yourlifeiowa.com

Issued by R3

About this certificate

This digital certificate with serial number 03:2d:90:55:46:0b:e1:84:be:ac:ce:db:90:6c:1d:4a:42:26 was issued on by Let's Encrypt.

With 96 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=yourlifeiowa.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:2d:90:55:46:0b:e1:84:be:ac:ce:db:90:6c:1d:4a:42:26
Serial Number (int): 276841415904058950790899335704342988210726
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: e6:b5:d7:40:aa:b8:cc:9a:73:2c:b1:94:9f:89:36:59:f7:e9:8c:dd
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 70:78:8e:b4:71:c4:5e:aa:4a:07:55:e7:f2:4f:c7:12:ef:76:8d:bc
Fingerprint (sha256): c0:53:48:77:b6:f2:75:13:4c:30:b8:7f:79:3c:51:e5:a3:94:24:26:60:b9:bd:3a:1d:65:9f:7d:9a:9a:2e:71

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate yourlifeiowa.com

96

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for yourlifeiowa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

app.iowastem.org
i-pact.com
internal.courts.iowa.gov
iowaabd.com
iowaagriculture.gov
iowaartscouncil.org
iowacleanair.gov
iowadnr.com
iowadrivingav.org
iowagrants.gov
iowagreatplaces.gov
iowahistory.org
iowahumanitiescouncil.com
iowahumanitiescouncil.org
iowahush.com
iowaintex.gov
iowalmi.gov
iowamissingpersons.com
iowamissingpersons.gov
iowaopiodhelp.com
iowaopioidhelp.com
iowaopioidhelp.org
iowap2services.com
iowareap.com
iowasmokefreeair.gov
iowastem.org
iowastics.com
iowiki.iowaintex.gov
mtest.ialottery.com
onsiteiowa.com
p2infohouse.org
recognizeandreport.org
resultsiowa.org
safeandsoundiowa.com
safeandsoundiowa.gov
safeandsoundiowa.org
safearoundsemis.com
test.ialottery.com
test.icaps.iowacollegeaid.gov
test.iowaintex.gov
voterreadyiowa.org
webapp.iecdb.iowa.gov
www.broadband.iowa.gov
www.coaching.iowa.gov
www.cultureiowa.com
www.cultureiowa.org
www.devertservices.iowadot.gov
www.dlphoto.iowadot.gov
www.envpermits.iowadot.gov
www.ertservices.iowadot.gov
www.historicalphotos.iowadot.gov
www.i-pact.com
www.iahealthlink.gov
www.iowaagriculture.gov
www.iowadrivingav.org
www.iowagreatplaces.com
www.iowagreatplaces.org
www.iowaintex.gov
www.iowalmi.gov
www.iowamissingpersons.com
www.iowamissingpersons.gov
www.iowaoutdoorsmagazine.com
www.iowap2interns.com
www.iowasmokefreeair.gov
www.iowasourcewater.org
www.iowastatepatrol.net
www.iowastatepatrol.org
www.iowastem.org
www.iowastics.com
www.iowatitleguaranty.gov
www.jobs.iowa.gov
www.licensediniowa.gov
www.majorprojects.iowadot.gov
www.maple.iowadot.gov
www.mtmug.iowadot.gov
www.mydotdocs.iowadot.gov
www.onsiteiowa.com
www.p2infohouse.org
www.produceiowa.com
www.produceiowa.net
www.produceiowa.org
www.recognizeandreport.org
www.recoveryiowa.org
www.resultsiowa.org
www.safearoundsemis.com
www.safeathome.iowa.gov
www.testertservices.iowadot.gov
www.thefilmlounge.org
www.tmcdashboard.iowadot.gov
www.tmcservice.iowadot.gov
www.voterreadyiowa.org
www.yourlifeiowa.com
www.yourlifeiowa.net
www.yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.net

Other certificates including the domain name yourlifeiowa.com

(limited to 100 certificates)
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.envoystaging.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.envoystaging.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com

