www.bpstone.com.vn

Issued by R3

About this certificate

This digital certificate with serial number 04:ad:d0:bb:c8:b8:93:0e:ef:54:10:aa:40:fe:00:b9:13:70 was issued on by Let's Encrypt.

With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.bpstone.com.vn

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:ad:d0:bb:c8:b8:93:0e:ef:54:10:aa:40:fe:00:b9:13:70
Serial Number (int): 407595447658104564264550184155498891776880
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 9a:49:dc:46:50:68:a8:77:2a:1f:c0:64:d1:af:8f:b3:68:cb:71:31
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 5f:49:4d:e2:52:dc:d8:65:3f:d8:96:ff:a6:42:87:ca:42:0c:b0:73
Fingerprint (sha256): 81:82:1a:fd:38:d1:f1:ca:7d:41:3d:c6:d8:a3:ed:d8:b3:39:22:f9:6e:cc:09:c8:c2:ab:f4:15:a0:fe:f9:84

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.bpstone.com.vn

24

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.bpstone.com.vn

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.hetianvietnam.com
*.nibiamin.vn
*.thanglongedu.com
*.thanglongedu.vn
bandocolor.duy7.name.vn
bpstone.com.vn
bpstone.duy7.name.vn
hetianvietnam.com
hetianvietnam.duy7.name.vn
nibiamin.vn
nibiamin2.duy7.name.vn
oceanpark.duy7.name.vn
thanglong.duy7.name.vn
thanglongedu.com
thanglongedu.duy7.name.vn
thanglongedu.vn
www.bandocolor.duy7.name.vn
www.bpstone.com.vn
www.bpstone.duy7.name.vn
www.hetianvietnam.duy7.name.vn
www.nibiamin2.duy7.name.vn
www.oceanpark.duy7.name.vn
www.thanglong.duy7.name.vn
www.thanglongedu.duy7.name.vn

