yourlifeiowa.org
Issued by R3
About this certificate
This digital certificate with serial number 03:3c:95:a6:c9:59:61:17:54:09:3f:ba:01:67:92:6f:2d:05 was issued on by Let's Encrypt.
With 76 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=yourlifeiowa.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:3c:95:a6:c9:59:61:17:54:09:3f:ba:01:67:92:6f:2d:05Serial Number (int): 281952720787033202039974378377264734612741
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6e:ca:9b:db:44:2e:30:db:d9:62:85:7d:8b:53:0b:63:6a:ee:0f:32
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 74:7b:e4:eb:ff:91:2b:60:70:ff:9c:c9:3e:93:e5:d0:8e:18:e0:77
Fingerprint (sha256): b9:ad:e0:ab:90:97:f3:a5:ca:c7:d0:29:dc:f6:bb:5b:4d:51:4c:9e:0f:e0:38:8d:81:1a:96:c8:bc:64:a2:2c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate yourlifeiowa.org
76
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for yourlifeiowa.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
1800betsoff.org
childsupport.ia.gov
coalitions.drugfreeinfo.org
dpscareers.com
drugfreeinfo.com
drugfreeinfo.net
drugfreeinfo.org
educateiowa.gov
facilitylocator.drugfreeinfo.org
iahealthlink.gov
iaschoolperformance.gov
iaschoolperformance.org
iowaattorneygeneral.org
iowacourtsonline.com
iowacourtsonline.net
iowacourtsonline.org
iowacultureapp.com
iowacultureapp.org
iowadnr.net
iowadot.org
iowahumanitiescouncil.gov
iowaoutdoorsmagazine.com
iowap2interns.com
iowasourcewater.org
iowatitleguaranty.gov
iowaworkforcedevelopment.gov
iowaworks.gov
iowaworks.org
query.iowasexoffender.org
recoveryiowa.org
resources.iowahistory.org
skillediowa.org
stophtiowa.org
whatdrivesyouiowa.com
whatdrivesyouiowa.org
www.1800betsoff.org
www.childsupport.ia.gov
www.cjis.iowa.gov
www.dia-hfd.state.ia.us
www.dom.state.ia.us
www.dpscareers.com
www.food.iowa.gov
www.govelect.iowa.gov
www.governor.state.ia.us
www.ia.gov
www.iaschoolperformance.gov
www.iaschoolperformance.org
www.icn.state.ia.us
www.iid.state.ia.us
www.infoiowa.state.ia.us
www.insuranceca.iowa.gov
www.iowabyways.org
www.iowacleanair.gov
www.iowacourtsonline.com
www.iowacourtsonline.net
www.iowacourtsonline.org
www.iowacultureapp.com
www.iowacultureapp.org
www.iowadnr.com
www.iowadnr.net
www.iowadot.org
www.iowagreatplaces.gov
www.iowagtsb.org
www.iowahistory.org
www.iowahush.com
www.iowap2services.com
www.iowareap.com
www.iowaroadsigns.com
www.iowasexoffender.com
www.iowasexoffender.net
www.iowasexoffender.org
www.iowasexoffenders.com
www.iowasexoffenders.net
www.iowasexoffenders.org
www.stophtiowa.org
yourlifeiowa.org
childsupport.ia.gov
coalitions.drugfreeinfo.org
dpscareers.com
drugfreeinfo.com
drugfreeinfo.net
drugfreeinfo.org
educateiowa.gov
facilitylocator.drugfreeinfo.org
iahealthlink.gov
iaschoolperformance.gov
iaschoolperformance.org
iowaattorneygeneral.org
iowacourtsonline.com
iowacourtsonline.net
iowacourtsonline.org
iowacultureapp.com
iowacultureapp.org
iowadnr.net
iowadot.org
iowahumanitiescouncil.gov
iowaoutdoorsmagazine.com
iowap2interns.com
iowasourcewater.org
iowatitleguaranty.gov
iowaworkforcedevelopment.gov
iowaworks.gov
iowaworks.org
query.iowasexoffender.org
recoveryiowa.org
resources.iowahistory.org
skillediowa.org
stophtiowa.org
whatdrivesyouiowa.com
whatdrivesyouiowa.org
www.1800betsoff.org
www.childsupport.ia.gov
www.cjis.iowa.gov
www.dia-hfd.state.ia.us
www.dom.state.ia.us
www.dpscareers.com
www.food.iowa.gov
www.govelect.iowa.gov
www.governor.state.ia.us
www.ia.gov
www.iaschoolperformance.gov
www.iaschoolperformance.org
www.icn.state.ia.us
www.iid.state.ia.us
www.infoiowa.state.ia.us
www.insuranceca.iowa.gov
www.iowabyways.org
www.iowacleanair.gov
www.iowacourtsonline.com
www.iowacourtsonline.net
www.iowacourtsonline.org
www.iowacultureapp.com
www.iowacultureapp.org
www.iowadnr.com
www.iowadnr.net
www.iowadot.org
www.iowagreatplaces.gov
www.iowagtsb.org
www.iowahistory.org
www.iowahush.com
www.iowap2services.com
