zola.planninglabs.nyc
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:3a:59:ae:83:51:15:59:24:ea:56:bf:55:51:b3:72:fe:e1 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=zola.planninglabs.nyc
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:3a:59:ae:83:51:15:59:24:ea:56:bf:55:51:b3:72:fe:e1Serial Number (int): 281192442491393159589399642009145993002721
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 53:60:dd:30:6b:73:59:79:ed:57:60:53:e9:a1:49:6f:8c:bd:37:96
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 42:0b:f9:66:6c:5d:ec:62:94:83:6f:41:9d:ff:ad:0c:53:5c:d0:42
Fingerprint (sha256): 3b:95:e6:b0:0c:44:18:43:07:b0:d6:ed:93:e0:4b:af:56:9e:66:27:63:0f:68:66:63:f4:19:46:03:47:71:57
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate zola.planninglabs.nyc
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for zola.planninglabs.nyc
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
zola.planning.nyc.gov
zola.planninglabs.nyc
zola.planninglabs.nyc
Other certificates including the domain name planninglabs.nyc
(limited to 100 certificates)
maputnik-push.planninglabs.nyc
ui.planninglabs.nyc
layers-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
zap.planning.nyc.gov
regional-viz.planninglabs.nyc
roadview.planninglabs.nyc
ui.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ui.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
lotselector.planninglabs.nyc
search-api.planninglabs.nyc
ideas.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
zap-api-staging.planninglabs.nyc
ui.planninglabs.nyc
zola-canary.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
search-api.planninglabs.nyc
planninglabs.nyc
search-api.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-api.planninglabs.nyc
planninglabs.nyc
lucats.planninglabs.nyc
ceqr.app
roadview.planninglabs.nyc
roadview.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
planninglabs.nyc
applicant-portal-develop.planninglabs.nyc
planninglabs.nyc
zap-api-staging.planninglabs.nyc
factfinder-api.planninglabs.nyc
api.planninglabs.nyc
geosearch.planninglabs.nyc
maputnik-push.planninglabs.nyc
zola-staging.planninglabs.nyc
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
ceqr.app
home-api.planninglabs.nyc
waterfront-access.planninglabs.nyc
tiles.planninglabs.nyc
zola.planninglabs.nyc
zap.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zap-api-staging.planninglabs.nyc
zap.planning.nyc.gov
factfinder-api.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
tiles.planninglabs.nyc
tiles.planninglabs.nyc
roadview.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
planninglabs.nyc
nyc-factfinder.planninglabs.nyc
maputnik-push.planninglabs.nyc
planninglabs.nyc
zola-api.planninglabs.nyc
zola.planninglabs.nyc
communityprofiles.planning.nyc.gov
citymap.planninglabs.nyc
ideas.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
layers-api.planninglabs.nyc
planninglabs.nyc
factfinder-api.planninglabs.nyc
zola.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
geosearch.planninglabs.nyc
roadview.planninglabs.nyc
datacatalog.planninglabs.nyc
tiles.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ceqr.app
migration.planninglabs.nyc
home-api.planninglabs.nyc
maputnik-push.planninglabs.nyc
layers-api.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
home-api.planninglabs.nyc
zola-api.planninglabs.nyc
api.planninglabs.nyc
planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zola-canary.planninglabs.nyc
zap-api.planninglabs.nyc
layers-api-staging.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
tycs.planning.nyc.gov
ui.planninglabs.nyc
layers-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
zap.planning.nyc.gov
regional-viz.planninglabs.nyc
roadview.planninglabs.nyc
ui.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ui.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
lotselector.planninglabs.nyc
search-api.planninglabs.nyc
ideas.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
