gev.twai.it
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0e:db:27:16:34:19:41:a8:50:a9:60:0b:4a:89:0a:c4:30 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=gev.twai.it
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0e:db:27:16:34:19:41:a8:50:a9:60:0b:4a:89:0a:c4:30Serial Number (int): 266392114813168950094150206321921354286128
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 80:a5:09:df:32:3f:9e:b1:ef:f1:0c:6d:2f:c8:e6:85:ec:bf:4d:30
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 9b:3e:f8:eb:bc:2f:e5:1c:7e:8e:ac:68:2a:34:5d:42:cc:40:b7:94
Fingerprint (sha256): 3e:8a:9d:25:2d:d9:49:dd:0a:66:7a:8d:95:e2:fe:44:c3:5f:91:a0:a8:18:47:cf:f0:94:f0:53:5e:84:f1:3f
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate gev.twai.it
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gev.twai.it
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gev.twai.it
Other certificates including the domain name twai.it
(limited to 100 certificates)
gev.twai.it
gev.twai.it
gev.twai.it
tcc.twai.it
tcc.twai.it
twai.it
tcc.twai.it
twai.it
gev.twai.it
webmail.twai.it
tcc.twai.it
twai.it
gev.twai.it
webmail.twai.it
tcc.twai.it
tcc.twai.it
webmail.twai.it
webmail.twai.it
webmail.twai.it
webmail.twai.it
old.twai.it
tcc.twai.it
gev.twai.it
tcc.twai.it
gev.twai.it
old.twai.it
gev.twai.it
old.twai.it
twai.it
tcc.twai.it
tcc.twai.it
tcc.twai.it
webmail.twai.it
old.twai.it
webmail.twai.it
gev.twai.it
twai.it
gev.twai.it
twai.it
old.twai.it
webmail.twai.it
gev.twai.it
tcc.twai.it
tcc.twai.it
twai.it
webmail.twai.it
twai.it
gev.twai.it
tcc.twai.it
twai.it
twai.it
webmail.twai.it
webmail.twai.it
webmail.twai.it
twai.it
webmail.twai.it
twai.it
tcc.twai.it
twai.it
gev.twai.it
twai.it
tcc.twai.it
gev.twai.it
old.twai.it
webmail.twai.it
gev.twai.it
gev.twai.it
webmail.twai.it
twai.it
twai.it
tcc.twai.it
thechinacompanion.eu
tcc.twai.it
tcc.twai.it
old.twai.it
twai.it
tcc.twai.it
twai.it
twai.it
webmail.twai.it
twai.it
old.twai.it
old.twai.it
old.twai.it
zend.twai.it
gev.twai.it
twai.it
twai.it
old.twai.it
old.twai.it
tcc.twai.it
tcc.twai.it
tcc.twai.it
twai.it
twai.it
gev.twai.it
tcc.twai.it
tcc.twai.it
old.twai.it
gev.twai.it
gev.twai.it
gev.twai.it
tcc.twai.it
tcc.twai.it
twai.it
tcc.twai.it
twai.it
gev.twai.it
webmail.twai.it
tcc.twai.it
twai.it
gev.twai.it
webmail.twai.it
tcc.twai.it
tcc.twai.it
webmail.twai.it
webmail.twai.it
webmail.twai.it
webmail.twai.it
old.twai.it
tcc.twai.it
gev.twai.it
tcc.twai.it
gev.twai.it
old.twai.it
gev.twai.it
old.twai.it
twai.it
tcc.twai.it
tcc.twai.it
tcc.twai.it
webmail.twai.it
old.twai.it
webmail.twai.it
gev.twai.it
twai.it
gev.twai.it
twai.it
old.twai.it
webmail.twai.it
gev.twai.it
tcc.twai.it
tcc.twai.it
twai.it
webmail.twai.it
twai.it
gev.twai.it
tcc.twai.it
twai.it
twai.it
