nepamikvah.com
Issued by R3
About this certificate
This digital certificate with serial number 04:71:4c:f8:3d:29:92:76:ef:13:2a:ac:dc:90:ce:54:f0:cd was issued on by Let's Encrypt.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nepamikvah.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:71:4c:f8:3d:29:92:76:ef:13:2a:ac:dc:90:ce:54:f0:cdSerial Number (int): 387003361446928272280966010776391242805453
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: af:fb:de:56:76:1e:d4:1d:fe:86:a3:74:d5:a9:a2:09:07:1c:c7:fe
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5b:34:51:3b:6f:af:01:25:a5:03:b2:1f:15:14:a0:1a:31:e3:a9:c0
Fingerprint (sha256): 82:f8:41:ba:f9:41:70:29:1c:2a:69:92:90:f0:5e:80:61:22:2c:37:5c:67:80:91:7b:60:ef:9a:5c:ab:ab:e3
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate nepamikvah.com
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nepamikvah.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
allaboutsnowmobiling.com
dungloetech.com
foreverlush.com
golnarmahmoudi.com
konsultant.ca
mtkyllini.com
myrobotbff.com
nepamikvah.com
omniveri.com
parkcarking.com
poisonivyremovalnearme.com
prepyourchurch.com
sportmg.com
stpaulsportsmed.com
upgradedmaninitiative.com
www.allaboutsnowmobiling.com
www.dungloetech.com
www.foreverlush.com
www.golnarmahmoudi.com
www.konsultant.ca
www.mtkyllini.com
www.myrobotbff.com
www.nepamikvah.com
www.omniveri.com
www.parkcarking.com
www.poisonivyremovalnearme.com
www.prepyourchurch.com
www.sportmg.com
www.stpaulsportsmed.com
www.upgradedmaninitiative.com
dungloetech.com
foreverlush.com
golnarmahmoudi.com
konsultant.ca
mtkyllini.com
myrobotbff.com
nepamikvah.com
omniveri.com
parkcarking.com
poisonivyremovalnearme.com
prepyourchurch.com
sportmg.com
stpaulsportsmed.com
upgradedmaninitiative.com
www.allaboutsnowmobiling.com
www.dungloetech.com
www.foreverlush.com
www.golnarmahmoudi.com
www.konsultant.ca
www.mtkyllini.com
www.myrobotbff.com
www.nepamikvah.com
www.omniveri.com
www.parkcarking.com
www.poisonivyremovalnearme.com
www.prepyourchurch.com
www.sportmg.com
www.stpaulsportsmed.com
www.upgradedmaninitiative.com
Other certificates including the domain name nepamikvah.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for nepamikvah.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHTzCCBjegAwIBAgISBHFM+D0pknbvEyqs3JDOVPDNMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDgwNTQyMjdaFw0yNDA4MDYwNTQyMjZaMBkxFzAVBgNVBAMT Dm5lcGFtaWt2YWguY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA wHZpS+9V/9pw9f+6hb8YTKDVe3EvCjM0YNFGQZDICR0fLeCJNieXVGDtIwVPX13g XZRyus+tNcVXQZzOEGf2GaVuCKd7iDhBMJC4e3+xz6rdWFDDfRayJ8JYiTFFk5ZZ Uh20QyEVUX4oxw/T02QSZ5V/i3/ECJ/f5zWfSXS5mgFZCjTvE02PS9evSMCE6tXO 2bOs4uX0NZhYGghUo76UZxXZ4aC1EkSP+sApxP1VWm8tO+b4JuSJzdX0KZPyNq2r IvTShSc2V+Q76Kvti1RTm/yzCvV4heIjZKNPoS79puuSThGej1c1T5V/vYCskzgW 0HJgMlHZAldRBHsae9vY6wIDAQABo4IEdjCCBHIwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBSv+95Wdh7UHf6Go3TVqaIJBxzH/jAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzCCAn0GA1UdEQSCAnQwggJwghhhbGxhYm91dHNub3dtb2JpbGluZy5jb22CD2R1 bmdsb2V0ZWNoLmNvbYIPZm9yZXZlcmx1c2guY29tghJnb2xuYXJtYWhtb3VkaS5j b22CDWtvbnN1bHRhbnQuY2GCDW10a3lsbGluaS5jb22CDm15cm9ib3RiZmYuY29t gg5uZXBhbWlrdmFoLmNvbYIMb21uaXZlcmkuY29tgg9wYXJrY2Fya2luZy5jb22C GnBvaXNvbml2eXJlbW92YWxuZWFybWUuY29tghJwcmVweW91cmNodXJjaC5jb22C C3Nwb3J0bWcuY29tghNzdHBhdWxzcG9ydHNtZWQuY29tghl1cGdyYWRlZG1hbmlu aXRpYXRpdmUuY29tghx3d3cuYWxsYWJvdXRzbm93bW9iaWxpbmcuY29tghN3d3cu ZHVuZ2xvZXRlY2guY29tghN3d3cuZm9yZXZlcmx1c2guY29tghZ3d3cuZ29sbmFy bWFobW91ZGkuY29tghF3d3cua29uc3VsdGFudC5jYYIRd3d3Lm10a3lsbGluaS5j b22CEnd3dy5teXJvYm90YmZmLmNvbYISd3d3Lm5lcGFtaWt2YWguY29tghB3d3cu b21uaXZlcmkuY29tghN3d3cucGFya2NhcmtpbmcuY29tgh53d3cucG9pc29uaXZ5 cmVtb3ZhbG5lYXJtZS5jb22CFnd3dy5wcmVweW91cmNodXJjaC5jb22CD3d3dy5z cG9ydG1nLmNvbYIXd3d3LnN0cGF1bHNwb3J0c21lZC5jb22CHXd3dy51cGdyYWRl ZG1hbmluaXRpYXRpdmUuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYB BAHWeQIEAgSB9QSB8gDwAHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4 ZG4AAAGPVvBqbgAABAMARzBFAiAnzeANxx5RekToX3lQGZszqN4xBh9KrK58qBwA IrzXdwIhAIBo8P28qrqwa/SnYNqiMeZrJLTNxepjKEwqjJe9wNEFAHYAGZgQcQnw 1lIuMIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoAAAGPVvBqmgAABAMARzBFAiAVlhbG lsmdtiG/1ux+i+nCD2LT0j8L5ZKMYJIyBpbEagIhAN4NL+lufqLYTNLQ6D+eU5h/ DuV0XMKz8dvov9uxBkiRMA0GCSqGSIb3DQEBCwUAA4IBAQBJRV9L3+3zmZ4wuWYO mGMGgRaWTF9hWr7HBYhL8cfmrkOxdAcZzIB6w1BGCRCncGYzQjt5DQWDg3ykCmKI C2VqZBIcQ6rKghxmg5lAVWWe7QfLeXru3aQ7hnRSrGwZFbkdoAWDY92cgWczXQmD l8m8APbKe+MfV/nf5bB43v24WmkpwvcSllLqR49PoBjfAGsmJkBBxillKFbDSk2E 1BOFai4IrLPS/OndZZLbAukk94tz/XSOrDg80/E1spQI2sRVuO3Hjgr6jlSDsr+v /qhbrryJVub1QqeI0m28jH9dhanGqhRkWPJisVg71+5CGMKj3Y9eax75l13YpAZB l7KO -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHZpS+9V/9pw9f+6hb8Y TKDVe3EvCjM0YNFGQZDICR0fLeCJNieXVGDtIwVPX13gXZRyus+tNcVXQZzOEGf2 GaVuCKd7iDhBMJC4e3+xz6rdWFDDfRayJ8JYiTFFk5ZZUh20QyEVUX4oxw/T02QS Z5V/i3/ECJ/f5zWfSXS5mgFZCjTvE02PS9evSMCE6tXO2bOs4uX0NZhYGghUo76U ZxXZ4aC1EkSP+sApxP1VWm8tO+b4JuSJzdX0KZPyNq2rIvTShSc2V+Q76Kvti1RT m/yzCvV4heIjZKNPoS79puuSThGej1c1T5V/vYCskzgW0HJgMlHZAldRBHsae9vY 6wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 387003361446928272280966010776391242805453 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-08 05:42:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-06 05:42:26 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nepamikvah.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24296145349127388053733080163988540082212480973442809502682975488527848019255447065022537147794227792493385203660415978739344340706891678039853047633916653874157170170846326759138397242168469621205035600609540536424441764447420690309097185765052613857609685618056206404085995986126206031455073651066158751167080940430072882797851904427228403104129044403848444737822730372487125556637982633487325407728109106424909187567925740819907391930146846058799828822353814998690361990010068438949309981424223727091397757727256569709077951176032976337431919352424856889443611217425410246759100705323751897139147364267493672343787 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) affbde56761ed41dfe86a374d5a9a209071cc7fe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (628 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'allaboutsnowmobiling.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dungloetech.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foreverlush.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'golnarmahmoudi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'konsultant.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtkyllini.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myrobotbff.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nepamikvah.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'omniveri.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parkcarking.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'poisonivyremovalnearme.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prepyourchurch.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportmg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stpaulsportsmed.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'upgradedmaninitiative.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.allaboutsnowmobiling.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dungloetech.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.foreverlush.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.golnarmahmoudi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.konsultant.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mtkyllini.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.myrobotbff.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nepamikvah.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.omniveri.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.parkcarking.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.poisonivyremovalnearme.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.prepyourchurch.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sportmg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stpaulsportsmed.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.upgradedmaninitiative.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f56f06a6e0000040300473045022027cde00dc71e517a44e85f7950199b33a8de31061f4aacae7ca81c0022bcd7770221008068f0fdbcaabab06bf4a760daa231e66b24b4cdc5ea63284c2a8c97bdc0d1050076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f56f06a9a00000403004730450220159616c696c99db621bfd6ec7e8be9c20f62d3d23f0be5928c6092320696c46a022100de0d2fe96e7ea2d84cd2d0e83f9e53987f0ee5745cc2b3f1dbe8bfdbb1064891 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0049455f4bdfedf3999e30b9660e9863068116964c5f615abec705884bf1c7e6ae43b1740719cc807ac350460910a7706633423b790d0583837ca40a62880b656a64121c43aaca821c6683994055659eed07cb797aeedda43b867452ac6c1915b91da0058363dd9c8167335d098397c9bc00f6ca7be31f57f9dfe5b078defdb85a6929c2f7129652ea478f4fa018df006b26264041c629652856c34a4d84d413856a2e08acb3d2fce9dd6592db02e924f78b73fd748eac383cd3f135b29408dac455b8edc78e0afa8e5483b2bfaffea85baebc8956e6f542a788d26dbc8c7f5d85a9c6aa146458f262b1583bd7ee4218c2a3dd8f5e6b1ef9975dd8a4064197b28e