astoriafederalsavingsbank.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:79:53:52:18:17:87:15:f6:9f:4e:df:9b:57:8c:63:fe:4f was issued on by Let's Encrypt.
With 100 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=astoriafederalsavingsbank.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:79:53:52:18:17:87:15:f6:9f:4e:df:9b:57:8c:63:fe:4fSerial Number (int): 389734062305108973792757614952660548714063
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 10:d5:d8:2b:64:37:d0:ca:32:a8:5f:4f:66:a4:e1:4c:95:cc:ba:72
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 60:db:e7:94:11:34:83:23:f9:42:5e:64:c5:4e:ae:c5:bb:a6:3f:10
Fingerprint (sha256): 95:99:33:4e:e6:76:e7:72:13:9c:22:5c:34:d1:d0:3b:34:a2:52:4b:05:d6:b5:16:67:ac:ab:af:e1:ef:93:c7
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate astoriafederalsavingsbank.com
100
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for astoriafederalsavingsbank.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.astoriafederalsavingsbank.com
*.barclaybankcard.com
*.bastya.com
*.belkins.com
*.bsbctx.com
*.careereducationsystem.com
*.cartaspostales.com
*.crowdfounding.com
*.dimartini.com
*.discovercartd.com
*.disfrutas.com
*.dishesset.com
*.emih.com
*.exxonmobilaccountline.com
*.eyot.com
*.gametourism.com
*.gessica.com
*.giggleberries.com
*.ihookah.com
*.jaybella.com
*.kanonpriser.com
*.kauppila.com
*.kertex.com
*.kubotatractor.com
*.lesgodes.com
*.linelayer.com
*.livewellclinic.com
*.mepla.com
*.milkmans.com
*.mymcgill.com
*.noblat.com
*.ohbayashi.com
*.papeltapiz.com
*.placepictures.com
*.provocate.com
*.registeryourdomainname.com
*.rekonstrukcie.com
*.salery.com
*.scholastaic.com
*.searspartdirect.com
*.serviglobal.com
*.sliti.com
*.softwarepsr.com
*.theends.com
*.vellisimo.com
*.vipux.com
*.weingand.com
*.wwoman.com
*.yfacebook.com
*.zhaoji.com
astoriafederalsavingsbank.com
barclaybankcard.com
bastya.com
belkins.com
bsbctx.com
careereducationsystem.com
cartaspostales.com
crowdfounding.com
dimartini.com
discovercartd.com
disfrutas.com
dishesset.com
emih.com
exxonmobilaccountline.com
eyot.com
gametourism.com
gessica.com
giggleberries.com
ihookah.com
jaybella.com
kanonpriser.com
kauppila.com
kertex.com
kubotatractor.com
lesgodes.com
linelayer.com
livewellclinic.com
mepla.com
milkmans.com
mymcgill.com
noblat.com
ohbayashi.com
papeltapiz.com
placepictures.com
provocate.com
registeryourdomainname.com
rekonstrukcie.com
salery.com
scholastaic.com
searspartdirect.com
serviglobal.com
sliti.com
softwarepsr.com
theends.com
vellisimo.com
vipux.com
weingand.com
wwoman.com
yfacebook.com
zhaoji.com
*.barclaybankcard.com
*.bastya.com
*.belkins.com
*.bsbctx.com
*.careereducationsystem.com
*.cartaspostales.com
*.crowdfounding.com
*.dimartini.com
*.discovercartd.com
*.disfrutas.com
*.dishesset.com
*.emih.com
*.exxonmobilaccountline.com
*.eyot.com
*.gametourism.com
*.gessica.com
*.giggleberries.com
*.ihookah.com
*.jaybella.com
*.kanonpriser.com
*.kauppila.com
*.kertex.com
*.kubotatractor.com
*.lesgodes.com
*.linelayer.com
*.livewellclinic.com
*.mepla.com
*.milkmans.com
*.mymcgill.com
*.noblat.com
*.ohbayashi.com
*.papeltapiz.com
*.placepictures.com
*.provocate.com
*.registeryourdomainname.com
*.rekonstrukcie.com
*.salery.com
*.scholastaic.com
*.searspartdirect.com
*.serviglobal.com
*.sliti.com
*.softwarepsr.com
*.theends.com
*.vellisimo.com
*.vipux.com
*.weingand.com
*.wwoman.com
*.yfacebook.com
*.zhaoji.com
astoriafederalsavingsbank.com
barclaybankcard.com
bastya.com
belkins.com
bsbctx.com
careereducationsystem.com
cartaspostales.com
crowdfounding.com
dimartini.com
discovercartd.com
disfrutas.com
dishesset.com
emih.com
exxonmobilaccountline.com
eyot.com
gametourism.com
gessica.com
giggleberries.com
ihookah.com
jaybella.com
