aamulehti.ap.richiefi.net

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:99:ba:34:6a:22:da:02:9c:1d:57:70:c2:77:c5:d8:da:0e was issued on by Let's Encrypt.

With 25 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=aamulehti.ap.richiefi.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:99:ba:34:6a:22:da:02:9c:1d:57:70:c2:77:c5:d8:da:0e
Serial Number (int): 313647568493533609412949977670009866476046
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 65:81:42:36:9e:72:b2:31:89:c4:dd:0b:f4:39:ec:61:30:e7:78:30
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): ec:e4:27:cb:98:37:41:20:e0:f4:0c:aa:b8:b3:37:90:65:ba:a0:24
Fingerprint (sha256): 80:63:84:64:f3:a7:ca:ed:db:a4:58:5e:e4:5f:af:30:5f:24:97:9f:9b:18:8a:37:11:79:15:ce:1a:66:ee:54

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate aamulehti.ap.richiefi.net

25

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aamulehti.ap.richiefi.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aamulehti.ap.richiefi.net
iltalehti.ap.richiefi.net
jamsanseutu.ap.richiefi.net
janakkalansanomat.ap.richiefi.net
jokilaakso.ap.richiefi.net
kankaanpaanseutu.ap.richiefi.net
kauppalehti.ap.richiefi.net
kmv-lehti.ap.richiefi.net
lapinkansa.ap.richiefi.net
lehdet.kauppalehti.fi
lounais-lappi.ap.richiefi.net
luoteisvayla.ap.richiefi.net
merikarvialehti.ap.richiefi.net
nakoislehti.il.fi
nokianuutiset.ap.richiefi.net
pohjolansanomat.ap.richiefi.net
rannikkoseutu.ap.richiefi.net
satakunnankansa.ap.richiefi.net
suurkeuruu.ap.richiefi.net
sydansatakunta.ap.richiefi.net
tyrvaansanomat.ap.richiefi.net
uusi-rovaniemi.ap.richiefi.net
vakkasuomensanomat.ap.richiefi.net
valkeakoskensanomat.ap.richiefi.net
vekkari.ap.richiefi.net

Other certificates including the domain name richiefi.net

(limited to 100 certificates)
kaleva.ap.richiefi.net
digi.paivamies.fi
digilehdet.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
digi.paivamies.fi
digilehdet.ap.richiefi.net
digilehdet.sanomapaino.fi
*.richie.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
kaleva.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
digi.paivamies.fi
aamulehti.ap.richiefi.net
iijokiseutu.ap.richiefi.net
*.richie.fi
*.richiefi.net
alasatakunta.ap.richiefi.net
digilehdet-tutkimus.ap.richiefi.net
*.rad.richiefi.net
digi.paivamies.fi
aamulehti.ap.richiefi.net
digilehdet-tutkimus.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
digilehdet.ap.richiefi.net
kaleva.ap.richiefi.net
aamulehti.ap.richiefi.net
kaleva.ap.richiefi.net
*.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
almatalent.ap.richiefi.net
digilehdet.sanomapaino.fi
alasatakunta.ap.richiefi.net
iijokiseutu.ap.richiefi.net
aamulehti.ap.richiefi.net
iijokiseutu.ap.richiefi.net
digilehdet.sanomapaino.fi
*.rad.richiefi.net
digilehdet.ap.richiefi.net
*.richie.fi
alasatakunta.ap.richiefi.net
digi.paivamies.fi
alasatakunta.ap.richiefi.net
*.rad.richiefi.net
aamulehti.ap.richiefi.net
kaleva.ap.richiefi.net
digilehdet.ap.richiefi.net
digilehdet.ap.richiefi.net
aller.ap.richiefi.net
alasatakunta.ap.richiefi.net
aamulehti.ap.richiefi.net
almatalent.ap.richiefi.net
*.rad.richiefi.net
digi.paivamies.fi
kaleva.ap.richiefi.net
aamulehti.ap.richiefi.net
alasatakunta.ap.richiefi.net
digi.paivamies.fi
aller.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
almatalent.ap.richiefi.net
alasatakunta.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
aller.ap.richiefi.net
*.rad.richiefi.net
digi.paivamies.fi
digilehdet.ap.richiefi.net
digi.paivamies.fi
aamulehti.ap.richiefi.net
aller.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
*.richie.fi
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
aller.ap.richiefi.net
digilehdet.ap.richiefi.net
aller.ap.richiefi.net
aller.ap.richiefi.net
aamulehti.ap.richiefi.net
aamulehti.ap.richiefi.net
aamulehti.ap.richiefi.net
digilehdet.ap.richiefi.net
aamulehti.ap.richiefi.net
aller.ap.richiefi.net
alasatakunta.ap.richiefi.net
alasatakunta.ap.richiefi.net
kaleva.ap.richiefi.net
digilehdet.sanomapaino.fi