webmail.twai.it
webmail.twai.it
webmail.twai.it
twai.it
webmail.twai.it
twai.it
tcc.twai.it
twai.it
gev.twai.it
twai.it
tcc.twai.it
gev.twai.it
old.twai.it
webmail.twai.it
gev.twai.it
gev.twai.it
webmail.twai.it
twai.it
twai.it
tcc.twai.it
thechinacompanion.eu
tcc.twai.it
tcc.twai.it
old.twai.it
twai.it
tcc.twai.it
twai.it
twai.it
webmail.twai.it
twai.it
old.twai.it
old.twai.it
old.twai.it
zend.twai.it
gev.twai.it
twai.it
twai.it
old.twai.it
old.twai.it
tcc.twai.it
tcc.twai.it
tcc.twai.it
twai.it
twai.it
gev.twai.it
tcc.twai.it
tcc.twai.it
old.twai.it
gev.twai.it
Certificate
The complete raw certificate details for gev.twai.it in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+TCCBOGgAwIBAgISAw7bJxY0GUGoUKlgC0qJCsQwMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzExMDIwMTAyMTRaFw0x ODAxMzEwMTAyMTRaMBYxFDASBgNVBAMTC2dldi50d2FpLml0MIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAsDzYJPafxaHlLtvjx3WO06xuzAlmPpAKWl7m bb6sI2bGTFk7v3qaX1Id5AMdbc7vGCHHYYRa/oLord+9uYpbyf55dfiqQ5DD0oml ibgMMUWf2OHjnUNse3866PIoAxeCP4L5Wr2O/+XqEDp017gfbswoJBHbMkD60z88 BEkV02dUegNqTgDRw1G/vI9sT2jnlZwdDi8FEXhyH6GWOYpLfTTZXBNwDf7l0qb+ DsmuHwBxOsARZ/DEB24F0oRtpMrgA1phdmqp0CWUKYAGl0JMu33anxghwdf1/Xtd zkv2F8DvV/rQ5ZoV91X0oe62bxPZp4E9CNnHRZ354p0LHtU1kFrqqSoP+qlfqNa9 UhMSBLoy9NIJyByxhoENuVSbcAzHU4fUriUplDc4egs59Y36qPwnTHwungBu36oR Q1kk4CJ+Bxg94iubP3j9SuvhmlcdTB2uGDLM4N80wW9a1Z291IOm6PMHje5NeXnd obx0wZD5kr5Ge0wSZJNdBWPZtS64MTTZYzzbAlvk4aw4Y5uheGtMEnd9FVJHBVy6 6vdG6n2Zoo65XmBJbCTF6kvWuwNpsPaG8oLPxJzZI33smOiUHRpuBjTgL6gxLrhd KSib3GVfIoCNFFTPGU7ZxwHlDFGfTEh7WxjOnCcoGu12r+1tHdNSxyaxOmZkxKI6 53E/tbMCAwEAAaOCAgswggIHMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUgKUJ3zI/ nrHv8QxtL8jmhey/TTAwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAWBgNVHREEDzANggtnZXYudHdhaS5pdDCB/gYDVR0g BIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEW Gmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1Ro aXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWlu ZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlm aWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3Jl cG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAHjLP6xnQW80g1u6DZ1aahPDue 1aGPTO2LzBzURZbMdrxSszGqhYE8xeKoTSUARAs4NWNZym6RLl/MqOgo1nv2sjgh mPnSNJLbx/A6ZeHsmkn1ihDRFu9hDoeq0CNcW7s9A3Et5fe6N/yUKrR0yAZ89M82 Q+QuLHXNpsdK7OFjmqeNiHE6U92XVy3x/egGiZ0k19yXP39r8aoUsGvghIHmUUAg OtvhR4pjV+Qz2I540dir2iPvKyJPcmRgirqD7GsZKDGUMFaNcMutF+ZKZ7zFqrRP tW0vL342fqQod3BaEJPTD4BjpAul3KnTjpvcqOlgPmuzFCvf9zljmGDLEqIM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsDzYJPafxaHlLtvjx3WO 06xuzAlmPpAKWl7mbb6sI2bGTFk7v3qaX1Id5AMdbc7vGCHHYYRa/oLord+9uYpb yf55dfiqQ5DD0omlibgMMUWf2OHjnUNse3866PIoAxeCP4L5Wr2O/+XqEDp017gf bswoJBHbMkD60z88BEkV02dUegNqTgDRw1G/vI9sT2jnlZwdDi8FEXhyH6GWOYpL