veterans.oneok.com
Issued by R3
About this certificate
This digital certificate with serial number 03:07:8c:dd:b5:85:66:56:3c:d7:e8:a2:4c:49:ab:73:6b:6d was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=veterans.oneok.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:07:8c:dd:b5:85:66:56:3c:d7:e8:a2:4c:49:ab:73:6b:6dSerial Number (int): 263906077462428089204524328669929735940973
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 39:a1:56:0f:d5:fc:7f:ff:43:a5:06:13:3b:c5:96:d6:57:6d:e3:9d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 46:db:7c:94:ac:b1:7e:a5:03:38:aa:47:a8:54:49:f1:db:c7:10:98
Fingerprint (sha256): 77:31:dd:ca:b9:b2:63:a7:3c:6a:bf:88:ab:39:3f:66:dd:76:ec:62:18:81:75:42:7f:c4:1d:21:d8:98:61:d5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate veterans.oneok.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for veterans.oneok.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
veterans.oneok.com
Other certificates including the domain name oneok.com
(limited to 100 certificates)
srvise01poke.oneok.com
*.crm.oneok.com
veterans.oneok.com
securemail.oneok.com
*.oneok.com
mobile-t.oneok.com
veterans.oneok.com
veterans.oneok.com
bomgar.oneok.com
*.crm.oneok.com
sp.crmtest.oneok.com
veterans.oneok.com
yourtgsaccount.oneok.com
remote.oneok.com
*.testcrm.oneok.com
*.oneok.com
bomgar.oneok.com
sip.oneok.com
wireless.oneok.com
mail.oneok.com
*.crmlab1.oneok.com
camweb-kmcmc.oneok.com
veterans.oneok.com
apps.oneok.com
*.crm.oneok.com
securemail.oneok.com
citrix.oneok.com
mail.oneok.com
*.testcrm.oneok.com
*.crmlab1.oneok.com
bomgar.oneok.com
*.crmlab1.oneok.com
camweb-kmcmc.oneok.com
oneokadfstest.oneok.com
mail.oneok.com
sp.crm.oneok.com
www.oneok.com
vpn.oneok.com
notificationpostback.oneok.com
bomgar.oneok.com
*.testcrm.oneok.com
oneokadfs3.oneok.com
*.oneok.com
opcapps.oneok.com
oneokadfs3.oneok.com
*.dyn.oneok.com
mobile.oneok.com
sip.oneok.com
mobile.oneok.com
video.oneok.com
yourkgsaccount.oneok.com
*.crmlab1.oneok.com
veterans.oneok.com
sp.crm.oneok.com
*.oneok.com
TDCISEASX11POKE.oneok.com
video.oneok.com
ess.oneok.com
veterans.oneok.com
*.oneok.com
veterans.oneok.com
ir.oneok.com
veterans.oneok.com
sip.oneok.com
apps.oneok.com
mail.oneok.com
mail.oneok.com
mobile.oneok.com
veterans.oneok.com
veterans.oneok.com
remote.oneok.com
oneok.com
ppsyslog.oneok.com
*.dyn.oneok.com
keeper.oneok.com
mail.oneok.com
swamrv50.oneok.com
*.dyn.oneok.com
*.gis.oneok.com
exchange.oneok.com
vpn.oneok.com
keeperdev.oneok.com
oneok.com
mail.oneok.com
veterans.oneok.com
ir.oneok.com
ir.oneok.com
notificationpostback.oneok.com
wireless.oneok.com
test.oneok.com
veterans.oneok.com
git.oneok.com
veterans.oneok.com
veterans.oneok.com
TDCISEASX11POKE.oneok.com
*.dyn.oneok.com
*.CRM1.ONEOK.COM
yourongaccount.oneok.com
camweb-ofs.oneok.com
*.oneok.com
*.crm.oneok.com
veterans.oneok.com
securemail.oneok.com
*.oneok.com
mobile-t.oneok.com
veterans.oneok.com
veterans.oneok.com
bomgar.oneok.com
*.crm.oneok.com
sp.crmtest.oneok.com
veterans.oneok.com
yourtgsaccount.oneok.com
remote.oneok.com
*.testcrm.oneok.com
*.oneok.com
bomgar.oneok.com
sip.oneok.com
wireless.oneok.com
mail.oneok.com
*.crmlab1.oneok.com
camweb-kmcmc.oneok.com
veterans.oneok.com
apps.oneok.com
*.crm.oneok.com
securemail.oneok.com
citrix.oneok.com
mail.oneok.com
*.testcrm.oneok.com
*.crmlab1.oneok.com
bomgar.oneok.com
*.crmlab1.oneok.com
camweb-kmcmc.oneok.com
