ymca.mk
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:77:2e:49:16:b4:59:85:3c:f8:65:6b:93:9a:42:9d:88:df was issued on by Let's Encrypt.
With 20 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ymca.mk
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:77:2e:49:16:b4:59:85:3c:f8:65:6b:93:9a:42:9d:88:dfSerial Number (int): 389004269376611228685044162295559947651295
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 4a:98:03:4c:35:1e:91:f0:de:96:35:0a:06:2e:43:bf:d7:5f:34:48
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 39:1b:5a:01:49:34:76:74:1f:0a:c4:34:2e:56:d6:aa:31:fd:f2:3a
Fingerprint (sha256): 99:c4:15:25:81:75:18:32:6f:84:b0:4e:86:ae:83:8e:6d:df:8c:e1:c7:33:35:cc:f6:90:de:de:66:f7:e3:64
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate ymca.mk
20
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ymca.mk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
3dkinobitola.com
3dkinobitola.nova1cloud.com
bitfest-mk.nova1cloud.com
bitfest.mk
mail.3dkinobitola.com
mail.bitfest.mk
mail.ymca.mk
mail.zdravjeiharmonija.mk
www.3dkinobitola.com
www.3dkinobitola.nova1cloud.com
www.bitfest-mk.nova1cloud.com
www.bitfest.mk
www.ymca-mk.nova1cloud.com
www.ymca.mk
www.zdravjeiharmonija-mk.nova1cloud.com
www.zdravjeiharmonija.mk
ymca-mk.nova1cloud.com
ymca.mk
zdravjeiharmonija-mk.nova1cloud.com
zdravjeiharmonija.mk
3dkinobitola.nova1cloud.com
bitfest-mk.nova1cloud.com
bitfest.mk
mail.3dkinobitola.com
mail.bitfest.mk
mail.ymca.mk
mail.zdravjeiharmonija.mk
www.3dkinobitola.com
www.3dkinobitola.nova1cloud.com
www.bitfest-mk.nova1cloud.com
www.bitfest.mk
www.ymca-mk.nova1cloud.com
www.ymca.mk
www.zdravjeiharmonija-mk.nova1cloud.com
www.zdravjeiharmonija.mk
ymca-mk.nova1cloud.com
ymca.mk
zdravjeiharmonija-mk.nova1cloud.com
zdravjeiharmonija.mk
Other certificates including the domain name ymca.mk
(limited to 100 certificates)
Certificate
The complete raw certificate details for ymca.mk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHyjCCBrKgAwIBAgISBHcuSRa0WYU8+GVrk5pCnYjfMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MDcxMjU2MjJaFw0x ODEwMDUxMjU2MjJaMBIxEDAOBgNVBAMTB3ltY2EubWswggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDdX9yLt1Enhh55gQDNVL0fcJCI+VNCrz2EE02DnFDN M66YzBRNM0CHf24T95khegMbaoTLemEE/xPgQ053MUB2Ef4NNx4hum3T4hh4hBTk vOlWJUAA/0F39pCjLajf7VJ+1bhOKBnzuyLq1iaOZTxvkZxSEQ/s8+W07tsOfENs aAFRr/4WY9fS4MQC4XCLl4lj2T/qXWhPzE6R+LWI0D3f2ikaUOArzykQT5NNA+5F 9sOzNbbtJ5cixvBJuCdMDX+DSt+Rh2URXrvKymzG3YpOrDc8CZ/4KVyBqHATKoHc ZQ3WYb3dek+cxAzBKOYcp4c4iUXw97svyvmnVajPE6dvAgMBAAGjggTgMIIE3DAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFEqYA0w1HpHw3pY1CgYuQ7/XXzRIMB8GA1Ud IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggr BgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggr BgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wggHi BgNVHREEggHZMIIB1YIQM2RraW5vYml0b2xhLmNvbYIbM2RraW5vYml0b2xhLm5v dmExY2xvdWQuY29tghliaXRmZXN0LW1rLm5vdmExY2xvdWQuY29tggpiaXRmZXN0 Lm1rghVtYWlsLjNka2lub2JpdG9sYS5jb22CD21haWwuYml0ZmVzdC5ta4IMbWFp bC55bWNhLm1rghltYWlsLnpkcmF2amVpaGFybW9uaWphLm1rghR3d3cuM2RraW5v Yml0b2xhLmNvbYIfd3d3LjNka2lub2JpdG9sYS5ub3ZhMWNsb3VkLmNvbYIdd3d3 LmJpdGZlc3QtbWsubm92YTFjbG91ZC5jb22CDnd3dy5iaXRmZXN0Lm1rghp3d3cu eW1jYS1tay5ub3ZhMWNsb3VkLmNvbYILd3d3LnltY2EubWuCJ3d3dy56ZHJhdmpl aWhhcm1vbmlqYS1tay5ub3ZhMWNsb3VkLmNvbYIYd3d3LnpkcmF2amVpaGFybW9u aWphLm1rghZ5bWNhLW1rLm5vdmExY2xvdWQuY29tggd5bWNhLm1rgiN6ZHJhdmpl aWhhcm1vbmlqYS1tay5ub3ZhMWNsb3VkLmNvbYIUemRyYXZqZWloYXJtb25pamEu bWswgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYG CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy eXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AFWB 1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZHUHffsAAAQDAEYwRAIg ZT2yzGEavoaCIgZsz5n2/OdCWqgUB7UqnaP2oGx75vICIDil3I3TuOW+x9zjl/DO YaDvXAm8U/PBWHNKi/+U/vIVAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz0 5UVH9HgAAAFkdQd95QAABAMARzBFAiEAqvXr4VG6HkhxvTmzHMPcd2bmwndvaH3f 7pkTaWtfZ8kCIC/eisi1QGK9fg0R96Up50GJEO2lM9Ws6TalRCMaLTZ5MA0GCSqG SIb3DQEBCwUAA4IBAQBsY2VpD7stjDm5ZSIpeI2j8+/oM8lK7hB+ZuLRQ3IXZvoM