costaricaluxuryrealestates.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:da:26:04:43:e4:9b:8d:7e:24:33:89:14:b5:49:2f:5b:b9 was issued on by Let's Encrypt.
With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=costaricaluxuryrealestates.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:da:26:04:43:e4:9b:8d:7e:24:33:89:14:b5:49:2f:5b:b9Serial Number (int): 335568946594106191646031256392524691889081
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7f:7f:bd:53:8f:4d:61:ae:54:df:86:c2:15:47:1b:47:98:b4:4f:05
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0b:da:f2:6c:39:38:1d:7d:9c:31:f9:92:7f:59:3c:c8:aa:e5:d7:dd
Fingerprint (sha256): 3f:7a:e6:0f:cc:00:70:2d:3e:1f:4b:52:ca:66:48:ce:31:17:75:4e:6b:24:73:b3:4f:a5:85:c8:a5:0a:b9:54
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate costaricaluxuryrealestates.com
18
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for costaricaluxuryrealestates.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
autodiscover.costaricaluxuryrealestates.com
autodiscover.luxuryrealestatesincostarica.com
costaricaluxuryrealestates.com
costaricaluxuryrealestates.logisticafinanciera.com
cpanel.costaricaluxuryrealestates.com
cpanel.luxuryrealestatesincostarica.com
luxuryrealestatesincostarica.com
luxuryrealestatesincostarica.logisticafinanciera.com
mail.costaricaluxuryrealestates.com
mail.luxuryrealestatesincostarica.com
webdisk.costaricaluxuryrealestates.com
webdisk.luxuryrealestatesincostarica.com
webmail.costaricaluxuryrealestates.com
webmail.luxuryrealestatesincostarica.com
www.costaricaluxuryrealestates.com
www.costaricaluxuryrealestates.logisticafinanciera.com
www.luxuryrealestatesincostarica.com
www.luxuryrealestatesincostarica.logisticafinanciera.com
autodiscover.luxuryrealestatesincostarica.com
costaricaluxuryrealestates.com
costaricaluxuryrealestates.logisticafinanciera.com
cpanel.costaricaluxuryrealestates.com
cpanel.luxuryrealestatesincostarica.com
luxuryrealestatesincostarica.com
luxuryrealestatesincostarica.logisticafinanciera.com
mail.costaricaluxuryrealestates.com
mail.luxuryrealestatesincostarica.com
webdisk.costaricaluxuryrealestates.com
webdisk.luxuryrealestatesincostarica.com
webmail.costaricaluxuryrealestates.com
webmail.luxuryrealestatesincostarica.com
www.costaricaluxuryrealestates.com
www.costaricaluxuryrealestates.logisticafinanciera.com
www.luxuryrealestatesincostarica.com
www.luxuryrealestatesincostarica.logisticafinanciera.com
Other certificates including the domain name costaricaluxuryrealestates.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for costaricaluxuryrealestates.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIXTCCB0WgAwIBAgISA9omBEPkm41+JDOJFLVJL1u5MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMjAxMDMwMjNaFw0x OTA0MjAxMDMwMjNaMCkxJzAlBgNVBAMTHmNvc3RhcmljYWx1eHVyeXJlYWxlc3Rh dGVzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCvHlMdB9B6 e51s6k9pBVLje204G3M+SmFp68eUSTFbVcr4vfPAsUyL3mp8vIhg5K7dkH5b3wCK vMYRJko+rsBn+lgo2OF34BrFc/Rz1qgbtz8a/7CfdrIBxEU04kT+nuoKTLjTXX95 dJhop2/Ym6nr+NeQD0d1+JE3DIsnk/NghhrYu3eS7yujDEggm5xDcCKwVwsO0VPk QPtQzx53LvPf2DXLARegGWsI/mX6jUGDqAccJGCSd3zwU0Rmm+gZP0HV0N8d9rI8 vTRv3a+WcCfHrbVPZks1bOam33CmG6TiJf7Qz++0YCYUtM61wj92YamkM2wXRei9 HymFZMxWXk8CAwEAAaOCBVwwggVYMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUf3+9 U49NYa5U34bCFUcbR5i0TwUwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzCCAxEGA1UdEQSCAwgwggMEgithdXRvZGlzY292 ZXIuY29zdGFyaWNhbHV4dXJ5cmVhbGVzdGF0ZXMuY29tgi1hdXRvZGlzY292ZXIu bHV4dXJ5cmVhbGVzdGF0ZXNpbmNvc3RhcmljYS5jb22CHmNvc3RhcmljYWx1eHVy eXJlYWxlc3RhdGVzLmNvbYIyY29zdGFyaWNhbHV4dXJ5cmVhbGVzdGF0ZXMubG9n aXN0aWNhZmluYW5jaWVyYS5jb22CJWNwYW5lbC5jb3N0YXJpY2FsdXh1cnlyZWFs ZXN0YXRlcy5jb22CJ2NwYW5lbC5sdXh1cnlyZWFsZXN0YXRlc2luY29zdGFyaWNh LmNvbYIgbHV4dXJ5cmVhbGVzdGF0ZXNpbmNvc3RhcmljYS5jb22CNGx1eHVyeXJl YWxlc3RhdGVzaW5jb3N0YXJpY2EubG9naXN0aWNhZmluYW5jaWVyYS5jb22CI21h aWwuY29zdGFyaWNhbHV4dXJ5cmVhbGVzdGF0ZXMuY29tgiVtYWlsLmx1eHVyeXJl YWxlc3RhdGVzaW5jb3N0YXJpY2EuY29tgiZ3ZWJkaXNrLmNvc3RhcmljYWx1eHVy eXJlYWxlc3RhdGVzLmNvbYIod2ViZGlzay5sdXh1cnlyZWFsZXN0YXRlc2luY29z dGFyaWNhLmNvbYImd2VibWFpbC5jb3N0YXJpY2FsdXh1cnlyZWFsZXN0YXRlcy5j