5767409591910400-fe4.pantheonsite.io

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:60:77:4d:b7:a4:1c:a8:b7:66:78:78:ac:11:f9:14:9a:80 was issued on by Let's Encrypt.

With 100 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=5767409591910400-fe4.pantheonsite.io

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:60:77:4d:b7:a4:1c:a8:b7:66:78:78:ac:11:f9:14:9a:80
Serial Number (int): 294162546682730590269449657714890681653888
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 21:94:73:60:6e:38:83:d3:b7:ab:c0:e8:ee:20:18:12:3c:90:82:1e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): e4:4b:91:c0:c2:c0:d9:f1:e8:20:32:f6:4c:c7:be:ca:19:80:d5:8f
Fingerprint (sha256): b1:de:e4:b7:ae:c3:80:08:4f:15:39:f6:55:49:cb:10:a8:3a:79:f6:89:14:d6:88:c9:67:c2:9c:1f:46:30:f6

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate 5767409591910400-fe4.pantheonsite.io

100

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for 5767409591910400-fe4.pantheonsite.io

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

5767409591910400-fe4.pantheonsite.io
aileyextension.com
alvinailey.org
ask.alvinailey.org
atc.usenix.org
benelligiveabuck.com
benellitv.com
benelliusa.com
benelliusa.net
benelliworldclass.com
blog.alvinailey.org
blogs.usenix.org
bridges.fi.edu
cebrightfutures.org
clomedia.com
cornellphysicians.com
criancas.visaomundial.org.br
csekb.com
davidrouzer.com
db.usenix.org
dev.aileyextension.com
dev.alvinailey.org
dev.theaileyschool.edu
developingdesigns.com
discovery.mnhs.org
enigma.usenix.org
eurotechseating.com
events.mnhs.org
fast.usenix.org
fi.edu
fintechsandbox.org
franklininstitute.org
keystone.fi.edu
lisa.usenix.org
live.aileyextension.com
live.alvinailey.org
live.theaileyschool.edu
mapexplorer.mnhs.org
media.benelliusa.com
media.fi.edu
mercadojusto.com.br
minnesotahistoricalsociety.org
mnhistory.org
mnhs.org
mnhspress.org
mnplaces.mnhs.org
nl.mnhs.org
nrhp.mnhs.org
nsdi.usenix.org
nwb.org
ontour.tableau.com
ops.fi.edu
origin-trust.tableau.com
osdi.usenix.org
preservationdirectory.mnhs.org
renew.fi.edu
scistore.fi.edu
security.usenix.org
sln.fi.edu
srecon.usenix.org
stories.mnhs.org
test.aileyextension.com
test.alvinailey.org
test.fullplateliving.org
test.theaileyschool.edu
theaileyschool.edu
tickets.mnhs.org
usenix.com
usenix.net
usenix.org
visaomundial.org.br
worldvision.org.br
www.aileyextension.com
www.alvinailey.org
www.benelligiveabuck.com
www.benellitv.com
www.benelliusa.com
www.benelliusa.net
www.benelliworldclass.com
www.cebrightfutures.org
www.clomedia.com
www.davidrouzer.com
www.developingdesigns.com
www.eurotechseating.com
www.fi.edu
www.fintechsandbox.org
www.franklininstitute.org
www.keystone.fi.edu
www.mercadojusto.com.br
www.minnesotahistoricalsociety.org
www.mnhistory.org
www.mnhs.org
www.mnhspress.org
www.nwb.org
www.theaileyschool.edu
www.usenix.com
www.usenix.org
www.visaomundial.org.br
www.worldvision.org.br
www2.fi.edu

Other certificates including the domain name 5767409591910400-fe4.pantheonsite.io

(limited to 100 certificates)
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io
5767409591910400-fe4.pantheonsite.io