Mntqm0sLHsTRjBmxw/X/YbNlS98R6cjjQZ0e2PIiNAXn7fn+OF3K5XN7pwrdv56W vvWvzD/w2OCJmUFBmGHcm/f+SVYovOlu46m/C3PuCv1+SjcP7hbR5pnXO06O4xIZ /wn+IMD5UF973HuPBANeAyW2uvfbE3ATbb3oY2Fp3+OuHXFZT87gmbBg6Jf3guMD vNSo2A2hzY8L9b29flA1qzQMPyIdmmpn8oJaTa+BsL0T9uOiDfeJy9FWYwq8XRgE IcbHMmjo+2Vtoi5hIayepa3s+yq+7GKCdAGF4NUq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V/ci7dRJ4YeeYEAzVS9 H3CQiPlTQq89hBNNg5xQzTOumMwUTTNAh39uE/eZIXoDG2qEy3phBP8T4ENOdzFA dhH+DTceIbpt0+IYeIQU5LzpViVAAP9Bd/aQoy2o3+1SftW4TigZ87si6tYmjmU8 b5GcUhEP7PPltO7bDnxDbGgBUa/+FmPX0uDEAuFwi5eJY9k/6l1oT8xOkfi1iNA9 39opGlDgK88pEE+TTQPuRfbDszW27SeXIsbwSbgnTA1/g0rfkYdlEV67yspsxt2K Tqw3PAmf+ClcgahwEyqB3GUN1mG93XpPnMQMwSjmHKeHOIlF8Pe7L8r5p1WozxOn bwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 389004269376611228685044162295559947651295 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-07 12:56:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-05 12:56:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ymca.mk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27945936468367408836050965000500006891090939722818223043686790509732806765784882276959818972303983163526161794290830369534913537590934587545284079199118463399221805868016609688181660583405552124178769673708419553639455289108105608188473215854494398604279272587048923881625895183073667296976231123074233083268878795559687513764741159822588832458197306748918045908176492190731459940305188164806762155498040037290906028726481554623115443250040243245250836371111241952093463009437088729000679443744438604667093569311956162641962472168854607456387703553740528606899494715778558599795588831296761169323173033019553342531439 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4a98034c351e91f0de96350a062e43bfd75f3448 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (473 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3dkinobitola.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3dkinobitola.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bitfest-mk.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bitfest.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.3dkinobitola.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.bitfest.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.ymca.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.zdravjeiharmonija.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.3dkinobitola.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.3dkinobitola.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bitfest-mk.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bitfest.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ymca-mk.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ymca.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zdravjeiharmonija-mk.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zdravjeiharmonija.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ymca-mk.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ymca.mk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zdravjeiharmonija-mk.nova1cloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zdravjeiharmonija.mk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016475077dfb00000403004630440220653db2cc611abe868222066ccf99f6fce7425aa81407b52a9da3f6a06c7be6f2022038a5dc8dd3b8e5bec7dce397f0ce61a0ef5c09bc53f3c158734a8bff94fef215007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016475077de50000040300473045022100aaf5ebe151ba1e4871bd39b31cc3dc7766e6c2776f687ddfee9913696b5f67c902202fde8ac8b54062bd7e0d11f7a529e7418910eda533d5ace936a544231a2d3679 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006c6365690fbb2d8c39b9652229788da3f3efe833c94aee107e66e2d143721766fa0c327b6a9b4b0b1ec4d18c19b1c3f5ff61b3654bdf11e9c8e3419d1ed8f2223405e7edf9fe385dcae5737ba70addbf9e96bef5afcc3ff0d8e0899941419861dc9bf7fe495628bce96ee3a9bf0b73ee0afd7e4a370fee16d1e699d73b4e8ee31219ff09fe20c0f9505f7bdc7b8f04035e0325b6baf7db1370136dbde8636169dfe3ae1d71594fcee099b060e897f782e303bcd4a8d80da1cd8f0bf5bdbd7e5035ab340c3f221d9a6a67f2825a4daf81b0bd13f6e3a20df789cbd156630abc5d180421c6c73268e8fb656da22e6121ac9ea5adecfb2abeec6282740185e0d52a