Certificate

The complete raw certificate details for yourlifeiowa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIINJDCCDAygAwIBAgISAy2QVUYL4YS+rM7bkGwdSkImMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MjgxODM3NDJaFw0yMzEyMjcxODM3NDFaMBsxGTAXBgNVBAMT
EHlvdXJsaWZlaW93YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPyLkipD2LCNwF+9gd5K4OJQJx2v03z6kzUp0okQ7fk5OL1Fwal8xm1j9CRYK0
l3rNsKNEKU/puMaUPUnbd31J5GLFWVmcvtwGkXp3srT3IdcML50jWyPODQiqvjXd
TEo5zCsBwtCIb6aotuPvaLKi9w9qhQmfAHUSqgwUWd5v3bOhtJNVyLjF/GHyisX/
08c0P+XeskuRTNCn2sElUqOchuvZNAFfX5XG9Qf+fGdWhZgDZQcdPRT+v8+N3BZ6
WVRIeWyfLllB3j2RorHZc+UU9T6+Z8LFO42BAl+ZBG2uSCJNBCv/52i2aMV13O9N
XJeCao8GNu0Rj2F4VX3WWdapAgMBAAGjggpJMIIKRTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFOa110CquMyacyyxlJ+JNln36YzdMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMIIIUQYDVR0RBIIISDCCCESCEGFwcC5pb3dhc3RlbS5vcmeCCmktcGFjdC5j
b22CGGludGVybmFsLmNvdXJ0cy5pb3dhLmdvdoILaW93YWFiZC5jb22CE2lvd2Fh
Z3JpY3VsdHVyZS5nb3aCE2lvd2FhcnRzY291bmNpbC5vcmeCEGlvd2FjbGVhbmFp
ci5nb3aCC2lvd2FkbnIuY29tghFpb3dhZHJpdmluZ2F2Lm9yZ4IOaW93YWdyYW50
cy5nb3aCE2lvd2FncmVhdHBsYWNlcy5nb3aCD2lvd2FoaXN0b3J5Lm9yZ4IZaW93
YWh1bWFuaXRpZXNjb3VuY2lsLmNvbYIZaW93YWh1bWFuaXRpZXNjb3VuY2lsLm9y
Z4IMaW93YWh1c2guY29tgg1pb3dhaW50ZXguZ292ggtpb3dhbG1pLmdvdoIWaW93
YW1pc3NpbmdwZXJzb25zLmNvbYIWaW93YW1pc3NpbmdwZXJzb25zLmdvdoIRaW93
YW9waW9kaGVscC5jb22CEmlvd2FvcGlvaWRoZWxwLmNvbYISaW93YW9waW9pZGhl
bHAub3JnghJpb3dhcDJzZXJ2aWNlcy5jb22CDGlvd2FyZWFwLmNvbYIUaW93YXNt
b2tlZnJlZWFpci5nb3aCDGlvd2FzdGVtLm9yZ4INaW93YXN0aWNzLmNvbYIUaW93
aWtpLmlvd2FpbnRleC5nb3aCE210ZXN0LmlhbG90dGVyeS5jb22CDm9uc2l0ZWlv
d2EuY29tgg9wMmluZm9ob3VzZS5vcmeCFnJlY29nbml6ZWFuZHJlcG9ydC5vcmeC
D3Jlc3VsdHNpb3dhLm9yZ4IUc2FmZWFuZHNvdW5kaW93YS5jb22CFHNhZmVhbmRz
b3VuZGlvd2EuZ292ghRzYWZlYW5kc291bmRpb3dhLm9yZ4ITc2FmZWFyb3VuZHNl
bWlzLmNvbYISdGVzdC5pYWxvdHRlcnkuY29tgh10ZXN0LmljYXBzLmlvd2Fjb2xs
ZWdlYWlkLmdvdoISdGVzdC5pb3dhaW50ZXguZ292ghJ2b3RlcnJlYWR5aW93YS5v
cmeCFXdlYmFwcC5pZWNkYi5pb3dhLmdvdoIWd3d3LmJyb2FkYmFuZC5pb3dhLmdv
doIVd3d3LmNvYWNoaW5nLmlvd2EuZ292ghN3d3cuY3VsdHVyZWlvd2EuY29tghN3
d3cuY3VsdHVyZWlvd2Eub3Jngh53d3cuZGV2ZXJ0c2VydmljZXMuaW93YWRvdC5n
b3aCF3d3dy5kbHBob3RvLmlvd2Fkb3QuZ292ghp3d3cuZW52cGVybWl0cy5pb3dh
ZG90LmdvdoIbd3d3LmVydHNlcnZpY2VzLmlvd2Fkb3QuZ292giB3d3cuaGlzdG9y
aWNhbHBob3Rvcy5pb3dhZG90LmdvdoIOd3d3LmktcGFjdC5jb22CFHd3dy5pYWhl
YWx0aGxpbmsuZ292ghd3d3cuaW93YWFncmljdWx0dXJlLmdvdoIVd3d3Lmlvd2Fk
cml2aW5nYXYub3Jnghd3d3cuaW93YWdyZWF0cGxhY2VzLmNvbYIXd3d3Lmlvd2Fn
cmVhdHBsYWNlcy5vcmeCEXd3dy5pb3dhaW50ZXguZ292gg93d3cuaW93YWxtaS5n
b3aCGnd3dy5pb3dhbWlzc2luZ3BlcnNvbnMuY29tghp3d3cuaW93YW1pc3Npbmdw
ZXJzb25zLmdvdoIcd3d3Lmlvd2FvdXRkb29yc21hZ2F6aW5lLmNvbYIVd3d3Lmlv
d2FwMmludGVybnMuY29tghh3d3cuaW93YXNtb2tlZnJlZWFpci5nb3aCF3d3dy5p
b3dhc291cmNld2F0ZXIub3Jnghd3d3cuaW93YXN0YXRlcGF0cm9sLm5ldIIXd3d3
Lmlvd2FzdGF0ZXBhdHJvbC5vcmeCEHd3dy5pb3dhc3RlbS5vcmeCEXd3dy5pb3dh
c3RpY3MuY29tghl3d3cuaW93YXRpdGxlZ3VhcmFudHkuZ292ghF3d3cuam9icy5p
b3dhLmdvdoIWd3d3LmxpY2Vuc2VkaW5pb3dhLmdvdoIdd3d3Lm1ham9ycHJvamVj
dHMuaW93YWRvdC5nb3aCFXd3dy5tYXBsZS5pb3dhZG90LmdvdoIVd3d3Lm10bXVn
Lmlvd2Fkb3QuZ292ghl3d3cubXlkb3Rkb2NzLmlvd2Fkb3QuZ292ghJ3d3cub25z
aXRlaW93YS5jb22CE3d3dy5wMmluZm9ob3VzZS5vcmeCE3d3dy5wcm9kdWNlaW93
YS5jb22CE3d3dy5wcm9kdWNlaW93YS5uZXSCE3d3dy5wcm9kdWNlaW93YS5vcmeC
Gnd3dy5yZWNvZ25pemVhbmRyZXBvcnQub3JnghR3d3cucmVjb3Zlcnlpb3dhLm9y
Z4ITd3d3LnJlc3VsdHNpb3dhLm9yZ4IXd3d3LnNhZmVhcm91bmRzZW1pcy5jb22C
F3d3dy5zYWZlYXRob21lLmlvd2EuZ292gh93d3cudGVzdGVydHNlcnZpY2VzLmlv
d2Fkb3QuZ292ghV3d3cudGhlZmlsbWxvdW5nZS5vcmeCHHd3dy50bWNkYXNoYm9h
cmQuaW93YWRvdC5nb3aCGnd3dy50bWNzZXJ2aWNlLmlvd2Fkb3QuZ292ghZ3d3cu
dm90ZXJyZWFkeWlvd2Eub3JnghR3d3cueW91cmxpZmVpb3dhLmNvbYIUd3d3Lnlv
dXJsaWZlaW93YS5uZXSCFHd3dy55b3VybGlmZWlvd2Eub3JnghB5b3VybGlmZWlv
d2EuY29tghB5b3VybGlmZWlvd2EubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB
AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAtz77JN+cTbp18jnFulj0bF38Qs96nzXE
nh0JgSXttJkAAAGK3UwJhQAABAMARjBEAiBFiAi25oKmy/Qle05Lfi2MYICYO3ps