oneokadfstest.oneok.com
mail.oneok.com
sp.crm.oneok.com
www.oneok.com
vpn.oneok.com
notificationpostback.oneok.com
bomgar.oneok.com
*.testcrm.oneok.com
oneokadfs3.oneok.com
*.oneok.com
opcapps.oneok.com
oneokadfs3.oneok.com
*.dyn.oneok.com
mobile.oneok.com
sip.oneok.com
mobile.oneok.com
video.oneok.com
yourkgsaccount.oneok.com
*.crmlab1.oneok.com
veterans.oneok.com
sp.crm.oneok.com
*.oneok.com
TDCISEASX11POKE.oneok.com
video.oneok.com
ess.oneok.com
veterans.oneok.com
*.oneok.com
veterans.oneok.com
ir.oneok.com
veterans.oneok.com
sip.oneok.com
apps.oneok.com
mail.oneok.com
mail.oneok.com
mobile.oneok.com
veterans.oneok.com
veterans.oneok.com
remote.oneok.com
oneok.com
ppsyslog.oneok.com
*.dyn.oneok.com
keeper.oneok.com
mail.oneok.com
swamrv50.oneok.com
*.dyn.oneok.com
*.gis.oneok.com
exchange.oneok.com
vpn.oneok.com
keeperdev.oneok.com
oneok.com
mail.oneok.com
veterans.oneok.com
ir.oneok.com
ir.oneok.com
notificationpostback.oneok.com
wireless.oneok.com
test.oneok.com
veterans.oneok.com
git.oneok.com
veterans.oneok.com
veterans.oneok.com
TDCISEASX11POKE.oneok.com
*.dyn.oneok.com
*.CRM1.ONEOK.COM
yourongaccount.oneok.com
camweb-ofs.oneok.com
*.oneok.com
Certificate
The complete raw certificate details for veterans.oneok.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGKTCCBRGgAwIBAgISAweM3bWFZlY81+iiTEmrc2ttMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMDEyMDUxNTQ4MTRaFw0yMTAzMDUxNTQ4MTRaMB0xGzAZBgNVBAMT EnZldGVyYW5zLm9uZW9rLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBAKnhJYBCW/jN8G1zu0Fr2QCYpgUtw8fgAtBWRTX8dKzwiIBIKRvkacgHj4Nj oeu8WG+dL72ESBlyLBraBjOuUnxvpAJGQY+FeN5+QeY8gkwA+jaWWp4dPvgBPVR0 h/H9WY60yWWhFGoCLw5oEATbZRdGxxlQzUNJXHUPFv3n3KM3INxFlafxCTU3G3rW 4J+NkDAd1TsOwbvxE8U2b5d8bnr58repJw1uRToHqWq2Sw3UROls68C0RCTh9bXK hBUI49/EEDCMqMymffhD5OztTBUm7PJl3HKKXJXcAdZCwTMgIi00IIP1deS1pBR1 67orUeGnCvM36llmq9LAAizznX8L8AeiSg7fN6pjqvPMOYkew1tvU7KFwNzATN0J D+C3pIbovT/VO0o9tGIjqATNjlmBECdXQx8XJC/yFX4dw/bSS4hi5S05Nsn9BVVX t0mmJw2I80Yqkaf8tttDszuVq6KTEaM8hZ5etOde4/OWW6/KD4R4khjuzV5SU3Y3 Lt40D5D2m2Ujke6LV+SEYVeRoAD7o7lBisysDpaDso4QL7dZKKLZLkJR//w5M80s wRxYgEpN4m3YLTgGxr5gICAjB0ap2UZjSnsAuhgQa3VFYrRfSqUeFzdFdM9gn+rh +AzyNqf895baIHOSWNgIoWweifCm5dbsnee6H3wEj+FdbpolAgMBAAGjggJMMIIC SDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDmhVg/V/H//Q6UGEzvFltZXbeOdMB8G A1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAh BggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZo dHRwOi8vcjMuaS5sZW5jci5vcmcvMB0GA1UdEQQWMBSCEnZldGVyYW5zLm9uZW9r LmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkC BAIEgfQEgfEA7wB1AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAAB djPNzfsAAAQDAEYwRAIgEwyJx8TL/JLeTJSbWe0iSwGJwm/WiFDkHCxp+xG1y6IC IDDCbbaHhq0HY4JYgaqv2U+2/XDUmWceFlq2ExM5q2rVAHYAfT7y+I//iFVoJMLA yp5SiXkrxQ54CX8uapdomX4i8NcAAAF2M83OTAAABAMARzBFAiBjukrdrWlbOiDw tnGn6N+rwARBCEQvyIJpl4Qc4POKWAIhAPIyoEE2Ts2pwz4mmBEn6tpUlubGFOze bYKFSwU/7kkgMA0GCSqGSIb3DQEBCwUAA4IBAQCbeuRdHawkVHsoCwJK8lJonY1w 6cZP4jZBDRe4ABC2rHUSbvEthirb3uTU4EDggSjm8qNW69MStn/x+kSro8bf8gaB 27FNcwNDX59Vrjl6nO+1AIQ3/1c+LJsWqFry7PN18tktZH/YuPh1G0La5TBpb9WZ 8/PHPvUtJdNv8UpgrsLk1xddTVd1NmYSkwfObqUkqJfLxxx/L0a05gG+WcNVRlAx z3iLl6q2xWz3BRktCVxfkotAemb3mlzIPidqMEyWk1lQzXfydGswE0hdovleiBJf XUUMyvrZPZjgWLOVXWLcW3tK3uepOmll6WwKSelCCnl5bCSmG/d2HWqeS1mw -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqeElgEJb+M3wbXO7QWvZ AJimBS3Dx+AC0FZFNfx0rPCIgEgpG+RpyAePg2Oh67xYb50vvYRIGXIsGtoGM65S