capitalcityballhockey.ca
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:74:8a:5f:c3:72:af:8c:84:68:9f:6d:ef:83:89:54:e4:4b was issued on by Let's Encrypt.
With 21 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=capitalcityballhockey.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:74:8a:5f:c3:72:af:8c:84:68:9f:6d:ef:83:89:54:e4:4bSerial Number (int): 300993543053885693891026262555674046424139
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 62:6f:ea:45:9f:8c:1d:d4:7b:38:74:8c:7b:5a:16:e0:c0:26:cd:c7
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 59:b4:7d:57:5b:59:ab:4e:bf:af:ae:59:1f:b7:fe:a0:58:74:61:75
Fingerprint (sha256): 79:9c:18:38:58:26:89:2b:10:b1:c7:23:5b:35:2f:c5:28:86:cc:96:55:b3:ec:11:4e:e3:bb:11:50:90:0f:09
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate capitalcityballhockey.ca
21
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for capitalcityballhockey.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
autodiscover.capitalcityballhockey.ca
autodiscover.marysvillebaptist.ca
autodiscover.mkmdesign.ca
capitalcityballhockey.ca
capitalcityballhockey.mkmlive.ca
mail.capitalcityballhockey.ca
mail.marysvillebaptist.ca
mail.mkmdesign.ca
marysvillebaptist.ca
marysvillebaptist.mkmlive.ca
mkmdesign.ca
mkmdesign.mkmlive.ca
webdisk.capitalcityballhockey.ca
webdisk.marysvillebaptist.ca
webdisk.mkmdesign.ca
www.capitalcityballhockey.ca
www.capitalcityballhockey.mkmlive.ca
www.marysvillebaptist.ca
www.marysvillebaptist.mkmlive.ca
www.mkmdesign.ca
www.mkmdesign.mkmlive.ca
autodiscover.marysvillebaptist.ca
autodiscover.mkmdesign.ca
capitalcityballhockey.ca
capitalcityballhockey.mkmlive.ca
mail.capitalcityballhockey.ca
mail.marysvillebaptist.ca
mail.mkmdesign.ca
marysvillebaptist.ca
marysvillebaptist.mkmlive.ca
mkmdesign.ca
mkmdesign.mkmlive.ca
webdisk.capitalcityballhockey.ca
webdisk.marysvillebaptist.ca
webdisk.mkmdesign.ca
www.capitalcityballhockey.ca
www.capitalcityballhockey.mkmlive.ca
www.marysvillebaptist.ca
www.marysvillebaptist.mkmlive.ca
www.mkmdesign.ca
www.mkmdesign.mkmlive.ca
Other certificates including the domain name capitalcityballhockey.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for capitalcityballhockey.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHRzCCBi+gAwIBAgISA3SKX8Nyr4yEaJ9t74OJVORLMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEyMjQwNDU5MTFaFw0x ODAzMjQwNDU5MTFaMCMxITAfBgNVBAMTGGNhcGl0YWxjaXR5YmFsbGhvY2tleS5j YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDVmFv5FpGW7J/w47bu Wt/ZFUqQOhhDB81qqwb13Oqz9Shv8UgpD1ffvmZAfCjUWO9YP5WribYn1lbD6KZg pwCQrKjuItPAMSWh4KNI9le1Xccc5PDcLPhM9MIvuCeeqIbyDPBJ/+kOLhFH8aXi UW8carkCe+Qx3YSRK5Dtx1BhbiDGqj2v5fpJfQ1qM+E/DIEEfBgVdmD9lpJjFJ00 wMqYCOfhnM83Al5euFBbmJQjZihG+S6xxvMivSVYLm4raOCoYTDuNZPxUUZpe9ZB xezZBtAg4FChliBaY4DjX4O3PT9GJ9FayzpV+fPaFo4pNCq2Kz43b3VwygI543Ms w30CAwEAAaOCBEwwggRIMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUYm/qRZ+MHdR7 OHSMe1oW4MAmzccwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYI KwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0 c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0 c2VuY3J5cHQub3JnLzCCAlUGA1UdEQSCAkwwggJIgiVhdXRvZGlzY292ZXIuY2Fw aXRhbGNpdHliYWxsaG9ja2V5LmNhgiFhdXRvZGlzY292ZXIubWFyeXN2aWxsZWJh cHRpc3QuY2GCGWF1dG9kaXNjb3Zlci5ta21kZXNpZ24uY2GCGGNhcGl0YWxjaXR5 YmFsbGhvY2tleS5jYYIgY2FwaXRhbGNpdHliYWxsaG9ja2V5Lm1rbWxpdmUuY2GC HW1haWwuY2FwaXRhbGNpdHliYWxsaG9ja2V5LmNhghltYWlsLm1hcnlzdmlsbGVi YXB0aXN0LmNhghFtYWlsLm1rbWRlc2lnbi5jYYIUbWFyeXN2aWxsZWJhcHRpc3Qu Y2GCHG1hcnlzdmlsbGViYXB0aXN0Lm1rbWxpdmUuY2GCDG1rbWRlc2lnbi5jYYIU bWttZGVzaWduLm1rbWxpdmUuY2GCIHdlYmRpc2suY2FwaXRhbGNpdHliYWxsaG9j a2V5LmNhghx3ZWJkaXNrLm1hcnlzdmlsbGViYXB0aXN0LmNhghR3ZWJkaXNrLm1r bWRlc2lnbi5jYYIcd3d3LmNhcGl0YWxjaXR5YmFsbGhvY2tleS5jYYIkd3d3LmNh cGl0YWxjaXR5YmFsbGhvY2tleS5ta21saXZlLmNhghh3d3cubWFyeXN2aWxsZWJh cHRpc3QuY2GCIHd3dy5tYXJ5c3ZpbGxlYmFwdGlzdC5ta21saXZlLmNhghB3d3cu bWttZGVzaWduLmNhghh3d3cubWttZGVzaWduLm1rbWxpdmUuY2Ewgf4GA1UdIASB 9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv