blog2.leafo.net
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:99:50:a7:bc:6b:ef:0f:7b:9b:d8:2e:1a:e4:dd:6f:7a:72 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=blog2.leafo.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:99:50:a7:bc:6b:ef:0f:7b:9b:d8:2e:1a:e4:dd:6f:7a:72Serial Number (int): 400619555040827144592939001762478612773490
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: c1:06:e0:d3:92:8a:10:80:b9:57:17:dd:c9:b2:c8:ec:8b:4c:e3:e0
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 8e:4c:7d:d8:61:6c:d2:38:4a:b6:3c:b9:bd:e9:12:f2:d2:18:10:e8
Fingerprint (sha256): 76:75:55:87:98:9c:a2:ab:cd:d1:54:f8:3f:ef:73:60:76:03:1d:73:79:ee:a1:84:59:27:c2:98:fe:b6:bd:1a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate blog2.leafo.net
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for blog2.leafo.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
archeia.leafo.net
blog2.leafo.net
paragon.leafo.net
www.archeia.leafo.net
www.blog2.leafo.net
www.paragon.leafo.net
blog2.leafo.net
paragon.leafo.net
www.archeia.leafo.net
www.blog2.leafo.net
www.paragon.leafo.net
Other certificates including the domain name leafo.net
(limited to 100 certificates)
pp.leafo.net
leafo.net
leafo.net
qm.leafo.net
frankiesmileshow.leafo.net
qm.leafo.net
medieve.leafo.net
corel.leafo.net
www.ase.leafo.net
zack.leafo.net
leafo.net
leafo.net
qm.leafo.net
www.compohub.leafo.net
wyrm.leafo.net
cedar-woods-com.leafo.net
worm.leafo.net
*.hamlet.leafo.net
*.worm.leafo.net
papersonata.leafo.net
gz.leafo.net
hamlet.leafo.net
corel.leafo.net
tyr.leafo.net
tay.leafo.net
www.tswiki.leafo.net
zack.leafo.net
*.aws.leafo.net
ase.leafo.net
qm.leafo.net
compohub.leafo.net
compohub.net
ravey.leafo.net
leafo.net
pokemon.leafo.net
ase.leafo.net
www.tay.leafo.net
gz.leafo.net
corel.leafo.net
mail.vermis.leafo.net
ase.leafo.net
scite.leafo.net
leafo.net
qm.leafo.net
archeia.leafo.net
blog2.leafo.net
gr.apedick.com
leafo.net
zack.leafo.net
pp.leafo.net
www.medieve.leafo.net
leafo.net
leafo.net
pp.leafo.net
medieve.leafo.net
zack.leafo.net
raziel.leafo.net
compohub.net
qm.leafo.net
mail.drule.leafo.net
qm.leafo.net
compohub.net
corel.leafo.net
mail.tay.leafo.net
soap.leafo.net
www.drule.leafo.net
ase.leafo.net
qm.leafo.net
www.worm.leafo.net
medieve.leafo.net
zack.leafo.net
compohub.net
blog2.leafo.net
leafo.net
www.scite.leafo.net
pp.leafo.net
gz.leafo.net
corel.leafo.net
gz.leafo.net
medieve.leafo.net
*.moonrocks.leafo.net
leafo.net
wyrm.leafo.net
www.vb.leafo.net
leafo.net
www.corel.leafo.net
zack.leafo.net
leafo.net
mail.leafo.net
corel.leafo.net
www.moonscript.org
zack.leafo.net
corel.leafo.net
leafo.net
mail.tri.leafo.net
corel.leafo.net
zack.leafo.net
www.papersonata.leafo.net
pp.leafo.net
compohub.net
leafo.net
leafo.net
qm.leafo.net
frankiesmileshow.leafo.net
qm.leafo.net
medieve.leafo.net
corel.leafo.net
www.ase.leafo.net
zack.leafo.net
leafo.net
leafo.net
qm.leafo.net
www.compohub.leafo.net
wyrm.leafo.net
cedar-woods-com.leafo.net
