tls.automattic.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:42:8f:d2:9b:bb:f1:89:14:c9:1f:fc:61:5c:0f:cd:da:73 was issued on by Let's Encrypt.

With 51 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=tls.automattic.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:42:8f:d2:9b:bb:f1:89:14:c9:1f:fc:61:5c:0f:cd:da:73
Serial Number (int): 283986667156464120376619666659886049909363
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 8d:68:d5:14:70:4e:40:17:90:22:83:a1:42:4d:00:32:fa:28:3e:a3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 0e:16:1e:06:7e:d2:00:2e:bd:e2:51:3e:e8:84:21:75:d8:5e:82:68
Fingerprint (sha256): 60:09:35:65:8e:2c:e2:d0:e1:27:1d:e9:4e:3c:7b:08:b5:6f:a1:63:cd:6d:3e:9b:3a:b8:9c:4e:be:e0:72:1a

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate tls.automattic.com

51

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for tls.automattic.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

idiworks.com
idknitthat.com
idle-speculations.com
idledillettante.com
idleeyesandadormy.com
idlefreebayarea.com
idlefreebayarea.org
idlefreecontracosta.com
idlefreecontracosta.org
idlefreetrivalley.org
idleink.org
idlejourney.com
idlemindworkshop.com
idler-mag.com
idleramblings.net
idlermag.com
idlerogan.com
idletechthoughts.com
idletimeky.com
idliketodiscussmyhair.com
idlove2dothat.com
idmagsc.com
idmarchitecture.com
idmathsblog.com
idmdude.com
tls.automattic.com
www.idiworks.com
www.idknitthat.com
www.idle-speculations.com
www.idledillettante.com
www.idleeyesandadormy.com
www.idlefreebayarea.com
www.idlefreebayarea.org
www.idlefreecontracosta.com
www.idlefreecontracosta.org
www.idlefreetrivalley.org
www.idleink.org
www.idlejourney.com
www.idlemindworkshop.com
www.idler-mag.com
www.idleramblings.net
www.idlermag.com
www.idlerogan.com
www.idletechthoughts.com
www.idletimeky.com
www.idliketodiscussmyhair.com
www.idlove2dothat.com
www.idmagsc.com
www.idmarchitecture.com
www.idmathsblog.com
www.idmdude.com

Other certificates including the domain name automattic.com

(limited to 100 certificates)
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
tls.automattic.com

