liberation.web.arc-cdn.net
Issued by R3
About this certificate
This digital certificate with serial number 03:8a:55:8f:5e:88:c8:91:c9:2b:a5:75:fb:18:7e:03:4d:84 was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=liberation.web.arc-cdn.net
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8a:55:8f:5e:88:c8:91:c9:2b:a5:75:fb:18:7e:03:4d:84Serial Number (int): 308409553225846342318770976456659137940868
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 16:af:b2:fa:6a:8f:fd:51:d7:7a:86:82:6c:84:ad:14:48:05:b2:98
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f4:04:1e:bf:a1:25:6a:57:9c:43:41:a1:81:f7:1b:08:4f:24:47:22
Fingerprint (sha256): 76:bd:45:f9:87:24:57:4f:b5:09:9c:5a:ce:fb:40:0b:9f:f3:86:10:3b:7e:88:fe:49:19:d4:0a:cc:48:e1:64
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate liberation.web.arc-cdn.net
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for liberation.web.arc-cdn.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
liberation.web.arc-cdn.net
www.liberation.fr
www.sandbox.libe.io
www.staging.libe.io
www.liberation.fr
www.sandbox.libe.io
www.staging.libe.io
Other certificates including the domain name arc-cdn.net
(limited to 100 certificates)
arcmarketing.web.arc-cdn.net
thenational.web.arc-cdn.net
octane.web.arc-cdn.net
gray5.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
radiomitre.web.arc-cdn.net
avalonbay.web.arc-cdn.net
prisaradiomx.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
elfinanciero.web.arc-cdn.net
archetype.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
coindesk.web.arc-cdn.net
avalonbay.web.arc-cdn.net
cmg.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
newr7.web.arc-cdn.net
gray2.web.arc-cdn.net
lanacionpy.web.arc-cdn.net
diarioas.web.arc-cdn.net
coindesk.api.arc-cdn.net
avalonbay.web.arc-cdn.net
larazon.api.arc-cdn.net
grupoclarin.web.arc-cdn.net
diarioas.api.arc-cdn.net
rtl.web.arc-cdn.net
radiomitre.web.arc-cdn.net
gray2.web.arc-cdn.net
coindeskdev2.web.arc-cdn.net
irishtimes.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coxohio.web.arc-cdn.net
shawmedia.web.arc-cdn.net
opb.web.arc-cdn.net
coindesk.web.arc-cdn.net
grupoclarin.web.arc-cdn.net
mna.web.arc-cdn.net
cmg2.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
artear.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
diarioas.web.arc-cdn.net
pmn.web.arc-cdn.net
mentormedier.web.arc-cdn.net
prisa.web.arc-cdn.net
advancelocal.web.arc-cdn.net
elcomercio.web.arc-cdn.net
prisaradiolos40.web.arc-cdn.net
elespectador.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
web.arc-cdn.net
eluniverso.web.arc-cdn.net
gray4.web.arc-cdn.net
octane.web.arc-cdn.net
mna.web.arc-cdn.net
octane.web.arc-cdn.net
gmg.web.arc-cdn.net
ajc.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
tgam.web.arc-cdn.net
avalonbay.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sfr.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
tbt.web.arc-cdn.net
tronc.api.arc-cdn.net
cmg2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
cmg.web.arc-cdn.net
mna.web.arc-cdn.net
ajc.web.arc-cdn.net
coindeskdev1.web.arc-cdn.net
avalonbay.web.arc-cdn.net
avalonbay.web.arc-cdn.net
spectator.web.arc-cdn.net
leparisien.web.arc-cdn.net
cmg.web.arc-cdn.net
lexpress.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
gray2.web.arc-cdn.net
gray4.web.arc-cdn.net
avalonbay.web.arc-cdn.net
metroworldnews.web.arc-cdn.net
raycom.web.arc-cdn.net
thenational.web.arc-cdn.net
advancelocalthemes.web.arc-cdn.net
gfrmedia.web.arc-cdn.net
arcmarketing.web.arc-cdn.net
copesa.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
civicnewscompany.web.arc-cdn.net
