robertdeveen.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:21:3b:06:13:43:de:3d:12:f6:3c:a1:40:6b:2e:75:6e:f4 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=robertdeveen.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:21:3b:06:13:43:de:3d:12:f6:3c:a1:40:6b:2e:75:6e:f4Serial Number (int): 272644631899947019343667804701511405367028
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ab:1c:c3:62:6a:5e:1f:9b:c5:7e:bc:69:06:b3:ee:77:2d:19:25:fd
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 93:e5:18:76:f7:9a:18:8a:84:c7:ee:d5:01:8b:9c:f3:c9:84:b7:e2
Fingerprint (sha256): 9c:29:02:65:ad:a2:20:f5:29:f7:b4:a9:d7:85:77:cc:17:f4:d1:ca:7f:b4:ee:05:d9:15:2e:34:8e:c7:1e:42
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate robertdeveen.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for robertdeveen.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
robertdeveen.com
www.robertdeveen.com
www.robertdeveen.com
Other certificates including the domain name robertdeveen.com
(limited to 100 certificates)
robert.photography
sap.robertdeveen.com
robert.photography
tweakers.robertdeveen.com
robert.photography
www.robert.photography
sap.robertdeveen.com
sap.robertdeveen.com
sap.robertdeveen.com
tweakers.robertdeveen.com
tweakers.robertdeveen.com
tweakers.robertdeveen.com
tweakers.robertdeveen.com
www.robertdeveen.com
www.robert.photography
robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
sap.robertdeveen.com
robert.photography
robert.photography
sap.robertdeveen.com
www.robert.photography
tweakers.robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
sap.robertdeveen.com
robert.photography
robert.photography
robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
sap.robertdeveen.com
sap.robertdeveen.com
robertdeveen.com
robert.photography
www.robertdeveen.com
sap.robertdeveen.com
www.robertdeveen.com
tweakers.robertdeveen.com
sap.robertdeveen.com
tweakers.robertdeveen.com
sap.robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
robert.photography
robert.photography
sap.robertdeveen.com
robert.photography
tweakers.robertdeveen.com
robert.photography
www.robert.photography
sap.robertdeveen.com
sap.robertdeveen.com
sap.robertdeveen.com
tweakers.robertdeveen.com
tweakers.robertdeveen.com
tweakers.robertdeveen.com
tweakers.robertdeveen.com
www.robertdeveen.com
www.robert.photography
robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
sap.robertdeveen.com
robert.photography
robert.photography
sap.robertdeveen.com
www.robert.photography
tweakers.robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
sap.robertdeveen.com
robert.photography
robert.photography
robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
sap.robertdeveen.com
sap.robertdeveen.com
robertdeveen.com
robert.photography
www.robertdeveen.com
sap.robertdeveen.com
www.robertdeveen.com
tweakers.robertdeveen.com
sap.robertdeveen.com
tweakers.robertdeveen.com
sap.robertdeveen.com
tweakers.robertdeveen.com
robertdeveen.com
robert.photography
robert.photography
Certificate
The complete raw certificate details for robertdeveen.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGjCCBQKgAwIBAgISAyE7BhND3j0S9jyhQGsudW70MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAxMDIxNTQxMDBaFw0x NzA0MDIxNTQxMDBaMBsxGTAXBgNVBAMTEHJvYmVydGRldmVlbi5jb20wggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+sHFMLykMChFkRZkpgT+zFsLzfrgz 2KWPpDl+2vAbpWu0cn6noDUidXo8jTk3Rf+kEPfpOiUGBK+0TJXD2g6gU66Z/lML 7oA1W4Q3J2T1heht+F8BVcWCV5/vEgztsdA2Zn/Yoc1Xx+IZ0+exCruKme7VBibW 25R4ECKlW9Deq542cbw9sIdVmdwlP4dRstCHSsTQ4+7XsAgqmrQsdX2JKzd6HqT1 aRMCapWziXatafmJdfiQn96ZSTzlF9MS+NarDhT/MIULAKsflTEbeBgi3kwL+BwD yMq3n1GGwR3Pzz56LDLbJjbMfYdJgPdLnG7JUDF41Ovxgk3Z9ewMNir5ZA5Kv9Rw vX5AQMZm5KgHRkUN6TQBCPLHwsSbH5DqRxD6k7hIRNGy7H8xIknlXBBgKRhJPFoa 3hJWuF+m3HBrkBDeU33UExq36EN3mC9TxeUut/cZXpNjz0/QKGL//ySmn/N4nN0H uOTlcOU6WWzObplTRPn8MY5z+TsVPUe9Ridnknq1qACf/A6h+bRh4Pu9AA4hU/5U Nx5/GEv6Q3u+IYNJFHoAEbsuzZydnpozhLen3f04uvWcrV3/9e15IgAm87dajCLp HVq3mKj6QY2xIyoXIB7fh63fhQy4BuipTUWvm3DpUeAbrFAnMDS6hze1cuZjuq0d