liberation.web.arc-cdn.net
Issued by R3
About this certificate
This digital certificate with serial number 04:97:8d:51:5a:24:8b:bf:77:1b:d2:f5:df:03:21:4c:35:c3 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=liberation.web.arc-cdn.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:97:8d:51:5a:24:8b:bf:77:1b:d2:f5:df:03:21:4c:35:c3Serial Number (int): 400019624683866237091417954018174889113027
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: af:78:ff:9d:a9:6e:aa:cf:e9:0c:38:42:de:52:b0:cf:fe:d1:8d:81
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 17:bd:62:8a:2c:2c:67:da:3f:86:30:5a:01:4c:a7:15:65:7a:38:09
Fingerprint (sha256): 32:65:02:01:58:8b:78:69:c1:3e:f9:4e:cd:f1:ef:4a:26:ba:d2:88:35:1a:f8:f6:2a:53:0b:58:71:66:4f:c6
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate liberation.web.arc-cdn.net
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for liberation.web.arc-cdn.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
liberation.web.arc-cdn.net
www.liberation.fr
www.sandbox.libe.io
www.staging.libe.io
www.liberation.fr
www.sandbox.libe.io
www.staging.libe.io
Other certificates including the domain name arc-cdn.net
(limited to 100 certificates)
arcmarketing.web.arc-cdn.net
thenational.web.arc-cdn.net
octane.web.arc-cdn.net
gray5.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
radiomitre.web.arc-cdn.net
avalonbay.web.arc-cdn.net
prisaradiomx.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
elfinanciero.web.arc-cdn.net
archetype.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
coindesk.web.arc-cdn.net
avalonbay.web.arc-cdn.net
cmg.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
newr7.web.arc-cdn.net
gray2.web.arc-cdn.net
lanacionpy.web.arc-cdn.net
diarioas.web.arc-cdn.net
coindesk.api.arc-cdn.net
avalonbay.web.arc-cdn.net
larazon.api.arc-cdn.net
grupoclarin.web.arc-cdn.net
diarioas.api.arc-cdn.net
rtl.web.arc-cdn.net
radiomitre.web.arc-cdn.net
gray2.web.arc-cdn.net
coindeskdev2.web.arc-cdn.net
irishtimes.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coxohio.web.arc-cdn.net
shawmedia.web.arc-cdn.net
opb.web.arc-cdn.net
coindesk.web.arc-cdn.net
grupoclarin.web.arc-cdn.net
mna.web.arc-cdn.net
cmg2.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
artear.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
diarioas.web.arc-cdn.net
pmn.web.arc-cdn.net
mentormedier.web.arc-cdn.net
prisa.web.arc-cdn.net
advancelocal.web.arc-cdn.net
elcomercio.web.arc-cdn.net
prisaradiolos40.web.arc-cdn.net
elespectador.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
web.arc-cdn.net
eluniverso.web.arc-cdn.net
gray4.web.arc-cdn.net
octane.web.arc-cdn.net
mna.web.arc-cdn.net
octane.web.arc-cdn.net
gmg.web.arc-cdn.net
ajc.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
tgam.web.arc-cdn.net
avalonbay.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sfr.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
tbt.web.arc-cdn.net
tronc.api.arc-cdn.net
cmg2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
cmg.web.arc-cdn.net
mna.web.arc-cdn.net
ajc.web.arc-cdn.net
coindeskdev1.web.arc-cdn.net
avalonbay.web.arc-cdn.net
avalonbay.web.arc-cdn.net
spectator.web.arc-cdn.net
leparisien.web.arc-cdn.net
cmg.web.arc-cdn.net
lexpress.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
gray2.web.arc-cdn.net
gray4.web.arc-cdn.net
avalonbay.web.arc-cdn.net
metroworldnews.web.arc-cdn.net
raycom.web.arc-cdn.net
thenational.web.arc-cdn.net
advancelocalthemes.web.arc-cdn.net
gfrmedia.web.arc-cdn.net
arcmarketing.web.arc-cdn.net
copesa.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
civicnewscompany.web.arc-cdn.net
