riffaa.com.my
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:3a:31:8b:35:b0:fb:5a:8c:e3:5e:30:a9:05:6b:45:1c:fa was issued on by Let's Encrypt.
With 21 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=riffaa.com.my
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:3a:31:8b:35:b0:fb:5a:8c:e3:5e:30:a9:05:6b:45:1c:faSerial Number (int): 281139090066741623841723562455089323252986
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b5:62:6e:30:7f:0e:ee:29:7c:2f:dd:37:d5:88:40:7f:0b:e4:65:d5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 98:c3:0d:96:72:cb:fc:a7:e5:6a:a0:8d:08:fc:b1:0f:f3:ae:3b:42
Fingerprint (sha256): 9a:82:23:02:e8:0b:9b:81:31:6f:64:75:a6:db:05:31:25:2a:8b:b0:88:44:86:ff:2c:2f:40:25:36:49:7e:e0
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate riffaa.com.my
21
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for riffaa.com.my
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
caraudiomalaysia.com
caraudiomalaysia.multistore3.sitegiant.info
cpanel.caraudiomalaysia.com
cpanel.giigeezapparel.com
cpanel.riffaa.com.my
giigee.multistore3.sitegiant.info
giigeezapparel.com
riffaa.com.my
riffaa.multistore3.sitegiant.info
webdisk.caraudiomalaysia.com
webdisk.giigeezapparel.com
webdisk.riffaa.com.my
webmail.caraudiomalaysia.com
webmail.giigeezapparel.com
webmail.riffaa.com.my
www.caraudiomalaysia.com
www.caraudiomalaysia.multistore3.sitegiant.info
www.giigee.multistore3.sitegiant.info
www.giigeezapparel.com
www.riffaa.com.my
www.riffaa.multistore3.sitegiant.info
caraudiomalaysia.multistore3.sitegiant.info
cpanel.caraudiomalaysia.com
cpanel.giigeezapparel.com
cpanel.riffaa.com.my
giigee.multistore3.sitegiant.info
giigeezapparel.com
riffaa.com.my
riffaa.multistore3.sitegiant.info
webdisk.caraudiomalaysia.com
webdisk.giigeezapparel.com
webdisk.riffaa.com.my
webmail.caraudiomalaysia.com
webmail.giigeezapparel.com
webmail.riffaa.com.my
www.caraudiomalaysia.com
www.caraudiomalaysia.multistore3.sitegiant.info
www.giigee.multistore3.sitegiant.info
www.giigeezapparel.com
www.riffaa.com.my
www.riffaa.multistore3.sitegiant.info
Other certificates including the domain name riffaa.com.my
(limited to 100 certificates)
Certificate
The complete raw certificate details for riffaa.com.my in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHqDCCBpCgAwIBAgISAzoxizWw+1qM414wqQVrRRz6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MTUyMDM5MDlaFw0x OTA4MTMyMDM5MDlaMBgxFjAUBgNVBAMTDXJpZmZhYS5jb20ubXkwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDETo2AC3SQIXU7+Vpf+CdBsMOO7fekSXAB 2lY/shACKpepFqTfQX+Zs8VHCiibambhm1nFEVjE80mKC7ZTJFAcG9m4nAEFY+s6 Mul9dey/SBABq8KumBF/RGnpyVCGoYuviFBCXSqffoTn+WnEFzbiiKMspFFOxNq7 OCxRc8guSt8buTuVXlomOSqzbBxliBJFuCj0u8JbpJPCyNScl5vmTlGEpHABVRTg WY4OBIokrIx2gthFGQnSU9X7RQFCTt/S5HQSFDwOhOMt9I8XeHbRzVmOJxS41uns eToz4fIeX+Y6hIBd9+yAXa+GnX0YILBDKoS8X5gR06FRDoiv6kbbAgMBAAGjggS4 MIIEtDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLVibjB/Du4pfC/dN9WIQH8L5GXV MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y Zy8wggJtBgNVHREEggJkMIICYIIUY2FyYXVkaW9tYWxheXNpYS5jb22CK2NhcmF1 ZGlvbWFsYXlzaWEubXVsdGlzdG9yZTMuc2l0ZWdpYW50LmluZm+CG2NwYW5lbC5j YXJhdWRpb21hbGF5c2lhLmNvbYIZY3BhbmVsLmdpaWdlZXphcHBhcmVsLmNvbYIU Y3BhbmVsLnJpZmZhYS5jb20ubXmCIWdpaWdlZS5tdWx0aXN0b3JlMy5zaXRlZ2lh bnQuaW5mb4ISZ2lpZ2VlemFwcGFyZWwuY29tgg1yaWZmYWEuY29tLm15giFyaWZm YWEubXVsdGlzdG9yZTMuc2l0ZWdpYW50LmluZm+CHHdlYmRpc2suY2FyYXVkaW9t YWxheXNpYS5jb22CGndlYmRpc2suZ2lpZ2VlemFwcGFyZWwuY29tghV3ZWJkaXNr LnJpZmZhYS5jb20ubXmCHHdlYm1haWwuY2FyYXVkaW9tYWxheXNpYS5jb22CGndl Ym1haWwuZ2lpZ2VlemFwcGFyZWwuY29tghV3ZWJtYWlsLnJpZmZhYS5jb20ubXmC GHd3dy5jYXJhdWRpb21hbGF5c2lhLmNvbYIvd3d3LmNhcmF1ZGlvbWFsYXlzaWEu bXVsdGlzdG9yZTMuc2l0ZWdpYW50LmluZm+CJXd3dy5naWlnZWUubXVsdGlzdG9y ZTMuc2l0ZWdpYW50LmluZm+CFnd3dy5naWlnZWV6YXBwYXJlbC5jb22CEXd3dy5y aWZmYWEuY29tLm15giV3d3cucmlmZmFhLm11bHRpc3RvcmUzLnNpdGVnaWFudC5p bmZvMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYB BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIE AgSB9ASB8QDvAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFq vW9OgwAABAMARzBFAiA49BBTyFZX0bnVgbEowl7psYzpBQySPfzqq/wI3jAOHAIh AJw+NhfNVJ2iICdslpEB0MsfGKb8oUsyKNbv7gIBnFcuAHUAKTxRllTIOWW6qlD8 WAfUt2+/WHopctykwwz05UVH9HgAAAFqvW9OzgAABAMARjBEAiBxHqi/8oFq13Up I25tdpaKFtArt5/78PcyiJ0+Tk+auQIgXgVqZxgMtWmJJucVNcUNz6NIaebdjHJJ 51PvlSu8HzUwDQYJKoZIhvcNAQELBQADggEBAB9gKwDh3D6NR5dezDLMH8VXAfkB 