lighthouse.es.net
- Lawrence Berkeley National Laboratory -
Issued by InCommon RSA Server CA
About this certificate
This digital certificate with serial number 3c:e1:94:20:04:0c:8b:fb:86:e2:ec:ae:b9:89:59:c9 was issued on by Internet2.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Lawrence Berkeley National Laboratory
Organization:
Lawrence Berkeley National Laboratory
Organization unit: ESnet
Organization unit: ESnet
State / Province:
California
Locality: Berkeley
Country: US
Locality: Berkeley
Country: US
Internet2
Organization:
Internet2
Organization unit: InCommon
Organization unit: InCommon
State / Province:
MI
Locality: Ann Arbor
Country: US
Locality: Ann Arbor
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 3c:e1:94:20:04:0c:8b:fb:86:e2:ec:ae:b9:89:59:c9Serial Number (int): 80924950873440937692243560865269897673
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 34:53:c5:00:4c:2c:a8:c7:15:d2:66:45:d4:aa:e9:57:7f:7a:5e:21
AuthorityKeyId: 1e:05:a3:77:8f:6c:96:e2:5b:87:4b:a6:b4:86:ac:71:00:0c:e7:38
Fingerprint (sha1): f8:20:67:b3:a4:d5:b2:f9:6f:18:4c:ea:a0:51:ac:c7:96:cc:ed:aa
Fingerprint (sha256): 3d:56:d6:5d:3b:42:9a:73:d5:95:1c:c9:1f:b8:94:95:87:93:29:44:dd:2f:54:ad:9b:8a:0f:ff:c3:51:fb:a4
Issuing Certificate URL: http://crt.usertrust.com/InCommonRSAServerCA_2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
Check the revocation status for certificate lighthouse.es.net
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lighthouse.es.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lighthouse.es.net
lighthouse-east.es.net
lighthouse-west.es.net
www.lighthouse.es.net
lighthouse-east.es.net
lighthouse-west.es.net
www.lighthouse.es.net
Other certificates including the domain name es.net
(limited to 100 certificates)
vapor.es.net
repo.es.net
mcusd1.es.net
if.es.net
enrollment.es.net
grafana.es.net
netbeam-api-develop.es.net
panorama-east.es.net
dna-east.es.net
my.es.net
nsmdb-west.es.net
cement.es.net
listserv.es.net
ninfo-west.es.net
software.es.net
nsi-aggr-west.es.net
tls.automattic.com
graphite.es.net
prometheus-west.es.net
dna-west.es.net
tls.automattic.com
netbeam.es.net
blue-mcp-east1.es.net
akips-test.es.net
packetdesign.es.net
mcusd2.es.net
www.es.net
es.net
eng-wiki.es.net
netbeam-core-api.es.net
netbeam-api.es.net
www.es.net
netbeam-core-api-develop.es.net
splunk-west1.es.net
vcenter-dev-west1.es.net
software.es.net
tls.automattic.com
sysmon.es.net
if.es.net
influxdb-poc.es.net
arbor.es.net
sysinfo.es.net
netlab-dna-west.es.net
nso-netlab.es.net
oscars-pss.es.net
thulite.es.net
vapor.es.net
bhr-west.es.net
www-eng.es.net
arista-bnl.es.net
vapor.es.net
sense-nrm.es.net
oscars-dev2.es.net
spectrum.es.net
stats.es.net
lighthouse.es.net
artemis.es.net
fw1-west-mgt.es.net
stats.es.net
hardware-inventory-east.es.net
omg.es.net
wiki.es.net
nsi-aggr-west.es.net
software.es.net
prometheus-poc.es.net
inflxudb-poc.es.net
wiki-east.es.net
cement-east.es.net
netbeam-core-api.es.net
idp.es.net
panorama.es.net
my.es.net
vcenter-west1.es.net
graphite.es.net
downloads.es.net
vcenter-east1.es.net
grafana.es.net
idp.es.net
stats.es.net
www.es.net
stats.es.net
nsmdb-east.es.net
arista-lbl.es.net
waikiki.es.net
my.es.net
nsi-aggr-west.es.net
omg.es.net
ps-dev-el7-1.es.net
gab.es.net
scan-west.es.net
software.es.net
bhr-lbl.es.net
software.es.net
mcuhd2.es.net
downloads.es.net
software.es.net
esdb.es.net
software.es.net
arbor.es.net
packetdesign.es.net
repo.es.net
mcusd1.es.net
if.es.net
enrollment.es.net
grafana.es.net
netbeam-api-develop.es.net
panorama-east.es.net
dna-east.es.net
my.es.net
nsmdb-west.es.net
cement.es.net
listserv.es.net
ninfo-west.es.net
software.es.net
nsi-aggr-west.es.net
tls.automattic.com
graphite.es.net
prometheus-west.es.net
dna-west.es.net
tls.automattic.com
netbeam.es.net
blue-mcp-east1.es.net