kanonpriser.com
kauppila.com
kertex.com
kubotatractor.com
lesgodes.com
linelayer.com
livewellclinic.com
mepla.com
milkmans.com
mymcgill.com
noblat.com
ohbayashi.com
papeltapiz.com
placepictures.com
provocate.com
registeryourdomainname.com
rekonstrukcie.com
salery.com
scholastaic.com
searspartdirect.com
serviglobal.com
sliti.com
softwarepsr.com
theends.com
vellisimo.com
vipux.com
weingand.com
wwoman.com
yfacebook.com
zhaoji.com
Other certificates including the domain name astoriafederalsavingsbank.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for astoriafederalsavingsbank.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIINAzCCC+ugAwIBAgISBHlTUhgXhxX2n07fm1eMY/5PMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDgwMTE0NTVaFw0y MDAzMDcwMTE0NTVaMCgxJjAkBgNVBAMTHWFzdG9yaWFmZWRlcmFsc2F2aW5nc2Jh bmsuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs6SXuNLe8s0J dtPKVGcxDnida9/p+T07mfGNkGi1LiZ9jHdaEJJ9SMDFWG8R4E6Z5LA1gRXiDqMZ dEA8PSqoQ61c2MzDGkKcxewQLaaXG7YL7FFHPhm0BAdXQT94yI3NGQSfl+bcYp7V kXeEb2uRO+PM1wy/QKeMLhG1cnPNWYqAld5ZA2NEaICW5+v92nWXVqX0CGxgaUTH 1w/j/V8hmlI88JlSvmSb/WKLyeluzgS2waHUmK8AWCHsYedEUtiOHMN5YQ5DJP4R W/dTveSAs+OA6Ida3U/JQbnBGgdT1X7IL0GU0dC4qnmznWdjGW79A27h/+ibmyx6 vf6jg3NldPzT6UEf/Azf3NNF7/Q+EgYuQ6pjEprP3aeLrSH3cdJVx56w/0fwTcdh 7IgJyjQWLJvG3UyuUrHKo3/6EXTuE8huNxkhqeScyQI2aLU8jZU2kG5+zvUFEbHg 8tw0AMajsJ1zmUIxOOJ6HgNmmgyxgS6MK2xLmd58UTXceGfyLUgOHFy7/xM2ezay 3SWQAzTaR8nVEHcw0Z+Ceb6Bkfsn9cZTz5Gl49yVJ3JcKGOdC6GsP1Wy3jUWWSA5 Vsx0p4GyEOy0ZterttwTSUApxfwcwPvtBFpRu3QU3PAL/Qg8KLyUmPF8wuaZraZf DXChS7eEL2WrcNyUQv7B2vzh3e4Zl60CAwEAAaOCCQMwggj/MA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUENXYK2Q30MoyqF9PZqThTJXMunIwHwYDVR0jBBgwFoAUqEpq YwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJo dHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNo dHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzCCBrcGA1UdEQSCBq4w ggaqgh8qLmFzdG9yaWFmZWRlcmFsc2F2aW5nc2JhbmsuY29tghUqLmJhcmNsYXli YW5rY2FyZC5jb22CDCouYmFzdHlhLmNvbYINKi5iZWxraW5zLmNvbYIMKi5ic2Jj dHguY29tghsqLmNhcmVlcmVkdWNhdGlvbnN5c3RlbS5jb22CFCouY2FydGFzcG9z dGFsZXMuY29tghMqLmNyb3dkZm91bmRpbmcuY29tgg8qLmRpbWFydGluaS5jb22C EyouZGlzY292ZXJjYXJ0ZC5jb22CDyouZGlzZnJ1dGFzLmNvbYIPKi5kaXNoZXNz ZXQuY29tggoqLmVtaWguY29tghsqLmV4eG9ubW9iaWxhY2NvdW50bGluZS5jb22C CiouZXlvdC5jb22CESouZ2FtZXRvdXJpc20uY29tgg0qLmdlc3NpY2EuY29tghMq LmdpZ2dsZWJlcnJpZXMuY29tgg0qLmlob29rYWguY29tgg4qLmpheWJlbGxhLmNv bYIRKi5rYW5vbnByaXNlci5jb22CDioua2F1cHBpbGEuY29tggwqLmtlcnRleC5j b22CEyoua3Vib3RhdHJhY3Rvci5jb22CDioubGVzZ29kZXMuY29tgg8qLmxpbmVs YXllci5jb22CFCoubGl2ZXdlbGxjbGluaWMuY29tggsqLm1lcGxhLmNvbYIOKi5t aWxrbWFucy5jb22CDioubXltY2dpbGwuY29tggwqLm5vYmxhdC5jb22CDyoub2hi YXlhc2hpLmNvbYIQKi5wYXBlbHRhcGl6LmNvbYITKi5wbGFjZXBpY3R1cmVzLmNv bYIPKi5wcm92b2NhdGUuY29tghwqLnJlZ2lzdGVyeW91cmRvbWFpbm5hbWUuY29t ghMqLnJla29uc3RydWtjaWUuY29tggwqLnNhbGVyeS5jb22CESouc2Nob2xhc3Rh aWMuY29tghUqLnNlYXJzcGFydGRpcmVjdC5jb22CESouc2VydmlnbG9iYWwuY29t ggsqLnNsaXRpLmNvbYIRKi5zb2Z0d2FyZXBzci5jb22CDSoudGhlZW5kcy5jb22C DyoudmVsbGlzaW1vLmNvbYILKi52aXB1eC5jb22CDioud2VpbmdhbmQuY29tggwq Lnd3b21hbi5jb22CDyoueWZhY2Vib29rLmNvbYIMKi56aGFvamkuY29tgh1hc3Rv cmlhZmVkZXJhbHNhdmluZ3NiYW5rLmNvbYITYmFyY2xheWJhbmtjYXJkLmNvbYIK YmFzdHlhLmNvbYILYmVsa2lucy5jb22CCmJzYmN0eC5jb22CGWNhcmVlcmVkdWNh dGlvbnN5c3RlbS5jb22CEmNhcnRhc3Bvc3RhbGVzLmNvbYIRY3Jvd2Rmb3VuZGlu Zy5jb22CDWRpbWFydGluaS5jb22CEWRpc2NvdmVyY2FydGQuY29tgg1kaXNmcnV0 YXMuY29tgg1kaXNoZXNzZXQuY29tgghlbWloLmNvbYIZZXh4b25tb2JpbGFjY291 bnRsaW5lLmNvbYIIZXlvdC5jb22CD2dhbWV0b3VyaXNtLmNvbYILZ2Vzc2ljYS5j b22CEWdpZ2dsZWJlcnJpZXMuY29tggtpaG9va2FoLmNvbYIMamF5YmVsbGEuY29t gg9rYW5vbnByaXNlci5jb22CDGthdXBwaWxhLmNvbYIKa2VydGV4LmNvbYIRa3Vi b3RhdHJhY3Rvci5jb22CDGxlc2dvZGVzLmNvbYINbGluZWxheWVyLmNvbYISbGl2 ZXdlbGxjbGluaWMuY29tggltZXBsYS5jb22CDG1pbGttYW5zLmNvbYIMbXltY2dp