www.iowareap.com
www.iowaroadsigns.com
www.iowasexoffender.com
www.iowasexoffender.net
www.iowasexoffender.org
www.iowasexoffenders.com
www.iowasexoffenders.net
www.iowasexoffenders.org
www.stophtiowa.org
yourlifeiowa.org
Other certificates including the domain name yourlifeiowa.org
(limited to 100 certificates)
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.org
yourlifeiowa.com
Certificate
The complete raw certificate details for yourlifeiowa.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIILXTCCCkWgAwIBAgISAzyVpslZYRdUCT+6AWeSby0FMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTExMzUyNDhaFw0yNDAxMDkxMzUyNDdaMBsxGTAXBgNVBAMT EHlvdXJsaWZlaW93YS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCy6vHCDRwElJuv3fCwAWorOFRCF9i05zoZIpzJB+A+m1zeIWQoFL2KGHXNRZ8K 6xBX/3AlmMtLDEpTEOaQWclCdj3KG0JyLo0C6wtUU/XySA/RynX1DlAAObw/ISmE TAk5NBAtTCY3L8cE9HvbK/oL86dsRsako2bhAr63v7WTC006aYMWVaRewLMxD9Fa m+XA3dgybVHRHq2ydoYeobL8D6ugwYLkQHdlGg77ktb+YiOXQ9TYP+pB8xx8FmXH oh4lO64JWrsYpU8wEV6D03yvm/yJ0dyKVmUMTrqYqKtfk65gycJD9UZR/fl6sFn1 qmNb4PKBYWLFdzCLLtBqLdM7AgMBAAGjggiCMIIIfjAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFG7Km9tELjDb2WKFfYtTC2Nq7g8yMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMIIGiQYDVR0RBIIGgDCCBnyCDzE4MDBiZXRzb2ZmLm9yZ4ITY2hpbGRzdXBw b3J0LmlhLmdvdoIbY29hbGl0aW9ucy5kcnVnZnJlZWluZm8ub3Jngg5kcHNjYXJl ZXJzLmNvbYIQZHJ1Z2ZyZWVpbmZvLmNvbYIQZHJ1Z2ZyZWVpbmZvLm5ldIIQZHJ1 Z2ZyZWVpbmZvLm9yZ4IPZWR1Y2F0ZWlvd2EuZ292giBmYWNpbGl0eWxvY2F0b3Iu ZHJ1Z2ZyZWVpbmZvLm9yZ4IQaWFoZWFsdGhsaW5rLmdvdoIXaWFzY2hvb2xwZXJm b3JtYW5jZS5nb3aCF2lhc2Nob29scGVyZm9ybWFuY2Uub3Jnghdpb3dhYXR0b3Ju ZXlnZW5lcmFsLm9yZ4IUaW93YWNvdXJ0c29ubGluZS5jb22CFGlvd2Fjb3VydHNv bmxpbmUubmV0ghRpb3dhY291cnRzb25saW5lLm9yZ4ISaW93YWN1bHR1cmVhcHAu Y29tghJpb3dhY3VsdHVyZWFwcC5vcmeCC2lvd2FkbnIubmV0ggtpb3dhZG90Lm9y Z4IZaW93YWh1bWFuaXRpZXNjb3VuY2lsLmdvdoIYaW93YW91dGRvb3JzbWFnYXpp bmUuY29tghFpb3dhcDJpbnRlcm5zLmNvbYITaW93YXNvdXJjZXdhdGVyLm9yZ4IV aW93YXRpdGxlZ3VhcmFudHkuZ292ghxpb3dhd29ya2ZvcmNlZGV2ZWxvcG1lbnQu Z292gg1pb3dhd29ya3MuZ292gg1pb3dhd29ya3Mub3JnghlxdWVyeS5pb3dhc2V4 b2ZmZW5kZXIub3JnghByZWNvdmVyeWlvd2Eub3JnghlyZXNvdXJjZXMuaW93YWhp c3Rvcnkub3Jngg9za2lsbGVkaW93YS5vcmeCDnN0b3BodGlvd2Eub3JnghV3aGF0 ZHJpdmVzeW91aW93YS5jb22CFXdoYXRkcml2ZXN5b3Vpb3dhLm9yZ4ITd3d3LjE4 MDBiZXRzb2ZmLm9yZ4IXd3d3LmNoaWxkc3VwcG9ydC5pYS5nb3aCEXd3dy5jamlz Lmlvd2EuZ292ghd3d3cuZGlhLWhmZC5zdGF0ZS5pYS51c4ITd3d3LmRvbS5zdGF0 ZS5pYS51c4ISd3d3LmRwc2NhcmVlcnMuY29tghF3d3cuZm9vZC5pb3dhLmdvdoIV d3d3LmdvdmVsZWN0Lmlvd2EuZ292ghh3d3cuZ292ZXJub3Iuc3RhdGUuaWEudXOC Cnd3dy5pYS5nb3aCG3d3dy5pYXNjaG9vbHBlcmZvcm1hbmNlLmdvdoIbd3d3Lmlh c2Nob29scGVyZm9ybWFuY2Uub3JnghN3d3cuaWNuLnN0YXRlLmlhLnVzghN3d3cu aWlkLnN0YXRlLmlhLnVzghh3d3cuaW5mb2lvd2Euc3RhdGUuaWEudXOCGHd3dy5p bnN1cmFuY2VjYS5pb3dhLmdvdoISd3d3Lmlvd2FieXdheXMub3JnghR3d3cuaW93 YWNsZWFuYWlyLmdvdoIYd3d3Lmlvd2Fjb3VydHNvbmxpbmUuY29tghh3d3cuaW93 YWNvdXJ0c29ubGluZS5uZXSCGHd3dy5pb3dhY291cnRzb25saW5lLm9yZ4IWd3d3 Lmlvd2FjdWx0dXJlYXBwLmNvbYIWd3d3Lmlvd2FjdWx0dXJlYXBwLm9yZ4IPd3d3 Lmlvd2FkbnIuY29tgg93d3cuaW93YWRuci5uZXSCD3d3dy5pb3dhZG90Lm9yZ4IX d3d3Lmlvd2FncmVhdHBsYWNlcy5nb3aCEHd3dy5pb3dhZ3RzYi5vcmeCE3d3dy5p b3dhaGlzdG9yeS5vcmeCEHd3dy5pb3dhaHVzaC5jb22CFnd3dy5pb3dhcDJzZXJ2 aWNlcy5jb22CEHd3dy5pb3dhcmVhcC5jb22CFXd3dy5pb3dhcm9hZHNpZ25zLmNv bYIXd3d3Lmlvd2FzZXhvZmZlbmRlci5jb22CF3d3dy5pb3dhc2V4b2ZmZW5kZXIu bmV0ghd3d3cuaW93YXNleG9mZmVuZGVyLm9yZ4IYd3d3Lmlvd2FzZXhvZmZlbmRl cnMuY29tghh3d3cuaW93YXNleG9mZmVuZGVycy5uZXSCGHd3dy5pb3dhc2V4b2Zm ZW5kZXJzLm9yZ4ISd3d3LnN0b3BodGlvd2Eub3JnghB5b3VybGlmZWlvd2Eub3Jn MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA 2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGLHzneoAAABAMARzBF AiBjJxenFmTEWdFqm6FdKA5L6BY+2/VfKGgaTOJkLvwnwgIhAMUH/TbsKgLK6NsA u/iaEm5LcX3M0L83RaeDl9k3Ij+tAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGLHznetQAABAMARzBFAiEAvlfB2Wr++gLwNkjHnAZM/sLWQces gQidyPL053Nksi4CIBKEIpQJh7zkwqBJsPOyg3UxGs2/r37QSPWJlTq5aw0OMA0G