nav.tw
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:bd:5b:c2:9a:72:a1:65:e7:07:26:a8:38:c7:ce:1d:40:33 was issued on by Let's Encrypt.
With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nav.tw
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bd:5b:c2:9a:72:a1:65:e7:07:26:a8:38:c7:ce:1d:40:33Serial Number (int): 325772195329118132403514648368331949424691
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6f:f4:6f:b7:2b:e2:e9:c2:14:e1:e9:4c:b3:2a:42:8b:a2:dc:3d:86
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 84:d5:d2:f2:d1:76:8e:b0:8b:50:98:bd:04:b9:f9:19:53:43:bc:4d
Fingerprint (sha256): c4:de:39:af:d8:a5:d8:26:9d:77:69:ec:36:6e:b3:cd:c0:17:e3:db:1b:ea:85:8f:80:3a:4d:fc:bf:9b:68:7c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate nav.tw
23
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nav.tw
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
1e.nav.tw
ayu.nav.tw
beards.nav.tw
chin-huei.com.tw
chinhuei.nav.tw
demo.nav.tw
fullhouse.nav.tw
mail.chin-huei.com.tw
mail.nav.tw
mail.pash.com.tw
nav.tw
pash.com.tw
pash.nav.tw
www.1e.nav.tw
www.ayu.nav.tw
www.beards.nav.tw
www.chin-huei.com.tw
www.chinhuei.nav.tw
www.demo.nav.tw
www.fullhouse.nav.tw
www.nav.tw
www.pash.com.tw
www.pash.nav.tw
ayu.nav.tw
beards.nav.tw
chin-huei.com.tw
chinhuei.nav.tw
demo.nav.tw
fullhouse.nav.tw
mail.chin-huei.com.tw
mail.nav.tw
mail.pash.com.tw
nav.tw
pash.com.tw
pash.nav.tw
www.1e.nav.tw
www.ayu.nav.tw
www.beards.nav.tw
www.chin-huei.com.tw
www.chinhuei.nav.tw
www.demo.nav.tw
www.fullhouse.nav.tw
www.nav.tw
www.pash.com.tw
www.pash.nav.tw
Other certificates including the domain name nav.tw
(limited to 100 certificates)
nav.tw
1e.nav.tw
pc-followme.idv.tw
nav.tw
nav.tw
nav.tw
pash.com.tw
nav.tw
pc-followme.idv.tw
pc-followme.idv.tw
pc-followme.idv.tw
1e.nav.tw
nav.dmsuper.com
nav.tw
nav.tw
pash.com.tw
pash.com.tw
nav.tw
nav.tw
nav.tw
morestone.nav.tw
1e.nav.tw
nav.tw
pash.com.tw
nav.tw
nav.tw
pc-followme.idv.tw
pash.com.tw
1e.nav.tw
pc-followme.idv.tw
nav.tw
nav.tw
nav.tw
pash.com.tw
nav.tw
pc-followme.idv.tw
pc-followme.idv.tw
pc-followme.idv.tw
1e.nav.tw
nav.dmsuper.com
nav.tw
nav.tw
pash.com.tw
pash.com.tw
nav.tw
nav.tw
nav.tw
morestone.nav.tw
1e.nav.tw
nav.tw
pash.com.tw
nav.tw
nav.tw
pc-followme.idv.tw
pash.com.tw
Certificate
The complete raw certificate details for nav.tw in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHZzCCBk+gAwIBAgISA71bwppyoWXnByaoOMfOHUAzMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MDQyMTQ5NDhaFw0x ODEwMDIyMTQ5NDhaMBExDzANBgNVBAMTBm5hdi50dzCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAL1aYTIzkLQyJXM2nQ027DL+KtquLhWnxQBv56J5pZ3C 6RTNow5uFIGHc1M3jq8tKy6wC/MAWaHHQxnA+eyKDXxQNe6u/47v8ps/cgWc3xnp Uhg2dQZwXEcjfQuv2R1KDlgF15kVbTm3cfdt8ziSVp1t/7IAaxcZNpxUHBt0TtsZ 9ZLMGIt0zLPVfItZIsRHTCQzPi1uNA1rfe+T7Q7pIiJMVCWpe1fui4NyBX0iKT+k 6GFUbw6J6skuQx0ks7Z0FpTpnwSDJR5Bx8ALQLDnHdBFN9dIXhPko6BcI932iZAA MS8l/nnKTdlvfSUdmX3Q1Wc2zU2jy/o/kBqO5/h+g30CAwEAAaOCBH4wggR6MA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUb/Rvtyvi6cIU4elMsypCi6LcPYYwHwYDVR0j BBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsG AQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsG AQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzCCAX8G A1UdEQSCAXYwggFyggkxZS5uYXYudHeCCmF5dS5uYXYudHeCDWJlYXJkcy5uYXYu dHeCEGNoaW4taHVlaS5jb20udHeCD2NoaW5odWVpLm5hdi50d4ILZGVtby5uYXYu dHeCEGZ1bGxob3VzZS5uYXYudHeCFW1haWwuY2hpbi1odWVpLmNvbS50d4ILbWFp bC5uYXYudHeCEG1haWwucGFzaC5jb20udHeCBm5hdi50d4ILcGFzaC5jb20udHeC C3Bhc2gubmF2LnR3gg13d3cuMWUubmF2LnR3gg53d3cuYXl1Lm5hdi50d4IRd3d3 LmJlYXJkcy5uYXYudHeCFHd3dy5jaGluLWh1ZWkuY29tLnR3ghN3d3cuY2hpbmh1 ZWkubmF2LnR3gg93d3cuZGVtby5uYXYudHeCFHd3dy5mdWxsaG91c2UubmF2LnR3 ggp3d3cubmF2LnR3gg93d3cucGFzaC5jb20udHeCD3d3dy5wYXNoLm5hdi50dzCB /gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYB BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCB ngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkg UmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUg Q2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQu b3JnL3JlcG9zaXRvcnkvMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA23Sv7ssp 7LH+yj5xbSzluaq7NveEcYPHXZ1PN7Yfv2QAAAFkZ3zKQwAABAMARzBFAiAeJBp9 U5E4Hd8QDHu/PUS+W3AXZsqLKkuCwiwiYW5FqAIhAN/4jGHGygh9otJ9LFjgPCdB