Certificate

The complete raw certificate details for aamulehti.ap.richiefi.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII9jCCB96gAwIBAgISA5m6NGoi2gKcHVdwwnfF2NoOMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA4MjgxMjI5MjlaFw0x
ODExMjYxMjI5MjlaMCQxIjAgBgNVBAMTGWFhbXVsZWh0aS5hcC5yaWNoaWVmaS5u
ZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZhU1/W/8X6SfEL2wl
93RyatFRTwPFD0bGjZxTx5bf7imCxl5FrxhKWd8X5/3Cr7jGLcNqwaPoy8LMjotG
9t4m1hoXpS3B1eyhfwilfrhWgmZsQfL8mcPAXrgia+yZ9wWWhEds7aQnn6D/ZdL/
VFn1UtXLVk+GLITba2X2U8KMfS+R+WagVF7qem0SmbRrab5cHlwvUk7be0jvpWEc
VJ7XF95pNpVqS3KKG0LJZIxj2/gyDzl5LHkwxOjG4e3Wt8pVqexCIFzlpmBM+7f2
OWML62vCdk01aAAYpTyRcYJhRVfvQvT37a2TaoOgwRLNLx42aTfgdBtCj4UtqtRt
2m01AgMBAAGjggX6MIIF9jAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGWBQjaecrIx
icTdC/Q57GEw53gwMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G
CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl
dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl
dHNlbmNyeXB0Lm9yZy8wggL7BgNVHREEggLyMIIC7oIZYWFtdWxlaHRpLmFwLnJp
Y2hpZWZpLm5ldIIZaWx0YWxlaHRpLmFwLnJpY2hpZWZpLm5ldIIbamFtc2Fuc2V1
dHUuYXAucmljaGllZmkubmV0giFqYW5ha2thbGFuc2Fub21hdC5hcC5yaWNoaWVm
aS5uZXSCGmpva2lsYWFrc28uYXAucmljaGllZmkubmV0giBrYW5rYWFucGFhbnNl
dXR1LmFwLnJpY2hpZWZpLm5ldIIba2F1cHBhbGVodGkuYXAucmljaGllZmkubmV0
ghlrbXYtbGVodGkuYXAucmljaGllZmkubmV0ghpsYXBpbmthbnNhLmFwLnJpY2hp
ZWZpLm5ldIIVbGVoZGV0LmthdXBwYWxlaHRpLmZpgh1sb3VuYWlzLWxhcHBpLmFw
LnJpY2hpZWZpLm5ldIIcbHVvdGVpc3ZheWxhLmFwLnJpY2hpZWZpLm5ldIIfbWVy
aWthcnZpYWxlaHRpLmFwLnJpY2hpZWZpLm5ldIIRbmFrb2lzbGVodGkuaWwuZmmC
HW5va2lhbnV1dGlzZXQuYXAucmljaGllZmkubmV0gh9wb2hqb2xhbnNhbm9tYXQu
YXAucmljaGllZmkubmV0gh1yYW5uaWtrb3NldXR1LmFwLnJpY2hpZWZpLm5ldIIf
c2F0YWt1bm5hbmthbnNhLmFwLnJpY2hpZWZpLm5ldIIac3V1cmtldXJ1dS5hcC5y
aWNoaWVmaS5uZXSCHnN5ZGFuc2F0YWt1bnRhLmFwLnJpY2hpZWZpLm5ldIIedHly
dmFhbnNhbm9tYXQuYXAucmljaGllZmkubmV0gh51dXNpLXJvdmFuaWVtaS5hcC5y
aWNoaWVmaS5uZXSCInZha2thc3VvbWVuc2Fub21hdC5hcC5yaWNoaWVmaS5uZXSC
I3ZhbGtlYWtvc2tlbnNhbm9tYXQuYXAucmljaGllZmkubmV0ghd2ZWtrYXJpLmFw
LnJpY2hpZWZpLm5ldDCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC
3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn
MIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUg
cmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29y
ZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBz
Oi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHcAwRZK4Kdy0tQ5LcgKwQdw1PDEm96ZGkhAwfoHUWT2M2AAAAFlgLmP
sQAABAMASDBGAiEAt7DL4B6cVonj/VT/nQNaRjdnIVVXuEwmeEEMfq7fNgECIQCn
37YM0jhK/Q8i5QyJYE0gc3fuN5CwH8eo2KlW4OfC9wB1ACk8UZZUyDlluqpQ/FgH
1Ldvv1h6KXLcpMMM9OVFR/R4AAABZYC5kbkAAAQDAEYwRAIgPQGueVeGEeZO3Ybr
BpEwpg+g4Z0r6ex8J2j8JBnwXWkCIBUKzTEmb7LaMhBsy9A0zcCZa6RYT6syH8Vk
pWXLXIFGMA0GCSqGSIb3DQEBCwUAA4IBAQB79XB98Q1eDz8c6y28pB81/EilcNUm
IjB3h2hS5sQQ94CgsH7/jlsLzTWuO6RyrU0fVI8BNCgti69ICTYs1WnN5sN6sX3v
W4IFT6hPysuZXcmnm9Bks1wNMo+6lpKHE4eRzx7SpfVlUFxMrhhK7cZ0UMkMaito
NjmZykZFEpTy1pp112Ekc3Kw58NiWzZjQXPvSp5clA2w8Kl+l+5sA8QFharE/Ovk
pqzBJB0G4RZRNcKN7a7qgWhDv7l6b+F1dy+N7ZI22X1k+l789cRMUNatimBgI9qB
Yqwr1gfD1jwEOv1ypyErgL5eKLKfYslRlzHQM3nPMKHLeFMVOdyfJgl1
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYVNf1v/F+knxC9sJfd0
cmrRUU8DxQ9Gxo2cU8eW3+4pgsZeRa8YSlnfF+f9wq+4xi3DasGj6MvCzI6LRvbe
JtYaF6UtwdXsoX8IpX64VoJmbEHy/JnDwF64ImvsmfcFloRHbO2kJ5+g/2XS/1RZ
9VLVy1ZPhiyE22tl9lPCjH0vkflmoFRe6nptEpm0a2m+XB5cL1JO23tI76VhHFSe
1xfeaTaVaktyihtCyWSMY9v4Mg85eSx5MMToxuHt1rfKVansQiBc5aZgTPu39jlj
C+trwnZNNWgAGKU8kXGCYUVX70L09+2tk2qDoMESzS8eNmk34HQbQo+FLarUbdpt
NQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 313647568493533609412949977670009866476046
