maei-ieam.ca

Issued by R3

About this certificate

This digital certificate with serial number 03:db:ec:7f:f7:2b:76:19:a1:73:74:f6:ad:22:61:f6:0a:b7 was issued on by Let's Encrypt.

With 58 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=maei-ieam.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:db:ec:7f:f7:2b:76:19:a1:73:74:f6:ad:22:61:f6:0a:b7
Serial Number (int): 336173058392871070814276037114352878619319
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 9a:fd:9c:5c:25:27:f7:3d:a7:63:fa:00:6a:0c:82:e1:98:41:d4:9a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 4c:b1:fd:bd:d2:f3:e3:eb:36:f3:8d:18:9a:35:ef:c9:77:0d:50:88
Fingerprint (sha256): 3a:6c:50:e2:49:77:0e:0e:14:b5:04:1b:26:7c:1a:b6:c6:05:f1:8a:39:a2:ce:82:a8:bf:4d:1f:5d:3c:fa:a9

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate maei-ieam.ca

58

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for maei-ieam.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

academic.gsm.cornell.edu
agen-togel-hadiah.advanceweb.com
amp.gsm.cornell.edu
archive.willienelson.com
bbsr-mirror.usc.edu
bookpackers.usc.edu
br.draxe.com
college.usc.edu
covid19.slac.stanford.edu
cxengage.lifesize.com
d8-prelive.topuniversities.com
dev-awards.hsj.co.uk
dev-gsas.harvard.edu
dev.benchmark.aota.org
dev.yaleclimateconnections.org
digitallibrary.med.harvard.edu
doorbell.xd.comcast.com
feministartproject.rutgers.edu
hahahihi.democracyconvention.org
hub.creighton.edu
kontalsa.gsm.cornell.edu
legion.famsf.org
maei-ieam.ca
mph.rutgers.edu
music.rpi.edu
nuclearfutures.princeton.edu
nukegamingslot.gsm.cornell.edu
obegisa.es
ocowners.huhousing.harvard.edu
okbet.gsm.cornell.edu
old.topuniversities.com
performanceacademy.underarmour.com
phillips66.wfscorp.com
pifs.law.harvard.edu
preview.finance.cornell.edu
qa.developer.nielsen.com
sciencefilms.usc.edu
seer.usc.edu
situsbandartogel.gsm.cornell.edu
skyservices.wfscorp.com
societyoffellows.usc.edu
streetfilms.streetsblog.org
students-sdm.blogs.rutgers.edu
success-test.kaiserpermanente.org
techcareers.keurigdrpepper.com
test-gsas.harvard.edu
togel-pasaran.advanceweb.com
toto-macau-terbaru.gsm.cornell.edu
umavisaoparaofuturo.com.br
venturenorthconference.com
www.cbs-bcs.org
www.cetl.kennesaw.edu
www.college.usc.edu
www.coronavirus.uga.edu
www.countway.med.harvard.edu
www.dysarttaylor.law
www.europe.alldata.com
www.umavisaoparaofuturo.com.br

Other certificates including the domain name maei-ieam.ca

(limited to 100 certificates)
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
academic.gsm.cornell.edu
dnsadvisorpro.com
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
agen-togel-hadiah.advanceweb.com
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
maei-ieam.ca
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
dnsadvisorpro.com
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
agen-togel-hadiah.advanceweb.com
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
agen-togel-hadiah.advanceweb.com
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
maei-ieam.ca
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
agen-togel-hadiah.advanceweb.com
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
academic.gsm.cornell.edu
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io
5642554087309312-fe2.pantheonsite.io