Certificate

The complete raw certificate details for tls.automattic.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJezCCCGOgAwIBAgISA0KP0pu78YkUyR/8YVwPzdpzMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MTIxMTA0NTNaFw0x
OTA4MTAxMTA0NTNaMB0xGzAZBgNVBAMTEnRscy5hdXRvbWF0dGljLmNvbTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKSb/ZG3J6P3nwqr+yKwGBV0ntz
0Yh29iZj9/0fl1xzcF7oCqWBoUqh7KU9Cg+gCHOW/ez01RW3pqhPs9zCgrxgsMeE
9rXcePIHwXbhD8b0UfZ0b0EoR3ZD87CC4xJhyXyefDgA9qp6M+bXGR5D/cEKD9fd
iy2T1cbdHjFuXE7ZuMjp6DATJiKyIXslEgROgU6DlMLizQBHVlda54vCmfLjmG2l
TX/D0M1sTRqroItsxYGOP2FGJB1sXCfEwgYf78mupeNz5XO98xMUWfqE0M7KMYFU
h//yDPijSze9PPM0x/fHUPQt5iEO+h6Ch/yd1o1LG/7Swmr6fRYihi821ckCAwEA
AaOCBoYwggaCMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjWjVFHBOQBeQIoOhQk0A
MvooPqMwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH
AQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5
cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5
cHQub3JnLzCCBDsGA1UdEQSCBDIwggQuggxpZGl3b3Jrcy5jb22CDmlka25pdHRo
YXQuY29tghVpZGxlLXNwZWN1bGF0aW9ucy5jb22CE2lkbGVkaWxsZXR0YW50ZS5j
b22CFWlkbGVleWVzYW5kYWRvcm15LmNvbYITaWRsZWZyZWViYXlhcmVhLmNvbYIT
aWRsZWZyZWViYXlhcmVhLm9yZ4IXaWRsZWZyZWVjb250cmFjb3N0YS5jb22CF2lk
bGVmcmVlY29udHJhY29zdGEub3JnghVpZGxlZnJlZXRyaXZhbGxleS5vcmeCC2lk
bGVpbmsub3Jngg9pZGxlam91cm5leS5jb22CFGlkbGVtaW5kd29ya3Nob3AuY29t
gg1pZGxlci1tYWcuY29tghFpZGxlcmFtYmxpbmdzLm5ldIIMaWRsZXJtYWcuY29t
gg1pZGxlcm9nYW4uY29tghRpZGxldGVjaHRob3VnaHRzLmNvbYIOaWRsZXRpbWVr
eS5jb22CGWlkbGlrZXRvZGlzY3Vzc215aGFpci5jb22CEWlkbG92ZTJkb3RoYXQu
Y29tggtpZG1hZ3NjLmNvbYITaWRtYXJjaGl0ZWN0dXJlLmNvbYIPaWRtYXRoc2Js
b2cuY29tggtpZG1kdWRlLmNvbYISdGxzLmF1dG9tYXR0aWMuY29tghB3d3cuaWRp
d29ya3MuY29tghJ3d3cuaWRrbml0dGhhdC5jb22CGXd3dy5pZGxlLXNwZWN1bGF0
aW9ucy5jb22CF3d3dy5pZGxlZGlsbGV0dGFudGUuY29tghl3d3cuaWRsZWV5ZXNh
bmRhZG9ybXkuY29tghd3d3cuaWRsZWZyZWViYXlhcmVhLmNvbYIXd3d3LmlkbGVm
cmVlYmF5YXJlYS5vcmeCG3d3dy5pZGxlZnJlZWNvbnRyYWNvc3RhLmNvbYIbd3d3
LmlkbGVmcmVlY29udHJhY29zdGEub3Jnghl3d3cuaWRsZWZyZWV0cml2YWxsZXku
b3Jngg93d3cuaWRsZWluay5vcmeCE3d3dy5pZGxlam91cm5leS5jb22CGHd3dy5p
ZGxlbWluZHdvcmtzaG9wLmNvbYIRd3d3LmlkbGVyLW1hZy5jb22CFXd3dy5pZGxl
cmFtYmxpbmdzLm5ldIIQd3d3LmlkbGVybWFnLmNvbYIRd3d3LmlkbGVyb2dhbi5j
b22CGHd3dy5pZGxldGVjaHRob3VnaHRzLmNvbYISd3d3LmlkbGV0aW1la3kuY29t
gh13d3cuaWRsaWtldG9kaXNjdXNzbXloYWlyLmNvbYIVd3d3LmlkbG92ZTJkb3Ro
YXQuY29tgg93d3cuaWRtYWdzYy5jb22CF3d3dy5pZG1hcmNoaXRlY3R1cmUuY29t
ghN3d3cuaWRtYXRoc2Jsb2cuY29tgg93d3cuaWRtZHVkZS5jb20wTAYDVR0gBEUw
QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov
L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQDi
aUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWqr7nscAAAEAwBGMEQC
IHytzhX79b6aELAbOzfeNNWcABGtLJPAB5pkYYJ3b0qCAiBCp0d7T1Dx2Y4zrttv
zLZb4bt5vSDngSUU068Y23C7DwB2AGPy283oO8wszwtyhCdXazOkjWF3j711pjix
x2hUS9iNAAABaqvuexEAAAQDAEcwRQIgWamF8Xb0d6Vt4V7YytJRnvzh4RJMLlsg
wncvpZ5JSbACIQC1ANlK8k3ZRBh1otVYX115hS8bjrPpYP5VZJgJALYllTANBgkq
hkiG9w0BAQsFAAOCAQEAJhdmjVAECr5RSBRV8n2DV/d5+iTmDcFgDes6uKEOWlBc
I4W8av/kw8IB7GgHF1hqNyExJAGgvSmRboyUdBv5hWVEv22PytjwLpf/FyIxxVUJ
3/8L2VEHUb0of7HAZfk6gAnzxtS7xkc79dqZeVfT/nsskTGYElB+paL1Yg/xXi2v
WzniaLXPOp6G5rqCPccxqkwaVFFXNl7z6fBEBXB5jh4qnmu7Xx325U2cL3wk0D/d
qcD9n7P0gfVh8VjsL8HZQ+hwU53Xh8qu1+zqpGHSb25ltiSFbZmr6hz0fSjw0cv5
1QJeO8YqB5dX09EDTs4nOhAMSr9PpfsP05FKfwJRVA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pJv9kbcno/efCqv7IrA
YFXSe3PRiHb2JmP3/R+XXHNwXugKpYGhSqHspT0KD6AIc5b97PTVFbemqE+z3MKC
vGCwx4T2tdx48gfBduEPxvRR9nRvQShHdkPzsILjEmHJfJ58OAD2qnoz5tcZHkP9
wQoP192LLZPVxt0eMW5cTtm4yOnoMBMmIrIheyUSBE6BToOUwuLNAEdWV1rni8KZ
8uOYbaVNf8PQzWxNGqugi2zFgY4/YUYkHWxcJ8TCBh/vya6l43Plc73zExRZ+oTQ
zsoxgVSH//IM+KNLN7088zTH98dQ9C3mIQ76HoKH/J3WjUsb/tLCavp9FiKGLzbV
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 283986667156464120376619666659886049909363
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-12 11:04:53 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-10 11:04:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tls.automattic.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28602067871759804368736356705373546326309639558099796179081108692334531649578847389841173070693727367202823560822641090133721029822821918163365543357855198364128473407801918539094111001487372446278800952141637239565499046372237963339295678484893338783010185920334334952047214052455934494180038760808162548233496290890862225469852394571146669987175110876550057269425225804618129283926470293144695840250470575835656134754580679613155131535920710532667159763894019351643394382955093157751122103896674474225579645845728547637312205380857867562523629804163993719697073897737237616999096819191943399799786436380085273941449