bGwuY29tggpub2JsYXQuY29tgg1vaGJheWFzaGkuY29tgg5wYXBlbHRhcGl6LmNv bYIRcGxhY2VwaWN0dXJlcy5jb22CDXByb3ZvY2F0ZS5jb22CGnJlZ2lzdGVyeW91 cmRvbWFpbm5hbWUuY29tghFyZWtvbnN0cnVrY2llLmNvbYIKc2FsZXJ5LmNvbYIP c2Nob2xhc3RhaWMuY29tghNzZWFyc3BhcnRkaXJlY3QuY29tgg9zZXJ2aWdsb2Jh bC5jb22CCXNsaXRpLmNvbYIPc29mdHdhcmVwc3IuY29tggt0aGVlbmRzLmNvbYIN dmVsbGlzaW1vLmNvbYIJdmlwdXguY29tggx3ZWluZ2FuZC5jb22CCnd3b21hbi5j b22CDXlmYWNlYm9vay5jb22CCnpoYW9qaS5jb20wTAYDVR0gBEUwQzAIBgZngQwB AgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRz ZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwDwlaRZ8gDRgkAQ LS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAW7jSc4HAAAEAwBIMEYCIQCEDgJTjI+j MAOxI2jpOE+yDXMQdFxhA+hLbMPe8VEHQAIhAPJL3ENd6GjliPg82HaL62NKsCSH UNKFE0LT7Xj3SvL1AHUAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwA AAFu40nONQAABAMARjBEAiATky0sQgoZIOG8IzZVG/s4dR/2lQksmmvLqVCRgQpi rgIgSOURH/RE03EHyLc1kyD1+elyiU/I/pMchsZlkokD/F8wDQYJKoZIhvcNAQEL BQADggEBADZruEHswCYYHKlz4syU9BHpwZJbnRQw1YUyotSjGXYLt2Z94IsQu2Pz Dug4fl606PPcSfIwuNzFdjyEF9+uQYlf6ky41kQlBo85qHH7wWn91FqWtQnqd4Lh cnWxZo6mQUpx8RArwBatdApKZSxhw+fACoPVJ7yYx2h5J6F/lq4429PioyGS5vM8 vgWb5I2F5aHUplrY+AnSfgGXuutyETyBZXOwBjx3qrJh8u4A5i6Ce7xNIK5IssRk H3QA8fqqTKEtvjk49kqV18IJJ/NTPN+01hV1+8Jd/pPmbNtszHi7rlN/Ctos2e8u vjM7bS2bufgun0w0i5/ijtOkenp3SdU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs6SXuNLe8s0JdtPKVGcx Dnida9/p+T07mfGNkGi1LiZ9jHdaEJJ9SMDFWG8R4E6Z5LA1gRXiDqMZdEA8PSqo Q61c2MzDGkKcxewQLaaXG7YL7FFHPhm0BAdXQT94yI3NGQSfl+bcYp7VkXeEb2uR O+PM1wy/QKeMLhG1cnPNWYqAld5ZA2NEaICW5+v92nWXVqX0CGxgaUTH1w/j/V8h mlI88JlSvmSb/WKLyeluzgS2waHUmK8AWCHsYedEUtiOHMN5YQ5DJP4RW/dTveSA s+OA6Ida3U/JQbnBGgdT1X7IL0GU0dC4qnmznWdjGW79A27h/+ibmyx6vf6jg3Nl dPzT6UEf/Azf3NNF7/Q+EgYuQ6pjEprP3aeLrSH3cdJVx56w/0fwTcdh7IgJyjQW LJvG3UyuUrHKo3/6EXTuE8huNxkhqeScyQI2aLU8jZU2kG5+zvUFEbHg8tw0AMaj sJ1zmUIxOOJ6HgNmmgyxgS6MK2xLmd58UTXceGfyLUgOHFy7/xM2ezay3SWQAzTa R8nVEHcw0Z+Ceb6Bkfsn9cZTz5Gl49yVJ3JcKGOdC6GsP1Wy3jUWWSA5Vsx0p4Gy EOy0ZterttwTSUApxfwcwPvtBFpRu3QU3PAL/Qg8KLyUmPF8wuaZraZfDXChS7eE L2WrcNyUQv7B2vzh3e4Zl60CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 389734062305108973792757614952660548714063 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-08 01:14:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-07 01:14:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'astoriafederalsavingsbank.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 732879254914143459589831257355533850470061600059269086398767651286543399345111876340389854120128654391702390576012181153453491274571638614414056873010184809240367393817600318658174225916839780242777468796060123263587020270627130525361375367549673509914794106953660774860880099252201010870911462127018931202982208258414167507817832961981274120301193358392610688868479602625329426960615018463779448835184014016851382584594399073406711029683243247380128222025877337504781906617911616329815374110646790202494479274036345343220391558658631935205300042306375040502602564639874105087983532553895247033575910142790990098625864831936074557577460904690153766974085555107847989154319120721447182898477162995311292906655981552240917487471165165782438258420027121344592199306261708135796606771764721658866385860669289013958008705648285147474889429269030054780995576492048890388898676638044154319502570570580935144597221839651931030262712282848845369417252181590612428926992457382396798724781486108101756908257383541963498214628160463838524533397319172124278012748938414954171552069704898619453955695389290372767833680424012821037353616420448551097935512388124994345402619659758862368763418503362037175982284251595678095482215156907642309934946221 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 10d5d82b6437d0ca32a85f4f66a4e14c95ccba72 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1710 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.astoriafederalsavingsbank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.barclaybankcard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bastya.