fTTZXBNwDf7l0qb+DsmuHwBxOsARZ/DEB24F0oRtpMrgA1phdmqp0CWUKYAGl0JM u33anxghwdf1/Xtdzkv2F8DvV/rQ5ZoV91X0oe62bxPZp4E9CNnHRZ354p0LHtU1 kFrqqSoP+qlfqNa9UhMSBLoy9NIJyByxhoENuVSbcAzHU4fUriUplDc4egs59Y36 qPwnTHwungBu36oRQ1kk4CJ+Bxg94iubP3j9SuvhmlcdTB2uGDLM4N80wW9a1Z29 1IOm6PMHje5NeXndobx0wZD5kr5Ge0wSZJNdBWPZtS64MTTZYzzbAlvk4aw4Y5uh eGtMEnd9FVJHBVy66vdG6n2Zoo65XmBJbCTF6kvWuwNpsPaG8oLPxJzZI33smOiU HRpuBjTgL6gxLrhdKSib3GVfIoCNFFTPGU7ZxwHlDFGfTEh7WxjOnCcoGu12r+1t HdNSxyaxOmZkxKI653E/tbMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266392114813168950094150206321921354286128 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-02 01:02:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-31 01:02:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gev.twai.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 718986977630720281048576718408453800744468844704689587143117671263041140782060955800203877756543540938679103173297677450326305899718995867855759119493640717182681529674060263333184094032773369610119472220373018943581225125311082189837897162261003113442177328031487713273294430725804961985694875355044527887473015919655201670739806267963796272169824821381590585472144899697086721228701313909093450222690860348529879669556130902574687100235006423792679836554899725258683656888626757727053457192943416044371195299253642337779702566113925376873659445973322905677528834620704162570823697829187121438282183764202812387949936516841820148621959361158543505562424648898709023347543517043814104582064272774682671437861179957574113515088457765832175660487070015258163958264204267434106657990012077134461887782801647485422858903004131017801969653628867461577342564300320416783587229518382196645494081437200079477697904394502941602860913984271255863551375970156445206081953279494726463794043622917904252380929566018588890015509107919302424819546804872783386238069279157794212033603887684472538695476138727198552180448637640674681861581342007311788978738084990378716877130032092000354024169514282541201039161886638399459932708492424619494368851379 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 80a509df323f9eb1eff10c6d2fc8e685ecbf4d30 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gev.twai.it' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00078cb3fac67416f34835bba0d9d5a6a13c3b9ed5a18f4ced8bcc1cd44596cc76bc52b331aa85813cc5e2a84d2500440b38356359ca6e912e5fcca8e828d67bf6b2382198f9d23492dbc7f03a65e1ec9a49f58a10d116ef610e87aad0235c5bbb3d03712de5f7ba37fc942ab474c8067cf4cf3643e42e2c75cda6c74aece1639aa78d88713a53dd97572df1fde806899d24d7dc973f7f6bf1aa14b06be08481e65140203adbe1478a6357e433d88e78d1d8abda23ef2b224f7264608aba83ec6b1928319430568d70cbad17e64a67bcc5aab44fb56d2f2f7e367ea42877705a1093d30f8063a40ba5dca9d38e9bdca8e9603e6bb3142bdff739639860cb12a20c