it.tektonik.ca
Issued by R3
About this certificate
This digital certificate with serial number 03:c7:2d:a6:81:96:d1:9f:6c:22:60:3c:d8:00:95:8a:e6:c0 was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=it.tektonik.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:c7:2d:a6:81:96:d1:9f:6c:22:60:3c:d8:00:95:8a:e6:c0Serial Number (int): 329113728622016270509863072043703464552128
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d6:19:8b:9b:35:fb:28:b8:9e:e6:da:07:02:f1:80:82:13:b3:ef:27
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 22:c5:a5:e9:a3:11:0a:9b:09:10:6d:07:11:86:d3:fa:d2:10:bf:86
Fingerprint (sha256): 7a:1d:f2:2c:a9:c6:82:19:4d:10:fd:a0:ec:1c:8f:a5:e7:ff:d6:3f:ef:65:3e:2b:b2:88:7c:ae:9f:c2:37:43
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate it.tektonik.ca
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for it.tektonik.ca
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
it.tektonik.ca
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
Other certificates including the domain name tektonik.ca
(limited to 100 certificates)
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
Certificate
The complete raw certificate details for it.tektonik.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG+TCCBeGgAwIBAgISA8ctpoGW0Z9sImA82ACViubAMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzAyMTMwNDEzNTRaFw0yMzA1MTQwNDEzNTNaMBkxFzAVBgNVBAMT Dml0LnRla3RvbmlrLmNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA 2uVR/lFyx0yiY3p51icZCKQK5MZ4jsP7AoXMTAA5r/sHb8T/AHDNBlkU7bFpCsNq qKkuZTzrov+mt4Jl8Yt8Sb6SBnsLlvODF2YusRjAC90I0Docj1c5TVcwzmrySvl1 qn5r7fhNcSLhS+vsuZrm7iap4G5o/DGOgcpgXDr1uNTqICZYlMAGmlTQd4CNuZdn +c1sQEj5NhLx7pVYvjpwiUFiHMCaPo6n/GVHBll+dDsMbWuA5Erlzb/OaHocqzvo QXr9d6+TO8XDrdmHZn6LVzUUUPUuW95YWH/NzfM26T//RVLWS24CWnYYHG/tnn/8 L9o5pajtgsNSswFj2BSkrksmzPuWgBDhsAYIOzgn/KEDYdUdh9dLJDv08iul1FES FNeQCUh1koQnKxIkWXUcKIX71EHBoGhqTlBBw4GPX4+kAWvnSNbv5D4D5fHc9Mbx 7rZQDMMIO3lXPslKJL22fybHe7gOyASa4XL/KlPkLfHr/levLli93HFOWOC1zGM7 gQ4tnIiOEMYaIR3i23f+yjztBawmsSxL/EJfaCv8O0+tqxGzzT7M848Gha9IJE6u NYfh83Pugv5ikCul3nTCgjKMzyg2+zsvwe3RENB+Au8xfESEXdO7Z7MGDe8PnkMU p2fe8kaM8eT1DSKx6eYOHQjSMXH+EsmPnJMaTEZORPECAwEAAaOCAyAwggMcMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQU1hmLmzX7KLie5toHAvGAghOz7ycwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wge8GA1UdEQSB5zCB5IIOaXQudGVrdG9uaWsuY2GC D2l0LnRla3RvbmlrLmNvbYIQbWFpbC50ZWt0b25pay5jYYIRbWFpbC50ZWt0b25p ay5jb22CGG1lZGlib3RpcXVlLnRla3RvbmlrLmNvbYIQcG9wLnRla3RvbmlrLmNv bYIRc210cC50ZWt0b25pay5jb22CC3Rla3RvbmlrLmNhggx0ZWt0b25pay5jb22C DnRpLnRla3RvbmlrLmNhgg90aS50ZWt0b25pay5jb22CD3d3dy50ZWt0b25pay5j YYIQd3d3LnRla3RvbmlrLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEE AYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y ZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AHoyjFTYty22IOo44FIe6YQWcDIT hU070ivBOlejUutSAAABhkkxn7oAAAQDAEYwRAIgMwD1qfo2HcwG5su81RvDW9ID yO2xoHMIImN2YqorLLsCIGk4jdWpERb3r2hbFw1aXdTtrC6OaN0RVeOG+N65yl1L AHcA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGGSTGfiwAABAMA SDBGAiEA3C5wwBrD2USxz6EmKw+XUaL/ulBncYbtm5D2IAY+I1QCIQC4ycEB8mDk /pF3owBlL4uLt64G9D69yIMddg/Un5d/hzANBgkqhkiG9w0BAQsFAAOCAQEAJ5rM fKIxhWxqOa6hnr72xTmSbGbBu+tpzuBnDpAuXEHHvJEW0qfzRFJ8/sVRRceGCXuz suTFpAqSCgj01GcCg/eihO5QfA11EYGNw1eVfeGH6tNZcF7SOpOHLJz73+Zwv3za eJcsA+coHxdeMHjKe9og1VfBcjuE2yXxHFJZQH0acgoqvymk+sgCQTnqTnji89BW I/8pM7H8mrBCbpofvRMnUhwGo1QSPH4O7xqSc9SQfdwcuYBSHSvQGMkYTIFE7a6r KeyB1tKIkoV42FVgtc8AjVyNeLiXA0nNA944LPFdNPUqm8uWpvAQzw1xbpMVj+dy 7Jr8lFgCsEv6cCQqTQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2uVR/lFyx0yiY3p51icZ CKQK5MZ4jsP7AoXMTAA5r/sHb8T/AHDNBlkU7bFpCsNqqKkuZTzrov+mt4Jl8Yt8 Sb6SBnsLlvODF2YusRjAC90I0Docj1c5TVcwzmrySvl1qn5r7fhNcSLhS+vsuZrm 7iap4G5o/DGOgcpgXDr1uNTqICZYlMAGmlTQd4CNuZdn+c1sQEj5NhLx7pVYvjpw iUFiHMCaPo6n/GVHBll+dDsMbWuA5Erlzb/OaHocqzvoQXr9d6+TO8XDrdmHZn6L VzUUUPUuW95YWH/NzfM26T//RVLWS24CWnYYHG/tnn/8L9o5pajtgsNSswFj2BSk rksmzPuWgBDhsAYIOzgn/KEDYdUdh9dLJDv08iul1FESFNeQCUh1koQnKxIkWXUc KIX71EHBoGhqTlBBw4GPX4+kAWvnSNbv5D4D5fHc9Mbx7rZQDMMIO3lXPslKJL22 fybHe7gOyASa4XL/KlPkLfHr/levLli93HFOWOC1zGM7gQ4tnIiOEMYaIR3i23f+ yjztBawmsSxL/EJfaCv8O0+tqxGzzT7M848Gha9IJE6uNYfh83Pugv5ikCul3nTC gjKMzyg2+zsvwe3RENB+Au8xfESEXdO7Z7MGDe8PnkMUp2fe8kaM8eT1DSKx6eYO HQjSMXH+EsmPnJMaTEZORPECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 329113728622016270509863072043703464552128 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-13 04:13:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-14 04:13:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'it.tektonik.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 893016880062261661972804853270211338246447317364447835141457852907661048482731547149780913546562279303272913222499304894446561872763537050494985685463498072933516974822181548143523039095711865109716797536605741784431731048038369481772808219502300569870961944938841194670415528153106326401214759110566077767833155315968672631789034579951378120110917805949972799077964424938932451979208929794636331448116568522799490880272284852139243632209491949363370859014191167835343277542687267079816163207819306855527272234155330014707504662560218024505985761585694191539379114972338161081081043759145163879229814494579944860850050085717190051916226222482779673678566407516683613395047594373321257364445517680551466326604277570694930505731653761426225846205349466913964577284259232455009046322994726597116574557658551896032892580948497011708532542584492244445369467612646546687094444317285546152129492925655998717665556617643679863705149990368341109222448491122414053029909755076924254886098558196003558884023777656298469302119782481273516371050962280521461461113551123545848689806587161167116103709765437607957324652213104543862112748711475048195127139676169260724887769196364922739280384012426498173638376380387359056164856302485099929247040753 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d6198b9b35fb28b89ee6da0702f1808213b3ef27 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (231 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medibotique.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pop.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smtp.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018649319fba000004030046304402203300f5a9fa361dcc06e6cbbcd51bc35bd203c8edb1a0730822637662aa2b2cbb022069388dd5a91116f7af685b170d5a5dd4edac2e8e68dd1155e386f8deb9ca5d4b007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018649319f8b0000040300483046022100dc2e70c01ac3d944b1cfa1262b0f9751a2ffba50677186ed9b90f620063e2354022100b8c9c101f260e4fe9177a300652f8b8bb7ae06f43ebdc8831d760fd49f977f87 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00279acc7ca231856c6a39aea19ebef6c539926c66c1bbeb69cee0670e902e5c41c7bc9116d2a7f344527cfec55145c786097bb3b2e4c5a40a920a08f4d4670283f7a284ee507c0d7511818dc357957de187ead359705ed23a93872c9cfbdfe670bf7cda78972c03e7281f175e3078ca7bda20d557c1723b84db25f11c5259407d1a720a2abf29a4fac8024139ea4e78e2f3d05623ff2933b1fc9ab0426e9a1fbd1327521c06a354123c7e0eef1a9273d4907ddc1cb980521d2bd018c9184c8144edaeab29ec81d6d288928578d85560b5cf008d5c8d78b8970349cd03de382cf15d34f52a9bcb96a6f010cf0d716e93158fe772ec9afc945802b04bfa70242a4d