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-28 12:29:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-26 12:29:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aamulehti.ap.richiefi.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19380194683247649909455106415155587479516458059253214253788598558505103283175417680090262432769563451958980902684109123676506248317440613383074557134850426283372614794859056716297543289227764453172195904091739599792070722202721091317789020436160106876661826073288124320511826957717329708175351263560928557052812236191810155059229585235114039015044817748179481991958266619123523246280571267867256374009790378426902618754673958101148671442343774704201121934951551829730660398991928236012984106939060267003605214565165945428811378239029327275370028026205838618779739657325715365583926976624028424869332236468059966696757
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							658142369e72b23189c4dd0bf439ec6130e77830
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (754 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aamulehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iltalehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jamsanseutu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'janakkalansanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jokilaakso.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kankaanpaanseutu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kauppalehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kmv-lehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lapinkansa.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lehdet.kauppalehti.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lounais-lappi.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'luoteisvayla.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'merikarvialehti.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nakoislehti.il.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nokianuutiset.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pohjolansanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rannikkoseutu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'satakunnankansa.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'suurkeuruu.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sydansatakunta.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tyrvaansanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uusi-rovaniemi.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vakkasuomensanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'valkeakoskensanomat.ap.richiefi.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vekkari.ap.richiefi.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700c1164ae0a772d2d4392dc80ac10770d4f0c49bde991a4840c1fa075164f633600000016580b98fb10000040300483046022100b7b0cbe01e9c5689e3fd54ff9d035a463767215557b84c2678410c7eaedf3601022100a7dfb60cd2384afd0f22e50c89604d207377ee3790b01fc7a8d8a956e0e7c2f7007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016580b991b9000004030046304402203d01ae79578611e64edd86eb069130a60fa0e19d2be9ec7c2768fc2419f05d690220150acd31266fb2da32106ccbd034cdc0996ba4584fab321fc564a565cb5c8146
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007bf5707df10d5e0f3f1ceb2dbca41f35fc48a570d526223077876852e6c410f780a0b07eff8e5b0bcd35ae3ba472ad4d1f548f0134282d8baf4809362cd569cde6c37ab17def5b82054fa84fcacb995dc9a79bd064b35c0d328fba969287138791cf1ed2a5f565505c4cae184aedc67450c90c6a2b68363999ca46451294f2d69a75d761247372b0e7c3625b36634173ef4a9e5c940db0f0a97e97ee6c03c40585aac4fcebe4a6acc1241d06e1165135c28dedaeea816843bfb97a6fe175772f8ded9236d97d64fa5efcf5c44c50d6ad8a606023da8162ac2bd607c3d63c043afd72a7212b80be5e28b29f62c9519731d03379cf30a1cb78531539dc9f260975