akips-test.es.net
packetdesign.es.net
mcusd2.es.net
www.es.net
es.net
eng-wiki.es.net
netbeam-core-api.es.net
netbeam-api.es.net
www.es.net
netbeam-core-api-develop.es.net
splunk-west1.es.net
vcenter-dev-west1.es.net
software.es.net
tls.automattic.com
sysmon.es.net
if.es.net
influxdb-poc.es.net
arbor.es.net
sysinfo.es.net
netlab-dna-west.es.net
nso-netlab.es.net
oscars-pss.es.net
thulite.es.net
vapor.es.net
bhr-west.es.net
www-eng.es.net
arista-bnl.es.net
vapor.es.net
sense-nrm.es.net
oscars-dev2.es.net
spectrum.es.net
stats.es.net
lighthouse.es.net
artemis.es.net
fw1-west-mgt.es.net
stats.es.net
hardware-inventory-east.es.net
omg.es.net
wiki.es.net
nsi-aggr-west.es.net
software.es.net
prometheus-poc.es.net
inflxudb-poc.es.net
wiki-east.es.net
cement-east.es.net
netbeam-core-api.es.net
idp.es.net
panorama.es.net
my.es.net
vcenter-west1.es.net
graphite.es.net
downloads.es.net
vcenter-east1.es.net
grafana.es.net
idp.es.net
stats.es.net
www.es.net
stats.es.net
nsmdb-east.es.net
arista-lbl.es.net
waikiki.es.net
my.es.net
nsi-aggr-west.es.net
omg.es.net
ps-dev-el7-1.es.net
gab.es.net
scan-west.es.net
software.es.net
bhr-lbl.es.net
software.es.net
mcuhd2.es.net
downloads.es.net
software.es.net
esdb.es.net
software.es.net
arbor.es.net
packetdesign.es.net
Certificate
The complete raw certificate details for lighthouse.es.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHJDCCBgygAwIBAgIQPOGUIAQMi/uG4uyuuYlZyTANBgkqhkiG9w0BAQsFADB2 MQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjES MBAGA1UEChMJSW50ZXJuZXQyMREwDwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMW SW5Db21tb24gUlNBIFNlcnZlciBDQTAeFw0yMTEyMDYwMDAwMDBaFw0yMzAxMDYy MzU5NTlaMIGRMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8G A1UEBxMIQmVya2VsZXkxLjAsBgNVBAoTJUxhd3JlbmNlIEJlcmtlbGV5IE5hdGlv bmFsIExhYm9yYXRvcnkxDjAMBgNVBAsTBUVTbmV0MRowGAYDVQQDExFsaWdodGhv dXNlLmVzLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANVvniJ+ iVIHa8NVJWaZBqNmNehB4LY1iAppPNmP22s3upmgiHwlAiSLa7juEoAyDykJKGio VJRbj+xVcgL/SLVYvHGvjPZakFGmTqEhO+EYm7XCMYVdu++L/+vJyhEGGtqoEAEo v1jC4gcnuZmgnMa5WTWha64icmHQ9aBiJ7Aq2lxwEjkTSOe0+6S3UYWK4My/kRxw LnYIfwRxguIaOCdzfvY+ofgQpZ+CQthYpWCjrIpEINNe62jkmhCM+VvAKsBoEybQ O6FvFD5s29klBZXV7zpbRwFA3lw0zj3NL8NzTKwNG8EGvfif+grXa0rvogG5p+CO KMns4C3KC3wup6cCAwEAAaOCA5AwggOMMB8GA1UdIwQYMBaAFB4Fo3ePbJbiW4dL prSGrHEADOc4MB0GA1UdDgQWBBQ0U8UATCyoxxXSZkXUqulXf3peITAOBgNVHQ8B Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4jAQQDAQEwQjBABggrBgEFBQcCARY0 aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2NlcnQvcmVwb3NpdG9yeS9jcHNfc3Ns LnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5pbmNv bW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2VydmVyQ0EuY3JsMHUGCCsGAQUFBwEB BGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0luQ29t bW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz ZXJ0cnVzdC5jb20wggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AK33vvp8/xDI i509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABfZDKSucAAAQDAEcwRQIhAI1qotav bxb3rwpXFBI59a5/GUuhMcaXnN+hSnlXNAaRAiBb0cprNG/ws/vpsGfVTMzZEz5x +GIf4QqsVPCN4nhQXQB3AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutS AAABfZDKSvkAAAQDAEgwRgIhALpRoKX/ltJqEMsZR8NrRZjEeXpVXAE7bhDAl60Y hFPXAiEA6f8I1Tp/gecKS6b86BrymvF0uS56rqjbi69NNpS3PTgAdwDoPtDaPvUG NTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX2QykrIAAAEAwBIMEYCIQDjJhU6 Pr6b7cWhgMqlUzNNBGjMFBbQe9Ax4QYhD/AmrAIhAOQ39KaB+3Dwh6/QgGxZO24t S+ffxYJgjdYcjyRj6C/5MGMGA1UdEQRcMFqCEWxpZ2h0aG91c2UuZXMubmV0ghZs aWdodGhvdXNlLWVhc3QuZXMubmV0ghZsaWdodGhvdXNlLXdlc3QuZXMubmV0ghV3 d3cubGlnaHRob3VzZS5lcy5uZXQwDQYJKoZIhvcNAQELBQADggEBAJiGCMLURQeA y8xSxgNdWt+kIfbmv6DCZ0BhNeJGqt2vXF18167Jj8xPSti8e7oWatSLTptoSKQR CkiDacBD8OoTojcnY+CenfXjQaSa0zJFX6Zpo2cRqQGykkqoA8dnDsIP8L74M93J BGDjnJWi9d2H/L7U8s+ImlVxGPtjhn06Jw1Z/w6FdXwO3UVxY/OlcLPWkjk1tOxh