nyassembly.gov
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:ff:86:09:ab:ae:d0:74:14:28:11:c2:33:c1:89:d5:ab:f0 was issued on by Let's Encrypt.
With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nyassembly.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ff:86:09:ab:ae:d0:74:14:28:11:c2:33:c1:89:d5:ab:f0Serial Number (int): 435399314056129456024615921195803456416752
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: ec:92:3a:a9:73:8c:85:da:a2:81:5b:27:e9:80:63:24:b1:9e:3d:b4
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 44:c4:f7:39:b1:72:f5:7d:5c:9c:52:7b:ff:3a:53:0e:94:01:a4:6c
Fingerprint (sha256): 3f:4c:35:b2:9c:1e:ab:ca:07:fb:87:54:2a:84:64:3e:b6:e4:5d:c1:1b:99:0f:a4:b8:51:9c:50:07:69:0e:eb
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate nyassembly.gov
17
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nyassembly.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
assembly.ny.gov
assembly.state.ny.us
hawkeye.assembly.state.ny.us
hawkeye.nyassembly.gov
images.assembly-mail.state.ny.us
legtest.nyassembly.gov
mog.assembly.state.ny.us
mog.nyassembly.gov
nyassembly.gov
preview.assembly.state.ny.us
preview.nyassembly.gov
test.nyassembly.gov
www.assembly.ny.gov
www.assembly.state.ny.us
www.nyassembly.gov
www2.assembly.state.ny.us
www2.nyassembly.gov
assembly.state.ny.us
hawkeye.assembly.state.ny.us
hawkeye.nyassembly.gov
images.assembly-mail.state.ny.us
legtest.nyassembly.gov
mog.assembly.state.ny.us
mog.nyassembly.gov
nyassembly.gov
preview.assembly.state.ny.us
preview.nyassembly.gov
test.nyassembly.gov
www.assembly.ny.gov
www.assembly.state.ny.us
www.nyassembly.gov
www2.assembly.state.ny.us
www2.nyassembly.gov
Other certificates including the domain name nyassembly.gov
(limited to 100 certificates)
z4.nysa.us
www.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z4.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
nyassembly.gov
server9.nyassembly.gov
nyassembly.gov
test.nyassembly.gov
mog.nyassembly.gov
nyassembly.gov
z4.nysa.us
nyassembly.gov
preview.nyassembly.gov
z4.nysa.us
nyassembly.gov
www.nyassembly.gov
preview.nyassembly.gov
nyassembly.gov
intern.nyassembly.gov
z4.nysa.us
server9.nyassembly.gov
nyassembly.gov
legtest.nyassembly.gov
nyassembly.gov
www.nyassembly.gov
z4.nysa.us
legtest.nyassembly.gov
www.nyassembly.gov
legtest.nyassembly.gov
test.nyassembly.gov
nyassembly.gov
nyassembly.gov
mog.nyassembly.gov
www.nyassembly.gov
mog.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
www.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z4.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
nyassembly.gov
server9.nyassembly.gov
nyassembly.gov
test.nyassembly.gov
mog.nyassembly.gov
nyassembly.gov
z4.nysa.us
nyassembly.gov
preview.nyassembly.gov
z4.nysa.us
nyassembly.gov
www.nyassembly.gov
preview.nyassembly.gov
nyassembly.gov
intern.nyassembly.gov
z4.nysa.us
server9.nyassembly.gov
nyassembly.gov
legtest.nyassembly.gov
nyassembly.gov
www.nyassembly.gov
z4.nysa.us
legtest.nyassembly.gov
www.nyassembly.gov
legtest.nyassembly.gov
test.nyassembly.gov
nyassembly.gov
nyassembly.gov
mog.nyassembly.gov
www.nyassembly.gov
mog.nyassembly.gov
intern.nyassembly.gov
www.nyassembly.gov
z.nysa.us
nyassembly.gov
z4.nysa.us
www.nyassembly.gov
www.nyassembly.gov
Certificate
The complete raw certificate details for nyassembly.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG3zCCBcegAwIBAgISBP+GCauu0HQUKBHCM8GJ1avwMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDYwMDE4MjhaFw0y MDA3MDUwMDE4MjhaMBkxFzAVBgNVBAMTDm55YXNzZW1ibHkuZ292MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuOBQ/xqHBVsKeddV6YpS8Cc0Svh9ZUe 0s8ZCEb+HiVpu3WsdRJC5G1nnyjWBdyIMplTzdlMBvSFXMlxRFgAm1vLjxQD0ZtN ILoSlpOPSVq6VSMGGjoxs6cQUszv9Hkt8igma58/H8sepNW6hPApQuxUO+ZGkpn+ O7sAvI0QEdYKQxUgOdyaymW+FTSd6fpBma0Qa7WRKFte83mK5beTIl8j/dZgGipO wfwVlumQrBq2NgMHDqQDxdq6gJsLjhJ+xDWBNqLfyqmUl+WyYxasPcqUWTj1hGT3 GAkZUjJn4Mtu+EN1Wwc0vlScFAw2yZNHR522qs0FsHHlhCp6xj8AiwIDAQABo4ID 7jCCA+owDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTskjqpc4yF2qKBWyfpgGMksZ49 tDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj MGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v cmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v cmcvMIIBoAYDVR0RBIIBlzCCAZOCD2Fzc2VtYmx5Lm55LmdvdoIUYXNzZW1ibHku c3RhdGUubnkudXOCHGhhd2tleWUuYXNzZW1ibHkuc3RhdGUubnkudXOCFmhhd2tl eWUubnlhc3NlbWJseS5nb3aCIGltYWdlcy5hc3NlbWJseS1tYWlsLnN0YXRlLm55 LnVzghZsZWd0ZXN0Lm55YXNzZW1ibHkuZ292ghhtb2cuYXNzZW1ibHkuc3RhdGUu bnkudXOCEm1vZy5ueWFzc2VtYmx5LmdvdoIObnlhc3NlbWJseS5nb3aCHHByZXZp