naco.liacs.nl
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:7a:c6:35:a1:1a:25:b6:74:11:d6:7e:4c:f3:f6:a4:b3:b4 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=naco.liacs.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:7a:c6:35:a1:1a:25:b6:74:11:d6:7e:4c:f3:f6:a4:b3:b4Serial Number (int): 303114772162073698102378599729220666307508
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 44:11:b3:62:6a:7c:a4:68:be:28:d9:36:c1:92:db:41:97:38:8b:bf
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 4f:bd:39:cc:1e:9b:2a:d9:f3:1d:77:44:47:e9:d0:cf:1c:8c:96:a9
Fingerprint (sha256): 58:ac:3c:a9:f5:05:d9:5a:0b:53:ec:9a:fc:0f:43:c1:bc:f3:fb:25:8a:d4:d0:99:09:6f:f3:59:a6:b7:89:4a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate naco.liacs.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for naco.liacs.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
naco.liacs.nl
Other certificates including the domain name liacs.nl
(limited to 100 certificates)
tls.automattic.com
deleidscheflesch.nl
tls.automattic.com
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
erumpent.liacs.nl
erumpent.liacs.nl
tornado-p-https.web.leidenuniv.nl
keep.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
elaborant.com
deleidscheflesch.nl
deleidscheflesch.nl
naco.liacs.nl
iohanalyzer.liacs.nl
lcm.liacs.nl
git.liacs.nl
deleidscheflesch.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
tls.automattic.com
git.liacs.nl
basilisk.liacs.nl
deleidscheflesch.nl
computingfrontiers.org
ada.liacs.leidenuniv.nl
basilisk.liacs.nl
basilisk.liacs.nl
tls.automattic.com
tornado-p-https.web.leidenuniv.nl
cyttron.org
tls.automattic.com
lcm.liacs.nl
elaborant.com
keep.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
press.liacs.nl
git.liacs.nl
deleidscheflesch.nl
cf19.liacs.nl
lithium.liacs.nl
bio-imaging.liacs.nl
tls.automattic.com
bio-imaging.liacs.nl
lithium.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
cml.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
keep.leidenuniv.nl
tls.automattic.com
erumpent.liacs.nl
git.liacs.nl
git.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
elaborant.com
deleidscheflesch.nl
naco.liacs.nl
git.liacs.nl
cml.liacs.nl
keep.leidenuniv.nl
lcm.liacs.nl
naco.liacs.nl
bio-imaging.liacs.nl
press.liacs.nl
press.liacs.nl
deleidscheflesch.nl
theory.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
tls.automattic.com
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
git.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
erumpent.liacs.nl
erumpent.liacs.nl
tornado-p-https.web.leidenuniv.nl
keep.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
elaborant.com
deleidscheflesch.nl
deleidscheflesch.nl
naco.liacs.nl
iohanalyzer.liacs.nl
lcm.liacs.nl
git.liacs.nl
deleidscheflesch.nl
tornado-p-https.web.leidenuniv.nl
deleidscheflesch.nl
tls.automattic.com
git.liacs.nl
basilisk.liacs.nl
deleidscheflesch.nl
computingfrontiers.org
ada.liacs.leidenuniv.nl
basilisk.liacs.nl
basilisk.liacs.nl
tls.automattic.com
tornado-p-https.web.leidenuniv.nl
cyttron.org
tls.automattic.com
lcm.liacs.nl
elaborant.com
keep.leidenuniv.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
press.liacs.nl
git.liacs.nl
deleidscheflesch.nl
cf19.liacs.nl
lithium.liacs.nl
bio-imaging.liacs.nl
tls.automattic.com
bio-imaging.liacs.nl
lithium.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
deleidscheflesch.nl
tls.automattic.com
cml.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
bio-imaging.liacs.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
basilisk.liacs.nl
deleidscheflesch.nl
naco.liacs.nl
deleidscheflesch.nl
deleidscheflesch.nl
keep.leidenuniv.nl
tls.automattic.com
erumpent.liacs.nl
git.liacs.nl
git.liacs.nl
erumpent.liacs.nl
deleidscheflesch.nl
elaborant.com
deleidscheflesch.nl
naco.liacs.nl
git.liacs.nl
cml.liacs.nl
keep.leidenuniv.nl
lcm.liacs.nl
naco.liacs.nl
bio-imaging.liacs.nl
press.liacs.nl
press.liacs.nl
deleidscheflesch.nl
theory.liacs.nl
deleidscheflesch.nl
bio-imaging.liacs.nl
erumpent.liacs.nl
Certificate