Certificate

The complete raw certificate details for maei-ieam.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKnzCCCYegAwIBAgISA9vsf/crdhmhc3T2rSJh9gq3MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjExNjM5NTdaFw0yNDAzMjAxNjM5NTZaMBcxFTATBgNVBAMT
DG1hZWktaWVhbS5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0
p3pr9MGc3FwIDJAUF87cIzRxax6SLOWsa8863ZcO0/hmQECz4lL0mZhd0nEUNTYu
+zO8L74/FioBJupJpCBrKhK9TcFTv/TPm3y+Hj8tcsFfO1se2TlVSuCViTKnLTrV
mcpyc941+uzXWtPvQfvuPzeEwGi6VJ8bvN5jGky/pf/MmIp9IiLccWd2ETLy/KDD
vQVqhYoIQkrM3yKUbnxh46RHqHSWXu2i4uw3Hj78Ml2Vov2pdWEHgnRZK6ZHIJPJ
soT/wD80I5N23SgJcCkA3b0EeGN2/mzCVYmw1la1aoy8/sm6WgCYjoyjpqfTQwui
2Tybo1bBPpr2EfMtmVUCAwEAAaOCB8gwggfEMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUmv2cXCUn9z2nY/oAagyC4ZhB1JowHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA
5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu
by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w
ggXOBgNVHREEggXFMIIFwYIYYWNhZGVtaWMuZ3NtLmNvcm5lbGwuZWR1giBhZ2Vu
LXRvZ2VsLWhhZGlhaC5hZHZhbmNld2ViLmNvbYITYW1wLmdzbS5jb3JuZWxsLmVk
dYIYYXJjaGl2ZS53aWxsaWVuZWxzb24uY29tghNiYnNyLW1pcnJvci51c2MuZWR1
ghNib29rcGFja2Vycy51c2MuZWR1ggxici5kcmF4ZS5jb22CD2NvbGxlZ2UudXNj
LmVkdYIZY292aWQxOS5zbGFjLnN0YW5mb3JkLmVkdYIVY3hlbmdhZ2UubGlmZXNp
emUuY29tgh5kOC1wcmVsaXZlLnRvcHVuaXZlcnNpdGllcy5jb22CFGRldi1hd2Fy
ZHMuaHNqLmNvLnVrghRkZXYtZ3Nhcy5oYXJ2YXJkLmVkdYIWZGV2LmJlbmNobWFy
ay5hb3RhLm9yZ4IeZGV2LnlhbGVjbGltYXRlY29ubmVjdGlvbnMub3Jngh5kaWdp
dGFsbGlicmFyeS5tZWQuaGFydmFyZC5lZHWCF2Rvb3JiZWxsLnhkLmNvbWNhc3Qu
Y29tgh5mZW1pbmlzdGFydHByb2plY3QucnV0Z2Vycy5lZHWCIGhhaGFoaWhpLmRl
bW9jcmFjeWNvbnZlbnRpb24ub3JnghFodWIuY3JlaWdodG9uLmVkdYIYa29udGFs
c2EuZ3NtLmNvcm5lbGwuZWR1ghBsZWdpb24uZmFtc2Yub3JnggxtYWVpLWllYW0u
Y2GCD21waC5ydXRnZXJzLmVkdYINbXVzaWMucnBpLmVkdYIcbnVjbGVhcmZ1dHVy
ZXMucHJpbmNldG9uLmVkdYIebnVrZWdhbWluZ3Nsb3QuZ3NtLmNvcm5lbGwuZWR1
ggpvYmVnaXNhLmVzgh5vY293bmVycy5odWhvdXNpbmcuaGFydmFyZC5lZHWCFW9r
YmV0LmdzbS5jb3JuZWxsLmVkdYIXb2xkLnRvcHVuaXZlcnNpdGllcy5jb22CInBl
cmZvcm1hbmNlYWNhZGVteS51bmRlcmFybW91ci5jb22CFnBoaWxsaXBzNjYud2Zz
Y29ycC5jb22CFHBpZnMubGF3LmhhcnZhcmQuZWR1ghtwcmV2aWV3LmZpbmFuY2Uu
Y29ybmVsbC5lZHWCGHFhLmRldmVsb3Blci5uaWVsc2VuLmNvbYIUc2NpZW5jZWZp
bG1zLnVzYy5lZHWCDHNlZXIudXNjLmVkdYIgc2l0dXNiYW5kYXJ0b2dlbC5nc20u
Y29ybmVsbC5lZHWCF3NreXNlcnZpY2VzLndmc2NvcnAuY29tghhzb2NpZXR5b2Zm
ZWxsb3dzLnVzYy5lZHWCG3N0cmVldGZpbG1zLnN0cmVldHNibG9nLm9yZ4Iec3R1
ZGVudHMtc2RtLmJsb2dzLnJ1dGdlcnMuZWR1giFzdWNjZXNzLXRlc3Qua2Fpc2Vy
cGVybWFuZW50ZS5vcmeCHnRlY2hjYXJlZXJzLmtldXJpZ2RycGVwcGVyLmNvbYIV
dGVzdC1nc2FzLmhhcnZhcmQuZWR1ghx0b2dlbC1wYXNhcmFuLmFkdmFuY2V3ZWIu
Y29tgiJ0b3RvLW1hY2F1LXRlcmJhcnUuZ3NtLmNvcm5lbGwuZWR1ghp1bWF2aXNh
b3BhcmFvZnV0dXJvLmNvbS5icoIadmVudHVyZW5vcnRoY29uZmVyZW5jZS5jb22C
D3d3dy5jYnMtYmNzLm9yZ4IVd3d3LmNldGwua2VubmVzYXcuZWR1ghN3d3cuY29s
bGVnZS51c2MuZWR1ghd3d3cuY29yb25hdmlydXMudWdhLmVkdYIcd3d3LmNvdW50
d2F5Lm1lZC5oYXJ2YXJkLmVkdYIUd3d3LmR5c2FydHRheWxvci5sYXeCFnd3dy5l
dXJvcGUuYWxsZGF0YS5jb22CHnd3dy51bWF2aXNhb3BhcmFvZnV0dXJvLmNvbS5i
cjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2
AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjI12a5oAAAQDAEcw
RQIhAKqIpZgfEAOHQ/rQPTvN7xkblNv/Z3doKLhrp71nQviUAiAzwEOzvNmOxGe8
DqjEN5jq02bwTXNEInmntRgLrzDRfwB3AHb/iD8KtvuVUcJhzPWHujS0pM27Kdxo
Qgqf5mdMWjp0AAABjI12a+0AAAQDAEgwRgIhANckWh5bUK7HNg2dEKQ9MT5B2Vsg
GTgQLc8zB5rWb0uxAiEAuMBBlaH1a8KJAMfHi4Z8v6MwNn23mKB1bWNYXOtjTWQw
DQYJKoZIhvcNAQELBQADggEBABFq07YwlLsiBrndVaoohDdURErvO3IP1KxVcWBz
