www.shelf.nz
Issued by R3
About this certificate
This digital certificate with serial number 03:f4:18:6d:b7:0a:02:b5:66:04:c1:35:7d:0c:7b:e3:99:fe was issued on by Let's Encrypt.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.shelf.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f4:18:6d:b7:0a:02:b5:66:04:c1:35:7d:0c:7b:e3:99:feSerial Number (int): 344398226468720220662856718211110846831102
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 29:a2:81:45:75:a6:3b:1b:d3:0d:85:25:ec:46:03:c9:ed:92:dd:71
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 52:a5:cb:22:0c:6d:a5:72:78:d2:73:7c:cb:88:d3:40:2c:03:62:c5
Fingerprint (sha256): 76:09:1c:0b:3c:e2:42:ac:4a:de:39:24:5e:74:a4:c2:c1:a6:ab:f0:12:ad:3a:15:42:8f:b3:77:44:a3:d6:7e
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.shelf.nz
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.shelf.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
asphaltrepairs.xyz
carlonicolas.xyz
gamblermagazine.biz
jamescannon.xyz
jordancherin.xyz
kidkronik.xyz
labgrow.net
metke.xyz
oakridgeseasonings.biz
operationwomen.co.nz
profound-strategy.biz
shelf.nz
stifler.xyz
subscriberconnect.com
web3brothers.xyz
www.asphaltrepairs.xyz
www.carlonicolas.xyz
www.gamblermagazine.biz
www.jamescannon.xyz
www.jordancherin.xyz
www.kidkronik.xyz
www.labgrow.net
www.metke.xyz
www.oakridgeseasonings.biz
www.operationwomen.co.nz
www.profound-strategy.biz
www.shelf.nz
www.stifler.xyz
www.subscriberconnect.com
www.web3brothers.xyz
carlonicolas.xyz
gamblermagazine.biz
jamescannon.xyz
jordancherin.xyz
kidkronik.xyz
labgrow.net
metke.xyz
oakridgeseasonings.biz
operationwomen.co.nz
profound-strategy.biz
shelf.nz
stifler.xyz
subscriberconnect.com
web3brothers.xyz
www.asphaltrepairs.xyz
www.carlonicolas.xyz
www.gamblermagazine.biz
www.jamescannon.xyz
www.jordancherin.xyz
www.kidkronik.xyz
www.labgrow.net
www.metke.xyz
www.oakridgeseasonings.biz
www.operationwomen.co.nz
www.profound-strategy.biz
www.shelf.nz
www.stifler.xyz
www.subscriberconnect.com
www.web3brothers.xyz
Other certificates including the domain name shelf.nz
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.shelf.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHLTCCBhWgAwIBAgISA/QYbbcKArVmBME1fQx745n+MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA3MTYwMzI4NDdaFw0yMzEwMTQwMzI4NDZaMBcxFTATBgNVBAMT DHd3dy5zaGVsZi5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALeI eFY3OvyTaPqE7K2y01vwBUdQK94mzlhcQIEl9w0US2RNvnHVfPqlpE1Emyrkinv3 HeX1sypag3maAfnaoKa9Dj71lTXJogxA/5PbKznz9uvaaMPIIDxOos5sJZk/+Yco ziLH28wlN4TQmBniSEY6u8pXU8dbtpXtSOxMJQNyEg014P6XJ344vwA4Hu9gAgni 3LKpLJldL8bSWcEoGL18sbF+UcHtFauwfZgjBLCLgwsLMUquq/kXXKRSXGsG0TG8 //mJgJzcEAYh/uGbCt50fjrUYrmu1v3xjr1nyjtrvaIE3VB5RpJiuW2pVyU1kYn3 MUpdOFxB+KCvXLDAza8CAwEAAaOCBFYwggRSMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUKaKBRXWmOxvTDYUl7EYDye2S3XEwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w ggJdBgNVHREEggJUMIICUIISYXNwaGFsdHJlcGFpcnMueHl6ghBjYXJsb25pY29s YXMueHl6ghNnYW1ibGVybWFnYXppbmUuYml6gg9qYW1lc2Nhbm5vbi54eXqCEGpv cmRhbmNoZXJpbi54eXqCDWtpZGtyb25pay54eXqCC2xhYmdyb3cubmV0ggltZXRr ZS54eXqCFm9ha3JpZGdlc2Vhc29uaW5ncy5iaXqCFG9wZXJhdGlvbndvbWVuLmNv Lm56ghVwcm9mb3VuZC1zdHJhdGVneS5iaXqCCHNoZWxmLm56ggtzdGlmbGVyLnh5 eoIVc3Vic2NyaWJlcmNvbm5lY3QuY29tghB3ZWIzYnJvdGhlcnMueHl6ghZ3d3cu YXNwaGFsdHJlcGFpcnMueHl6ghR3d3cuY2FybG9uaWNvbGFzLnh5eoIXd3d3Lmdh bWJsZXJtYWdhemluZS5iaXqCE3d3dy5qYW1lc2Nhbm5vbi54eXqCFHd3dy5qb3Jk YW5jaGVyaW4ueHl6ghF3d3cua2lka3JvbmlrLnh5eoIPd3d3LmxhYmdyb3cubmV0 gg13d3cubWV0a2UueHl6ghp3d3cub2FrcmlkZ2VzZWFzb25pbmdzLmJpeoIYd3d3 Lm9wZXJhdGlvbndvbWVuLmNvLm56ghl3d3cucHJvZm91bmQtc3RyYXRlZ3kuYml6 ggx3d3cuc2hlbGYubnqCD3d3dy5zdGlmbGVyLnh5eoIZd3d3LnN1YnNjcmliZXJj b25uZWN0LmNvbYIUd3d3LndlYjNicm90aGVycy54eXowEwYDVR0gBAwwCjAIBgZn gQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB6MoxU2LcttiDqOOBSHumE FnAyE4VNO9IrwTpXo1LrUgAAAYlc9U6DAAAEAwBHMEUCIDmMp3ntU9w9pK2QTeLH 0EsSYzLHtlL5pUz/95fcJnQvAiEA8y31X7TD1rRcWRn/HP+ZAhIi8h73nTXI8AKH ruS7LvcAdgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYlc9U6q AAAEAwBHMEUCIQD+PmDPvRexuz6hpOS37QvvvPvEXPkpw03SR7QXOodpCwIgeB8a nPh5EekqPwCykVrE0g85oi3ZOabVl2Xk9TiiYoswDQYJKoZIhvcNAQELBQADggEB AAgBWjktk6hT27+d6I59E32WLcugctu3pN/0Oeyz7GoJFD2P2Rb9hgcyWB7TPaLa 22NDDtQjnfZ/gbxLPjB/oDm2slCS325ZvOOQd8NTpBHA1CioVQq6gsGib4CsZn10 ux8ECimi3mJvOT7kPpeom58CDApRo8UFics69NWPo8ggcqVdhXaroQcWeP06d5BK oYVu4O5RioIR6vF+ZxWGu4/rj3qFP6/9J2Li7U/yP+muD9GeBywf6PiqomPuqMzU KRVZVFxnPP7a2fvkUzNOvOLMNItmA2GxGMWmI+jWnMcbunTAd8vFjWlT+BSi6z3t