fG+kAkZBj4V43n5B5jyCTAD6NpZanh0++AE9VHSH8f1ZjrTJZaEUagIvDmgQBNtl F0bHGVDNQ0lcdQ8W/efcozcg3EWVp/EJNTcbetbgn42QMB3VOw7Bu/ETxTZvl3xu evnyt6knDW5FOgeparZLDdRE6WzrwLREJOH1tcqEFQjj38QQMIyozKZ9+EPk7O1M FSbs8mXccopcldwB1kLBMyAiLTQgg/V15LWkFHXruitR4acK8zfqWWar0sACLPOd fwvwB6JKDt83qmOq88w5iR7DW29TsoXA3MBM3QkP4Lekhui9P9U7Sj20YiOoBM2O WYEQJ1dDHxckL/IVfh3D9tJLiGLlLTk2yf0FVVe3SaYnDYjzRiqRp/y220OzO5Wr opMRozyFnl60517j85Zbr8oPhHiSGO7NXlJTdjcu3jQPkPabZSOR7otX5IRhV5Gg APujuUGKzKwOloOyjhAvt1kootkuQlH//DkzzSzBHFiASk3ibdgtOAbGvmAgICMH RqnZRmNKewC6GBBrdUVitF9KpR4XN0V0z2Cf6uH4DPI2p/z3ltogc5JY2AihbB6J 8Kbl1uyd57offASP4V1umiUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 263906077462428089204524328669929735940973 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-05 15:48:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-05 15:48:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'veterans.oneok.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 693047806618652844205906727466507541986945677125413287513753572676020594007385430259600545542333997112934553233274170761117785958949142026773256919704742794374671233368554947004082479359943032520552920833501685941343107076993637091322203494678553614130345276130635743065327854890969087599292097210859085114333495486802894149437145784853616864207426533749875181339724478268234428139979212361088910301591775167650799782151441204025391258786674557304103964933550845391107288650299074917820989410011525114563623088346047518728058974938490568914245639422287973226522398015420607210887671110886917880703715904186865305017983045268013765548411692412688787430465997853289587738551759793765367302461885936974632912024958809555890247821648072819797965331168008883694651504852642636679484750799893581782107634113858155393336180498505713252179614022542620922294070928105726735776210797515190453980145912225062427735944290917209869209296409604402650206347658211557342494270277450311596136541891473892001033109112110097415289608852517542083890114051249336522201198714184634298134717228229481276388109068367358173046952553476034994443134691490091455291090822214748853588999611717440237370650912357049901427831963830715294251595919087086556427491877 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 39a1560fd5fc7fff43a506133bc596d6576de39d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'veterans.oneok.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000017633cdcdfb00000403004630440220130c89c7c4cbfc92de4c949b59ed224b0189c26fd68850e41c2c69fb11b5cba2022030c26db68786ad0763825881aaafd94fb6fd70d499671e165ab6131339ab6ad50076007d3ef2f88fff88556824c2c0ca9e5289792bc50e78097f2e6a9768997e22f0d70000017633cdce4c0000040300473045022063ba4addad695b3a20f0b671a7e8dfabc0044108442fc8826997841ce0f38a58022100f232a041364ecda9c33e26981127eada5496e6c614ecde6d82854b053fee4920 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009b7ae45d1dac24547b280b024af252689d8d70e9c64fe236410d17b80010b6ac75126ef12d862adbdee4d4e040e08128e6f2a356ebd312b67ff1fa44aba3c6dff20681dbb14d7303435f9f55ae397a9cefb5008437ff573e2c9b16a85af2ecf375f2d92d647fd8b8f8751b42dae530696fd599f3f3c73ef52d25d36ff14a60aec2e4d7175d4d57753666129307ce6ea524a897cbc71c7f2f46b4e601be59c355465031cf788b97aab6c56cf705192d095c5f928b407a66f79a5cc83e276a304c96935950cd77f2746b3013485da2f95e88125f5d450ccafad93d98e058b3955d62dc5b7b4adee7a93a6965e96c0a49e9420a79796c24a61bf7761d6a9e4b59b0