app.cafsa.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:5a:8d:ab:d9:73:b2:3c:0d:d1:66:d7:12:a3:68:1c:91:cd was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=app.cafsa.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5a:8d:ab:d9:73:b2:3c:0d:d1:66:d7:12:a3:68:1c:91:cdSerial Number (int): 292150584258782967859283130007539108581837
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: f8:e4:c7:d4:1d:e8:f7:5f:b6:be:2b:9f:e7:45:42:77:03:96:0f:e4
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 42:55:f1:65:77:1b:f1:82:d8:f2:d4:80:eb:d5:1c:a2:43:fa:c4:56
Fingerprint (sha256): 60:af:4d:a8:29:08:0a:ac:01:da:3c:29:e1:0d:eb:ab:5c:67:b1:30:7c:21:a2:d0:e9:32:7b:4a:a1:a2:3f:9a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate app.cafsa.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for app.cafsa.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
app.cafsa.org
Other certificates including the domain name cafsa.org
(limited to 100 certificates)
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org.knechted.digital
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org.knechted.digital
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
Certificate
The complete raw certificate details for app.cafsa.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/TCCBOWgAwIBAgISA1qNq9lzsjwN0WbXEqNoHJHNMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA3MjMxMTI1MDBaFw0x NzEwMjExMTI1MDBaMBgxFjAUBgNVBAMTDWFwcC5jYWZzYS5vcmcwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDSCMFNPyagFXrseEmzA7EX2jz6UojCSAGH VmHLD3zpMsG4vZp3AYY51C6vDR57ROQKU1XO5pSnj693nsVqv5I2coNGsiZDn/Br U9AIhCJdKoqAhMBnkYlZ70QVQ6MIcSCWm3wQPXKngxeK/NgHKU4VXH0QToDOz1pi LQPgYqTUsLk0uhUaI45FfmvdapaunNSE2IDVviRKdtFwDzx0TPFSUFvCzonwJDeb l2xg9Oz7RpHnuImpa4Ioj2lcmX1VmtD9yroMqeae+u1JhQxqXoIcHEaX6Eq2a3fN GjrrcwpOh8l77V+oCFO6G+kKMNEKPiqENdRA2R1QsL3ycIWeIurXGm9y0zwdshHb IW/0UhmNgeA21b9ATd5diLoblB79T8q7C8e62yBTgsmiIRCBn0viyBaC3E6czfHT cES9ynqyq7wUV9h0Ss897CorFOiakeHDXPVl3TunAmH4/v3rRyN2yN5qVegd6kas UUv00kAWPWkF9ZJEsf6UAeUORMSMw5+Y9bpRyIHftaSeWoXCHjrkaIGIDZw2sXzP N8q6UXvv9mh/2eaT48D5MWYLLvtpKT3wMhkSQoHQaaW+1RQbpKIrdmoFJJT+uO/H mn+Mz/g7DUr5WSa3CScnL85nuYu9r22oek37q0cDmXwEdEjiYpHXV5cXiRUYJnra s51eO3MGPQIDAQABo4ICDTCCAgkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT45MfU Hej3X7a+K5/nRUJ3A5YP5DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDWFwcC5jYWZzYS5vcmcwgf4G A1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUF BwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4M gZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJl bHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENl cnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9y Zy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAQ6XvrZu3iLVq0QcHPZzc y/oiB7P5zNWMlfmI7GSy5j/PcwaM61BrDNdEKcTm13u2R4ASWajTAe8vV6Ka1Oth VpbB6jI63lbuWl/kMtzLvOMMq0vpl9T2KfBYG5EToBPEMZt6nUmlb4jMUqtwPpKR v5SHnaN4jYkxYAqG8pqdl6kdvayh51h4Lt7yhwzeZLUE9B98BnhjSfSmUcxJF1WY MiF+TClkSIOjbDu+lqEeY98rl4xoYkqVrsYlP5O239rlmEdkwIP6lHl8FlcCpg/n TJNe0qqmF62OxcO7GyQxDFuOfQLlQebneqNqiR2jtr4kzkGD7tfQtQ+AwEMfJxjR