6+aTiOG8UspjxwIgE32QRdIqBuzGvtnNkHUDaIsWn/8EJGdK+86Rnf20fYUAdgB6
MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYrdTAmRAAAEAwBHMEUC
IQCek3NN1T2R9sW7K1YF8EJZ5uJmlhtZtvrXkekIhs6iOgIgBqPXET63kYrCXX9S
jPGMpyZ5CmRQRsmS7Dxe5JCDIT0wDQYJKoZIhvcNAQELBQADggEBAGLKZiIW5bxC
L9f0N+RYB2NDZHG0otITBhG9zT13FzWTTowDCHCKQRZSgbFD+WZt27PgkfMqXFkw
Tw2SlGBI8bELqEYQ2eGAgE+1ghYJsEaPqDpxzSjuCpC1u8NRIc1Do3Fa3ymF6pUB
xMUDfsLOhMrtAGu0+JL8dqkab+4JH34JVuvBaXuZVyyIfwdr8hQ2XduBvVDqrdXS
XibbTLt35h3i9JYCe/h0DZ2EQPp3RxjzHjB/FBw2oX7vo32go5f7XEvRVmkB5Twu
IC8DwLtTAilpI9VQdG+Nfs6vk0ijREbQcIApaKfk7xfAwmmCQmo+8yfkj2psPa+2
yVaGZpRc1B8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8i5IqQ9iwjcBfvYHeSu
DiUCcdr9N8+pM1KdKJEO35OTi9RcGpfMZtY/QkWCtJd6zbCjRClP6bjGlD1J23d9
SeRixVlZnL7cBpF6d7K09yHXDC+dI1sjzg0Iqr413UxKOcwrAcLQiG+mqLbj72iy
ovcPaoUJnwB1EqoMFFneb92zobSTVci4xfxh8orF/9PHND/l3rJLkUzQp9rBJVKj
nIbr2TQBX1+VxvUH/nxnVoWYA2UHHT0U/r/PjdwWellUSHlsny5ZQd49kaKx2XPl
FPU+vmfCxTuNgQJfmQRtrkgiTQQr/+dotmjFddzvTVyXgmqPBjbtEY9heFV91lnW
qQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 276841415904058950790899335704342988210726
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 18:37:42 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-27 18:37:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'yourlifeiowa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26230309419463893664024846507207753026744953379627034615844561141865608507517201368069494377747133035185025673812116131273388599670385211060335206520066744192489735771117381625681126373901377663742763529219809765087886716914401117898295504166333893472276765949200320771257088436505383929749394519115591313394700752745664786577250974586002819417476873074626037193859753077022554343916929422960519229412904682542449718223623323876749796531374011763307454928823308505113349505265272622886340766153484765714831435185979372162624031524263779635525255596306590475461677493988323605521398601373484401299622877526110131312297
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e6b5d740aab8cc9a732cb1949f893659f7e98cdd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'i-pact.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.courts.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaabd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaagriculture.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaartscouncil.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacleanair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadnr.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadrivingav.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowagreatplaces.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahistory.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahush.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowalmi.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowamissingpersons.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowamissingpersons.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopiodhelp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopioidhelp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopioidhelp.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowap2services.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowareap.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowasmokefreeair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowastics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowiki.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtest.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onsiteiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p2infohouse.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recognizeandreport.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resultsiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safearoundsemis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.icaps.iowacollegeaid.