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.belkins.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bsbctx.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.careereducationsystem.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cartaspostales.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.crowdfounding.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dimartini.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.discovercartd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.disfrutas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dishesset.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.emih.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.exxonmobilaccountline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.eyot.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gametourism.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gessica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.giggleberries.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ihookah.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jaybella.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kanonpriser.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kauppila.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kertex.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kubotatractor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lesgodes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.linelayer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.livewellclinic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mepla.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.milkmans.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mymcgill.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.noblat.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ohbayashi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.papeltapiz.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.placepictures.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.provocate.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.registeryourdomainname.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rekonstrukcie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.salery.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.scholastaic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.searspartdirect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.serviglobal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sliti.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.softwarepsr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.theends.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vellisimo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vipux.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.weingand.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wwoman.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yfacebook.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.zhaoji.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'astoriafederalsavingsbank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'barclaybankcard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bastya.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'belkins.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bsbctx.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careereducationsystem.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cartaspostales.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crowdfounding.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dimartini.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'discovercartd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'disfrutas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dishesset.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'emih.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exxonmobilaccountline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eyot.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gametourism.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gessica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giggleberries.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ihookah.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jaybella.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kanonpriser.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kauppila.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kertex.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kubotatractor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lesgodes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'linelayer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'livewellclinic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mepla.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'milkmans.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mymcgill.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'noblat.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohbayashi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papeltapiz.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'placepictures.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'provocate.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'registeryourdomainname.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rekonstrukcie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salery.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scholastaic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'searspartdirect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'serviglobal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sliti.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'softwarepsr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theends.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vellisimo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vipux.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weingand.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwoman.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yfacebook.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zhaoji.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016ee349ce070000040300483046022100840e02538c8fa33003b12368e9384fb20d7310745c6103e84b6cc3def1510740022100f24bdc435de868e588f83cd8768beb634ab0248750d2851342d3ed78f74af2f500750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016ee349ce350000040300463044022013932d2c420a1920e1bc2336551bfb38751ff695092c9a6bcba95091810a62ae022048e5111ff444d37107c8b7359320f5f9e972894fc8fe931c86c665928903fc5f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00366bb841ecc026181ca973e2cc94f411e9c1925b9d1430d58532a2d4a319760bb7667de08b10bb63f30ee8387e5eb4e8f3dc49f230b8dcc5763c8417dfae41895fea4cb8d64425068f39a871fbc169fdd45a96b509ea7782e17275b1668ea6414a71f1102bc016ad740a4a652c61c3e7c00a83d527bc98c7687927a17f96ae38dbd3e2a32192e6f33cbe059be48d85e5a1d4a65ad8f809d27e0197baeb72113c816573b0063c77aab261f2ee00e62e827bbc4d20ae48b2c4641f7400f1faaa4ca12dbe3938f64a95d7c20927f3533cdfb4d61575fbc25dfe93e66cdb6ccc78bbae537f0ada2cd9ef2ebe333b6d2d9bb9f82e9f4c348b9fe28ed3a47a7a7749d5