Other certificates including the domain name bpstone.com.vn

(limited to 100 certificates)
www.bpstone.com.vn
www.hoathinhwood.com

Certificate

The complete raw certificate details for www.bpstone.com.vn in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHDTCCBfWgAwIBAgISBK3Qu8i4kw7vVBCqQP4AuRNwMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MTcxNzQ4MDRaFw0yMzEyMTYxNzQ4MDNaMB0xGzAZBgNVBAMT
End3dy5icHN0b25lLmNvbS52bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOLOJ1m9A1J9Ea1nkrFyJInvpz8P1eIcSeKwRPJoPI3d30h/fbra4/IZQWq
/t0/xn3g90al2+KjROHqOEUARCRsqUNwL94eKH+8m35XnOWhe9aGFYqleDptU7P9
GMXJ5vJSQT0qinUZWPgn2EzNg+SvkscKw/MRaPpPdB4++vNhJyhEiJAIeNLP3kkh
XYegPYPWBv5mkyxrxPoebHZzeMTprhprIW7CgajaDE8VMxQ0Wc7FFV74+BD3KFMp
OxOwrJzGYtwbU0SAKe5DwtrlBZvu3PnqO+68x49jpw+LbJwoxZH6rgPJGSKigbhm
qjMi83aYGO2voN74r9fuO3CvU/sCAwEAAaOCBDAwggQsMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUmkncRlBoqHcqH8Bk0a+Ps2jLcTEwHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wggI3BgNVHREEggIuMIICKoITKi5oZXRpYW52aWV0bmFtLmNvbYINKi5u
aWJpYW1pbi52boISKi50aGFuZ2xvbmdlZHUuY29tghEqLnRoYW5nbG9uZ2VkdS52
boIXYmFuZG9jb2xvci5kdXk3Lm5hbWUudm6CDmJwc3RvbmUuY29tLnZughRicHN0
b25lLmR1eTcubmFtZS52boIRaGV0aWFudmlldG5hbS5jb22CGmhldGlhbnZpZXRu
YW0uZHV5Ny5uYW1lLnZuggtuaWJpYW1pbi52boIWbmliaWFtaW4yLmR1eTcubmFt
ZS52boIWb2NlYW5wYXJrLmR1eTcubmFtZS52boIWdGhhbmdsb25nLmR1eTcubmFt
ZS52boIQdGhhbmdsb25nZWR1LmNvbYIZdGhhbmdsb25nZWR1LmR1eTcubmFtZS52
boIPdGhhbmdsb25nZWR1LnZught3d3cuYmFuZG9jb2xvci5kdXk3Lm5hbWUudm6C
End3dy5icHN0b25lLmNvbS52boIYd3d3LmJwc3RvbmUuZHV5Ny5uYW1lLnZugh53
d3cuaGV0aWFudmlldG5hbS5kdXk3Lm5hbWUudm6CGnd3dy5uaWJpYW1pbjIuZHV5
Ny5uYW1lLnZughp3d3cub2NlYW5wYXJrLmR1eTcubmFtZS52boIad3d3LnRoYW5n
bG9uZy5kdXk3Lm5hbWUudm6CHXd3dy50aGFuZ2xvbmdlZHUuZHV5Ny5uYW1lLnZu
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA
ejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGKpHikIgAABAMASDBG
AiEA0AE8aVnGLJHu2zj2WxycVp2wPXlklSyBuEq8dgcuCrICIQDVXA9YmdZ1edUT
2i7hrIpE84W5Ci9rgQM+CRvf22CzdQB1AOg+0No+9QY1MudXKLyJa8kD08vREWvs
62nhd31tBr1uAAABiqR4pEQAAAQDAEYwRAIgNXJRoFJPvWkwiptpo7XavGtm2Qi4
b79qo7Ai0R0P4DsCIBix/dRKwLEGEIJNGBdNxRzWiuf6ItnCV8Nt7YwA6IZeMA0G
CSqGSIb3DQEBCwUAA4IBAQBVteR+DZuV5AITLw9M+/Pv6vwwfQm5ZIhOEGXJqOQB
QMfhOmqTZSFdJP86QdM0XvrHdf70NaNpSF9pi26pSaOtcb/nzRiiiv7G1uCRfnmH
mD6uxOZ8Jywg1nWK05rgAFEDdxRmEPo5c374oAZRVbX+wYJF3sDqde21Iukt2v5D
I48J3iYHu+JohyTY3bE25fgqblYHKTZoGzW222n11bJwCXfL0L+XW5IDjFPWmAy/
URmDUuLeqLb47ZTvxl2KG9nu18imeASkXWQRO+f0hBGqKiPZTtPMPqB3nWab85ug
g27f59PWbcX0yUth1gco1kFHbVLm788N/tdNIGJI784r
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4s4nWb0DUn0RrWeSsXI
kie+nPw/V4hxJ4rBE8mg8jd3fSH99utrj8hlBar+3T/GfeD3RqXb4qNE4eo4RQBE
JGypQ3Av3h4of7ybflec5aF71oYViqV4Om1Ts/0Yxcnm8lJBPSqKdRlY+CfYTM2D
5K+SxwrD8xFo+k90Hj7682EnKESIkAh40s/eSSFdh6A9g9YG/maTLGvE+h5sdnN4
xOmuGmshbsKBqNoMTxUzFDRZzsUVXvj4EPcoUyk7E7CsnMZi3BtTRIAp7kPC2uUF
m+7c+eo77rzHj2OnD4tsnCjFkfquA8kZIqKBuGaqMyLzdpgY7a+g3viv1+47cK9T
+wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 407595447658104564264550184155498891776880
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-17 17:48:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-16 17:48:03 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bpstone.com.vn'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24685121977031470899072262781009768896217626820935083593920103654552924313109748151778322412996183731567491053829473132838276971529625034135826204522865915115705041880441230371858002924639602524192504740408954883914398781414036561875148604011560736305466824852411546065041613467142997738950468696898149763042278406392408770330860911924615084430161223313814301711724837269972760848662423077062283966718040948226947327155957174782272829216478830716607959202003943691171597610331479215846374301839236888853502302495412314568884230684645690618003984746043194591188041825419996341397369722785974739856790756512858519852027
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9a49dc465068a8772a1fc064d1af8fb368cb7131
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (558 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hetianvietnam.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nibiamin.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thanglongedu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thanglongedu.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bandocolor.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bpstone.com.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bpstone.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hetianvietnam.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hetianvietnam.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nibiamin.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nibiamin2.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oceanpark.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thanglong.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thanglongedu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thanglongedu.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thanglongedu.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bandocolor.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bpstone.com.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bpstone.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hetianvietnam.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nibiamin2.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oceanpark.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thanglong.duy7.name.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thanglongedu.duy7.name.vn'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018aa478a4220000040300483046022100d0013c6959c62c91eedb38f65b1c9c569db03d7964952c81b84abc76072e0ab2022100d55c0f5899d67579d513da2ee1ac8a44f385b90a2f6b81033e091bdfdb60b375007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018aa478a44400000403004630440220357251a0524fbd69308a9b69a3b5dabc6b66d908b86fbf6aa3b022d11d0fe03b022018b1fdd44ac0b10610824d18174dc51cd68ae7fa22d9c257c36ded8c00e8865e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0055b5e47e0d9b95e402132f0f4cfbf3efeafc307d09b964884e1065c9a8e40140c7e13a6a9365215d24ff3a41d3345efac775fef435a369485f698b6ea949a3ad71bfe7cd18a28afec6d6e0917e7987983eaec4e67c272c20d6758ad39ae000510377146610fa39737ef8a0065155b5fec18245dec0ea75edb522e92ddafe43238f09de2607bbe2688724d8ddb136e5f82a6e56072936681b35b6db69f5d5b2700977cbd0bf975b92038c53d6980cbf51198352e2dea8b6f8ed94efc65d8a1bd9eed7c8a67804a45d64113be7f48411aa2a23d94ed3cc3ea0779d669bf39ba0836edfe7d3d66dc5f4c94b61d60728d641476d52e6efcf0dfed74d206248efce2b