zap-api-staging.planninglabs.nyc
ui.planninglabs.nyc
zola-canary.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
search-api.planninglabs.nyc
planninglabs.nyc
search-api.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-api.planninglabs.nyc
planninglabs.nyc
lucats.planninglabs.nyc
ceqr.app
roadview.planninglabs.nyc
roadview.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
planninglabs.nyc
applicant-portal-develop.planninglabs.nyc
planninglabs.nyc
zap-api-staging.planninglabs.nyc
factfinder-api.planninglabs.nyc
api.planninglabs.nyc
geosearch.planninglabs.nyc
maputnik-push.planninglabs.nyc
zola-staging.planninglabs.nyc
zap-api.planninglabs.nyc
zola-canary.planninglabs.nyc
ceqr.app
home-api.planninglabs.nyc
waterfront-access.planninglabs.nyc
tiles.planninglabs.nyc
zola.planninglabs.nyc
zap.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
zap-staging-lupp.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zap-api-staging.planninglabs.nyc
zap.planning.nyc.gov
factfinder-api.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
waterfrontaccess.planning.nyc.gov
applicantmaps-staging.planninglabs.nyc
tiles.planninglabs.nyc
tiles.planninglabs.nyc
roadview.planninglabs.nyc
nyc-factfinder.planninglabs.nyc
planninglabs.nyc
nyc-factfinder.planninglabs.nyc
maputnik-push.planninglabs.nyc
planninglabs.nyc
zola-api.planninglabs.nyc
zola.planninglabs.nyc
communityprofiles.planning.nyc.gov
citymap.planninglabs.nyc
ideas.planninglabs.nyc
applicantmaps-api.planninglabs.nyc
layers-api.planninglabs.nyc
planninglabs.nyc
factfinder-api.planninglabs.nyc
zola.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
geosearch.planninglabs.nyc
roadview.planninglabs.nyc
datacatalog.planninglabs.nyc
tiles.planninglabs.nyc
home-api.planninglabs.nyc
factfinder-staging.planninglabs.nyc
ceqr.app
migration.planninglabs.nyc
home-api.planninglabs.nyc
maputnik-push.planninglabs.nyc
layers-api.planninglabs.nyc
applicantmaps-staging.planninglabs.nyc
home-api.planninglabs.nyc
zola-api.planninglabs.nyc
api.planninglabs.nyc
planninglabs.nyc
applicantmaps-api.planninglabs.nyc
zola-canary.planninglabs.nyc
zap-api.planninglabs.nyc
layers-api-staging.planninglabs.nyc
metroexplorer-staging.planninglabs.nyc
tycs.planning.nyc.gov
Certificate
The complete raw certificate details for zola.planninglabs.nyc in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGejCCBWKgAwIBAgISAzpZroNRFVkk6la/VVGzcv7hMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMTQxNjU1NDFaFw0x OTA0MTQxNjU1NDFaMCAxHjAcBgNVBAMTFXpvbGEucGxhbm5pbmdsYWJzLm55YzCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL/awXjAaQJKglbZtmAem5Aa gIOghNIAXh1ypAaqCtpWE59mijLZC/GaPiDxNx+J/TdU7E/ljY5pom8iBSGuIqnS 3jsI/fpcXuRizXsxI/6AFHRnDAvybrMDAcudP49UuZRH8ZKvxmcCm01VXD5/Cwi8 TOaf6ib3LYIVLdigo/C4SGajQ9WNHidXXWeJF+BJo0l6UWcBt2c2Y8WbmAI5EBYC /wxE0R3oqD6IKxnUUPl8ZNe9c8K/pEytV7qJV45Rb30+kgThGq+mQNdWGQFJ3Lri T8U/1Zm3ao/vbHxgJCUBJ682sbkkjxRz5wEmDadKWbzS6+fZ0n2TGlnPcspM6Jyf Q3FTzLwjAmCMVSHZCcQXSPSOcZYKtPGwqBV9CWmlXjNeJIlXovLRTZqr3cL8qEAY fzYsfHQXzU8zrNctv3NyXsEo2kEqLbDODo/VriqFW4WMuYSlE7uiwaG4nxyBXMGA WkfIvuIbNUV6wislJteVNPkfym9sWzGCo71rV6yBmj/kiTjQJe7MPhtuG+1yLDZp 9K+vyoWitkV+Y05xJPFXJ1uwAFsTSFeO7wXYHfGTmteJ84jsL85YzJ6KZIIAWACk UeZn/dAuk8OZjx5JaI6M6Kj8LDmlSSpLPHnCSC4HmX2qHCLo4jbnlGpNMFvN3Bjx pFlQTuqUgZY1JF4PVhcpAgMBAAGjggKCMIICfjAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFFNg3TBrc1l57VdgU+mhSW+MvTeWMB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wNwYDVR0RBDAwLoIVem9sYS5wbGFu bmluZy5ueWMuZ292ghV6b2xhLnBsYW5uaW5nbGFicy5ueWMwTAYDVR0gBEUwQzAI BgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw cy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgB0ftqD Ma0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWhNgTyqAAAEAwBHMEUCIQCe a7kurRjscqecXMdDPwNE+TVssAq/akw0wA+f8WFH/wIgNRgUdfLSdOz3AwfBSgPs UY9uPUbIS9pLk4gsFWO/uZQAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTl RUf0eAAAAWhNgT7rAAAEAwBIMEYCIQDmJ22YzQWFnds7Q9Qdh0PzjVjweawnk2Kx 9GOHF2E9UgIhAMc0qOSlBm3jGY7CApbV008J8VWhNNXsjnj+r250LXmiMA0GCSqG