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voterreadyiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapp.iecdb.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.broadband.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.coaching.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cultureiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cultureiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.devertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dlphoto.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.envpermits.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.historicalphotos.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.i-pact.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iahealthlink.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaagriculture.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadrivingav.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowagreatplaces.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowagreatplaces.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowalmi.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowamissingpersons.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowamissingpersons.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaoutdoorsmagazine.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowap2interns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasmokefreeair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasourcewater.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastatepatrol.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastatepatrol.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowatitleguaranty.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jobs.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.licensediniowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.majorprojects.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maple.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mtmug.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mydotdocs.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onsiteiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.p2infohouse.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.produceiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.produceiowa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.produceiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.recognizeandreport.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.recoveryiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.resultsiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.safearoundsemis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.safeathome.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thefilmlounge.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tmcdashboard.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tmcservice.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.voterreadyiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018add4c098500000403004630440220458808b6e682a6cbf4257b4e4b7e2d8c6080983b7a6cebe69388e1bc52ca63c70220137d9045d22a06ecc6bed9cd907503688b169fff0424674afbce919dfdb47d850076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018add4c099100000403004730450221009e93734dd53d91f6c5bb2b5605f04259e6e266961b59b6fad791e90886cea23a022006a3d7113eb7918ac25d7f528cf18ca726790a645046c992ec3c5ee49083213d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0062ca662216e5bc422fd7f437e4580763436471b4a2d2130611bdcd3d771735934e8c0308708a41165281b143f9666ddbb3e091f32a5c59304f0d92946048f1b10ba84610d9e180804fb5821609b0468fa83a71cd28ee0a90b5bbc35121cd43a3715adf2985ea9501c4c5037ec2ce84caed006bb4f892fc76a91a6fee091f7e0956ebc1697b99572c887f076bf214365ddb81bd50eaadd5d25e26db4cbb77e61de2f496027bf8740d9d8440fa774718f31e307f141c36a17eefa37da0a397fb5c4bd1566901e53c2e202f03c0bb5302296923d550746f8d7eceaf9348a34446d070802968a7e4ef17c0c26982426a3ef327e48f6a6c3dafb6c9568666945cd41f