RW8J7KTx41237j2jfOJBhw6/ZfqkJMxk/aNCQUQufgXpRTnmc69fw/HjKIpSHXPu 4teukHou7o/gSX3qgBUFymtdgoU3M2al17HJrw1pPr8259DyZPvaIcRY5/+u9NCq jlodHPfiFEU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1W+eIn6JUgdrw1UlZpkG o2Y16EHgtjWICmk82Y/baze6maCIfCUCJItruO4SgDIPKQkoaKhUlFuP7FVyAv9I tVi8ca+M9lqQUaZOoSE74RibtcIxhV2774v/68nKEQYa2qgQASi/WMLiBye5maCc xrlZNaFrriJyYdD1oGInsCraXHASORNI57T7pLdRhYrgzL+RHHAudgh/BHGC4ho4 J3N+9j6h+BCln4JC2FilYKOsikQg017raOSaEIz5W8AqwGgTJtA7oW8UPmzb2SUF ldXvOltHAUDeXDTOPc0vw3NMrA0bwQa9+J/6CtdrSu+iAbmn4I4oyezgLcoLfC6n pwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 80924950873440937692243560865269897673 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ann Arbor' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Internet2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'InCommon RSA Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berkeley' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Lawrence Berkeley National Laboratory' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ESnet' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lighthouse.es.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26943799703862176481153015937313117362305549691900099290653321022993987655633253625424405036344887046819358576845846836805777568616261342753683012415015248877832213529525093134514225821346819361908549394159842851282565896043091812906975858357292479456072754360103685678612320381861224082042048317344637211039338804740027411670913681279553135332772843133983276204057476447136653769904549148472431038313105881651420961966790207227329491538458568934162735035170595797826926101833805053329606110375782006084481221926366717490518432752217967758742189647213153073404133003873113706018502504814598801052972879302575034116007 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e05a3778f6c96e25b874ba6b486ac71000ce738 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3453c5004c2ca8c715d26645d4aae9577f7a5e21 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.5923.1.4.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.incommon.org/cert/repository/cps_ssl.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.incommon-rsa.org/InCommonRSAServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/InCommonRSAServerCA_2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017d90ca4ae700000403004730450221008d6aa2d6af6f16f7af0a57141239f5ae7f194ba131c6979cdfa14a795734069102205bd1ca6b346ff0b3fbe9b067d54cccd9133e71f8621fe10aac54f08de278505d0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017d90ca4af90000040300483046022100ba51a0a5ff96d26a10cb1947c36b4598c4797a555c013b6e10c097ad188453d7022100e9ff08d53a7f81e70a4ba6fce81af29af174b92e7aaea8db8baf4d3694b73d38007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017d90ca4ac80000040300483046022100e326153a3ebe9bedc5a180caa553334d0468cc1416d07bd031e106210ff026ac022100e437f4a681fb70f087afd0806c593b6e2d4be7dfc582608dd61c8f2463e82ff9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lighthouse.es.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lighthouse-east.es.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lighthouse-west.es.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lighthouse.es.net' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00988608c2d4450780cbcc52c6035d5adfa421f6e6bfa0c267406135e246aaddaf5c5d7cd7aec98fcc4f4ad8bc7bba166ad48b4e9b6848a4110a488369c043f0ea13a2372763e09e9df5e341a49ad332455fa669a36711a901b2924aa803c7670ec20ff0bef833ddc90460e39c95a2f5dd87fcbed4f2cf889a557118fb63867d3a270d59ff0e85757c0edd457163f3a570b3d6923935b4ec61456f09eca4f1e35db7ee3da37ce241870ebf65faa424cc64fda34241442e7e05e94539e673af5fc3f1e3288a521d73eee2d7ae907a2eee8fe0497dea801505ca6b5d8285373366a5d7b1c9af0d693ebf36e7d0f264fbda21c458e7ffaef4d0aa8e5a1d1cf7e21445