CSqGSIb3DQEBCwUAA4IBAQBC+JvSqmiBaWJcr981PhhmZC74p5Wfv0C6MsPOmL1o JfvCSYxPWX8ETojFUshYs/g2S/ZSvOccOOmPwuPVpYJbcI1GdBenOb6hWFRrdtyj WN6KtH6DgCldbhzIm2yHlh8jrIRpkjEfImllTzFPf3iiyIK+VQQQXKsloy3J7MgQ UKeuGBfvJxERf/1nXTc9OTIIE4eOP2ZPuUIFgyrBctT3nEzJKLWGzUZFaIesdQlF PVYfhwmEr2tvg+jgtzPIoehHtBrbJ7dfp69kqmLbr+mCloxyvjqZOcTtihHz/N05 2Vc2lX2EYh1BXpLACxajUW3xCowpK58Gs8Zw5JY6MuIB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsurxwg0cBJSbr93wsAFq KzhUQhfYtOc6GSKcyQfgPptc3iFkKBS9ihh1zUWfCusQV/9wJZjLSwxKUxDmkFnJ QnY9yhtCci6NAusLVFP18kgP0cp19Q5QADm8PyEphEwJOTQQLUwmNy/HBPR72yv6 C/OnbEbGpKNm4QK+t7+1kwtNOmmDFlWkXsCzMQ/RWpvlwN3YMm1R0R6tsnaGHqGy /A+roMGC5EB3ZRoO+5LW/mIjl0PU2D/qQfMcfBZlx6IeJTuuCVq7GKVPMBFeg9N8 r5v8idHcilZlDE66mKirX5OuYMnCQ/VGUf35erBZ9apjW+DygWFixXcwiy7Qai3T OwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 281952720787033202039974378377264734612741 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-11 13:52:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 13:52:47 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'yourlifeiowa.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22586273669432083798378572184092488712865192109655950737350509924184228387148992290162135521404917472294993209002354498949339836766901991443046522565236252036418428593874207185524376528499643680101051704334192787940640592584085320624901775921339895477076853045878067359005105745529012157284155768472490530133906223417280690371674151066546036244964801453630719288948476873625796731610102774313603832502221609239550582450710818769885569893838539564588415646908017412401060145563616322114427639074930480837819108092857489048166648679081487483172518969501950445293831984923073728258624947341584624454351953039525533307707 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6eca9bdb442e30dbd962857d8b530b636aee0f32 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1664 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1800betsoff.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'childsupport.ia.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'coalitions.drugfreeinfo.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dpscareers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drugfreeinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drugfreeinfo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drugfreeinfo.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'educateiowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'facilitylocator.drugfreeinfo.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iahealthlink.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iaschoolperformance.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iaschoolperformance.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaattorneygeneral.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacourtsonline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacourtsonline.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacourtsonline.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacultureapp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacultureapp.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadnr.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadot.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaoutdoorsmagazine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowap2interns.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowasourcewater.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowatitleguaranty.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaworkforcedevelopment.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaworks.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaworks.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'query.iowasexoffender.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recoveryiowa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.iowahistory.