thelightsource.co.uk
Issued by Sectigo RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number ec:94:0a:38:53:8b:f0:64:88:67:07:ab:6a:38:a4:39 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=thelightsource.co.uk
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): ec:94:0a:38:53:8b:f0:64:88:67:07:ab:6a:38:a4:39Serial Number (int): 314466474227032869536385327783669703737
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: bd:40:57:45:7a:e5:18:35:e4:a7:91:31:e9:92:ca:81:29:14:97:1a
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1
Fingerprint (sha1): 2e:8b:5c:9f:14:61:e3:89:5a:d8:a3:63:bf:18:cc:1b:65:d8:84:27
Fingerprint (sha256): af:28:4c:52:39:af:6c:3b:82:76:9e:ff:d6:ef:df:5b:49:42:37:4a:37:1b:2e:39:74:fc:5f:a9:a3:2f:e0:15
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate thelightsource.co.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thelightsource.co.uk
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thelightsource.co.uk
www.thelightsource.co.uk
www.thelightsource.co.uk
Other certificates including the domain name thelightsource.co.uk
(limited to 100 certificates)
logajob.ithelp.expert
empleos.sasseguridadprivada.com.mx
careers.paicsolar.com
www.thelightsource.co.uk
careers.movere.ai
www.thelightsource.co.uk
www.thelightsource.co.uk
www.thelightsource.co.uk
careers.theskunklabs.com
logajob.ithelp.expert
separtede.mibluemedical.com
jobs.3sixtydental.com
www.thelightsource.co.uk
recruit.scarletglobe.shop
jobs.pointerremoteroles.com.au
jobs.btcrecruitment.com
www.thelightsource.co.uk
x.www.thelightsource.co.uk
www.thelightsource.co.uk
www.thelightsource.co.uk
career.knoxpo.com
job.manpowerspecialists.com
careers.theskunklabs.com
www.thelightsource.co.uk
www.thelightsource.co.uk
jobs.3sixtydental.com
www.thelightsource.co.uk
www.thelightsource.co.uk
jobs.n8n.io
recruit.ahg.af
career.blackpenrecruitment.co.za
jobs.cryptopia.com
job.innovationgenes.com
www.thelightsource.co.uk
thelightsource.co.uk
www.thelightsource.co.uk
careers.sttrinity.com.au
careers.theskunklabs.com
careers.theskunklabs.com
careers.truelightit.com
careers.cognativinc.com
thelightsource.co.uk
jobs.finlanza.com
careers.theskunklabs.com
soporte.nextlevelip.com
careers.tharwah.net
careers.theskunklabs.com
notifications.thelightsource.co.uk
careers.solidsystems.co.za
soporte.nextlevelip.com
recruitment.gpdavies.co.uk
talent.vernal.is
careers.solidsystems.co.za
careers.mindcaresolutions.com
www.thelightsource.co.uk
support.thelightsource.co.uk
empleos.sasseguridadprivada.com.mx
careers.paicsolar.com
www.thelightsource.co.uk
careers.movere.ai
www.thelightsource.co.uk
www.thelightsource.co.uk
www.thelightsource.co.uk
careers.theskunklabs.com
logajob.ithelp.expert
separtede.mibluemedical.com
jobs.3sixtydental.com
www.thelightsource.co.uk
recruit.scarletglobe.shop
jobs.pointerremoteroles.com.au
jobs.btcrecruitment.com
www.thelightsource.co.uk
x.www.thelightsource.co.uk
www.thelightsource.co.uk
www.thelightsource.co.uk
career.knoxpo.com
job.manpowerspecialists.com
careers.theskunklabs.com
www.thelightsource.co.uk
www.thelightsource.co.uk
jobs.3sixtydental.com
www.thelightsource.co.uk
www.thelightsource.co.uk
jobs.n8n.io
recruit.ahg.af
career.blackpenrecruitment.co.za
jobs.cryptopia.com
job.innovationgenes.com
www.thelightsource.co.uk
thelightsource.co.uk
www.thelightsource.co.uk