nRGC/n0U6sKBxTzi1Qtp2W8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4h4Vjc6/JNo+oTsrbLT W/AFR1Ar3ibOWFxAgSX3DRRLZE2+cdV8+qWkTUSbKuSKe/cd5fWzKlqDeZoB+dqg pr0OPvWVNcmiDED/k9srOfP269pow8ggPE6izmwlmT/5hyjOIsfbzCU3hNCYGeJI Rjq7yldTx1u2le1I7EwlA3ISDTXg/pcnfji/ADge72ACCeLcsqksmV0vxtJZwSgY vXyxsX5Rwe0Vq7B9mCMEsIuDCwsxSq6r+RdcpFJcawbRMbz/+YmAnNwQBiH+4ZsK 3nR+OtRiua7W/fGOvWfKO2u9ogTdUHlGkmK5balXJTWRifcxSl04XEH4oK9csMDN rwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 344398226468720220662856718211110846831102 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-16 03:28:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-14 03:28:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.shelf.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23168905706262819039956686981271105139038802108089333612083197088264292991629089448413384265741345457948042578866404779273895687990646071486989790181791474951334530847758752175053420792428312499830449815870964267846544239073370392553320861092784269639676336461366010306180237694799901953601278738251207106781315925664983748687202290296050281796871176387151869780776232924554643918015616779686461959530350738902769045787047600203277263136698625126554212755775243332927183653005333259227509139374605377315586584063526341823053354523253244419873997809634914509293178071903709181002403403744394116835553985117067690429871 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 29a2814575a63b1bd30d8525ec4603c9ed92dd71 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (596 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asphaltrepairs.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carlonicolas.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gamblermagazine.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jamescannon.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jordancherin.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kidkronik.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'labgrow.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'metke.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oakridgeseasonings.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'operationwomen.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'profound-strategy.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shelf.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stifler.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'subscriberconnect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web3brothers.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.asphaltrepairs.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.carlonicolas.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gamblermagazine.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jamescannon.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jordancherin.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kidkronik.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.labgrow.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.metke.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oakridgeseasonings.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.operationwomen.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.profound-strategy.biz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shelf.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stifler.xyz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.subscriberconnect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.web3brothers.xyz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001895cf54e8300000403004730450220398ca779ed53dc3da4ad904de2c7d04b126332c7b652f9a54cfff797dc26742f022100f32df55fb4c3d6b45c5919ff1cff99021222f21ef79d35c8f00287aee4bb2ef7007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001895cf54eaa0000040300473045022100fe3e60cfbd17b1bb3ea1a4e4b7ed0befbcfbc45cf929c34dd247b4173a87690b0220781f1a9cf87911e92a3f00b2915ac4d20f39a22dd939a6d59765e4f538a2628b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0008015a392d93a853dbbf9de88e7d137d962dcba072dbb7a4dff439ecb3ec6a09143d8fd916fd860732581ed33da2dadb63430ed4239df67f81bc4b3e307fa039b6b25092df6e59bce39077c353a411c0d428a8550aba82c1a26f80ac667d74bb1f040a29a2de626f393ee43e97a89b9f020c0a51a3c50589cb3af4d58fa3c82072a55d8576aba1071678fd3a77904aa1856ee0ee518a8211eaf17e671586bb8feb8f7a853faffd2762e2ed4ff23fe9ae0fd19e072c1fe8f8aaa263eea8ccd4291559545c673cfedad9fbe453334ebce2cc348b660361b118c5a623e8d69cc71bba74c077cbc58d6953f814a2eb3ded9d1182fe7d14eac281c53ce2d50b69d96f