mail.rmz.fi
Issued by Let's Encrypt Authority X1
About this certificate
This digital certificate with serial number 01:7a:be:cd:88:9a:53:0a:e6:ea:1d:e5:8b:20:64:9c:38:25 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=mail.rmz.fi
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:7a:be:cd:88:9a:53:0a:e6:ea:1d:e5:8b:20:64:9c:38:25Serial Number (int): 128880355206804416404031410589871430711333
Serial Number lenght: 137 bits, 18 octets
SubjectKeyId: 18:bf:45:db:b9:32:64:f7:a3:28:4c:b7:00:1b:e8:0c:41:bd:db:46
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 1f:35:db:d2:b2:11:4b:b4:9a:ab:00:1f:43:58:4e:08:2a:2b:0d:2d
Fingerprint (sha256): 70:ce:a7:29:62:77:41:91:ad:8f:c7:4a:9e:81:ff:f3:35:81:46:45:79:e9:c4:21:86:31:b8:59:35:52:66:70
Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x1.letsencrypt.org/Check the revocation status for certificate mail.rmz.fi
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mail.rmz.fi
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mail.rmz.fi
Other certificates including the domain name rmz.fi
(limited to 100 certificates)
www.rmz.fi
git.rmz.fi
www.rmz.fi
suomi.rmz.fi
git.rmz.fi
git.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
suomi.rmz.fi
oc.rmz.fi
www.rmz.fi
lpi.rmz.fi
www.rmz.fi
mail.rmz.fi
own.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
oc.rmz.fi
oc.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
mail.rmz.fi
lpi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
sms.rmz.fi
www.rmz.fi
www.rmz.fi
oc.rmz.fi
mail.rmz.fi
www.rmz.fi
lpi.rmz.fi
mail.rmz.fi
www.rmz.fi
oc.rmz.fi
own.rmz.fi
www.rmz.fi
git.rmz.fi
lpi.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
rmz.fi
www.rmz.fi
oc.rmz.fi
git.rmz.fi
www.rmz.fi
suomi.rmz.fi
git.rmz.fi
git.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
suomi.rmz.fi
oc.rmz.fi
www.rmz.fi
lpi.rmz.fi
www.rmz.fi
mail.rmz.fi
own.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
oc.rmz.fi
oc.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
mail.rmz.fi
lpi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
sms.rmz.fi
www.rmz.fi
www.rmz.fi
oc.rmz.fi
mail.rmz.fi
www.rmz.fi
lpi.rmz.fi
mail.rmz.fi
www.rmz.fi
oc.rmz.fi
own.rmz.fi
www.rmz.fi
git.rmz.fi
lpi.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
rmz.fi
www.rmz.fi
oc.rmz.fi
Certificate
The complete raw certificate details for mail.rmz.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgISAXq+zYiaUwrm6h3liyBknDglMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAxMjMyMDUyMDBaFw0x NjA0MjIyMDUyMDBaMBYxFDASBgNVBAMTC21haWwucm16LmZpMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAtmrhtjfCppLrv3G2QjEF/Bm89JvJexKeDIYQ ahQbR5IdsrpegIiJ4A6WNkeNH0pxEw0o/Qf1Br2jyu2fZHngSe0tvpHJePdCtQeY zbrgtmO2UlnADElHiYrWLPqch6d08Rva1OZ9iHzv6aDLy4FELka+cAwk4QuVN77C w440f+leuGp6tw8mlDLwqDcR1gv6CUYGRoAVkRvG5SVv5TVS7eD5Gti7oFAL8CFw W1RB8ILtRR4ScESnmeQx+fA8qMYK6q5xB1xJwuR4bAcwhWGdYddjidtFXgnGI76B vXSU53firHzbHxL1FvZhDRup5HdLua0265IPkfKiBo8sg6cJnlpPGCJ9Tuj6J3Jd T9uPwsGruEku95Jra5BzYp7V5Lnzvg2yNf5ZWbAkqdlQrqaRT0Ip2jXnQTPjXTph kEJh3eiKIRqkzWtciPJVsnTTRflyEW3FaK9HQhKPY40S+5gh9Z+PY8/MV+alHKC0 TbM5APeW8SJCZkk9Ja6hj8roqc5WnCbfsdpZD2ztggui8xnf6A+qVNK1hawMAImQ NPEOrmTw7XaJQQO1nBOw7JC3ylUkNrjz6VgJsBGJPQrV/aH+XO4/NQ3mFw2zj9mA xczLISYwHAkpQEK3dmwReovcsxTNCi0CV8XWDUBF1XZ996kZv1roo7ahuIl9NAzk 6KPi76MCAwEAAaOCAgwwggIIMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUGL9F27ky ZPejKEy3ABvoDEG920YwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw cAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDEu bGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgx LmxldHNlbmNyeXB0Lm9yZy8wFgYDVR0RBA8wDYILbWFpbC5ybXouZmkwgf4GA1Ud IASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIB FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtU aGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlp bmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRp ZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9y ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAEbd47jKiL/XK/wnTE/+kvSzx fwU9Kd8A/8HEUVNGPy9sNH9l7UibzzZOmTLij3mvoWFhgOJZJE/0ANjiWgWT+4+P FvsXev3PYSQuYIf8whlQrMifkZPDYs/qh6SHoV1l9tpQhRrnAK4bKkA0/pZYWktk 829hVcBLKBNM6k7JOSMKAIjt906zq1SDD8xGPQ0Xh3EOK/1F+pdViAxrs6igNkAz 1Plx7hX0NNoWWaQhq1D47QCQFU6oyUd7jdoKX9tZ9BYCxaBIkhIUmvcqkU0rejan rtncoGlFV2aEUzeu5AusBUjcq1dW1L3CPrFiGKLw8A23O4X4nFGftyKaRa/l7g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtmrhtjfCppLrv3G2QjEF /Bm89JvJexKeDIYQahQbR5IdsrpegIiJ4A6WNkeNH0pxEw0o/Qf1Br2jyu2fZHng Se0tvpHJePdCtQeYzbrgtmO2UlnADElHiYrWLPqch6d08Rva1OZ9iHzv6aDLy4FE Lka+cAwk4QuVN77Cw440f+leuGp6tw8mlDLwqDcR1gv6CUYGRoAVkRvG5SVv5TVS 7eD5Gti7oFAL8CFwW1RB8ILtRR4ScESnmeQx+fA8qMYK6q5xB1xJwuR4bAcwhWGd YddjidtFXgnGI76BvXSU53firHzbHxL1FvZhDRup5HdLua0265IPkfKiBo8sg6cJ nlpPGCJ9Tuj6J3JdT9uPwsGruEku95Jra5BzYp7V5Lnzvg2yNf5ZWbAkqdlQrqaR T0Ip2jXnQTPjXTphkEJh3eiKIRqkzWtciPJVsnTTRflyEW3FaK9HQhKPY40S+5gh 9Z+PY8/MV+alHKC0TbM5APeW8SJCZkk9Ja6hj8roqc5WnCbfsdpZD2ztggui8xnf 6A+qVNK1hawMAImQNPEOrmTw7XaJQQO1nBOw7JC3ylUkNrjz6VgJsBGJPQrV/aH+ XO4/NQ3mFw2zj9mAxczLISYwHAkpQEK3dmwReovcsxTNCi0CV8XWDUBF1XZ996kZ v1roo7ahuIl9NAzk6KPi76MCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 128880355206804416404031410589871430711333 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-23 20:52:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-22 20:52:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.rmz.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 744198498657070325093746047851234512257983298303081839999248107125676665294157932004154396896720684180871227274818360701425909210138445426247810992068510427463022423862961031199575498096263213555530332176922843292847415054702814097008821665120788181294554517480764778406126534343819659479306371922288550445289346510087351382397683645283542800914442231459268150499183624853083926327451597168081075370708659925905807552492104734065446651568211654793192573958761037876506450966760262039692791262610664889341449248407447817233223136923653265374266699081242415720127373229442043811157640520831423406404739807621018798534783717130105013582738671746409327249240681725444160113547208184730439431168539524986092601114957522156671998635994597778275219375080373840609567177114450680545838611630716510962387690895034662190857917907872765249003131794652107603666742838713259363516752872455174475690736947618061361882124238555771831077816142636971317817837643078543137714444839982087211778687414790655562909707098646611190368403024269760660330829990887872591362130778188020528359852174734000835220220783526296411389965998473952917842095327264789000700040704299365039652893842647102101461904617778610899680122347006146855592121580608686233437269923 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 18bf45dbb93264f7a3284cb7001be80c41bddb46 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.rmz.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011b778ee32a22ff5caff09d313ffa4bd2cf17f053d29df00ffc1c45153463f2f6c347f65ed489bcf364e9932e28f79afa1616180e259244ff400d8e25a0593fb8f8f16fb177afdcf61242e6087fcc21950acc89f9193c362cfea87a487a15d65f6da50851ae700ae1b2a4034fe96585a4b64f36f6155c04b28134cea4ec939230a0088edf74eb3ab54830fcc463d0d1787710e2bfd45fa9755880c6bb3a8a0364033d4f971ee15f434da1659a421ab50f8ed0090154ea8c9477b8dda0a5fdb59f41602c5a0489212149af72a914d2b7a36a7aed9dca069455766845337aee40bac0548dcab5756d4bdc23eb16218a2f0f00db73b85f89c519fb7229a45afe5ee