aamulehti.ap.richiefi.net

Issued by R3

About this certificate

This digital certificate with serial number 03:01:bd:cb:95:ad:5b:30:e4:8f:76:de:25:be:e2:da:3e:0e was issued on by Let's Encrypt.

With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=aamulehti.ap.richiefi.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:01:bd:cb:95:ad:5b:30:e4:8f:76:de:25:be:e2:da:3e:0e
Serial Number (int): 261929421325481035376068199637318117244430
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 0a:99:14:0f:37:3f:c2:5f:53:6e:0b:fe:f5:97:37:55:9f:57:b2:71
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 77:ad:c0:4c:7d:7b:35:03:04:85:fe:af:c8:7d:67:9f:87:81:0f:99
Fingerprint (sha256): 3a:a2:3f:01:15:5c:d2:76:2a:0f:e6:33:a3:ea:3b:03:64:f9:e9:16:a1:b0:65:60:28:07:56:d4:b2:94:e8:cd

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate aamulehti.ap.richiefi.net

30

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aamulehti.ap.richiefi.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aamulehti.ap.richiefi.net
iltalehti.ap.richiefi.net
jamsanseutu.ap.richiefi.net
janakkalansanomat.ap.richiefi.net
kankaanpaanseutu.ap.richiefi.net
kmv-lehti.ap.richiefi.net
merikarvialehti.ap.richiefi.net
nakoislehti.aamulehti.fi
nakoislehti.il.fi
nakoislehti.jamsanseutu.fi
nakoislehti.janakkalansanomat.fi
nakoislehti.kankaanpaanseutu.fi
nakoislehti.kmvlehti.fi
nakoislehti.merikarvialehti.fi
nakoislehti.nokianuutiset.fi
nakoislehti.rannikkoseutu.fi
nakoislehti.satakunnankansa.fi
nakoislehti.suurkeuruu.fi
nakoislehti.sydansatakunta.fi
nakoislehti.tyrvaansanomat.fi
nakoislehti.valkeakoskensanomat.fi
nakoislehti.vekkari.fi
nokianuutiset.ap.richiefi.net
rannikkoseutu.ap.richiefi.net
satakunnankansa.ap.richiefi.net
suurkeuruu.ap.richiefi.net
sydansatakunta.ap.richiefi.net
tyrvaansanomat.ap.richiefi.net
valkeakoskensanomat.ap.richiefi.net
vekkari.ap.richiefi.net

Other certificates including the domain name richiefi.net

(limited to 100 certificates)
kaleva.ap.richiefi.net
digi.paivamies.fi
digilehdet.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
digi.paivamies.fi
digilehdet.ap.richiefi.net
digilehdet.sanomapaino.fi
*.richie.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
kaleva.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
digi.paivamies.fi
aamulehti.ap.richiefi.net
iijokiseutu.ap.richiefi.net
*.richie.fi
*.richiefi.net
alasatakunta.ap.richiefi.net
digilehdet-tutkimus.ap.richiefi.net
*.rad.richiefi.net
digi.paivamies.fi
aamulehti.ap.richiefi.net
digilehdet-tutkimus.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
digilehdet.ap.richiefi.net
kaleva.ap.richiefi.net
aamulehti.ap.richiefi.net
kaleva.ap.richiefi.net
*.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
almatalent.ap.richiefi.net
digilehdet.sanomapaino.fi
alasatakunta.ap.richiefi.net
iijokiseutu.ap.richiefi.net
aamulehti.ap.richiefi.net
iijokiseutu.ap.richiefi.net
digilehdet.sanomapaino.fi
*.rad.richiefi.net
digilehdet.ap.richiefi.net
*.richie.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
alasatakunta.ap.richiefi.net
*.rad.richiefi.net
aamulehti.ap.richiefi.net
kaleva.ap.richiefi.net
digilehdet.ap.richiefi.net
digilehdet.ap.richiefi.net
aller.ap.richiefi.net
alasatakunta.ap.richiefi.net
aamulehti.ap.richiefi.net
almatalent.ap.richiefi.net
*.rad.richiefi.net
digi.paivamies.fi
kaleva.ap.richiefi.net
aamulehti.ap.richiefi.net
alasatakunta.ap.richiefi.net
digi.paivamies.fi
aller.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
almatalent.ap.richiefi.net
alasatakunta.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
aller.ap.richiefi.net
*.rad.richiefi.net
digi.paivamies.fi
digilehdet.ap.richiefi.net
digi.paivamies.fi
aamulehti.ap.richiefi.net
aller.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
*.richie.fi
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
aller.ap.richiefi.net
digilehdet.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
aamulehti.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
aller.ap.richiefi.net
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
kaleva.ap.richiefi.net
digilehdet.sanomapaino.fi