elcomercio.web.arc-cdn.net
lexpress.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
advancelocal2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sophiapp.web.arc-cdn.net
thenational.web.arc-cdn.net
octane.web.arc-cdn.net
gray5.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
radiomitre.web.arc-cdn.net
avalonbay.web.arc-cdn.net
prisaradiomx.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
elfinanciero.web.arc-cdn.net
archetype.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
coindesk.web.arc-cdn.net
avalonbay.web.arc-cdn.net
cmg.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
newr7.web.arc-cdn.net
gray2.web.arc-cdn.net
lanacionpy.web.arc-cdn.net
diarioas.web.arc-cdn.net
coindesk.api.arc-cdn.net
avalonbay.web.arc-cdn.net
larazon.api.arc-cdn.net
grupoclarin.web.arc-cdn.net
diarioas.api.arc-cdn.net
rtl.web.arc-cdn.net
radiomitre.web.arc-cdn.net
gray2.web.arc-cdn.net
coindeskdev2.web.arc-cdn.net
irishtimes.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coxohio.web.arc-cdn.net
shawmedia.web.arc-cdn.net
opb.web.arc-cdn.net
coindesk.web.arc-cdn.net
grupoclarin.web.arc-cdn.net
mna.web.arc-cdn.net
cmg2.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
artear.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
diarioas.web.arc-cdn.net
pmn.web.arc-cdn.net
mentormedier.web.arc-cdn.net
prisa.web.arc-cdn.net
advancelocal.web.arc-cdn.net
elcomercio.web.arc-cdn.net
prisaradiolos40.web.arc-cdn.net
elespectador.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
web.arc-cdn.net
eluniverso.web.arc-cdn.net
gray4.web.arc-cdn.net
octane.web.arc-cdn.net
mna.web.arc-cdn.net
octane.web.arc-cdn.net
gmg.web.arc-cdn.net
ajc.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
tgam.web.arc-cdn.net
avalonbay.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sfr.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
tbt.web.arc-cdn.net
tronc.api.arc-cdn.net
cmg2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
cmg.web.arc-cdn.net
mna.web.arc-cdn.net
ajc.web.arc-cdn.net
coindeskdev1.web.arc-cdn.net
avalonbay.web.arc-cdn.net
avalonbay.web.arc-cdn.net
spectator.web.arc-cdn.net
leparisien.web.arc-cdn.net
cmg.web.arc-cdn.net
lexpress.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
gray2.web.arc-cdn.net
gray4.web.arc-cdn.net
avalonbay.web.arc-cdn.net
metroworldnews.web.arc-cdn.net
raycom.web.arc-cdn.net
thenational.web.arc-cdn.net
advancelocalthemes.web.arc-cdn.net
gfrmedia.web.arc-cdn.net
arcmarketing.web.arc-cdn.net
copesa.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
civicnewscompany.web.arc-cdn.net
elcomercio.web.arc-cdn.net
lexpress.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
advancelocal2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sophiapp.web.arc-cdn.net
Certificate
The complete raw certificate details for liberation.web.arc-cdn.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISBJeNUVoki793G9L13wMhTDXDMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjIwNTQwNDJaFw0yNDA3MjEwNTQwNDFaMCUxIzAhBgNVBAMT GmxpYmVyYXRpb24ud2ViLmFyYy1jZG4ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA11IlFAPb2o8qhUqsb9Q6fJkMOvpaCOOKTglvrtJbV/kwJiEu AOn7qkVoTgpXtDrWWe/RfyP5X3VV9xTJ03YrXxBGEz35ZGDkhHlvlwJ4sxayvxKB NCnVN3L382fpDujIUhRwx9NHK4YHHWEt94Dqapp57r4apu1ca909GG45/WKKpTce wMVw+txgi/k4LTAdukqXRd3248z8Vh2raiU0jdKUg06VTG7H9uJAEyqpteQJlHya 8tmLSPq36lCyd8uuboAzEvX4ATtmJCBFAMIMMW+XlEDN0+4PkksrdfHYSONuImko hdNd8Gkkae7siGZnXCcd0v+ada6DF0azhCWq5wIDAQABo4ICWjCCAlYwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBSveP+dqW6qz+kMOELeUrDP/tGNgTAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzBiBgNVHREEWzBZghpsaWJlcmF0aW9uLndlYi5hcmMtY2Ru