Certificate

The complete raw certificate details for 5767409591910400-fe4.pantheonsite.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMwDCCC6igAwIBAgISA2B3TbekHKi3Znh4rBH5FJqAMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA3MjMwMzI1MDBaFw0x
NzEwMjEwMzI1MDBaMC8xLTArBgNVBAMTJDU3Njc0MDk1OTE5MTA0MDAtZmU0LnBh
bnRoZW9uc2l0ZS5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANu9
nBTUPuUqezErg2Nk4V7AyMGKrFcTQpKWtbz5MLKg9tfknuDNjzPLXu6cZR9TliSl
mtBJdcnSwsSvGS/JnG1NGQkuAvHnOW1SEmIv7t0uYFy9OWAHVRND5NxhTia1zzl3
WN7c1YW4m0ppy8yeVv8lTcObNLYjEJT6bKC2EuRAbM4bnE1/YumdKAbY7DugJPcD
4b0yY+2PKUEJ+XUZf0ISpp6LRfGan3y2zMtv2nMAgGyOdXsDqH0ddi5FLbBfM6o4
saAN19M3+InBTwQB6dfAMJP2Jx5AuLdubGFs4soqvt3L5/Zo457ZQhlmwVavgD3n
tcMSvb6A0DYKyw9AYtUCAwEAAaOCCbkwggm1MA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUIZRzYG44g9O3q8Do7iAYEjyQgh4wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3
pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2Nz
cC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2Vy
dC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzCCB8IGA1UdEQSCB7kwgge1giQ1NzY3
NDA5NTkxOTEwNDAwLWZlNC5wYW50aGVvbnNpdGUuaW+CEmFpbGV5ZXh0ZW5zaW9u
LmNvbYIOYWx2aW5haWxleS5vcmeCEmFzay5hbHZpbmFpbGV5Lm9yZ4IOYXRjLnVz
ZW5peC5vcmeCFGJlbmVsbGlnaXZlYWJ1Y2suY29tgg1iZW5lbGxpdHYuY29tgg5i
ZW5lbGxpdXNhLmNvbYIOYmVuZWxsaXVzYS5uZXSCFWJlbmVsbGl3b3JsZGNsYXNz
LmNvbYITYmxvZy5hbHZpbmFpbGV5Lm9yZ4IQYmxvZ3MudXNlbml4Lm9yZ4IOYnJp
ZGdlcy5maS5lZHWCE2NlYnJpZ2h0ZnV0dXJlcy5vcmeCDGNsb21lZGlhLmNvbYIV
Y29ybmVsbHBoeXNpY2lhbnMuY29tghxjcmlhbmNhcy52aXNhb211bmRpYWwub3Jn
LmJyggljc2VrYi5jb22CD2Rhdmlkcm91emVyLmNvbYINZGIudXNlbml4Lm9yZ4IW
ZGV2LmFpbGV5ZXh0ZW5zaW9uLmNvbYISZGV2LmFsdmluYWlsZXkub3JnghZkZXYu
dGhlYWlsZXlzY2hvb2wuZWR1ghVkZXZlbG9waW5nZGVzaWducy5jb22CEmRpc2Nv
dmVyeS5tbmhzLm9yZ4IRZW5pZ21hLnVzZW5peC5vcmeCE2V1cm90ZWNoc2VhdGlu
Zy5jb22CD2V2ZW50cy5tbmhzLm9yZ4IPZmFzdC51c2VuaXgub3JnggZmaS5lZHWC
EmZpbnRlY2hzYW5kYm94Lm9yZ4IVZnJhbmtsaW5pbnN0aXR1dGUub3Jngg9rZXlz
dG9uZS5maS5lZHWCD2xpc2EudXNlbml4Lm9yZ4IXbGl2ZS5haWxleWV4dGVuc2lv
bi5jb22CE2xpdmUuYWx2aW5haWxleS5vcmeCF2xpdmUudGhlYWlsZXlzY2hvb2wu
ZWR1ghRtYXBleHBsb3Jlci5tbmhzLm9yZ4IUbWVkaWEuYmVuZWxsaXVzYS5jb22C
DG1lZGlhLmZpLmVkdYITbWVyY2Fkb2p1c3RvLmNvbS5icoIebWlubmVzb3RhaGlz
dG9yaWNhbHNvY2lldHkub3Jngg1tbmhpc3Rvcnkub3JngghtbmhzLm9yZ4INbW5o
c3ByZXNzLm9yZ4IRbW5wbGFjZXMubW5ocy5vcmeCC25sLm1uaHMub3Jngg1ucmhw
Lm1uaHMub3Jngg9uc2RpLnVzZW5peC5vcmeCB253Yi5vcmeCEm9udG91ci50YWJs
ZWF1LmNvbYIKb3BzLmZpLmVkdYIYb3JpZ2luLXRydXN0LnRhYmxlYXUuY29tgg9v
c2RpLnVzZW5peC5vcmeCHnByZXNlcnZhdGlvbmRpcmVjdG9yeS5tbmhzLm9yZ4IM
cmVuZXcuZmkuZWR1gg9zY2lzdG9yZS5maS5lZHWCE3NlY3VyaXR5LnVzZW5peC5v
cmeCCnNsbi5maS5lZHWCEXNyZWNvbi51c2VuaXgub3JnghBzdG9yaWVzLm1uaHMu
b3Jnghd0ZXN0LmFpbGV5ZXh0ZW5zaW9uLmNvbYITdGVzdC5hbHZpbmFpbGV5Lm9y
Z4IYdGVzdC5mdWxscGxhdGVsaXZpbmcub3Jnghd0ZXN0LnRoZWFpbGV5c2Nob29s
LmVkdYISdGhlYWlsZXlzY2hvb2wuZWR1ghB0aWNrZXRzLm1uaHMub3Jnggp1c2Vu
aXguY29tggp1c2VuaXgubmV0ggp1c2VuaXgub3JnghN2aXNhb211bmRpYWwub3Jn
LmJyghJ3b3JsZHZpc2lvbi5vcmcuYnKCFnd3dy5haWxleWV4dGVuc2lvbi5jb22C
End3dy5hbHZpbmFpbGV5Lm9yZ4IYd3d3LmJlbmVsbGlnaXZlYWJ1Y2suY29tghF3
d3cuYmVuZWxsaXR2LmNvbYISd3d3LmJlbmVsbGl1c2EuY29tghJ3d3cuYmVuZWxs
aXVzYS5uZXSCGXd3dy5iZW5lbGxpd29ybGRjbGFzcy5jb22CF3d3dy5jZWJyaWdo
dGZ1dHVyZXMub3JnghB3d3cuY2xvbWVkaWEuY29tghN3d3cuZGF2aWRyb3V6ZXIu
Y29tghl3d3cuZGV2ZWxvcGluZ2Rlc2lnbnMuY29tghd3d3cuZXVyb3RlY2hzZWF0
aW5nLmNvbYIKd3d3LmZpLmVkdYIWd3d3LmZpbnRlY2hzYW5kYm94Lm9yZ4IZd3d3
LmZyYW5rbGluaW5zdGl0dXRlLm9yZ4ITd3d3LmtleXN0b25lLmZpLmVkdYIXd3d3
Lm1lcmNhZG9qdXN0by5jb20uYnKCInd3dy5taW5uZXNvdGFoaXN0b3JpY2Fsc29j
aWV0eS5vcmeCEXd3dy5tbmhpc3Rvcnkub3Jnggx3d3cubW5ocy5vcmeCEXd3dy5t
bmhzcHJlc3Mub3Jnggt3d3cubndiLm9yZ4IWd3d3LnRoZWFpbGV5c2Nob29sLmVk
dYIOd3d3LnVzZW5peC5jb22CDnd3dy51c2VuaXgub3Jnghd3d3cudmlzYW9tdW5k
aWFsLm9yZy5icoIWd3d3LndvcmxkdmlzaW9uLm9yZy5icoILd3d3Mi5maS5lZHUw
gf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsG
AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIw
gZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5
IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhl
IENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0
Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAdvSASY21SqtYeU0C