Certificate

The complete raw certificate details for aamulehti.ap.richiefi.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIbTCCB1WgAwIBAgISAwG9y5WtWzDkj3beJb7i2j4OMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMDgxMjU3NTNaFw0yNDA1MDgxMjU3NTJaMCQxIjAgBgNVBAMT
GWFhbXVsZWh0aS5hcC5yaWNoaWVmaS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeEukC5IiQgkLjIvr5IBdIetLXhjHWm1LUyBWmJVwl1h8mmqMc
YBkig9/CYg1zqmkvvADZMWzb/AAGmegz4WHhoNOYU6WAHDeE9oMN06GqAkGevjLb
08KjQMqb/iCOUNU3FajDncGXCCi1i5ILS0nFZ15OPHkvUZLJnKw3ph7fuZTKvebr
jd61rZvCCTnHcVxamg6DExs/5kS4GPD9yng25UgV3Rg2wHkqv2zUJDdKT9BI7SLn
JlPn+dAWfcF0HN12jbTx+lekgOysQ4ROvLgb5Phj0wK0O4ScsZcYfyT7mpNILyzp
TzsjGKot/RAND1MnG3fCIhwy7w8+bwPqMX3vAgMBAAGjggWJMIIFhTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFAqZFA83P8JfU24L/vWXN1WfV7JxMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMIIDkAYDVR0RBIIDhzCCA4OCGWFhbXVsZWh0aS5hcC5yaWNo
aWVmaS5uZXSCGWlsdGFsZWh0aS5hcC5yaWNoaWVmaS5uZXSCG2phbXNhbnNldXR1
LmFwLnJpY2hpZWZpLm5ldIIhamFuYWtrYWxhbnNhbm9tYXQuYXAucmljaGllZmku
bmV0giBrYW5rYWFucGFhbnNldXR1LmFwLnJpY2hpZWZpLm5ldIIZa212LWxlaHRp
LmFwLnJpY2hpZWZpLm5ldIIfbWVyaWthcnZpYWxlaHRpLmFwLnJpY2hpZWZpLm5l
dIIYbmFrb2lzbGVodGkuYWFtdWxlaHRpLmZpghFuYWtvaXNsZWh0aS5pbC5maYIa
bmFrb2lzbGVodGkuamFtc2Fuc2V1dHUuZmmCIG5ha29pc2xlaHRpLmphbmFra2Fs
YW5zYW5vbWF0LmZpgh9uYWtvaXNsZWh0aS5rYW5rYWFucGFhbnNldXR1LmZpghdu
YWtvaXNsZWh0aS5rbXZsZWh0aS5maYIebmFrb2lzbGVodGkubWVyaWthcnZpYWxl
aHRpLmZpghxuYWtvaXNsZWh0aS5ub2tpYW51dXRpc2V0LmZpghxuYWtvaXNsZWh0
aS5yYW5uaWtrb3NldXR1LmZpgh5uYWtvaXNsZWh0aS5zYXRha3VubmFua2Fuc2Eu
ZmmCGW5ha29pc2xlaHRpLnN1dXJrZXVydXUuZmmCHW5ha29pc2xlaHRpLnN5ZGFu
c2F0YWt1bnRhLmZpgh1uYWtvaXNsZWh0aS50eXJ2YWFuc2Fub21hdC5maYIibmFr
b2lzbGVodGkudmFsa2Vha29za2Vuc2Fub21hdC5maYIWbmFrb2lzbGVodGkudmVr
a2FyaS5maYIdbm9raWFudXV0aXNldC5hcC5yaWNoaWVmaS5uZXSCHXJhbm5pa2tv
c2V1dHUuYXAucmljaGllZmkubmV0gh9zYXRha3VubmFua2Fuc2EuYXAucmljaGll
ZmkubmV0ghpzdXVya2V1cnV1LmFwLnJpY2hpZWZpLm5ldIIec3lkYW5zYXRha3Vu
dGEuYXAucmljaGllZmkubmV0gh50eXJ2YWFuc2Fub21hdC5hcC5yaWNoaWVmaS5u
ZXSCI3ZhbGtlYWtvc2tlbnNhbm9tYXQuYXAucmljaGllZmkubmV0ghd2ZWtrYXJp
LmFwLnJpY2hpZWZpLm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABjYkCt/kAAAQDAEgwRgIhAPQEJuvor39ss9DjECh5r/wH/BcCOh1FppDiqwA1
e7YcAiEAgsPGN4CuDCPCCO6YzHDdhzYwenqb1WGNyWl/PHD+HD8AdQDuzdBk1dsa
zsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAY2JArf8AAAEAwBGMEQCIENci81x
IVylz+oTTlNNh5b/L/sitP/TpdSfjFl0fNp3AiABUq+5G72kIuSk+K/aOci7IQdf
KWfZWEm8MwDU/7s0JjANBgkqhkiG9w0BAQsFAAOCAQEAqfwUaTr45a7wDXUcGz/o
1ujg4mhACyCIYmhtjhlnhES5YMnE/ZSwvnXrn+qaTZWYHI8QYdpgm/BSaJaMhHAj
h+EddtFQWInYMp0pOSUerM8NCtDVLJ/He0k0XjZvI4qdSZzjQ0gFcjl8EA7usTKL
P/AB8bNVE93A3bdxjZVu/9Gzp7AntOOBECKns/A5X6qY+PP3N3NmJBT13j7aVwHm
EdvzOFjgBJqiOOprnRmD1CobAxsTeH5F22O18v6Z/BduOd1UveBnKBZPwZkrxaf+
8Noz0yXD//ezcMri8FWkUL/lfjJISvYF5AG0fFfzpty2e4yADqcy5gS8g852AD92
XQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhLpAuSIkIJC4yL6+SAX
SHrS14Yx1ptS1MgVpiVcJdYfJpqjHGAZIoPfwmINc6ppL7wA2TFs2/wABpnoM+Fh
4aDTmFOlgBw3hPaDDdOhqgJBnr4y29PCo0DKm/4gjlDVNxWow53BlwgotYuSC0tJ
xWdeTjx5L1GSyZysN6Ye37mUyr3m643eta2bwgk5x3FcWpoOgxMbP+ZEuBjw/cp4
NuVIFd0YNsB5Kr9s1CQ3Sk/QSO0i5yZT5/nQFn3BdBzddo208fpXpIDsrEOETry4
G+T4Y9MCtDuEnLGXGH8k+5qTSC8s6U87IxiqLf0QDQ9TJxt3wiIcMu8PPm8D6jF9
7wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 261929421325481035376068199637318117244430