wPdU/TwPc17hpn44FJ+gKaanIFwzGWbXumDtRHyP9MtsZmBcN1qpCRZumzqZSjN7
NLLL6RsxRiTt75ll14d/IN2bZZ0FzkMCYXWVCj5hAG/OoZomyMS7dz1DE3CU63R0
zBPFZx1gy9FR6WSwL/k1urQ068dX2Ae5zl8NsmOE9bGd4rUwGK0Ej+fJaI8Q8c8p
BJb2KLQ2k5cadMw7I5lZJiUDqF3CIitBI15PKy9DNrorK0kENaM52h+1KULt+7dX
i5M20T6tGC32XV7qYwkc/i9/qDqzNiOlPIOFr7gXappxviA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHSnemv0wZzcXAgMkBQX
ztwjNHFrHpIs5axrzzrdlw7T+GZAQLPiUvSZmF3ScRQ1Ni77M7wvvj8WKgEm6kmk
IGsqEr1NwVO/9M+bfL4ePy1ywV87Wx7ZOVVK4JWJMqctOtWZynJz3jX67Nda0+9B
++4/N4TAaLpUnxu83mMaTL+l/8yYin0iItxxZ3YRMvL8oMO9BWqFighCSszfIpRu
fGHjpEeodJZe7aLi7DcePvwyXZWi/al1YQeCdFkrpkcgk8myhP/APzQjk3bdKAlw
KQDdvQR4Y3b+bMJVibDWVrVqjLz+ybpaAJiOjKOmp9NDC6LZPJujVsE+mvYR8y2Z
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 336173058392871070814276037114352878619319
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-21 16:39:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-20 16:39:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'maei-ieam.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24295278889261962340330570593076765092564594026629510040566849443941721212705222905469227342749655760761925628146467776896918161669177237506061638055976839317974540229085566909601290432792766688540743857041618507082302908209321494362376641574366690514136936988276436757394515726000349835912320682069511736058985263380188984941851626522348036976567257123937402752130277851931257557691396509910741392947845349707974538616547869499133806197294376341097227039876415788275764051935080580783290065738507278734728703160147978353048962982659390140744073959855669537306275821116832669307766091573181749448001568724078979553621
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9afd9c5c2527f73da763fa006a0c82e19841d49a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1477 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'academic.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agen-togel-hadiah.advanceweb.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amp.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'archive.willienelson.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bbsr-mirror.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookpackers.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'br.draxe.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'college.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'covid19.slac.stanford.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cxengage.lifesize.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'd8-prelive.topuniversities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-awards.hsj.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-gsas.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.benchmark.aota.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.yaleclimateconnections.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digitallibrary.med.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'doorbell.xd.comcast.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feministartproject.rutgers.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hahahihi.democracyconvention.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hub.creighton.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kontalsa.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legion.famsf.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maei-ieam.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mph.rutgers.