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'skillediowa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stophtiowa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whatdrivesyouiowa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whatdrivesyouiowa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.1800betsoff.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.childsupport.ia.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cjis.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dia-hfd.state.ia.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dom.state.ia.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dpscareers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.food.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.govelect.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.governor.state.ia.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ia.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iaschoolperformance.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iaschoolperformance.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.icn.state.ia.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iid.state.ia.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.infoiowa.state.ia.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.insuranceca.iowa.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowabyways.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacleanair.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacourtsonline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacourtsonline.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacourtsonline.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacultureapp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowacultureapp.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadnr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadnr.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadot.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowagreatplaces.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowagtsb.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowahistory.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowahush.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowap2services.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowareap.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaroadsigns.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasexoffender.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasexoffender.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasexoffender.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasexoffenders.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasexoffenders.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasexoffenders.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stophtiowa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b1f39dea000000403004730450220632717a71664c459d16a9ba15d280e4be8163edbf55f28681a4ce2642efc27c2022100c507fd36ec2a02cae8db00bbf89a126e4b717dccd0bf3745a78397d937223fad007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b1f39deb50000040300473045022100be57c1d96afefa02f03648c79c064cfec2d641c7ac81089dc8f2f4e77364b22e0220128422940987bce4c2a049b0f3b28375311acdbfaf7ed048f589953ab96b0d0e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042f89bd2aa688169625cafdf353e1866642ef8a7959fbf40ba32c3ce98bd6825fbc2498c4f597f044e88c552c858b3f8364bf652bce71c38e98fc2e3d5a5825b708d467417a739bea158546b76dca358de8ab47e8380295d6e1cc89b6c87961f23ac846992311f2269654f314f7f78a2c882be5504105cab25a32dc9ecc81050a7ae1817ef2711117ffd675d373d39320813878e3f664fb94205832ac172d4f79c4cc928b586cd46456887ac7509453d561f870984af6b6f83e8e0b733c8a1e847b41adb27b75fa7af64aa62dbafe982968c72be3a9939c4ed8a11f3fcdd39d95736957d84621d415e92c00b16a3516df10a8c292b9f06b3c670e4963a32e201