elcomercio.web.arc-cdn.net
lexpress.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
advancelocal2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sophiapp.web.arc-cdn.net
thenational.web.arc-cdn.net
octane.web.arc-cdn.net
gray5.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
radiomitre.web.arc-cdn.net
avalonbay.web.arc-cdn.net
prisaradiomx.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
elfinanciero.web.arc-cdn.net
archetype.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
coindesk.web.arc-cdn.net
avalonbay.web.arc-cdn.net
cmg.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
newr7.web.arc-cdn.net
gray2.web.arc-cdn.net
lanacionpy.web.arc-cdn.net
diarioas.web.arc-cdn.net
coindesk.api.arc-cdn.net
avalonbay.web.arc-cdn.net
larazon.api.arc-cdn.net
grupoclarin.web.arc-cdn.net
diarioas.api.arc-cdn.net
rtl.web.arc-cdn.net
radiomitre.web.arc-cdn.net
gray2.web.arc-cdn.net
coindeskdev2.web.arc-cdn.net
irishtimes.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coxohio.web.arc-cdn.net
shawmedia.web.arc-cdn.net
opb.web.arc-cdn.net
coindesk.web.arc-cdn.net
grupoclarin.web.arc-cdn.net
mna.web.arc-cdn.net
cmg2.web.arc-cdn.net
culturacolectiva.web.arc-cdn.net
artear.web.arc-cdn.net
ipmgroup2.web.arc-cdn.net
diarioas.web.arc-cdn.net
pmn.web.arc-cdn.net
mentormedier.web.arc-cdn.net
prisa.web.arc-cdn.net
advancelocal.web.arc-cdn.net
elcomercio.web.arc-cdn.net
prisaradiolos40.web.arc-cdn.net
elespectador.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
web.arc-cdn.net
eluniverso.web.arc-cdn.net
gray4.web.arc-cdn.net
octane.web.arc-cdn.net
mna.web.arc-cdn.net
octane.web.arc-cdn.net
gmg.web.arc-cdn.net
ajc.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
tgam.web.arc-cdn.net
avalonbay.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sfr.web.arc-cdn.net
elcomercio.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
tbt.web.arc-cdn.net
tronc.api.arc-cdn.net
cmg2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
cmg.web.arc-cdn.net
mna.web.arc-cdn.net
ajc.web.arc-cdn.net
coindeskdev1.web.arc-cdn.net
avalonbay.web.arc-cdn.net
avalonbay.web.arc-cdn.net
spectator.web.arc-cdn.net
leparisien.web.arc-cdn.net
cmg.web.arc-cdn.net
lexpress.web.arc-cdn.net
prisaradioco.web.arc-cdn.net
gray2.web.arc-cdn.net
gray4.web.arc-cdn.net
avalonbay.web.arc-cdn.net
metroworldnews.web.arc-cdn.net
raycom.web.arc-cdn.net
thenational.web.arc-cdn.net
advancelocalthemes.web.arc-cdn.net
gfrmedia.web.arc-cdn.net
arcmarketing.web.arc-cdn.net
copesa.api.arc-cdn.net
elfinanciero.web.arc-cdn.net
civicnewscompany.web.arc-cdn.net
elcomercio.web.arc-cdn.net
lexpress.web.arc-cdn.net
coindeskuat.api.arc-cdn.net
advancelocal2.web.arc-cdn.net
bostonglobe.web.arc-cdn.net
sophiapp.web.arc-cdn.net
Certificate
The complete raw certificate details for liberation.web.arc-cdn.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISA4pVj16IyJHJK6V1+xh+A02EMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjUwODMwMjNaFw0yMzEyMjQwODMwMjJaMCUxIzAhBgNVBAMT GmxpYmVyYXRpb24ud2ViLmFyYy1jZG4ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAq5RnKJL2HBgME2OXvnV0qNV0YLZHqy+qtb4TqiaG7faOinHj Oi9f0SL3BCdVOFWVq/Oiu0z+EJjggG+A6KrHVArtRpP+sEQo9Pat99z9swkubKqG QA35myHSlEyWfvr4pdNG2JVQem+FePqJBBuxaR6r8SumBvvFIJ+LFUe0XqKxtxnB jQEp0YzjjskbiAaBZYdSp1+ieDtelhE99Wfj4mQiZqGeghvZCyYn4gLqYdI+BiFI Z6QA6bpDV7gLyCIplkat1VZ2eESUMCDzuczH3p3KvtXTIzerlhS3FS/LTULVDPlz 9kTQNgpyeeiFxF8Z63omczEFyjtkLDiifTENqwIDAQABo4ICVzCCAlMwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBQWr7L6ao/9Udd6hoJshK0USAWymDAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzBiBgNVHREEWzBZghpsaWJlcmF0aW9uLndlYi5hcmMtY2Ru