www.pentagon.mil

Issued by R3

About this certificate

This digital certificate with serial number 04:ff:42:57:07:d9:7b:c4:30:91:7a:10:bb:74:f2:ba:d4:9c was issued on by Let's Encrypt.

With 77 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.pentagon.mil

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:ff:42:57:07:d9:7b:c4:30:91:7a:10:bb:74:f2:ba:d4:9c
Serial Number (int): 435309328228636474073454345265205946799260
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 5f:a2:24:9f:b7:a4:b1:90:0a:6c:5b:23:a0:94:59:6a:52:8e:7b:6a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): de:7b:68:56:2a:fe:4a:2e:ee:5b:14:dd:54:b0:5a:22:47:0f:bc:54
Fingerprint (sha256): 5d:eb:49:72:50:05:ab:1c:fc:4b:f7:19:54:d0:40:59:ce:00:06:f2:a7:a6:62:20:3e:bd:b3:31:0f:55:7b:bb

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.pentagon.mil

77

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.pentagon.mil

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

arkansas.nationalguard.mil
co.ng.mil
dc.ng.mil
dvisc.dma.mil
inside.dma.mil
jiraservicedesk.dma.mil
ky.ng.mil
media.dma.mil
oig.dia.mil
pac.whs.mil
pwservicedesk.dma.mil
servicedesk.dma.mil
slite.dma.mil
static.dma.mil
video.dma.mil
www.afneurope.net
www.afnpacific.net
www.army.nationalguard.mil
www.budget.mil
www.cac.mil
www.centcom.mil
www.cloud.mil
www.cybercom.mil
www.dcaa.mil
www.dcma.mil
www.dcsa.mil
www.defense.mil
www.defenseculture.mil
www.defenselink.mil
www.dfas.mil
www.dhra.mil
www.dia.mil
www.dimoc.mil
www.dinfos.dma.mil
www.dla.mil
www.dma.mil
www.dod.mil
www.dodig.mil
www.dote.osd.mil
www.dpaa.mil
www.dsp.dla.mil
www.dspo.mil
www.dss.mil
www.dtra.mil
www.esd.whs.mil
www.hacc.mil
www.jbmdl.jb.mil
www.jbml.jb.mil
www.jcs.mil
www.jcu.mil
www.jecc.mil
www.jiatfs.southcom.mil
www.jpeocbrnd.osd.mil
www.jtfb.southcom.mil
www.jtfcs.northcom.mil
www.jtfgtmo.southcom.mil
www.jtfn.northcom.mil
www.jtnc.mil
www.jwac.mil
www.metc.mil
www.nationalguard.mil
www.norad.mil
www.northcom.mil
www.nro.gov
www.nro.mil
www.pacom.mil
www.pentagon.mil
www.people.mil
www.pfpa.mil
www.prs.mil
www.repi.mil
www.southcom.mil
www.spacecom.mil
www.stratcom.mil
www.usfj.mil
www.warriorcare.mil
www.whitehousecommsagency.mil