ns7Q9cf1FDv+QwIDAQABo4ICJzCCAiMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSr HMNial4fm8V+vGkGs+53LRkl/TAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p bnQteDMubGV0c2VuY3J5cHQub3JnLzAxBgNVHREEKjAoghByb2JlcnRkZXZlZW4u Y29tghR3d3cucm9iZXJ0ZGV2ZWVuLmNvbTCB/gYDVR0gBIH2MIHzMAgGBmeBDAEC ATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0 c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUg bWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBv bmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZv dW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqG SIb3DQEBCwUAA4IBAQBO7X3/BSfH9F6zoQhbZJDNgkgf1+1G8Go6JwE5REi8l2ra Vy8QBO/vITbE5r+bzTimisHS3W9t+jxSbRtFSEc1GosAVx2ZlQhEM2uLfqSkM4ti Vh/8S4myzGiM9p/bshxaQS5u73QXG2XvS7C8qRRDocl2h6sur88WLIfXouhaSbnE Rfyx7rGzBkMAXjxkeBKy/RN1X3UuRvT6AqMfwmoJv7VQTMriQ4RwvybLdBYLXaZT oHPlC0DCFj3JHmXWDLiSU20AsKq/NAo+RDNEtJDTbVcahH767SlBWGDiTA9xVsaQ Vi3ii/mKIbQjQFC6PrZ8Sp3KYZkH7E9slcFlkJKa -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvrBxTC8pDAoRZEWZKYE/ sxbC8364M9ilj6Q5ftrwG6VrtHJ+p6A1InV6PI05N0X/pBD36TolBgSvtEyVw9oO oFOumf5TC+6ANVuENydk9YXobfhfAVXFglef7xIM7bHQNmZ/2KHNV8fiGdPnsQq7 ipnu1QYm1tuUeBAipVvQ3queNnG8PbCHVZncJT+HUbLQh0rE0OPu17AIKpq0LHV9 iSs3eh6k9WkTAmqVs4l2rWn5iXX4kJ/emUk85RfTEvjWqw4U/zCFCwCrH5UxG3gY It5MC/gcA8jKt59RhsEdz88+eiwy2yY2zH2HSYD3S5xuyVAxeNTr8YJN2fXsDDYq +WQOSr/UcL1+QEDGZuSoB0ZFDek0AQjyx8LEmx+Q6kcQ+pO4SETRsux/MSJJ5VwQ YCkYSTxaGt4SVrhfptxwa5AQ3lN91BMat+hDd5gvU8XlLrf3GV6TY89P0Chi//8k pp/zeJzdB7jk5XDlOllszm6ZU0T5/DGOc/k7FT1HvUYnZ5J6tagAn/wOofm0YeD7 vQAOIVP+VDcefxhL+kN7viGDSRR6ABG7Ls2cnZ6aM4S3p939OLr1nK1d//XteSIA JvO3Wowi6R1at5io+kGNsSMqFyAe34et34UMuAboqU1Fr5tw6VHgG6xQJzA0uoc3 tXLmY7qtHZ7O0PXH9RQ7/kMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 272644631899947019343667804701511405367028 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-02 15:41:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-02 15:41:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'robertdeveen.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 777944181044375962749348648062071695630465680381465602870548258386509517467668048974329896417664026498013702355507088093070281729415889909276793070920974707276526048718470980489859146691024060654758139009231089339985995359998268965335067645343557384533330737955775264250233887989617354139759888709096110601636407034634626456779143564961276367587479267508381311329164538768000854235371228693373064774364920876188494958753667456712286505726536400040393295160608209326629228411748065114508007703782317416754572271958582304172141464826534037032609548115653115895577102485264935585453470026687700738478870189176807045085456973352156465262363796794619421121222691865200580873219902221640188181026456284711602049053236937044950907367607251238616465611568707478705315154330463543424865962249067177525459304799275156568645462670567708269184303003461603152449845422338282476045779567399031330709235364925760832628957925297808398517888193874445010138533449501264664088298392978821039518455612564674914594169118817569739351119291297736375580327393495562742954468190326338123706966696598615413735334490762135515594124255758206605593514839306343915786023458905869095109538869416289142821129060600878398499331407937524461720893230355525210159709763 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ab1cc3626a5e1f9bc57ebc6906b3ee772d1925fd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'robertdeveen.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.robertdeveen.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004eed7dff0527c7f45eb3a1085b6490cd82481fd7ed46f06a3a2701394448bc976ada572f1004efef2136c4e6bf9bcd38a68ac1d2dd6f6dfa3c526d1b454847351a8b00571d99950844336b8b7ea4a4338b62561ffc4b89b2cc688cf69fdbb21c5a412e6eef74171b65ef4bb0bca91443a1c97687ab2eafcf162c87d7a2e85a49b9c445fcb1eeb1b30643005e3c647812b2fd13755f752e46f4fa02a31fc26a09bfb5504ccae2438470bf26cb74160b5da653a073e50b40c2163dc91e65d60cb892536d00b0aabf340a3e443344b490d36d571a847efaed29415860e24c0f7156c690562de28bf98a21b4234050ba3eb67c4a9dca619907ec4f6c95c16590929a