0P8B0hwIKsrgP/eliM5K9n9ZCkLR/kXqfV8nA89QjIcmjmPSjAaDjN0C/F9qNr8e bri7YHXAaKs9awra9jAj7YwWs1b7yEejuMdVmNJPxR239erPthAHNNA7vTMV/nmV dU3PI5goUMXWTxC9nESWZbwAVr3k0e4J2iOarQTDgsiSbaqTYgN3RM5Kvg3HWMKT vGOa/zyv9v5270HEYnDwScdqY9527cFn8qoJIfLXiHuj1Hkn86nQHnT/5kpB/E9m qsVF0J3tCXcUN24Sb4yuCnTMrv9rRQqTJt+J2vXVVUHdKW3TbnKfFkk/R0Y= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE6NgAt0kCF1O/laX/gn QbDDju33pElwAdpWP7IQAiqXqRak30F/mbPFRwoom2pm4ZtZxRFYxPNJigu2UyRQ HBvZuJwBBWPrOjLpfXXsv0gQAavCrpgRf0Rp6clQhqGLr4hQQl0qn36E5/lpxBc2 4oijLKRRTsTauzgsUXPILkrfG7k7lV5aJjkqs2wcZYgSRbgo9LvCW6STwsjUnJeb 5k5RhKRwAVUU4FmODgSKJKyMdoLYRRkJ0lPV+0UBQk7f0uR0EhQ8DoTjLfSPF3h2 0c1ZjicUuNbp7Hk6M+HyHl/mOoSAXffsgF2vhp19GCCwQyqEvF+YEdOhUQ6Ir+pG 2wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 281139090066741623841723562455089323252986 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-15 20:39:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-13 20:39:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'riffaa.com.my' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24781443570707424987719111397558254848954492376249644214819742426256719114446938194284655482805400517511160847521514006596913607652768958368260204010087942542858584580136635409265880340900287911823120471099089000036470392951804122242050419154483238071341463924393817561281596764868545741343225350402616533053149663164880272318584478317168416575320595330662896807431632441854298284258264630270041059639088693043031994078345053029795744844789757598448901505652765580288303777925052639646932923056519397726487145822701078231451347038692388530363987166735814322402943826259118632703813792866030628514908898920348537997019 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b5626e307f0eee297c2fdd37d588407f0be465d5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (612 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caraudiomalaysia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caraudiomalaysia.multistore3.sitegiant.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.caraudiomalaysia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.giigeezapparel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.riffaa.com.my' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giigee.multistore3.sitegiant.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giigeezapparel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riffaa.com.my' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riffaa.multistore3.sitegiant.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.caraudiomalaysia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.giigeezapparel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.riffaa.com.my' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.caraudiomalaysia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.giigeezapparel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.riffaa.com.my' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.caraudiomalaysia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.caraudiomalaysia.multistore3.sitegiant.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.giigee.multistore3.sitegiant.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.giigeezapparel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.riffaa.com.my' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.riffaa.multistore3.sitegiant.info' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016abd6f4e830000040300473045022038f41053c85657d1b9d581b128c25ee9b18ce9050c923dfceaabfc08de300e1c0221009c3e3617cd549da220276c969101d0cb1f18a6fca14b3228d6efee02019c572e007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016abd6f4ece00000403004630440220711ea8bff2816ad77529236e6d76968a16d02bb79ffbf0f732889d3e4e4f9ab902205e056a67180cb5698926e71535c50dcfa34869e6dd8c7249e753ef952bbc1f35 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001f602b00e1dc3e8d47975ecc32cc1fc55701f901d0ff01d21c082acae03ff7a588ce4af67f590a42d1fe45ea7d5f2703cf508c87268e63d28c06838cdd02fc5f6a36bf1e6eb8bb6075c068ab3d6b0adaf63023ed8c16b356fbc847a3b8c75598d24fc51db7f5eacfb6100734d03bbd3315fe7995754dcf23982850c5d64f10bd9c449665bc0056bde4d1ee09da239aad04c382c8926daa9362037744ce4abe0dc758c293bc639aff3caff6fe76ef41c46270f049c76a63de76edc167f2aa0921f2d7887ba3d47927f3a9d01e74ffe64a41fc4f66aac545d09ded097714376e126f8cae0a74ccaeff6b450a9326df89daf5d55541dd296dd36e729f16493f4746