digitaltown.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:b4:fb:94:7d:de:da:0b:45:3c:9c:36:4f:f0:9a:fa:1e:34 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=digitaltown.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:b4:fb:94:7d:de:da:0b:45:3c:9c:36:4f:f0:9a:fa:1e:34Serial Number (int): 322922091080884074293778909090621010091572
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 45:87:9b:be:dd:d6:e0:73:ed:57:63:19:5d:9a:93:31:d5:19:a4:18
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b6:c6:f1:00:98:f5:b4:f9:5e:b5:94:1c:8b:d5:a3:3a:5f:8e:e0:66
Fingerprint (sha256): 70:8a:d4:62:15:33:4b:2e:61:f3:4e:83:77:18:02:d1:77:71:5e:08:5e:f3:fe:6c:34:8e:bd:de:c5:77:e2:4e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate digitaltown.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for digitaltown.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digitaltown.com
www.digitaltown.com
www.digitaltown.com
Other certificates including the domain name digitaltown.com
(limited to 100 certificates)
playadelcarmencondorental.com
mail.digitaltown.com
hub.digitaltown.com
gaylordhub.digitaltown.com
*.digitaltown.com
sale.nano.bible
tacticalhealth.com
digitaltown.com
mail.digitaltown.com
playadelcarmencondorental.com
gaylordhub.digitaltown.com
sale.nano.bible
lagunarealestate.com
hub.digitaltown.com
ooomessage.com
digitaltown.com
digitaltown.com
mckinley.me
stonegod.com
saintflanaganinstitute.ie
robertweckstein.me
alkanza.org
mail.digitaltown.com
api-docs.digitaltown.com
snap.mobi
sale.nano.bible
claim.digitaltown.com
gaylordhub.digitaltown.com
digitaltown.com
playadelcarmencondorental.com
gaylordhub.digitaltown.com
evacuationcomplete.com
digitaltown.com
mail.digitaltown.com
*.digitaltown.com
digitaltown.com
*.digitaltown.com
rhodeislandforum.com
trazable.com
api-docs.digitaltown.com
bespokefinancial.org
digitaltown.com
schermaneye.com
aboutandroid.com
bankcda.org
digitaltown.com
mckinley.me
gaylordhub.digitaltown.com
digitaltown.com
dome-dwell.com
gaylordhub.digitaltown.com
2000.cool
gaylordhub.digitaltown.com
cricketstreaming.org
brutalmente.com
api-docs.digitaltown.com
digitaltown.com
digitaltown.com
digitaltown.com
gaylordhub.digitaltown.com
dome-dwell.com
trazable.com
gaylordhub.digitaltown.com
digitaltown.com
appliances.cool
hub.digitaltown.com
*.digitaltown.com
digitaltown.com
*.digitaltown.com
carpina.work
premieresalon.com
mail.digitaltown.com
carpina.work
playadelcarmencondorental.com
mail.digitaltown.com
gaylordhub.digitaltown.com
atozlandscaping.com
deild.com
fdplatinum.com
api-docs.digitaltown.com
digitaltown.com
robertweckstein.me
api-docs.digitaltown.com
digitaltown.com
0hope.com
digitaltown.com
maw.me
*.digitaltown.com
digitaltown.com
api-docs.digitaltown.com
premieresalon.com
gaylordhub.digitaltown.com
playadelcarmencondorental.com
digitaltown.com
flyreel.org
digitaltown.com
enclear.org
gaylordhub.digitaltown.com
metabolon.org
digitaltown.com
mail.digitaltown.com
hub.digitaltown.com
gaylordhub.digitaltown.com
*.digitaltown.com
sale.nano.bible
tacticalhealth.com
digitaltown.com
mail.digitaltown.com
playadelcarmencondorental.com
gaylordhub.digitaltown.com
sale.nano.bible
lagunarealestate.com
hub.digitaltown.com
ooomessage.com
digitaltown.com
digitaltown.com
mckinley.me
stonegod.com
saintflanaganinstitute.ie
robertweckstein.me
alkanza.org
mail.digitaltown.com
api-docs.digitaltown.com
snap.mobi
sale.nano.bible
claim.digitaltown.com
gaylordhub.digitaltown.com
digitaltown.com
playadelcarmencondorental.com
gaylordhub.digitaltown.com
evacuationcomplete.com
digitaltown.com
mail.digitaltown.com
*.digitaltown.com
digitaltown.com
*.digitaltown.com
rhodeislandforum.com
trazable.com
api-docs.digitaltown.com
bespokefinancial.org
digitaltown.com
schermaneye.com
aboutandroid.com
bankcda.org
digitaltown.com
mckinley.me
gaylordhub.digitaltown.com
digitaltown.com
dome-dwell.com
gaylordhub.digitaltown.com
2000.cool
gaylordhub.digitaltown.com
cricketstreaming.org
brutalmente.com
api-docs.digitaltown.com
digitaltown.com
digitaltown.com
digitaltown.com
gaylordhub.digitaltown.com
dome-dwell.com
trazable.com
gaylordhub.digitaltown.com
digitaltown.com
appliances.cool
hub.digitaltown.com
*.digitaltown.com
digitaltown.com
*.digitaltown.com
carpina.work
premieresalon.com
mail.digitaltown.com
carpina.work
playadelcarmencondorental.com
mail.digitaltown.com
gaylordhub.digitaltown.com
atozlandscaping.com
deild.com
fdplatinum.com
api-docs.digitaltown.com
digitaltown.com
robertweckstein.me
api-docs.digitaltown.com
digitaltown.com
0hope.com
digitaltown.com
maw.me
*.digitaltown.com
digitaltown.com
api-docs.digitaltown.com
premieresalon.com
gaylordhub.digitaltown.com
playadelcarmencondorental.com
digitaltown.com
flyreel.org
digitaltown.com
enclear.org
gaylordhub.digitaltown.com
metabolon.org
digitaltown.com
Certificate
The complete raw certificate details for digitaltown.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGFjCCBP6gAwIBAgISA7T7lH3e2gtFPJw2T/Ca+h40MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEyMTEyMDMxMTZaFw0x ODAzMTEyMDMxMTZaMBoxGDAWBgNVBAMTD2RpZ2l0YWx0b3duLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMt2sD1SD8WiLxriZ3Glkt/YYMSaQwz9 Ku/xXQcN2paXEAKxiZpbocturjkRecIUu0H+n7l+h6yhlf7xOGhvyTP1V9WtIet5 UrCg+K3TsxRkphB+hIvaR1c9c0wV2IzrSqYLHtKowDqOib7is1iLK2QJ+LTH+nWT zIGKIPRWDGhb39YczPUTcjL2bYAx7XilMsSohzitSR6Qv8r0XW9fGfctpF0RxMWh Lh2U10goC3XXaKPx+prJIMYr8DdZukZXVldVwddMAwka5uRrfsHwiBBlGuk/tnmc r5WpY2+9GK7UYm0C3yNQXzHvRdssFHeC7xEoGHyBrg4ffQ1OPDL3tygrBqK8y2ct yKZHkHROwl8+UDNlKjQ01g+GAcCD3JmFtYyEOLQQ/xuNKIfxS9hGkEsG9rkAtI4o Wf7JNlNlqxshCNV7l1Q/7rqUudWqdA3IJP+dTjgWjhVPCFj5g6GJ5vJFq6qpVEBP sZuJz9AD70TOBakrqvIsRDweEh5QvpJYvQK+uciE7Pn3F9LEUmA9uxqwxNicv4nR u8LAzXyX44IEj7sJje0+yP8TE/Gyz7lEfUYieFGjGHYFSxAN8NsY95cnMdjVaLgk aOJrqRAut+hSwrceatH6M86Egos3nnnNUfvEFIPoieSR0hqvwqzb75wrPfBChQHq FfmFZ2bfoKTpAgMBAAGjggIkMIICIDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEWH m77d1uBz7VdjGV2akzHVGaQYMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wLwYDVR0RBCgwJoIPZGlnaXRhbHRvd24uY29t ghN3d3cuZGlnaXRhbHRvd24uY29tMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHm BgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j cnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkg b25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkg aW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQg YXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcN AQELBQADggEBAGBNLwKKO+js/bCq4+HfXJFQds2ObiJAus4A1PGJk3YogSQWVw5g MgBQF9skLxr7k38e19Bk/G9lIsCJN7QfngPBBXYLcTEtRAVGwT32QbEGV3O9Jxs/ HQVFX8+dbX08bjbQ+llh7aJEE+Eczl5+TtHGluIMyfSbkIbbG+HMvxInLM/ebcS0 