ZmzvTm GLZPIOzSr05yx2MojFdCaVcdlxO8yNyKX3Q5CdKvYbeCVs6sayn2hyZtkqHy9am1 jBGbR/pzBxuVTdKxX0ph8avvhfkvb8sWBfBAdcNRl9P15J4vQ/XVVvffLSF59clN Bk1AWIdfZ3G0MUv7RzHvAnIkq2qW9DvX1TWxwqM4ZaiQwe1D4ZwuvpUVw11EB5mp IT7+lAoMVbp4Yq9SqFBsMoA309tSnfM9xE9LJ5f0JV4vWRax838bnYMU1mIXJj+J oCn0k7CjZ4JX+tuVLrMNtFArja+ED91dFhark+3qg3VW3PkDR0jk+LHTwNQGPfez 6BjYMq+qs0FSCakh3MC5S9UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 296204534012983586559976466238288755030735 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-06 00:09:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-05 00:09:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'retallack.org.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 834694872283343951231846261504339738913666620330282315664752111148435138047887429215578029137129740400466503351638881820129497630221141738823982876146477899308295910541615078239783382139052498760669476872873728373602080961432806233256644329037253866993777182974238451969417158434891802520407308701188544086911549795373020771645304274355152426940841810909655216506359984377529286040758039125741965115022631707196101074530733085620821763739253394686484105858010567373128827713793619348775473231269038774095716966955973227546489358607615309662224441286830612680969385827915495480737377445815041230447044995337154282480559441555231642211979079840823562300812336451971020341876504335269014981205139960393509078878554542399853627020745226650380102564480978711417694913492665515008752487299023740356491828124970226899701017728853209479613067675823907392518834658285852810115096312933394266600213185458074244257019350316052863723231929550760798543990255547388527006936205087463613926670197321307257449225731225543073559182966266060535646753765836328826684740697560861747587387854410476143528250233388555664042070904910624467105819891563433315361634700644016125278209573332259343252932388976194218927965669281666064521711392730749360563375061 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f70570401e598e6a9eb1857c286bf9431f41ee27 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hippy.retallack.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'home.retallack.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.retallack.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retallack.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retallack.org.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001714d0903ef0000040300473045022100842e6d265286306cc776ff910762418a2f9e6afd2a9684316ac9f79ab8a2189302204c97a9f8bba67fa6003c99b2210d6749ff397c2f35ec7b964c1641c6884339a9007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001714d0903e000000403004630440220331c5095aba925cd36f8845eb75d2ec29dac33e8d681e446a1be50203c20ce2a0220511af59dd05eafda2553adae7668145497d69669a9d7de23c6ca10e6b9ed41f9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0078293a2bfc2e5dee35e2172df9b1ac837b93c6ecb85187e8bfd74d6549566b012ce45e7fcd10ad092ab34dad87c17575f07e47c3161f06fefdba7f14c1c6a52f492d56c3edfe2369a35fb6fb0da0ac6538eb0b93ff495e016e7afeda5b528b8e51748df75aedbd066e30ae97c96bbc5ffe67d1d1fb6ea9052d4d001a9ebe782b9d9deddd459bb34d51789cd2e640219ea92b66a2b9cda0662f43cf157440ae9d1fca050f3a99977ccab393385e2c750e79fcd86930c9deb47039378618f11977e19d67087dc31c64f95da1c729640bd3a1357d7c02a1b7d6f65db387065e1b815fc1be179ed65b24280cf51181a8c3a1ada9492da5749b5ffef61d833cbc52fe