ixQyLHvN35R9X3xY2Aai3Hi7daS3Z+Yw2VotyRVD2ySEbaPA6E/dtgYS48OiIPXt
udtcHdqJR8Nn2BrmOi37u/zKaDTrygsnGf8oVteIrctNIOczPaMybOevbxzMedKg
2jonGAVQdrrED/aH2HiymriNBg3dijjJl/mnAPBFo0X+pInCHg578TDQuYQ4COd5
FNs8HV73WqQdRhd2ApX0zHuEsEqtL6vTrIokb2itRExQ5RGmmeShlEt5y9uh59fs
cJORpwh3GBuFAK/huTfB/H54diUA4E6AITs9ddikL8CiC2SftjKLUKVSZbrIv03m
yCCYMA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA272cFNQ+5Sp7MSuDY2Th
XsDIwYqsVxNCkpa1vPkwsqD21+Se4M2PM8te7pxlH1OWJKWa0El1ydLCxK8ZL8mc
bU0ZCS4C8ec5bVISYi/u3S5gXL05YAdVE0Pk3GFOJrXPOXdY3tzVhbibSmnLzJ5W
/yVNw5s0tiMQlPpsoLYS5EBszhucTX9i6Z0oBtjsO6Ak9wPhvTJj7Y8pQQn5dRl/
QhKmnotF8ZqffLbMy2/acwCAbI51ewOofR12LkUtsF8zqjixoA3X0zf4icFPBAHp
18Awk/YnHkC4t25sYWziyiq+3cvn9mjjntlCGWbBVq+APee1wxK9voDQNgrLD0Bi
1QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 294162546682730590269449657714890681653888
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-23 03:25:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-21 03:25:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5767409591910400-fe4.pantheonsite.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27739688811893269036016379549165623345384304716432411784997726975904282396557244944884554656982237379757036775920578306420085292108863135456109976823504130306720002816762831772985480182447521425227414873317791342408889987413507450866258682576701709901276326557907494122196374920604025297368966273818165110063927789268983673991101120403710344727157320012776364954666128345090272886739830409733410913763927476572096673582698594697013000416549853567966196866156432234911170324142723152007865427093478266443505797244356280911038797441899530382336871679066660676959221264644310183132745013566615018569898569021232869565141
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							219473606e3883d3b7abc0e8ee2018123c90821e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1977 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '5767409591910400-fe4.pantheonsite.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aileyextension.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ask.alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'atc.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benelligiveabuck.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benellitv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benelliusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benelliusa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'benelliworldclass.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blogs.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridges.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cebrightfutures.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clomedia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cornellphysicians.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'criancas.visaomundial.org.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'csekb.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'davidrouzer.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'db.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.aileyextension.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.theaileyschool.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'developingdesigns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'discovery.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enigma.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eurotechseating.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'events.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fast.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fintechsandbox.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'franklininstitute.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'keystone.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lisa.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'live.aileyextension.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'live.alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'live.theaileyschool.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mapexplorer.