c2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAONErIeaf9EA3YV76ly3EwE99r8Q5 pJG5Bhqtx4uWbWyVbna107w5CziiIUMsplx49JygGHJewFZ7W9yhMBDQKexRlU2v AGbOBCoLbmvCj2sBzTv79J58k53fwRoI2VJq+0WTQE459OAsg6NZZ8WxwM3EbmsC 4TCQcry6ANV7zgXBOLS9+Z+NBhSLacRl0wSm5665BDzD5GoUJ/DKISGtV0M4A2KU RAh4xfq75PY8U2PPLlD+U/68X6feemMrzSTSDfaCJi2+j9QLF1lDLNJgbx81i+BB qpHky92Vlxo9qa5Ou+nNOtzVRFqMDJ2bSXVQtw1Lja4j7HfV+EMmxEB39g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNWYW/kWkZbsn/Djtu5a 39kVSpA6GEMHzWqrBvXc6rP1KG/xSCkPV9++ZkB8KNRY71g/lauJtifWVsPopmCn AJCsqO4i08AxJaHgo0j2V7Vdxxzk8Nws+Ez0wi+4J56ohvIM8En/6Q4uEUfxpeJR bxxquQJ75DHdhJErkO3HUGFuIMaqPa/l+kl9DWoz4T8MgQR8GBV2YP2WkmMUnTTA ypgI5+GczzcCXl64UFuYlCNmKEb5LrHG8yK9JVgubito4KhhMO41k/FRRml71kHF 7NkG0CDgUKGWIFpjgONfg7c9P0Yn0VrLOlX589oWjik0KrYrPjdvdXDKAjnjcyzD fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 300993543053885693891026262555674046424139 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-24 04:59:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-24 04:59:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'capitalcityballhockey.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24343082249240107323798591538787268560517722266894626041014643584234008365685363193639564289594560327041590490132404777500783858968298784521735483196291637232605525450818520888570964095544957905377313822608003689197237974504419000834316879088559607204576380855686435618845904288221866430202549785612537821692960701333851138026317134543164328801576956658630280390757749144233903189116516223083104224068285751019403268466070070209119843807116368330973020180205444793298149155560200724628706691630880644391863114215367876111299979441927904733372831865929914551829026302726968524475198213207036100112090596882161886610301 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 626fea459f8c1dd47b38748c7b5a16e0c026cdc7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (588 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.capitalcityballhockey.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.marysvillebaptist.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.mkmdesign.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'capitalcityballhockey.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'capitalcityballhockey.mkmlive.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.capitalcityballhockey.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.marysvillebaptist.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.mkmdesign.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marysvillebaptist.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marysvillebaptist.mkmlive.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mkmdesign.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mkmdesign.mkmlive.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.capitalcityballhockey.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.marysvillebaptist.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.mkmdesign.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.capitalcityballhockey.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.capitalcityballhockey.mkmlive.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.marysvillebaptist.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.marysvillebaptist.mkmlive.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mkmdesign.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mkmdesign.mkmlive.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0038d12b21e69ff44037615efa972dc4c04f7dafc439a491b9061aadc78b966d6c956e76b5d3bc390b38a221432ca65c78f49ca018725ec0567b5bdca13010d029ec51954daf0066ce042a0b6e6bc28f6b01cd3bfbf49e7c939ddfc11a08d9526afb4593404e39f4e02c83a35967c5b1c0cdc46e6b02e1309072bcba00d57bce05c138b4bdf99f8d06148b69c465d304a6e7aeb9043cc3e46a1427f0ca2121ad574338036294440878c5fabbe4f63c5363cf2e50fe53febc5fa7de7a632bcd24d20df682262dbe8fd40b1759432cd2606f1f358be041aa91e4cbdd95971a3da9ae4ebbe9cd3adcd5445a8c0c9d9b497550b70d4b8dae23ec77d5f84326c44077f6