Other certificates including the domain name pentagon.mil

(limited to 100 certificates)
www.dami.army.pentagon.mil
fa49.hqda.pentagon.mil
www.dma.mil
enbosswistagingcac.ocar.army.pentagon.mil
isrtrain.hqda.pentagon.mil
www.dma.mil
adminapps1.hqda.pentagon.mil
www.dma.mil
www.dma.mil
www.pentagon.mil
www.dma.mil
HQDAC2N00062-03.hqda.pentagon.mil
www.dma.mil
ariddashboard.ocar.army.pentagon.mil
www.dma.mil
www.pentagon.mil
www.asamra.army.mil
visitors.pentagon.mil
eeoa.army.pentagon.mil
jagc61-250.army.pentagon.mil
www.g357intranet.hqda.pentagon.mil
wias.hqda.pentagon.mil
www.pentagon.mil
www.acp.army.pentagon.mil
jspwin.pentagon.mil
www.dma.mil
meeting.pentagon.mil
pubssod2.acsap.hqda.pentagon.mil
citrixgw1.hqda.pentagon.mil
saprp.pentagon.mil
arba.army.pentagon.mil
*.hqda.pentagon.mil
minuteman.ngb.army.mil
www.dma.mil
www.pentagon.mil
www.daig.pentagon.mil
arba.army.pentagon.mil
arba.army.pentagon.mil
www.dma.mil
www.pentagon.mil
www.dma.mil
enbossteamtrackanon.ocar.army.pentagon.mil
www.dami.army.pentagon.mil
rbuild.pentagon.mil
SSOREGISTRATION.OCAR.ARMY.PENTAGON.MIL
EPASR.OCAR.ARMY.PENTAGON.MIL
smms.army.pentagon.mil
www.dma.mil
www.dma.mil
staging.rovr.army.pentagon.mil
smartbook.armyg1.pentagon.mil
RbuilderMMSupplemental.pentagon.mil
www.atrrs.army.pentagon.mil
pmdwtstest.ocar.army.pentagon.mil
interface.rovr.army.pentagon.mil
www.dma.mil
drrb-risk-reserve.acsap.hqda.pentagon.mil
www.dma.mil
cppm-pwn-s4.nsmc.pentagon.mil
www.dma.mil
usarbasops.ocar.army.pentagon.mil
vdi.hqda.pentagon.mil
www.dma.mil
aewrs.hqda.pentagon.mil
ssoregistrationdev.ocar.army.pentagon.mil
actsonline.army.mil
fdbtraining.ocar.army.pentagon.mil
ocsp5.army.pentagon.mil
visitors.pentagon.mil
eis.hqda.pentagon.mil
ecdrs.ocar.army.pentagon.mil
citrixgw2.hqda.pentagon.mil
www.dma.mil
drr-risk.acsap.hqda.pentagon.mil
citrixgw2.hqda.pentagon.mil
portal.doha.pentagon.mil
interface.eval.atrrs.army.pentagon.mil
ecdrs.ocar.army.pentagon.mil
www.g357intranet.hqda.pentagon.mil
www.dma.mil
www.amhs.pentagon.mil
cppm-pwn-s2.nsmc.pentagon.mil
www.dma.mil
fmwebdav.hqda.pentagon.mil
prissod1.acsap.hqda.pentagon.mil
www.asamra.army.mil
staging.rovr.army.pentagon.mil
www.dma.mil
www.dma.mil
connect.dtmo.pentagon.mil
www.atrrs.army.pentagon.mil
www.dma.mil
wias.pentagon.mil
casa.army.mil
rbuilder.pentagon.mil
webmail.dtmo.pentagon.mil
isr.hqda.pentagon.mil
www.dma.mil
arba.army.pentagon.mil
enbosscsg.ocar.army.pentagon.mil

