chorzeitung.de

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:71:af:c1:4c:20:dc:72:71:03:b7:66:71:fd:a3:2b:f8:ec was issued on by Let's Encrypt.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=chorzeitung.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:71:af:c1:4c:20:dc:72:71:03:b7:66:71:fd:a3:2b:f8:ec
Serial Number (int): 300022383813969499942107012946540047890668
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 14:2a:df:04:f5:a0:6e:0e:50:ba:5c:f3:17:93:68:e8:44:60:a7:b0
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 2b:30:ba:94:08:8d:30:8d:f4:51:38:a4:72:17:c7:1d:c2:71:f1:73
Fingerprint (sha256): a4:3f:29:63:0f:39:02:2e:16:31:39:1a:04:8d:c4:e3:5c:ad:b9:5e:a7:5e:e2:66:5f:bb:ba:ad:b6:95:83:c2

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate chorzeitung.de

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for chorzeitung.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

calendar.chorzeitung.de
chorzeitung.de
files.chorzeitung.de
fw.chorzeitung.de
pad.chorzeitung.de
photos.chorzeitung.de
slackin.chorzeitung.de
staging.chorzeitung.de
task.chorzeitung.de
wiki.chorzeitung.de
www.chorzeitung.de

Other certificates including the domain name chorzeitung.de

(limited to 100 certificates)
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
bit.chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
wiki.chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
file.chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de
chorzeitung.de