worm.leafo.net
*.hamlet.leafo.net
*.worm.leafo.net
papersonata.leafo.net
gz.leafo.net
hamlet.leafo.net
corel.leafo.net
tyr.leafo.net
tay.leafo.net
www.tswiki.leafo.net
zack.leafo.net
*.aws.leafo.net
ase.leafo.net
qm.leafo.net
compohub.leafo.net
compohub.net
ravey.leafo.net
leafo.net
pokemon.leafo.net
ase.leafo.net
www.tay.leafo.net
gz.leafo.net
corel.leafo.net
mail.vermis.leafo.net
ase.leafo.net
scite.leafo.net
leafo.net
qm.leafo.net
archeia.leafo.net
blog2.leafo.net
gr.apedick.com
leafo.net
zack.leafo.net
pp.leafo.net
www.medieve.leafo.net
leafo.net
leafo.net
pp.leafo.net
medieve.leafo.net
zack.leafo.net
raziel.leafo.net
compohub.net
qm.leafo.net
mail.drule.leafo.net
qm.leafo.net
compohub.net
corel.leafo.net
mail.tay.leafo.net
soap.leafo.net
www.drule.leafo.net
ase.leafo.net
qm.leafo.net
www.worm.leafo.net
medieve.leafo.net
zack.leafo.net
compohub.net
blog2.leafo.net
leafo.net
www.scite.leafo.net
pp.leafo.net
gz.leafo.net
corel.leafo.net
gz.leafo.net
medieve.leafo.net
*.moonrocks.leafo.net
leafo.net
wyrm.leafo.net
www.vb.leafo.net
leafo.net
www.corel.leafo.net
zack.leafo.net
leafo.net
mail.leafo.net
corel.leafo.net
www.moonscript.org
zack.leafo.net
corel.leafo.net
leafo.net
mail.tri.leafo.net
corel.leafo.net
zack.leafo.net
www.papersonata.leafo.net
pp.leafo.net
compohub.net
Certificate
The complete raw certificate details for blog2.leafo.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgISBJlQp7xr7w97m9guGuTdb3pyMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjUxOTA3MjVaFw0y MDA1MjUxOTA3MjVaMBoxGDAWBgNVBAMTD2Jsb2cyLmxlYWZvLm5ldDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPyAzeVviTVoZoOy5Q8ybCw15arzE0Gy mWK+q2mDS1zQ9OPN3uS/jjLTTJRX75Ozi1C6LgJrv6bNC/Egvlwu/1+lvX0ePldC wsq0E+AreZHgS7Qz0rmX0R/crZWuJqBTBIcm2FF64XHX2bXeFe/NhMpIK+FTgu2J G69w7/j4xOtQMZ4gLAqoy/pUkr8lG1QWpPuLmqWvs8hvIi/0QpQ7NkziFNeeKpHS U1sDe5dBUxn45cEG7DT9KwrMNbZb5FRIDNffgwrxzwzVSPYSirRqmfsQBGZgzFch pmtBHFb/zo4xqr0GgdY5Ybyt7vmJJ99Khw5S6vCLjB+GVvueHndvpr0CAwEAAaOC AtAwggLMMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUwQbg05KKEIC5VxfdybLI7ItM 4+AwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu b3JnLzCBgwYDVR0RBHwweoIRYXJjaGVpYS5sZWFmby5uZXSCD2Jsb2cyLmxlYWZv Lm5ldIIRcGFyYWdvbi5sZWFmby5uZXSCFXd3dy5hcmNoZWlhLmxlYWZvLm5ldIIT d3d3LmJsb2cyLmxlYWZvLm5ldIIVd3d3LnBhcmFnb24ubGVhZm8ubmV0MEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADy AHcAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwffYcGQAABAMA SDBGAiEA3E0wA5kcDYDPxvIsA3RdAs88mD8JF5UqDS+23BMsGwYCIQDwpOQiuZOK kSitl6Ph5jah05BPBt23HFqupadTWrAvdQB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZ AsEAKQaNsgiaN9kTAAABcH32HE8AAAQDAEgwRgIhAP9PxRcAiPrt0x6P+xHA8pbw U68SvR0b8uiY/7MkvqVIAiEA9mGHsQ//ietuZ+eM3nSmD++kdM+K4fceY4JJeXoU hEIwDQYJKoZIhvcNAQELBQADggEBACdB5kiSNI5C/4fHDsAYKLL23YVwwjgbrNlt dAz/wizXASC4buAwETRQ3qyprVxTfSN56li51OlSCZ69Ku9r+9RdWXDzJ/3qZlym 7wFlL71mjVJZdL6cwbzO265OZVMqx4NUd2+b5vJO7dnbWGWrzg3cUIzZWFwzeZRo WuCH2UULJrVjbC4vmmBYq2rwQDF4kLsPXK0ArcgFm1Lfi59rX9vvA69lfTARW1L8 