Certificate

The complete raw certificate details for www.pentagon.mil in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJPTCCCCWgAwIBAgISBP9CVwfZe8QwkXoQu3TyutScMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjAzMzEyMDQ4NTBaFw0yMjA2MjkyMDQ4NDlaMBsxGTAXBgNVBAMT
EHd3dy5wZW50YWdvbi5taWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcbJSYpy3nHWSvuRqxEXkXU6l39aX6KSohl9jzApdSFRr48z+uXAnKZBPe8WNf
HBF4z2cnXFbulzPnJLMKeMtrsmPepxUqwFAIgIsN3BeD9o2F+oK8MfMsIVc7GoBv
hK2aLlKHRFbcx/tnGzjOqWU5sav9LElHfntYDX83Rs3PRYZPXR25oAC1h06Sh7Yr
8xKDUivmdLYaJScy6+52jR1LUzRL1iTmFyiq57Xxb5mNsnWsEl6Cw0H25I3mtRsM
hXbFWwPdPyk1XZ2HKs2Le8rRbn78a0i4BcunP0wktMdcN788tDL7nJsm6RlhAlsv
t/E/GMfAWHDYlQ68evTVz7MlAgMBAAGjggZiMIIGXjAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFF+iJJ+3pLGQCmxbI6CUWWpSjntqMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMIIFIwYDVR0RBIIFGjCCBRaCGmFya2Fuc2FzLm5hdGlvbmFsZ3VhcmQubWls
ggljby5uZy5taWyCCWRjLm5nLm1pbIINZHZpc2MuZG1hLm1pbIIOaW5zaWRlLmRt
YS5taWyCF2ppcmFzZXJ2aWNlZGVzay5kbWEubWlsgglreS5uZy5taWyCDW1lZGlh
LmRtYS5taWyCC29pZy5kaWEubWlsggtwYWMud2hzLm1pbIIVcHdzZXJ2aWNlZGVz
ay5kbWEubWlsghNzZXJ2aWNlZGVzay5kbWEubWlsgg1zbGl0ZS5kbWEubWlsgg5z
dGF0aWMuZG1hLm1pbIINdmlkZW8uZG1hLm1pbIIRd3d3LmFmbmV1cm9wZS5uZXSC
End3dy5hZm5wYWNpZmljLm5ldIIad3d3LmFybXkubmF0aW9uYWxndWFyZC5taWyC
Dnd3dy5idWRnZXQubWlsggt3d3cuY2FjLm1pbIIPd3d3LmNlbnRjb20ubWlsgg13
d3cuY2xvdWQubWlsghB3d3cuY3liZXJjb20ubWlsggx3d3cuZGNhYS5taWyCDHd3
dy5kY21hLm1pbIIMd3d3LmRjc2EubWlsgg93d3cuZGVmZW5zZS5taWyCFnd3dy5k
ZWZlbnNlY3VsdHVyZS5taWyCE3d3dy5kZWZlbnNlbGluay5taWyCDHd3dy5kZmFz
Lm1pbIIMd3d3LmRocmEubWlsggt3d3cuZGlhLm1pbIINd3d3LmRpbW9jLm1pbIIS
d3d3LmRpbmZvcy5kbWEubWlsggt3d3cuZGxhLm1pbIILd3d3LmRtYS5taWyCC3d3
dy5kb2QubWlsgg13d3cuZG9kaWcubWlsghB3d3cuZG90ZS5vc2QubWlsggx3d3cu
ZHBhYS5taWyCD3d3dy5kc3AuZGxhLm1pbIIMd3d3LmRzcG8ubWlsggt3d3cuZHNz
Lm1pbIIMd3d3LmR0cmEubWlsgg93d3cuZXNkLndocy5taWyCDHd3dy5oYWNjLm1p
bIIQd3d3LmpibWRsLmpiLm1pbIIPd3d3LmpibWwuamIubWlsggt3d3cuamNzLm1p
bIILd3d3LmpjdS5taWyCDHd3dy5qZWNjLm1pbIIXd3d3LmppYXRmcy5zb3V0aGNv
bS5taWyCFXd3dy5qcGVvY2JybmQub3NkLm1pbIIVd3d3Lmp0ZmIuc291dGhjb20u
bWlsghZ3d3cuanRmY3Mubm9ydGhjb20ubWlsghh3d3cuanRmZ3Rtby5zb3V0aGNv
bS5taWyCFXd3dy5qdGZuLm5vcnRoY29tLm1pbIIMd3d3Lmp0bmMubWlsggx3d3cu
andhYy5taWyCDHd3dy5tZXRjLm1pbIIVd3d3Lm5hdGlvbmFsZ3VhcmQubWlsgg13
d3cubm9yYWQubWlsghB3d3cubm9ydGhjb20ubWlsggt3d3cubnJvLmdvdoILd3d3
Lm5yby5taWyCDXd3dy5wYWNvbS5taWyCEHd3dy5wZW50YWdvbi5taWyCDnd3dy5w
ZW9wbGUubWlsggx3d3cucGZwYS5taWyCC3d3dy5wcnMubWlsggx3d3cucmVwaS5t
aWyCEHd3dy5zb3V0aGNvbS5taWyCEHd3dy5zcGFjZWNvbS5taWyCEHd3dy5zdHJh
dGNvbS5taWyCDHd3dy51c2ZqLm1pbIITd3d3LndhcnJpb3JjYXJlLm1pbIIdd3d3
LndoaXRlaG91c2Vjb21tc2FnZW5jeS5taWwwTAYDVR0gBEUwQzAIBgZngQwBAgEw
NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j
cnlwdC5vcmcwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEB
AA93IOJo+2WsgfMiISY7d+9cqlxvI/dsU24twUOP7H4tkTIxRjX6evKrcjJ3lhq8
T5OX1UPYCRIrLb0Z7mB/QO0x/D9NDzRFuobQyGnQQgSDb1jEKg7GrrVw+5OTo71K
AVoB5i4s9ZEca85VOAnY+kCbPl3SIdmzjG0IerMYSWzJ1ETebYHLAXwrCuDMWdk2
QFKABRvkVfktgAUxG7AHY8iRyjhxXz6ZDi3DzvTNifC0+8EXCRqwEd/qIqjkUOBc
tvdZIWdrj8KfCVIoloNvfSYotvJgm82AviOZT1sZTclgCuEat8qmvY6ccjR4Z1Bj
uHaJczyWjVNOVezeg71/nbY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GyUmKct5x1kr7kasRF5
F1Opd/Wl+ikqIZfY8wKXUhUa+PM/rlwJymQT3vFjXxwReM9nJ1xW7pcz5ySzCnjL
a7Jj3qcVKsBQCICLDdwXg/aNhfqCvDHzLCFXOxqAb4Stmi5Sh0RW3Mf7Zxs4zqll
ObGr/SxJR357WA1/N0bNz0WGT10duaAAtYdOkoe2K/MSg1Ir5nS2GiUnMuvudo0d
S1M0S9Yk5hcoque18W+ZjbJ1rBJegsNB9uSN5rUbDIV2xVsD3T8pNV2dhyrNi3vK
0W5+/GtIuAXLpz9MJLTHXDe/PLQy+5ybJukZYQJbL7fxPxjHwFhw2JUOvHr01c+z
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 435309328228636474073454345265205946799260
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-31 20:48:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-29 20:48:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.pentagon.mil'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27825970110124117326679928252719244997189940352706130830181680060723058901594050979570928360533083579808522572514576707969159670813814564160080800353458863492089621645681301492789009840399243899020061221532103918874176964854154260192955284410739256343970515237885532859357248590144301936884768602918995875706925632739557052743324786254164920135584569227003950005472265404797410920981942064592797097966410488968850567904072200566451218332829188256192356720389482540848686734375421074723561463189474847951384112704906909655956011832590203018998097300855973894151418485975488389443752539498969795646305209873538212672293