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'music.rpi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nuclearfutures.princeton.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nukegamingslot.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'obegisa.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ocowners.huhousing.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okbet.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'old.topuniversities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'performanceacademy.underarmour.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phillips66.wfscorp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pifs.law.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preview.finance.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.developer.nielsen.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sciencefilms.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seer.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'situsbandartogel.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'skyservices.wfscorp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'societyoffellows.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'streetfilms.streetsblog.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'students-sdm.blogs.rutgers.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'success-test.kaiserpermanente.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'techcareers.keurigdrpepper.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-gsas.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'togel-pasaran.advanceweb.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'toto-macau-terbaru.gsm.cornell.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'umavisaoparaofuturo.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venturenorthconference.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cbs-bcs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cetl.kennesaw.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.college.usc.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.coronavirus.uga.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.countway.med.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dysarttaylor.law'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.europe.alldata.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.umavisaoparaofuturo.com.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c8d766b9a0000040300473045022100aa88a5981f10038743fad03d3bcdef191b94dbff67776828b86ba7bd6742f894022033c043b3bcd98ec467bc0ea8c43798ead366f04d73442279a7b5180baf30d17f00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c8d766bed0000040300483046022100d7245a1e5b50aec7360d9d10a43d313e41d95b201938102dcf33079ad66f4bb1022100b8c04195a1f56bc28900c7c78b867cbfa330367db798a0756d63585ceb634d64
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00116ad3b63094bb2206b9dd55aa28843754444aef3b720fd4ac55716073c0f754fd3c0f735ee1a67e38149fa029a6a7205c331966d7ba60ed447c8ff4cb6c66605c375aa909166e9b3a994a337b34b2cbe91b314624edef9965d7877f20dd9b659d05ce43026175950a3e61006fcea19a26c8c4bb773d43137094eb7474cc13c5671d60cbd151e964b02ff935bab434ebc757d807b9ce5f0db26384f5b19de2b53018ad048fe7c9688f10f1cf290496f628b43693971a74cc3b239959262503a85dc2222b41235e4f2b2f4336ba2b2b490435a339da1fb52942edfbb7578b9336d13ead182df65d5eea63091cfe2f7fa83ab33623a53c8385afb8176a9a71be20