b22CKHdlYm1haWwubHV4dXJ5cmVhbGVzdGF0ZXNpbmNvc3RhcmljYS5jb22CInd3 dy5jb3N0YXJpY2FsdXh1cnlyZWFsZXN0YXRlcy5jb22CNnd3dy5jb3N0YXJpY2Fs dXh1cnlyZWFsZXN0YXRlcy5sb2dpc3RpY2FmaW5hbmNpZXJhLmNvbYIkd3d3Lmx1 eHVyeXJlYWxlc3RhdGVzaW5jb3N0YXJpY2EuY29tgjh3d3cubHV4dXJ5cmVhbGVz dGF0ZXNpbmNvc3RhcmljYS5sb2dpc3RpY2FmaW5hbmNpZXJhLmNvbTBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2 AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABaGsGpEoAAAQDAEcw RQIgM97PYYdedDuZgzGUPXcg/XcnT3ROlnAgw7l0T7xBlrMCIQCHkE4kIQozpOCz gGq0gaIw7hJ4YubwLnz2MIukCTauUQB1AGPy283oO8wszwtyhCdXazOkjWF3j711 pjixx2hUS9iNAAABaGsGpEUAAAQDAEYwRAIgdiwMCMfYMf3TRH1EaLEZjEQ1+MmT h8qK4EqbNRNE8l4CIAr32sFs5T1YQd3tWUY00kY8filCIzI1+UYuG64J7UrJMA0G CSqGSIb3DQEBCwUAA4IBAQCMK7sI2gB5YwtwoAIjkEc2hEie5ei3Egkh9NB038si B76FzBun9V3rNQoUAgBKiXSNDjbWiF7wgM6/8K9icWFz77XJA9IoCNU1uEOXs239 26n014Hf2yBGTF8vhoBoFPjtpH5NKAFQ6dqQsttg+zrn4zhYM9mi5GXunaT+8Zhm 8bH/6G9FKicTuStdFKx9o7hwn9jeZYQSohkuIebs8nyXc3vl1FKKZoAXY4G8f8lb t2uobfUD3DRz9pVktbEvHvCaQjzJUykaviPHGT1JHhf280FCuFOXjK0/PguLGyqw rC2wc4CdUcT8oTINhVqfjOQM/qoC2Zs1e7OpjQS3R5Wh -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK8eUx0H0Hp7nWzqT2kF UuN7bTgbcz5KYWnrx5RJMVtVyvi988CxTIveany8iGDkrt2QflvfAIq8xhEmSj6u wGf6WCjY4XfgGsVz9HPWqBu3Pxr/sJ92sgHERTTiRP6e6gpMuNNdf3l0mGinb9ib qev415APR3X4kTcMiyeT82CGGti7d5LvK6MMSCCbnENwIrBXCw7RU+RA+1DPHncu 89/YNcsBF6AZawj+ZfqNQYOoBxwkYJJ3fPBTRGab6Bk/QdXQ3x32sjy9NG/dr5Zw J8ettU9mSzVs5qbfcKYbpOIl/tDP77RgJhS0zrXCP3ZhqaQzbBdF6L0fKYVkzFZe TwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 335568946594106191646031256392524691889081 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-20 10:30:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-20 10:30:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'costaricaluxuryrealestates.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24324108682456243008347115053089861764026239890337581924496976159116495575147424906240970108777033278445578305533106766132159795575889042985552691036274647509191256549579687234242943082691761728493086305560454047987198783634033487617116100845432734011410351095902202183591243432976713412632712008750803886915419158327631221301828804129125244167024876096520941977774050704073147333763820355390043363888338294642601521645261754000666657690989460753445879344334317050249409585295108929327692130492919744629240627486557934526215715333591019258476847388695670753489703781377673079200378904019904485753384936658896955006543 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7f7fbd538f4d61ae54df86c215471b4798b44f05 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (776 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'costaricaluxuryrealestates.logisticafinanciera.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'luxuryrealestatesincostarica.logisticafinanciera.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.costaricaluxuryrealestates.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.costaricaluxuryrealestates.logisticafinanciera.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.luxuryrealestatesincostarica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.luxuryrealestatesincostarica.logisticafinanciera.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001686b06a44a0000040300473045022033decf61875e743b998331943d7720fd77274f744e967020c3b9744fbc4196b302210087904e24210a33a4e0b3806ab481a230ee127862e6f02e7cf6308ba40936ae5100750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001686b06a44500000403004630440220762c0c08c7d831fdd3447d4468b1198c4435f8c99387ca8ae04a9b351344f25e02200af7dac16ce53d5841dded594634d2463c7e2942233235f9462e1bae09ed4ac9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008c2bbb08da0079630b70a0022390473684489ee5e8b7120921f4d074dfcb2207be85cc1ba7f55deb350a1402004a89748d0e36d6885ef080cebff0af62716173efb5c903d22808d535b84397b36dfddba9f4d781dfdb20464c5f2f86806814f8eda47e4d280150e9da90b2db60fb3ae7e3385833d9a2e465ee9da4fef19866f1b1ffe86f452a2713b92b5d14ac7da3b8709fd8de658412a2192e21e6ecf27c97737be5d4528a6680176381bc7fc95bb76ba86df503dc3473f69564b5b12f1ef09a423cc953291abe23c7193d491e17f6f34142b853978cad3f3e0b8b1b2ab0ac2db073809d51c4fca1320d855a9f8ce40cfeaa02d99b357bb3a98d04b74795a1