Certificate

The complete raw certificate details for chorzeitung.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHMTCCBhmgAwIBAgISA3GvwUwg3HJxA7dmcf2jK/jsMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjAyMTAzMjJaFw0x
OTEwMTgyMTAzMjJaMBkxFzAVBgNVBAMTDmNob3J6ZWl0dW5nLmRlMIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAybpdL/RuhUQWkLd1wgcOTob/40laCRII
FhRyCakTzxp2IdnsJgJFvNc03o43QSt5XZVFNQNG84ac62wx603uI1yVGHfD2ios
6c15mroQ57SZnrZiPI3bqeWYhqPuTsB1uvkILpEnqAulSpy3TFycjEJqDrJaRqbc
kEySjbj5Qecr1jWJL7lPlAt8Z9gGJuVEpPqRLWKHdksJDgk2FOFzIUNxQsEgugB4
9K6q74fztfPoawypEGXMSjivgmtFXkyeNhqiZY5VL8C/dIDuOQdxi/aUFoNQnWUn
P/lnXwqjxE+P9qez6WEPg62W22mbDd1EAqQWc4ojpr7noHCKnMcyJFg0wxBMSroU
ZumggDBYCm47vps1+wTMhzLMEhTfJmAoD8S6l3uuFW8tGvYOltGw6pqABwKBD/KO
v5kzHaa6KEb0g6rCD+D4bzbBHl37PhFg3WASxl11rCIFBy7YAq5pnZfOnOBvJXvU
K+AKyMnjPFEyWa74u0AUBJGaBs69e8Ur60pqFYry7QcOLE1qZC+83NeCvXhuUdFj
G487mnwm90r6VppwhCrm8T1kGZV80LfZuErY/wpleBolcwQ9kiUbWTYhgNFaAxRN
tXvwlux59v6GDbfpwzXyewzWYniwZxHghiaRllll0eRs84qUVIKHjdbL0A+hWpR3
II6ewsz5iVcCAwEAAaOCA0AwggM8MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUFCrf
BPWgbg5QulzzF5No6ERgp7AwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo
7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnLzCB9gYDVR0RBIHuMIHrghdjYWxlbmRhci5jaG9y
emVpdHVuZy5kZYIOY2hvcnplaXR1bmcuZGWCFGZpbGVzLmNob3J6ZWl0dW5nLmRl
ghFmdy5jaG9yemVpdHVuZy5kZYIScGFkLmNob3J6ZWl0dW5nLmRlghVwaG90b3Mu
Y2hvcnplaXR1bmcuZGWCFnNsYWNraW4uY2hvcnplaXR1bmcuZGWCFnN0YWdpbmcu
Y2hvcnplaXR1bmcuZGWCE3Rhc2suY2hvcnplaXR1bmcuZGWCE3dpa2kuY2hvcnpl
aXR1bmcuZGWCEnd3dy5jaG9yemVpdHVuZy5kZTBMBgNVHSAERTBDMAgGBmeBDAEC
ATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl
bmNyeXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AHR+2oMxrTMQkSGc
ziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABbBFpNaAAAAQDAEYwRAIgPZAj9L9Pupf0
D2AFzTVFA5DfTkgoEzYMBWfY4ohytoMCIBrnFeqcZlBoWP3WK4ZmjLQQzpaN2VIV
7KOujuqfe97YAHYAY/Lbzeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFs
EWkz0gAABAMARzBFAiByYFr06xaPfTw2818ouV0EgNguVxIR1q49gPYfIn5AxAIh
ALej0sUhZdMVs1ayxmP4Ly4PYT52frG4Uno+D7sPsqsmMA0GCSqGSIb3DQEBCwUA
A4IBAQBp/OnlhXLMcIJZ8EH+vaw+rd0LMrgNvf2/T3LtyMjtPxsePXOZXSxD6x0e
/5pe5UenkYGMF4PyTRVrJsjRDwu0zC05yh6OkeZjGAzrZ9jwZIp0MRoIHT1CG6ig
TKL0QYyaF82/6AUfniWyXiuQNolus9ySmUdvJ31VOaFL2f7ik3iyDmpc5TLEWCny
AVurO4o+wzf6IBorT16qoamQpXADaP+SBefzPsLklQ9sConlNMwbrIO8EqwfYjMI
myeBiYe4a/2il72DmD1xQbdgEQ1B02FYjAEqAE4zw0Rh6+Y6twJv8915zuwVmEQr
MQzq+rHzlIOrN2qlCbrN9vq12iqh
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAybpdL/RuhUQWkLd1wgcO
Tob/40laCRIIFhRyCakTzxp2IdnsJgJFvNc03o43QSt5XZVFNQNG84ac62wx603u
I1yVGHfD2ios6c15mroQ57SZnrZiPI3bqeWYhqPuTsB1uvkILpEnqAulSpy3TFyc
jEJqDrJaRqbckEySjbj5Qecr1jWJL7lPlAt8Z9gGJuVEpPqRLWKHdksJDgk2FOFz
IUNxQsEgugB49K6q74fztfPoawypEGXMSjivgmtFXkyeNhqiZY5VL8C/dIDuOQdx
i/aUFoNQnWUnP/lnXwqjxE+P9qez6WEPg62W22mbDd1EAqQWc4ojpr7noHCKnMcy
JFg0wxBMSroUZumggDBYCm47vps1+wTMhzLMEhTfJmAoD8S6l3uuFW8tGvYOltGw
6pqABwKBD/KOv5kzHaa6KEb0g6rCD+D4bzbBHl37PhFg3WASxl11rCIFBy7YAq5p
nZfOnOBvJXvUK+AKyMnjPFEyWa74u0AUBJGaBs69e8Ur60pqFYry7QcOLE1qZC+8
3NeCvXhuUdFjG487mnwm90r6VppwhCrm8T1kGZV80LfZuErY/wpleBolcwQ9kiUb
WTYhgNFaAxRNtXvwlux59v6GDbfpwzXyewzWYniwZxHghiaRllll0eRs84qUVIKH
jdbL0A+hWpR3II6ewsz5iVcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 300022383813969499942107012946540047890668
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-20 21:03:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-18 21:03:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chorzeitung.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 822978375016013794746207271945795859179102356494019798894674823364557367907993140884252991002905106568129604190326760895691451145671192815115320712000784064798053417680049269661192221914052450064247249521957148958669258957752910945735399512444758009096931106732992685385058496917052303557983311664972068837734817519740036368141709744132441563437255235435823618053330349535994341513390545138311756767147064189575354905984879178538642847987654651936057507784556743945233643136507925577248162557931633931214818495407223147831772159871845178811734742696740678704527453264589270137066065504353278796867356720972219390462184337747402522530745928211934827866416518257013711464818391912524541292440664107110308485907681512628062640041843340691822041595141784857570288864934558391997311703158241647431356249097566134694142528353277214141121134765949970248078153689458616015604895106780762010549159199918894046571865224584008156535963068364892495275939430369009068186060829753360724939874885160511727570176238401930812994483730882397771358439064584927951263977430690822088594687569253717265354792299131313982242235224846734130495168272939094594882540690143173866545018871678627852365585076226975053746632909653911380002930858371351950439057751
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							142adf04f5a06e0e50ba5cf3179368e84460a7b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (238 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'calendar.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'files.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fw.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pad.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slackin.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'task.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.chorzeitung.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chorzeitung.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c116935a0000004030046304402203d9023f4bf4fba97f40f6005cd35450390df4e482813360c0567d8e28872b68302201ae715ea9c66506858fdd62b86668cb410ce968dd95215eca3ae8eea9f7bded800760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016c116933d20000040300473045022072605af4eb168f7d3c36f35f28b95d0480d82e571211d6ae3d80f61f227e40c4022100b7a3d2c52165d315b356b2c663f82f2e0f613e767eb1b8527a3e0fbb0fb2ab26
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0069fce9e58572cc708259f041febdac3eaddd0b32b80dbdfdbf4f72edc8c8ed3f1b1e3d73995d2c43eb1d1eff9a5ee547a791818c1783f24d156b26c8d10f0bb4cc2d39ca1e8e91e663180ceb67d8f0648a74311a081d3d421ba8a04ca2f4418c9a17cdbfe8051f9e25b25e2b9036896eb3dc9299476f277d5539a14bd9fee29378b20e6a5ce532c45829f2015bab3b8a3ec337fa201a2b4f5eaaa1a990a5700368ff9205e7f33ec2e4950f6c0a89e534cc1bac83bc12ac1f6233089b27818987b86bfda297bd83983d7141b760110d41d361588c012a004e33c34461ebe63ab7026ff3dd79ceec1598442b310ceafab1f39483ab376aa509bacdf6fab5da2aa1