DQUt2pXvyzu7SZE378482TJefgu8gpMRoSZ6TKNR+vrEcs7TACL1bZzbslXkoqj8 OEKj4SHwBIEaCCtAR06IByS0Dzk1hA2YCJUiqS2Wjv80lG2szCg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/IDN5W+JNWhmg7LlDzJs LDXlqvMTQbKZYr6raYNLXND0483e5L+OMtNMlFfvk7OLULouAmu/ps0L8SC+XC7/ X6W9fR4+V0LCyrQT4Ct5keBLtDPSuZfRH9ytla4moFMEhybYUXrhcdfZtd4V782E ykgr4VOC7Ykbr3Dv+PjE61AxniAsCqjL+lSSvyUbVBak+4uapa+zyG8iL/RClDs2 TOIU154qkdJTWwN7l0FTGfjlwQbsNP0rCsw1tlvkVEgM19+DCvHPDNVI9hKKtGqZ +xAEZmDMVyGma0EcVv/OjjGqvQaB1jlhvK3u+Ykn30qHDlLq8IuMH4ZW+54ed2+m vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 400619555040827144592939001762478612773490 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-25 19:07:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-25 19:07:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blog2.leafo.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31875568610244991321709021896305922316617019655727137981419785057563009148460273238477750294468740921565060379088641513456110756344407079245578724834992201594570364186522996534217060888283667406126807932529692475788717193713938533958037976648337430325738731926359079318316006299458118340367471611969700180131318786045745570031077987861662899154499941629291669642006757455141565630368502993483794469099485413334669953382149392729630841164668866411368625837710303597233726744978707097266948628158145560876509372375283167367342230861268879925398469332908564418885978033919398269887193680336560287979390051068484405667517 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c106e0d3928a1080b95717ddc9b2c8ec8b4ce3e0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'archeia.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog2.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paragon.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.archeia.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blog2.leafo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paragon.leafo.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001707df61c190000040300483046022100dc4d3003991c0d80cfc6f22c03745d02cf3c983f0917952a0d2fb6dc132c1b06022100f0a4e422b9938a9128ad97a3e1e636a1d3904f06ddb71c5aaea5a7535ab02f750077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001707df61c4f0000040300483046022100ff4fc5170088faedd31e8ffb11c0f296f053af12bd1d1bf2e898ffb324bea548022100f66187b10fff89eb6e67e78cde74a60fefa474cf8ae1f71e638249797a148442 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002741e64892348e42ff87c70ec01828b2f6dd8570c2381bacd96d740cffc22cd70120b86ee030113450deaca9ad5c537d2379ea58b9d4e952099ebd2aef6bfbd45d5970f327fdea665ca6ef01652fbd668d525974be9cc1bccedbae4e65532ac78354776f9be6f24eedd9db5865abce0ddc508cd9585c337994685ae087d9450b26b5636c2e2f9a6058ab6af040317890bb0f5cad00adc8059b52df8b9f6b5fdbef03af657d30115b52fc0d052dda95efcb3bbb499137efce3cd9325e7e0bbc829311a1267a4ca351fafac472ced30022f56d9cdbb255e4a2a8fc3842a3e121f004811a082b40474e880724b40f3935840d98089522a92d968eff34946daccc28