Lm5ldIIRd3d3LmxpYmVyYXRpb24uZnKCE3d3dy5zYW5kYm94LmxpYmUuaW+CE3d3 dy5zdGFnaW5nLmxpYmUuaW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEE AdZ5AgQCBIH2BIHzAPEAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE cwAAAY8EiRFhAAAEAwBIMEYCIQDpLCVJwq4B+nqk/9xqsx3LXEfd3LWYdAPZ0bwu lI6FywIhAO7HT/d1Q9++71inkY0FgSsT8A4651ngOzgfonfnZZ2WAHYA3+FW66oF r7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwAAAGPBIkSFAAABAMARzBFAiEAsYde DpZG2NqBc8GcsChLZ60v2wnSxJN7oWzV24ICVxYCIAmF+Z4nVwNK2DslfEGf87ss q8/DKimbxC5Uw/4EJQX0MA0GCSqGSIb3DQEBCwUAA4IBAQBgqH37s/R0i9Y0mbKw ElEY6rIqzxo5+4ovu4uwQQu/+OVQLOxC1d1j7EXJGFlFqgeQAjuSxglEWbsF50fg ZchJR/pHP1+OS28LM/hrFazridLYzs4e49oCAh3EQuXQB2F0CAuRw3uxQnw90y/R /70Amdz3vVw97/TXJDIpxYNX3PMRxyiOpwr6FnHrpZI/Z3u2n2osGiGSZPTGTOB+ ZeKorg6xwabl2BuuJYiIAGCzhqSy6H3fTymfwyXS5SlWTYRgno0yj32GyA6a+3yC yg5RJ9y39IlHupRfpoL99J+fSiluv0euBgFpUtJwVNe3e2MLdf3FofkjMjB4B2mg 1ZqP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11IlFAPb2o8qhUqsb9Q6 fJkMOvpaCOOKTglvrtJbV/kwJiEuAOn7qkVoTgpXtDrWWe/RfyP5X3VV9xTJ03Yr XxBGEz35ZGDkhHlvlwJ4sxayvxKBNCnVN3L382fpDujIUhRwx9NHK4YHHWEt94Dq app57r4apu1ca909GG45/WKKpTcewMVw+txgi/k4LTAdukqXRd3248z8Vh2raiU0 jdKUg06VTG7H9uJAEyqpteQJlHya8tmLSPq36lCyd8uuboAzEvX4ATtmJCBFAMIM MW+XlEDN0+4PkksrdfHYSONuImkohdNd8Gkkae7siGZnXCcd0v+ada6DF0azhCWq 5wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 400019624683866237091417954018174889113027 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-22 05:40:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-21 05:40:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'liberation.web.arc-cdn.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27181742696378931583569528272736682203425647983615485975081308380092466576311667197683429429710290968019244701132592495122638647329480951687945427374397278087704286058920000402386144070176782259300121520333600101392877783335552352867423842586787940157292935898461193232257836274412307966509394248730891707867362244354962389013287757423656310322778753588335052245627717101754191610651212684180831574494224769362001175342809960047217826736380076290504751729437753954562417265075115957153607307499962503696128877497192247237084176824257234692592681201850382992487947338124476956441383777840598915787783844801936999426791 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) af78ff9da96eaacfe90c3842de52b0cffed18d81 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liberation.web.arc-cdn.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.liberation.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sandbox.libe.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.staging.libe.io' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f048911610000040300483046022100e92c2549c2ae01fa7aa4ffdc6ab31dcb5c47dddcb5987403d9d1bc2e948e85cb022100eec74ff77543dfbeef58a7918d05812b13f00e3ae759e03b381fa277e7659d96007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f048912140000040300473045022100b1875e0e9646d8da8173c19cb0284b67ad2fdb09d2c4937ba16cd5db8202571602200985f99e2757034ad83b257c419ff3bb2cabcfc32a299bc42e54c3fe042505f4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0060a87dfbb3f4748bd63499b2b0125118eab22acf1a39fb8a2fbb8bb0410bbff8e5502cec42d5dd63ec45c9185945aa0790023b92c6094459bb05e747e065c84947fa473f5f8e4b6f0b33f86b15aceb89d2d8cece1ee3da02021dc442e5d0076174080b91c37bb1427c3dd32fd1ffbd0099dcf7bd5c3deff4d7243229c58357dcf311c7288ea70afa1671eba5923f677bb69f6a2c1a219264f4c64ce07e65e2a8ae0eb1c1a6e5d81bae2588880060b386a4b2e87ddf4f299fc325d2e529564d84609e8d328f7d86c80e9afb7c82ca0e5127dcb7f48947ba945fa682fdf49f9f4a296ebf47ae06016952d27054d7b77b630b75fdc5a1f9233230780769a0d59a8f