uA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0gjBTT8moBV67HhJswOx F9o8+lKIwkgBh1Zhyw986TLBuL2adwGGOdQurw0ee0TkClNVzuaUp4+vd57Far+S NnKDRrImQ5/wa1PQCIQiXSqKgITAZ5GJWe9EFUOjCHEglpt8ED1yp4MXivzYBylO FVx9EE6Azs9aYi0D4GKk1LC5NLoVGiOORX5r3WqWrpzUhNiA1b4kSnbRcA88dEzx UlBbws6J8CQ3m5dsYPTs+0aR57iJqWuCKI9pXJl9VZrQ/cq6DKnmnvrtSYUMal6C HBxGl+hKtmt3zRo663MKTofJe+1fqAhTuhvpCjDRCj4qhDXUQNkdULC98nCFniLq 1xpvctM8HbIR2yFv9FIZjYHgNtW/QE3eXYi6G5Qe/U/KuwvHutsgU4LJoiEQgZ9L 4sgWgtxOnM3x03BEvcp6squ8FFfYdErPPewqKxTompHhw1z1Zd07pwJh+P7960cj dsjealXoHepGrFFL9NJAFj1pBfWSRLH+lAHlDkTEjMOfmPW6UciB37WknlqFwh46 5GiBiA2cNrF8zzfKulF77/Zof9nmk+PA+TFmCy77aSk98DIZEkKB0GmlvtUUG6Si K3ZqBSSU/rjvx5p/jM/4Ow1K+VkmtwknJy/OZ7mLva9tqHpN+6tHA5l8BHRI4mKR 11eXF4kVGCZ62rOdXjtzBj0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 292150584258782967859283130007539108581837 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-23 11:25:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-21 11:25:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'app.cafsa.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 856864776277757622323811444705526471093892382379445502557312592141196452658347675413609383661884087932773247665059170816363052742938345515984146760138517915980291388035443402427509349813562525838744344388439363111493545934202701179362967212302327270213510959610468917500568576160640237757473164952948796958343902166863577901060312125729126073170266513652313360072486539603551495069528305415678031677230252196901513379150850902712328239778820480430298827965460533067845009491209252834044486701787179730091956851320114013239803222718787229784333344759951046252875159390842125085428010234965963804406098150146424358540306114005784507650375988650121204081124071900492266853738197361686122523929234662211542752428692560784653647488799420433048987410532507934038539772911408335496677347783674820509536999887904186631439574781116200285190398031153145655331870175532278868309773997573407802329432730592449807109495545351151263067191221243379605125786751280343977367023586304397571595404084617895231057611060724505059592474868083827720266780339609257503228231732634679704600850269664022434187057315523866978372396193273963104412079579589107509528589895491524825474940532040232180379699314911413792163243471472424270814817706546199179371415101 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f8e4c7d41de8f75fb6be2b9fe745427703960fe4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.cafsa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0043a5efad9bb788b56ad107073d9cdccbfa2207b3f9ccd58c95f988ec64b2e63fcf73068ceb506b0cd74429c4e6d77bb647801259a8d301ef2f57a29ad4eb615696c1ea323ade56ee5a5fe432dccbbce30cab4be997d4f629f0581b9113a013c4319b7a9d49a56f88cc52ab703e9291bf94879da3788d8931600a86f29a9d97a91dbdaca1e758782edef2870cde64b504f41f7c06786349f4a651cc4917559832217e4c29644883a36c3bbe96a11e63df2b978c68624a95aec6253f93b6dfdae5984764c083fa94797c165702a60fe74c935ed2aaa617ad8ec5c3bb1b24310c5b8e7d02e541e6e77aa36a891da3b6be24ce4183eed7d0b50f80c0431f2718d1b8