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.benelliusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mercadojusto.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'minnesotahistoricalsociety.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mnhistory.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mnhspress.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mnplaces.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nl.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nrhp.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nsdi.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nwb.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ontour.tableau.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ops.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'origin-trust.tableau.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'osdi.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'preservationdirectory.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'renew.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scistore.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'security.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sln.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'srecon.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stories.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.aileyextension.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.fullplateliving.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.theaileyschool.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theaileyschool.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usenix.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usenix.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'visaomundial.org.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldvision.org.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aileyextension.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.alvinailey.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.benelligiveabuck.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.benellitv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.benelliusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.benelliusa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.benelliworldclass.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cebrightfutures.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.clomedia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.davidrouzer.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.developingdesigns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eurotechseating.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fintechsandbox.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.franklininstitute.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.keystone.fi.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mercadojusto.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.minnesotahistoricalsociety.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mnhistory.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mnhs.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mnhspress.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nwb.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theaileyschool.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usenix.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usenix.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.visaomundial.org.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.worldvision.org.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.fi.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0076f480498db54aab58794d028b14322c7bcddf947d5f7c58d806a2dc78bb75a4b767e630d95a2dc91543db24846da3c0e84fddb60612e3c3a220f5edb9db5c1dda8947c367d81ae63a2dfbbbfcca6834ebca0b2719ff2856d788adcb4d20e7333da3326ce7af6f1ccc79d2a0da3a2718055076bac40ff687d878b29ab88d060ddd8a38c997f9a700f045a345fea489c21e0e7bf130d0b9843808e77914db3c1d5ef75aa41d4617760295f4cc7b84b04aad2fabd3ac8a246f68ad444c50e511a699e4a1944b79cbdba1e7d7ec709391a70877181b8500afe1b937c1fc7e78762500e04e80213b3d75d8a42fc0a20b649fb6328b50a55265bac8bf4de6c8209830