careers.sttrinity.com.au
careers.theskunklabs.com
careers.theskunklabs.com
careers.truelightit.com
careers.cognativinc.com
thelightsource.co.uk
jobs.finlanza.com
careers.theskunklabs.com
soporte.nextlevelip.com
careers.tharwah.net
careers.theskunklabs.com
notifications.thelightsource.co.uk
careers.solidsystems.co.za
soporte.nextlevelip.com
recruitment.gpdavies.co.uk
talent.vernal.is
careers.solidsystems.co.za
careers.mindcaresolutions.com
www.thelightsource.co.uk
support.thelightsource.co.uk
Certificate
The complete raw certificate details for thelightsource.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHTDCCBjSgAwIBAgIRAOyUCjhTi/BkiGcHq2o4pDkwDQYJKoZIhvcNAQELBQAw gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD QTAeFw0yNDA0MDMwMDAwMDBaFw0yNTA1MDMyMzU5NTlaMB8xHTAbBgNVBAMTFHRo ZWxpZ2h0c291cmNlLmNvLnVrMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAumk6qyWY/mnkSwN6FFWFDjED79PdXoQizBOb8Ln3RyZTi+1+ElW9uyo1+HlY 5C7dD4NZY7bTaJPivDKjimMmJLOsuVoLA7uIaTl/f0XRMmSMVt1nv54VuAuctM5M T/7njEp4+dZFy3FWFvp3V6tnKVkB+LI69TOBTw9vyR+2Fe1OB6uT4P55rMsroo6n FOHrJfWtnbZWLkkrj7lQ5CeNfSWFORmvVKKyBfzghjX9pFjq/JNnjVDaHSd/XXg2 ndhDR9WHtaUPoAxN5UCKeNDJZRkjPalMLLX8znOoKTIYvLrlyEaSdfzLl86MQ9w1 2pZO8Mevpnx3KOU1iOgDwiroI2kabllCenoJ0M2e4EDj7OIV2n3q4lg2WaajMV43 0xqnugbaGubGLg4amgoSso8LaXuHSrdC/ge82unZ0HLE7Y+garBnpnoH33ffrVV0 N2XsaN90w7H+iahf9200oez057Ejzq473ZiQKXiF8rZvHQxFIJEFUTsxD5ESOpxs rwMRO1BjY6ISm63weQdDKDNmISBUDT7Dq9/XI2N4icMXn+VxuCCOePVe8wlfgql8 /V1Y1/bA+yhfeKYG8T7v0NPQwMoxTZUkyEO+KMzWYLr0uuMgiu99e5+12kf3zdie KQmIyXJHP9UNGgn/My7EDxN1O3viRVz9h5gZrjTvztNTuMECAwEAAaOCAxAwggMM MB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBS9QFdF euUYNeSnkTHpksqBKRSXGjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEE AbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAI BgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2Ny dC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNl cnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20w OQYDVR0RBDIwMIIUdGhlbGlnaHRzb3VyY2UuY28udWuCGHd3dy50aGVsaWdodHNv dXJjZS5jby51azCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAzxFW7tUufK/z h1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOorClZAAABAMARzBFAiA0fYpU4UGV 3XQ2QblYpjLJ9CEqjlIy9FyuqAV+YqGdrQIhANZEoRv6B8EULdVgemSp0tpILiYb feKJigJVZr5U0ZskAHUAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cA AAGOorClRQAABAMARjBEAiBJf751N7rdG3s4/FOOpCOQ8s6CEUm+ZXmeoNc4uwdp TgIgHn8WAtND3Y+n3zIWcQbXCL4MVSocoORkraIDdfVddZQAdwBOdaMnXJoQwzhb bNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY6isKVHAAAEAwBIMEYCIQDBT1WJE2h4 t2myEsVBnNH2S4nVrrUqPwy9jTEVZO1MmAIhAIBRD5ogXLhytjsjtxmajcLqnERV XPg4gA+n/81KvKoVMA0GCSqGSIb3DQEBCwUAA4IBAQCzcCQeJcm8UFI25uc7xh5Y ROPeQ/PS6PQbYwGRGa08gdxvoR1PVi23Yb0h5OGZiLjgAeteTR27bucPvtphubp7 KE5xTxFHzXaqqow+kmQxuiSgJZa2E5ZuE2iXZWjOuT+HYNtEmtSLHp6vlMsGDSmS 1k5U8bx9LI3xC4gjA+qWA8A/pZXLqd0ZRPlHmw5Fnln3ebJMRss1uCSV2HgQ0I3A tQhhUbosAdqqBpy6FHQyfZFrsmwOJFnrmVzavUMkIjAboXikPG7Lg4JSMSJkCsdR 0U3hSx8L4oImPK8keRVs6qtYfmuqAKkihPdWt3Q3wIUefJ4diKQ9G0v8vGH4jXwA -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAumk6qyWY/mnkSwN6FFWF DjED79PdXoQizBOb8Ln3RyZTi+1+ElW9uyo1+HlY5C7dD4NZY7bTaJPivDKjimMm JLOsuVoLA7uIaTl/f0XRMmSMVt1nv54VuAuctM5MT/7njEp4+dZFy3FWFvp3V6tn KVkB+LI69TOBTw9vyR+2Fe1OB6uT4P55rMsroo6nFOHrJfWtnbZWLkkrj7lQ5CeN fSWFORmvVKKyBfzghjX9pFjq/JNnjVDaHSd/XXg2ndhDR9WHtaUPoAxN5UCKeNDJ ZRkjPalMLLX8znOoKTIYvLrlyEaSdfzLl86MQ9w12pZO8Mevpnx3KOU1iOgDwiro I2kabllCenoJ0M2e4EDj7OIV2n3q4lg2WaajMV430xqnugbaGubGLg4amgoSso8L aXuHSrdC/ge82unZ0HLE7Y+garBnpnoH33ffrVV0N2XsaN90w7H+iahf9200oez0 57Ejzq473ZiQKXiF8rZvHQxFIJEFUTsxD5ESOpxsrwMRO1BjY6ISm63weQdDKDNm ISBUDT7Dq9/XI2N4icMXn+VxuCCOePVe8wlfgql8/V1Y1/bA+yhfeKYG8T7v0NPQ wMoxTZUkyEO+KMzWYLr0uuMgiu99e5+12kf3zdieKQmIyXJHP9UNGgn/My7EDxN1 O3viRVz9h5gZrjTvztNTuMECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 314466474227032869536385327783669703737 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thelightsource.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 760490740305911456248905056273370620050151309661513553548836482804559151952259767180794892062672142638689692687933931268128517523445263349532411101505353832863379258379544655711783325229983049221062394853319563561262619288000159238249807886672047666373573131590578459088262138391975062585704612005301569265959192419502333328894690658607652616944011961681435852843464281069179610894136179038204729669623932763190958885050629661759194605326687053961914041819391038911409732336419792410407083894333706700226347321160184057244828374238189601112147309592420870776997076329315117440515553701415243690281270178442318604387281680862564652165578216715301515256131003239217962815638689698500755502448872305418384039787430757990428099227792322838970986611552338102383912679441772831291675064224025476071648367824139171529725718976895042943036909842992879986825856484338190537221403620906537439764604799704875487374085594491339333636766818563176690250743596411307592939310140529160511122833927609828578663076424636774622465364618432941517776150868585047384747562229099345829433404689375363347440248551869364903774720729183168169168892180338371489565710245286243164379652650714626008565811741121703458905470861496865308790067577157247553380792513 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bd4057457ae51835e4a79131e992ca812914971a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thelightsource.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thelightsource.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018ea2b0a56400000403004730450220347d8a54e14195dd743641b958a632c9f4212a8e5232f45caea8057e62a19dad022100d644a11bfa07c1142dd5607a64a9d2da482e261b7de2898a025566be54d19b24007500a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018ea2b0a54500000403004630440220497fbe7537badd1b7b38fc538ea42390f2ce821149be65799ea0d738bb07694e02201e7f1602d343dd8fa7df32167106d708be0c552a1ca0e464ada20375f55d75940077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ea2b0a5470000040300483046022100c14f5589136878b769b212c5419cd1f64b89d5aeb52a3f0cbd8d311564ed4c9802210080510f9a205cb872b63b23b7199a8dc2ea9c44555cf838800fa7ffcd4abcaa15 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b370241e25c9bc505236e6e73bc61e5844e3de43f3d2e8f41b63019119ad3c81dc6fa11d4f562db761bd21e4e19988b8e001eb5e4d1dbb6ee70fbeda61b9ba7b284e714f1147cd76aaaa8c3e926431ba24a02596b613966e1368976568ceb93f8760db449ad48b1e9eaf94cb060d2992d64e54f1bc7d2c8df10b882303ea9603c03fa595cba9dd1944f9479b0e459e59f779b24c46cb35b82495d87810d08dc0b5086151ba2c01daaa069cba1474327d916bb26c0e2459eb995cdabd432422301ba178a43c6ecb8382523122640ac751d14de14b1f0be282263caf2479156ceaab587e6baa00a92284f756b77437c0851e7c9e1d88a43d1b4bfcbc61f88d7c00