WEaADjw8vvNHPe8vFv7CunFqGfb3vcFGV1iJKgtrhovM1AZSTjZ1Pvvpfi9kBjpB E4Ax3lWQYIJT0cxcBAcKouRO9ZW3y8t3rmHBGc2QONjoWZuVxXcQUi09WVsP+bU0 RK2mDs68VPIicghq7gZj1nARmFBuDUVQjlw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAy3awPVIPxaIvGuJncaWS 39hgxJpDDP0q7/FdBw3alpcQArGJmluhy26uORF5whS7Qf6fuX6HrKGV/vE4aG/J M/VX1a0h63lSsKD4rdOzFGSmEH6Ei9pHVz1zTBXYjOtKpgse0qjAOo6JvuKzWIsr ZAn4tMf6dZPMgYog9FYMaFvf1hzM9RNyMvZtgDHteKUyxKiHOK1JHpC/yvRdb18Z 9y2kXRHExaEuHZTXSCgLdddoo/H6mskgxivwN1m6RldWV1XB10wDCRrm5Gt+wfCI EGUa6T+2eZyvlaljb70YrtRibQLfI1BfMe9F2ywUd4LvESgYfIGuDh99DU48Mve3 KCsGorzLZy3IpkeQdE7CXz5QM2UqNDTWD4YBwIPcmYW1jIQ4tBD/G40oh/FL2EaQ Swb2uQC0jihZ/sk2U2WrGyEI1XuXVD/uupS51ap0Dcgk/51OOBaOFU8IWPmDoYnm 8kWrqqlUQE+xm4nP0APvRM4FqSuq8ixEPB4SHlC+kli9Ar65yITs+fcX0sRSYD27 GrDE2Jy/idG7wsDNfJfjggSPuwmN7T7I/xMT8bLPuUR9RiJ4UaMYdgVLEA3w2xj3 lycx2NVouCRo4mupEC636FLCtx5q0fozzoSCizeeec1R+8QUg+iJ5JHSGq/CrNvv nCs98EKFAeoV+YVnZt+gpOkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 322922091080884074293778909090621010091572 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-11 20:31:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-11 20:31:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digitaltown.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 830059177732124197685826101933303927877285428877332356997365552407850434924525821763924622536806671794776054438034659127280331248323255328595509995991014937258710990342626833159145933413786018303198083521946001613432307660520316664378830903931411913493629866398344127857597660970890789466262749409240192139277971182478380279549387762828701012070223926912747308246314259861319717164537523510203752942425914256709146407735966648386262168592588336163220067401322661474078260925636420946122976563326300549975919438054284832937872310926134665838224830670798812055889064507057472193009741865560700591383142079050436828405513941149084979668287666389595450486800688709583955773416774559942508536742174154598522331382523206429410945899798785616359903799448484577230952145780466210130412279748375904142787757031446573378339443487525350372466830615183699741143141357790530280015784217461474170840051119469882662059730832851237101883817381183857125445480387197759372449025303138525883793948573930271042281785982325851281837215918950197648287124444196502510283999652718497186811926208001254710711187041292584760281063568884183095582087420072453782050992579138676539664661080289030743053315366490856610945565605365841350544592361275851126964528361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 45879bbeddd6e073ed5763195d9a9331d519a418 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digitaltown.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.digitaltown.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00604d2f028a3be8ecfdb0aae3e1df5c915076cd8e6e2240bace00d4f189937628812416570e6032005017db242f1afb937f1ed7d064fc6f6522c08937b41f9e03c105760b71312d440546c13df641b1065773bd271b3f1d05455fcf9d6d7d3c6e36d0fa5961eda24413e11cce5e7e4ed1c696e20cc9f49b9086db1be1ccbf12272ccfde6dc4b45846800e3c3cbef3473def2f16fec2ba716a19f6f7bdc1465758892a0b6b868bccd406524e36753efbe97e2f64063a41138031de5590608253d1cc5c04070aa2e44ef595b7cbcb77ae61c119cd9038d8e8599b95c57710522d3d595b0ff9b53444ada60ecebc54f22272086aee0663d6701198506e0d45508e5c