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-08 12:57:53 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-08 12:57:52 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aamulehti.ap.richiefi.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19954977151995486314471091083248545237099484943819331813904279298261190360896877035166770914904249420054000636612824194537565251191473747870323373131390508332993117377506548448791063551713693638357935047801714114685273307357684371996421711972795834704752359124681561335784409997986156592510475463647001901031949206672965353357736570085345453529179038927614811293892409381762392896806742150911955132976563715073014597107522500170094821530683596115273427237129956833728129459416215516779606653495139729736939408747096148063386514151684652954524492055025956354993286812280324734214696672279323977126585493219264936639983
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0a99140f373fc25f536e0bfef59737559f57b271
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (903 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aamulehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iltalehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jamsanseutu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'janakkalansanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kankaanpaanseutu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kmv-lehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'merikarvialehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.aamulehti.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.il.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.jamsanseutu.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.janakkalansanomat.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.kankaanpaanseutu.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.kmvlehti.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.merikarvialehti.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.nokianuutiset.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.rannikkoseutu.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.satakunnankansa.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.suurkeuruu.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.sydansatakunta.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.tyrvaansanomat.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.valkeakoskensanomat.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.vekkari.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nokianuutiset.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rannikkoseutu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'satakunnankansa.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'suurkeuruu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sydansatakunta.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tyrvaansanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valkeakoskensanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vekkari.ap.richiefi.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d8902b7f90000040300483046022100f40426ebe8af7f6cb3d0e3102879affc07fc17023a1d45a690e2ab00357bb61c02210082c3c63780ae0c23c208ee98cc70dd8736307a7a9bd5618dc9697f3c70fe1c3f007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d8902b7fc00000403004630440220435c8bcd71215ca5cfea134e534d8796ff2ffb22b4ffd3a5d49f8c59747cda7702200152afb91bbda422e4a4f8afda39c8bb21075f2967d95849bc3300d4ffbb3426
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a9fc14693af8e5aef00d751c1b3fe8d6e8e0e268400b208862686d8e19678444b960c9c4fd94b0be75eb9fea9a4d95981c8f1061da609bf05268968c84702387e11d76d1505889d8329d2939251eaccf0d0ad0d52c9fc77b49345e366f238a9d499ce343480572397c100eeeb1328b3ff001f1b35513ddc0ddb7718d956effd1b3a7b027b4e3811022a7b3f0395faa98f8f3f73773662414f5de3eda5701e611dbf33858e0049aa238ea6b9d1983d42a1b031b13787e45db63b5f2fe99fc176e39dd54bde06728164fc1992bc5a7fef0da33d325c3fff7b370cae2f055a450bfe57e32484af605e401b47c57f3a6dcb67b8c800ea732e604bc83ce76003f765d