Lm5ldIIRd3d3LmxpYmVyYXRpb24uZnKCE3d3dy5zYW5kYm94LmxpYmUuaW+CE3d3 dy5zdGFnaW5nLmxpYmUuaW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwggECBgorBgEE AdZ5AgQCBIHzBIHwAO4AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20 mQAAAYrLrPOnAAAEAwBGMEQCIFXcFMUxfN2nH26y/TcZkkncmfHcSRpXnH9IKuWU fMxQAiBaZ2/7qsIVKJMsLq0W6pCBc3UZXUQ3JxJSYQV2kLee0AB1AK33vvp8/xDI i509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABisus8/8AAAQDAEYwRAIgaBUsoaTq NparvROMCdJbcF0suplrXIqu7II253iTZ5oCIFgz9L8E0npDB+o3trV53Mvlnhgt EN5p7M6cVLF6Ntr0MA0GCSqGSIb3DQEBCwUAA4IBAQAIcfIv7g6gr4y5M7tfOPCI I9r6gErM6NCkQ9nJd6dg2Li+D5TfzTJRyzLm9O6VW6gp0m23rwE3SjK3UUW+5/Pb P5R7I+ioBIaTjQ/NCsmX02/WY1H8Q/KKmaC8vRcbUqgdUuVeRK1nwykOk0nLX2zE x81WqLp5nLCghxZoDpnZnDFBrDiw5G1OvhaR/fCMQ7j5gNRSaLk/oUdXGnHjLKAC 3BmqEDjyeU7rjyhewZR+MEC19ZRbwMAqIBxae3VTtSNMNun4X9+uaj5mXX7GyQt1 lRzEMiUu4Mot6Kqcqv+TAJHQKQ7g4ji0OZuzaxiKjGkOIIUJhsQO8+oL2TvBUOkn -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5RnKJL2HBgME2OXvnV0 qNV0YLZHqy+qtb4TqiaG7faOinHjOi9f0SL3BCdVOFWVq/Oiu0z+EJjggG+A6KrH VArtRpP+sEQo9Pat99z9swkubKqGQA35myHSlEyWfvr4pdNG2JVQem+FePqJBBux aR6r8SumBvvFIJ+LFUe0XqKxtxnBjQEp0YzjjskbiAaBZYdSp1+ieDtelhE99Wfj 4mQiZqGeghvZCyYn4gLqYdI+BiFIZ6QA6bpDV7gLyCIplkat1VZ2eESUMCDzuczH 3p3KvtXTIzerlhS3FS/LTULVDPlz9kTQNgpyeeiFxF8Z63omczEFyjtkLDiifTEN qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308409553225846342318770976456659137940868 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-25 08:30:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-24 08:30:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'liberation.web.arc-cdn.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21659930377647319649819355849043047644263821276415815125969235691584206016412726951918929519047521226275103553955853246803405259003004764163864731886932248714085316425797191405318486540903791055590580910705341292475176912616803889740916776005506215481958193671627620032652184084691021728316135511198108241676014586739687800684135683648369789849544918255936418327526449191483422146561572706644404735044283528340459710289602297306519619055123301472277335047958556016473969932430432693085779023302154325937979355853465729598293058907748931541206640303661671151057763921218404910423039183489020817355829725619187707088299 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 16afb2fa6a8ffd51d77a86826c84ad144805b298 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'liberation.web.arc-cdn.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.liberation.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sandbox.libe.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.staging.libe.io' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018acbacf3a70000040300463044022055dc14c5317cdda71f6eb2fd37199249dc99f1dc491a579c7f482ae5947ccc5002205a676ffbaac21528932c2ead16ea90817375195d443727125261057690b79ed0007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018acbacf3ff0000040300463044022068152ca1a4ea3696abbd138c09d25b705d2cba996b5c8aaeec8236e77893679a02205833f4bf04d27a4307ea37b6b579dccbe59e182d10de69ecce9c54b17a36daf4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000871f22fee0ea0af8cb933bb5f38f08823dafa804acce8d0a443d9c977a760d8b8be0f94dfcd3251cb32e6f4ee955ba829d26db7af01374a32b75145bee7f3db3f947b23e8a80486938d0fcd0ac997d36fd66351fc43f28a99a0bcbd171b52a81d52e55e44ad67c3290e9349cb5f6cc4c7cd56a8ba799cb0a08716680e99d99c3141ac38b0e46d4ebe1691fdf08c43b8f980d45268b93fa147571a71e32ca002dc19aa1038f2794eeb8f285ec1947e3040b5f5945bc0c02a201c5a7b7553b5234c36e9f85fdfae6a3e665d7ec6c90b75951cc432252ee0ca2de8aa9caaff930091d0290ee0e238b4399bb36b188a8c690e20850986c40ef3ea0bd93bc150e927