The complete raw certificate details for naco.liacs.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBDCCBOygAwIBAgISA3rGNaEaJbZ0EdZ+TPP2pLO0MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MDgyMjI0MzZaFw0x ODEwMDYyMjI0MzZaMBgxFjAUBgNVBAMTDW5hY28ubGlhY3MubmwwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9OohSS+93t2eyA9D/OTjUFfr6O1nMa8Qo w91SyLobUNOR5iSOlrftUT1HxOSf351psCsgdX0Xo5ur0d8mf+bigyK9iY5o0OQR gBAl1aADk85UtEZeWiXLBEe4AiXwXF3irrYKFP21721QH3EiqZSGpDcCaJHqVYrr 1iuh7rsiXo157PO1sWxa9ex8B4IP7CMGeSGMzt9m7za+y5jQ6IYbbdECINkMIcKc Q1jTaF23y69G1gA8eFYP0vLHizIXJrnb1LEqmtk+DaTtC9Sw+kg/G6ypWU+7b5eT ZLw6K3mCmPJb0xFEhMW+FgWzVw2WiT4S4YM/A1VGtHPfpQbir7xrAgMBAAGjggMU MIIDEDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEQRs2JqfKRovijZNsGS20GXOIu/ MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y Zy8wGAYDVR0RBBEwD4INbmFjby5saWFjcy5ubDCB/gYDVR0gBIH2MIHzMAgGBmeB DAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMu bGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNh dGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFu ZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5 IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMIIB AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctyk wwz05UVH9HgAAAFkfDYWCgAABAMARzBFAiEAxwrKyMmWn/QM2u6WZ0kKeI4VN8gk yXB+86DX1HanFy8CIBx/0mqgLKeZEhfBntB2qJC+t/Am2COU7qN3uW9cOBpRAHUA VYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFkfDYZDgAABAMARjBE AiALrj2OysYew9B7PgHx2lac17u09rbGXwqx/FtGgOnpkAIgTR/r673yFcgPd7Eo 1eixgjyZC+ZGni+9yziRw8nYk94wDQYJKoZIhvcNAQELBQADggEBAIuy0BPlodkP MGkvSDj0Mi5LNy05fh5J0cLn+50d1kyhQf47hEbJG82DDrJNTxa2FcYfI3g5XYFj sZ9tMNH84Gg6l+kEKUqqnZC8IsFEcjyCt2u9v+HDHqm+C7xW/HMV6dxr2v6jjXLa zrxscLKI51L3dAh2lk2Q+7ON0fbMrCpIqw7YBnGD58HniqYlB/Gj3BLhEtcCg7DH gv6Y5BndoffPrf1pdEQIBXyVfOZUV/c4447lzdUAaGjDrS3RaO2oUdqdILuXXghv 56Kr+4vbAKSVn8qBuNduO+c1oYSNdAiSICi29DQHCxYnBqpTX3tQTtOAVYxKANlT f1cddERqgPc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTqIUkvvd7dnsgPQ/zk4 1BX6+jtZzGvEKMPdUsi6G1DTkeYkjpa37VE9R8Tkn9+dabArIHV9F6Obq9HfJn/m 4oMivYmOaNDkEYAQJdWgA5POVLRGXlolywRHuAIl8Fxd4q62ChT9te9tUB9xIqmU hqQ3AmiR6lWK69Yroe67Il6NeezztbFsWvXsfAeCD+wjBnkhjM7fZu82vsuY0OiG G23RAiDZDCHCnENY02hdt8uvRtYAPHhWD9Lyx4syFya529SxKprZPg2k7QvUsPpI PxusqVlPu2+Xk2S8Oit5gpjyW9MRRITFvhYFs1cNlok+EuGDPwNVRrRz36UG4q+8 awIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303114772162073698102378599729220666307508 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-08 22:24:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-06 22:24:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'naco.liacs.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23887903092924505338700468469261976571027069241763586419330110518842064864481644251901177381208710277258476917324523882084055676169841452117926082514771487130495225052798659270012415275755182650382334022388195514211375209803624562022890827111585637148007342330124863784729681831283438693907377594312241401820631636613786883878637902197823789448991270514835309566090079849452610625407398626620940244449808536471293185525401198669153036240272095198652918194049113169011349956567780808340971229246165940297692370907708634747331468517562931115979415925578695923096999676600523703131060893829076915537006647894521228016747 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4411b3626a7ca468be28d936c192db4197388bbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'naco.liacs.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001647c36160a0000040300473045022100c70acac8c9969ff40cdaee9667490a788e1537c824c9707ef3a0d7d476a7172f02201c7fd26aa02ca7991217c19ed076a890beb7f026d82394eea377b96f5c381a510075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001647c36190e000004030046304402200bae3d8ecac61ec3d07b3e01f1da569cd7bbb4f6b6c65f0ab1fc5b4680e9e99002204d1febebbdf215c80f77b128d5e8b1823c990be6469e2fbdcb3891c3c9d893de . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008bb2d013e5a1d90f30692f4838f4322e4b372d397e1e49d1c2e7fb9d1dd64ca141fe3b8446c91bcd830eb24d4f16b615c61f2378395d8163b19f6d30d1fce0683a97e904294aaa9d90bc22c144723c82b76bbdbfe1c31ea9be0bbc56fc7315e9dc6bdafea38d72dacebc6c70b288e752f7740876964d90fbb38dd1f6ccac2a48ab0ed8067183e7c1e78aa62507f1a3dc12e112d70283b0c782fe98e419dda1f7cfadfd69744408057c957ce65457f738e38ee5cdd5006868c3ad2dd168eda851da9d20bb975e086fe7a2abfb8bdb00a4959fca81b8d76e3be735a1848d7408922028b6f434070b162706aa535f7b504ed380558c4a00d9537f571d74446a80f7