ZXcuYXNzZW1ibHkuc3RhdGUubnkudXOCFnByZXZpZXcubnlhc3NlbWJseS5nb3aC E3Rlc3Qubnlhc3NlbWJseS5nb3aCE3d3dy5hc3NlbWJseS5ueS5nb3aCGHd3dy5h c3NlbWJseS5zdGF0ZS5ueS51c4ISd3d3Lm55YXNzZW1ibHkuZ292ghl3d3cyLmFz c2VtYmx5LnN0YXRlLm55LnVzghN3d3cyLm55YXNzZW1ibHkuZ292MEwGA1UdIARF MEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6 Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcA 5xLysDd+GmL7jskMYYTx6ns3y1YdESZb8+DzS/JBVG4AAAFxTRFCgAAABAMASDBG AiEAxvFsFncJ/4Lvt7JYK7YhBPfso8gs8FDtQ+0oVDhGUVECIQDUKw2igLXdAZrt pfKDoqVOB2gLNZystkpOhDXICxclQgB3ALIeBcyLos2KIE6HZvkruYolIGdr2vpw 57JJUy3vi5BeAAABcU0RQnYAAAQDAEgwRgIhAPxqz8rgPaxLq0hzljLez7yFSo8I qR7qfxE5K0V5oL0GAiEA10ZmYtZtGKBHfyyKw50L7VaLFJ+q+g7aHDDIfSwf5I0w DQYJKoZIhvcNAQELBQADggEBAFi5A9mOtgpGf3cFlraSvuCyAMRfwCMMwwlIOMhR DQpRGanORh5GHk60cHQKw2u43/HZ+tl/BEZXwV/uL5Gw+d+oBdzouGNrC7Y9EmiM eyc8fSAsWvmdLrTJY+CaYCXSYCXGlYg795im6KReKCuMlVoB8MhvsBI3KZcCZeBS UyNLE25u24QZcMl3yNLfmvKTWMDVjnRH4/RuezZc3C6ZqpUPBiRpWeiT24pcK2Qa EfCIC8nxVqm+ljr76YASHvwyEqYlw7j8RUzn6XgW+bPP7g2C0fLg/XlRLOIrG0Jc WZ1T+2fPnYBYZxleqBZZXToa8M2MT6ocmYnWfGVfKohb8tg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuOBQ/xqHBVsKeddV6Yp S8Cc0Svh9ZUe0s8ZCEb+HiVpu3WsdRJC5G1nnyjWBdyIMplTzdlMBvSFXMlxRFgA m1vLjxQD0ZtNILoSlpOPSVq6VSMGGjoxs6cQUszv9Hkt8igma58/H8sepNW6hPAp QuxUO+ZGkpn+O7sAvI0QEdYKQxUgOdyaymW+FTSd6fpBma0Qa7WRKFte83mK5beT Il8j/dZgGipOwfwVlumQrBq2NgMHDqQDxdq6gJsLjhJ+xDWBNqLfyqmUl+WyYxas PcqUWTj1hGT3GAkZUjJn4Mtu+EN1Wwc0vlScFAw2yZNHR522qs0FsHHlhCp6xj8A iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 435399314056129456024615921195803456416752 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-06 00:18:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-07-05 00:18:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nyassembly.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24097464812518902709584941796820575609057950843830172374379263514447973327083066534131559127079014452553179897585559295267659376485034787862633563235038021875740933480320632542239985308482091560994305876139007336151119416177098902969845125740864014749385339846332936626208777967870300701733537479484648053886028419876967810010019786894875447998484643715492223350796692782164607281223775516693055566618193256613368939000648254721289438668492986602663571323174977660508251123515935496083278492699594536546595557111795559826953198885328855326684180038196621829546077180794991170156081657969347336356970961925068740821131 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ec923aa9738c85daa2815b27e9806324b19e3db4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (407 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assembly.ny.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assembly.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hawkeye.assembly.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hawkeye.nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.assembly-mail.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'legtest.nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mog.assembly.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mog.nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preview.assembly.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preview.nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.assembly.ny.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.assembly.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nyassembly.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.assembly.state.ny.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.nyassembly.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001714d1142800000040300483046022100c6f16c167709ff82efb7b2582bb62104f7eca3c82cf050ed43ed285438465151022100d42b0da280b5dd019aeda5f283a2a54e07680b359cacb64a4e8435c80b172542007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001714d1142760000040300483046022100fc6acfcae03dac4bab48739632decfbc854a8f08a91eea7f11392b4579a0bd06022100d7466662d66d18a0477f2c8ac39d0bed568b149faafa0eda1c30c87d2c1fe48d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0058b903d98eb60a467f770596b692bee0b200c45fc0230cc3094838c8510d0a5119a9ce461e461e4eb470740ac36bb8dff1d9fad97f044657c15fee2f91b0f9dfa805dce8b8636b0bb63d12688c7b273c7d202c5af99d2eb4c963e09a6025d26025c695883bf798a6e8a45e282b8c955a01f0c86fb0123729970265e05253234b136e6edb841970c977c8d2df9af29358c0d58e7447e3f46e7b365cdc2e99aa950f06246959e893db8a5c2b641a11f0880bc9f156a9be963afbe980121efc3212a625c3b8fc454ce7e97816f9b3cfee0d82d1f2e0fd79512ce22b1b425c599d53fb67cf9d805867195ea816595d3a1af0cd8c4faa1c9989d67c655f2a885bf2d8