UvuH9b0QicOEWozYD0xlAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH 9HgAAAFkZ3zKVgAABAMARzBFAiEAinB2ckr9H216zGAQCQKNH95yPtF97vnMnDKB WSzVzLACIEwVzO7pngeCq7a/oEMFHrzE9sYOznfrN6hz5nKznXQvMA0GCSqGSIb3 DQEBCwUAA4IBAQCWqKqs582gJzE4jH7cDtck905ry324s4P+63lLXKnlZDV92hf0 IxIpnh3T1LTLdBnKbk2cOJg89eWuJooOJGU7dq1PyK+YvoS+0/97RW8E8kFck6oB J8+nJ2MU2AdnLlBfYhovAahIjOjB6H6SllmNf3ja3Ly1mlM1xIrQ3BM3UUh1xFJk RUTI3wbqSVcFpPfd+EWsHvPkKpvKBQ7aa9IpFblrQE6On3CDEY8c4IcSrcby0QDB McdJOvzU0YEC9YOXaEsVMrGmrw3DWC5PTR67P9ef+Tf7vWmHn+PwbxOzuRF2opgJ EeIwrfV3ZLPgY8PVT4hnNBkIXStFLUQMvqQX -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVphMjOQtDIlczadDTbs Mv4q2q4uFafFAG/nonmlncLpFM2jDm4UgYdzUzeOry0rLrAL8wBZocdDGcD57IoN fFA17q7/ju/ymz9yBZzfGelSGDZ1BnBcRyN9C6/ZHUoOWAXXmRVtObdx923zOJJW nW3/sgBrFxk2nFQcG3RO2xn1kswYi3TMs9V8i1kixEdMJDM+LW40DWt975PtDuki IkxUJal7V+6Lg3IFfSIpP6ToYVRvDonqyS5DHSSztnQWlOmfBIMlHkHHwAtAsOcd 0EU310heE+SjoFwj3faJkAAxLyX+ecpN2W99JR2ZfdDVZzbNTaPL+j+QGo7n+H6D fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325772195329118132403514648368331949424691 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-04 21:49:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-02 21:49:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nav.tw' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23903607516045496363712804099168735364286558046720493421928846341597972670992690144535803485828884380758503328374704442065292010309797260782366471221059260269863399449207086890018182789726214058060554083191315506968403008157252697081280425717272429578654501995427614457833802063816533660552199231878937401471696800127044150964106686679681051233977064323556377687083955155087648004836913699635279602557134858093821618877295408767972775811120305738456325579597950282633448531604779388799271418549742351773162363909964549522148699456801575184272240965645199958412918251409760506420321010367020616550819681152091432059773 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6ff46fb72be2e9c214e1e94cb32a428ba2dc3d86 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (374 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1e.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ayu.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beards.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chin-huei.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chinhuei.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fullhouse.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.chin-huei.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.pash.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pash.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pash.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.1e.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ayu.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.beards.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chin-huei.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chinhuei.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.demo.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fullhouse.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nav.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pash.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pash.nav.tw' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000164677cca43000004030047304502201e241a7d5391381ddf100c7bbf3d44be5b701766ca8b2a4b82c22c22616e45a8022100dff88c61c6ca087da2d27d2c58e03c274152fb87f5bd1089c3845a8cd80f4c65007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000164677cca5600000403004730450221008a7076724afd1f6d7acc601009028d1fde723ed17deef9cc9c3281592cd5ccb002204c15cceee99e0782abb6bfa043051ebcc4f6c60ece77eb37a873e672b39d742f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0096a8aaace7cda02731388c7edc0ed724f74e6bcb7db8b383feeb794b5ca9e564357dda17f42312299e1dd3d4b4cb7419ca6e4d9c38983cf5e5ae268a0e24653b76ad4fc8af98be84bed3ff7b456f04f2415c93aa0127cfa7276314d807672e505f621a2f01a8488ce8c1e87e9296598d7f78dadcbcb59a5335c48ad0dc1337514875c452644544c8df06ea495705a4f7ddf845ac1ef3e42a9bca050eda6bd22915b96b404e8e9f7083118f1ce08712adc6f2d100c131c7493afcd4d18102f58397684b1532b1a6af0dc3582e4f4d1ebb3fd79ff937fbbd69879fe3f06f13b3b91176a2980911e230adf57764b3e063c3d54f88673419085d2b452d440cbea417