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8d68d514704e4017902283a1424d0032fa283ea3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1074 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idiworks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idknitthat.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idle-speculations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idledillettante.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idleeyesandadormy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlefreebayarea.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlefreebayarea.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlefreecontracosta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlefreecontracosta.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlefreetrivalley.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idleink.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlejourney.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlemindworkshop.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idler-mag.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idleramblings.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlermag.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlerogan.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idletechthoughts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idletimeky.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idliketodiscussmyhair.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idlove2dothat.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idmagsc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idmarchitecture.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idmathsblog.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idmdude.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tls.automattic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idiworks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idknitthat.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idle-speculations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idledillettante.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idleeyesandadormy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlefreebayarea.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlefreebayarea.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlefreecontracosta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlefreecontracosta.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlefreetrivalley.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idleink.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlejourney.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlemindworkshop.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idler-mag.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idleramblings.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlermag.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlerogan.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idletechthoughts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idletimeky.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idliketodiscussmyhair.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idlove2dothat.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idmagsc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idmarchitecture.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idmathsblog.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.idmdude.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016aabee7b1c000004030046304402207cadce15fbf5be9a10b01b3b37de34d59c0011ad2c93c0079a646182776f4a82022042a7477b4f50f1d98e33aedb6fccb65be1bb79bd20e7812514d3af18db70bb0f00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016aabee7b110000040300473045022059a985f176f477a56de15ed8cad2519efce1e1124c2e5b20c2772fa59e4949b0022100b500d94af24dd9441875a2d5585f5d79852f1b8eb3e960fe5564980900b62595
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002617668d50040abe51481455f27d8357f779fa24e60dc1600deb3ab8a10e5a505c2385bc6affe4c3c201ec680717586a3721312401a0bd29916e8c94741bf9856544bf6d8fcad8f02e97ff172231c55509dfff0bd9510751bd287fb1c065f93a8009f3c6d4bbc6473bf5da997957d3fe7b2c91319812507ea5a2f5620ff15e2daf5b39e268b5cf3a9e86e6ba823dc731aa4c1a545157365ef3e9f0440570798e1e2a9e6bbb5f1df6e54d9c2f7c24d03fdda9c0fd9fb3f481f561f158ec2fc1d943e870539dd787caaed7eceaa461d26f6e65b624856d99abea1cf47d28f0d1cbf9d5025e3bc62a079757d3d1034ece273a100c4abf4fa5fb0fd3914a7f025154