SIb3DQEBCwUAA4IBAQBP66xQWwcQe6rq4GIyPgagIVsWu4+gqgG6XfoHtOOFnBmT th9hF3HDknAstXyoc3cjAQex8J9dr5Yf2K3P5vGFX5Xd78h0CAsyYjqpLq9lRYz6 46b+pqpI95Pbkjhy78xiwwtfCb38faRz625p7PC9AAgN6tWzrIs/o4VAWrPguL0w Mfq7igSxpc9Sd+9hKVNpOZ1QET/nZb7Jcdk9Y+DVt9YhdNuUFMOO8dRW78dXUuME kBzLULw0xRAN+InLByGLk+sGwTz3RPVIhPIJNQi6tDk29MjMAieWsHNLFC2lt4jh jGtMcJz/heZXg/C+zSjPQQXkZI4OUgzga8UCykIB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv9rBeMBpAkqCVtm2YB6b kBqAg6CE0gBeHXKkBqoK2lYTn2aKMtkL8Zo+IPE3H4n9N1TsT+WNjmmibyIFIa4i qdLeOwj9+lxe5GLNezEj/oAUdGcMC/JuswMBy50/j1S5lEfxkq/GZwKbTVVcPn8L CLxM5p/qJvctghUt2KCj8LhIZqND1Y0eJ1ddZ4kX4EmjSXpRZwG3ZzZjxZuYAjkQ FgL/DETRHeioPogrGdRQ+Xxk171zwr+kTK1XuolXjlFvfT6SBOEar6ZA11YZAUnc uuJPxT/Vmbdqj+9sfGAkJQEnrzaxuSSPFHPnASYNp0pZvNLr59nSfZMaWc9yykzo nJ9DcVPMvCMCYIxVIdkJxBdI9I5xlgq08bCoFX0JaaVeM14kiVei8tFNmqvdwvyo QBh/Nix8dBfNTzOs1y2/c3JewSjaQSotsM4Oj9WuKoVbhYy5hKUTu6LBobifHIFc wYBaR8i+4hs1RXrCKyUm15U0+R/Kb2xbMYKjvWtXrIGaP+SJONAl7sw+G24b7XIs Nmn0r6/KhaK2RX5jTnEk8VcnW7AAWxNIV47vBdgd8ZOa14nziOwvzljMnopkggBY AKRR5mf90C6Tw5mPHklojozoqPwsOaVJKks8ecJILgeZfaocIujiNueUak0wW83c GPGkWVBO6pSBljUkXg9WFykCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 281192442491393159589399642009145993002721 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-14 16:55:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-14 16:55:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zola.planninglabs.nyc' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 782698132588828640618071633311454550383759911442414809573059439100178858921056922201121695132925736533353843541362216548770569872354084536037892643627060076110505311522928426882867878628527930039122120510399737341347718008792484635158846115801094014595445273926159976314947155368212474812649733464323513156454107460781304928012008996650773418709619972939086661471394146868084964554137978455897179842626030434618770814808084784525754986592115061547310468574048662025373978361444104587327837489528218701332392729836884599771540081757873534309704630341865591979709962415657912056005776553526451873413453297312522796178115445573732388611681643207377828184195710784424143557167994771648787021447571583123547007893648174467982322921774986031652541550592151446013484728831057636827327211094301249484281455372914497477848643590509162323489325060048667150476775391465380487837605489002926158875106799248835087617862300765356106293548661335667511380317205734068987305163646873803184031102858735352173678872927027640412304429073460726581920466921977158437128254718683559957273565691667746015734836946734802763906816037799057765041564873866446487584229968824466058848541384494413797409615896093384068334387555410182440215551490559961064348718889 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5360dd306b735979ed576053e9a1496f8cbd3796 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zola.planning.nyc.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zola.planninglabs.nyc' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001684d813caa00000403004730450221009e6bb92ead18ec72a79c5cc7433f0344f9356cb00abf6a4c34c00f9ff16147ff022035181475f2d274ecf70307c14a03ec518f6e3d46c84bda4b93882c1563bfb994007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001684d813eeb0000040300483046022100e6276d98cd05859ddb3b43d41d8743f38d58f079ac279362b1f4638717613d52022100c734a8e4a5066de3198ec20296d5d34f09f155a134d5ec8e78feaf6e742d79a2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004febac505b07107baaeae062323e06a0215b16bb8fa0aa01ba5dfa07b4e3859c1993b61f611771c392702cb57ca87377230107b1f09f5daf961fd8adcfe6f1855f95ddefc874080b32623aa92eaf65458cfae3a6fea6aa48f793db923872efcc62c30b5f09bdfc7da473eb6e69ecf0bd00080dead5b3ac8b3fa385405ab3e0b8bd3031fabb8a04b1a5cf5277ef61295369399d50113fe765bec971d93d63e0d5b7d62174db9414c38ef1d456efc75752e304901ccb50bc34c5100df889cb07218b93eb06c13cf744f54884f2093508bab43936f4c8cc022796b0734b142da5b788e18c6b4c709cff85e65783f0becd28cf4105e4648e0e520ce06bc502ca4201