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5fa2249fb7a4b1900a6c5b23a094596a528e7b6a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1306 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arkansas.nationalguard.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'co.ng.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dc.ng.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dvisc.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inside.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jiraservicedesk.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ky.ng.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oig.dia.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pac.whs.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pwservicedesk.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servicedesk.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slite.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'video.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.afneurope.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.afnpacific.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.army.nationalguard.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.budget.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cac.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.centcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cloud.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cybercom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dcaa.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dcma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dcsa.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.defense.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.defenseculture.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.defenselink.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dfas.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dhra.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dia.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dimoc.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dinfos.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dla.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dma.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dod.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dodig.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dote.osd.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dpaa.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dsp.dla.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dspo.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dss.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dtra.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.esd.whs.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hacc.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jbmdl.jb.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jbml.jb.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jcs.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jcu.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jecc.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jiatfs.southcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jpeocbrnd.osd.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jtfb.southcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jtfcs.northcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jtfgtmo.southcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jtfn.northcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jtnc.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jwac.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.metc.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nationalguard.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.norad.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.northcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nro.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nro.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pacom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pentagon.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.people.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pfpa.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.prs.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.repi.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.southcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.spacecom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stratcom.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usfj.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.warriorcare.mil'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.whitehousecommsagency.mil'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000f7720e268fb65ac81f32221263b77ef5caa5c6f23f76c536e2dc1438fec7e2d9132314635fa7af2ab723277961abc4f9397d543d809122b2dbd19ee607f40ed31fc3f4d0f3445ba86d0c869d04204836f58c42a0ec6aeb570fb9393a3bd4a015a01e62e2cf5911c6bce553809d8fa409b3e5dd221d9b38c6d087ab318496cc9d444de6d81cb017c2b0ae0cc59d936405280051be455f92d8005311bb00763c891ca38715f3e990e2dc3cef4cd89f0b4fbc117091ab011dfea22a8e450e05cb6f75921676b8fc29f09522896836f7d2628b6f2609bcd80be23994f5b194dc9600ae11ab7caa6bd8e9c723478675063b87689733c968d534e55ecde83bd7f9db6