oc.rmz.fi
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:e2:a5:99:2e:e1:a0:fe:95:92:71:2f:bd:3d:82:53:2e:bb was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=oc.rmz.fi
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e2:a5:99:2e:e1:a0:fe:95:92:71:2f:bd:3d:82:53:2e:bbSerial Number (int): 338460790711003703339000552432850317815483
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 3e:9b:af:48:0e:99:0e:67:62:56:77:30:f1:8f:d3:68:12:b9:a2:fe
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 54:da:64:91:95:0d:27:c0:a0:57:58:c7:4a:1d:7e:7c:e5:f3:d7:82
Fingerprint (sha256): cc:28:31:1a:0e:8e:7d:f1:14:ec:05:68:a6:ff:e7:a9:6a:e4:b2:ad:3b:4d:62:77:b3:ad:3b:74:1e:b4:ba:ee
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate oc.rmz.fi
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oc.rmz.fi
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oc.rmz.fi
Other certificates including the domain name rmz.fi
(limited to 100 certificates)
www.rmz.fi
git.rmz.fi
www.rmz.fi
suomi.rmz.fi
git.rmz.fi
git.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
suomi.rmz.fi
oc.rmz.fi
www.rmz.fi
lpi.rmz.fi
www.rmz.fi
mail.rmz.fi
own.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
oc.rmz.fi
oc.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
mail.rmz.fi
lpi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
sms.rmz.fi
www.rmz.fi
www.rmz.fi
oc.rmz.fi
mail.rmz.fi
www.rmz.fi
lpi.rmz.fi
mail.rmz.fi
www.rmz.fi
oc.rmz.fi
own.rmz.fi
www.rmz.fi
git.rmz.fi
lpi.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
rmz.fi
www.rmz.fi
oc.rmz.fi
git.rmz.fi
www.rmz.fi
suomi.rmz.fi
git.rmz.fi
git.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
suomi.rmz.fi
oc.rmz.fi
www.rmz.fi
lpi.rmz.fi
www.rmz.fi
mail.rmz.fi
own.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
oc.rmz.fi
oc.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
mail.rmz.fi
lpi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
sms.rmz.fi
www.rmz.fi
www.rmz.fi
oc.rmz.fi
mail.rmz.fi
www.rmz.fi
lpi.rmz.fi
mail.rmz.fi
www.rmz.fi
oc.rmz.fi
own.rmz.fi
www.rmz.fi
git.rmz.fi
lpi.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
rmz.fi
www.rmz.fi
oc.rmz.fi
Certificate
The complete raw certificate details for oc.rmz.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISA+KlmS7hoP6VknEvvT2CUy67MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA5MjUwMzE4MDBaFw0x NjEyMjQwMzE4MDBaMBQxEjAQBgNVBAMTCW9jLnJtei5maTCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBALkSuYiIAi9jRPB0p6gp0gd5/etE2/cvdsQam5vs feYLehJ35pnPagPqLJtETX7hMmrNVQ1KOkJzLp9TurFhQ5NWcEZf6qzkQE+BNWK/ E3LjSrMIM3r/FV0Seu0vbs1B/NLzMnnOO6Fu2r737Ql4P8w9flOCiR3dG1tnZzSP OYVxXzKimfyj9XWy2IbhBGwEImz0+0xeQD5FkUODPES6Dtbg8B++hnGEAv+EeiPO /pE8N/GegYzqFHOg0bAMjEmizC9bLf0qBLvZIjP7S4eroSi/4NtPx7xrQiwUHMRZ W3pU92awwYktoM7rHLoVDSgtWx4xk/qnIMbV5SZaRZZGIDdp1imiA6BxG5p9EC/W zAwAjgvKInOobPAq2KkKAhUC+PVyGJssi98UUa5Ajwt1Dj8DvbXyAF7Yj5Rnjqnq YUJ3h9VGKhUsjayFjewSdUu5K5DI8thTn96B51K5GFUgbl4japr62K9C7nZTN1T9 5GndqS/zxdFxQsmrWttWNL2DHCVgyWKLwcduOnf2UBr0BSEmBY4bVIZhUmRrW0RP GyQtwwqumPhs/Abq9xhcgzlLMQAEJBmdtQnqCca1PrJDoQBqBxGhQ+AZIuPWxAlT cYTLz1lsVFv3SL+2k8wH3Ws+CeOr1J59G3QxYtdhT0ozLWWTGQ46Wnkedeb8Ph81 xcFnAgMBAAGjggIKMIICBjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFD6br0gOmQ5n YlZ3MPGP02gSuaL+MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAG CCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMBQGA1UdEQQNMAuCCW9jLnJtei5maTCB/gYDVR0gBIH2 MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMg Q2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQ YXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNh dGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9z aXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQBMAObs0o2Cz6KGLmPpB1wY699+ocX9 UVyUkXENqPORCvlyyjbrkbx6JpzRKghy54oobuiFK+zfyRS4kA9lTLc9WUZhemUb EbZqVWQKEtv6d3G8Tt94hBn4529JFdnsk0CZqGCjzg1SJPD4ldhtFiLPRYBpF9BS pvo1tDOlqsXjYEHQWXnnMgeWuGhl91yuzvy4PzIqU6ze5mMvY/KK/g2wXmcR13Qo sDSQeG+i7Z85R/qa2iYRf0pXYZmwPgCwmO56Dq5/5KA3HwideykOiQ9SIkeAmQDX S+k1AgROjKmF4vOon1rlQjIkOwiARCHHeN8g422n/KIO7Z42r9sqhQnw -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuRK5iIgCL2NE8HSnqCnS B3n960Tb9y92xBqbm+x95gt6Enfmmc9qA+osm0RNfuEyas1VDUo6QnMun1O6sWFD k1ZwRl/qrORAT4E1Yr8TcuNKswgzev8VXRJ67S9uzUH80vMyec47oW7avvftCXg/ zD1+U4KJHd0bW2dnNI85hXFfMqKZ/KP1dbLYhuEEbAQibPT7TF5APkWRQ4M8RLoO 1uDwH76GcYQC/4R6I87+kTw38Z6BjOoUc6DRsAyMSaLML1st/SoEu9kiM/tLh6uh KL/g20/HvGtCLBQcxFlbelT3ZrDBiS2gzuscuhUNKC1bHjGT+qcgxtXlJlpFlkYg N2nWKaIDoHEbmn0QL9bMDACOC8oic6hs8CrYqQoCFQL49XIYmyyL3xRRrkCPC3UO PwO9tfIAXtiPlGeOqephQneH1UYqFSyNrIWN7BJ1S7krkMjy2FOf3oHnUrkYVSBu XiNqmvrYr0LudlM3VP3kad2pL/PF0XFCyata21Y0vYMcJWDJYovBx246d/ZQGvQF ISYFjhtUhmFSZGtbRE8bJC3DCq6Y+Gz8Bur3GFyDOUsxAAQkGZ21CeoJxrU+skOh AGoHEaFD4Bki49bECVNxhMvPWWxUW/dIv7aTzAfdaz4J46vUnn0bdDFi12FPSjMt ZZMZDjpaeR515vw+HzXFwWcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338460790711003703339000552432850317815483 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-25 03:18:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-24 03:18:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oc.rmz.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 755032552086218626577144509608934899240061322603187638759133749846664590974342965715368774139313823793434203667102843175481425124472828389495809107736423250865972440126087136333633923621169491723027264779073868179698037004181259510782215703765241481329896825693610042091855383785471709989974467494844194380829916128697128587653619453215576999747629002084660771324326076476075525099705700197477671716428912487320193084747927208794074407862688073110868955721702034684794178119672352791631323373945184362574987250620953476646773895067600458929195935311192151982917018710691392903669188670500275190901298433217853439212824776794579641515431451810231252480196444271180092100752115906486084237953172139765968063480382049621369931936743521583189490569499843880352595910999237157320199597979741633205656383490638954430078224460621698733183224761568082581323481008137511424409844773689939602371447117084058130409998789986746292843866957765461063812831272601469694244995035240879662830507653902676674739931740913618834980021017923396755814385869014548914159583535351234561992930294451514937053293075868170413380393305301814162219540895440974754202204885017701278654612445950752444610042180635546493467098268019471926633732332334865051688485223 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3e9baf480e990e6762567730f18fd36812b9a2fe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oc.rmz.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004c00e6ecd28d82cfa2862e63e9075c18ebdf7ea1c5fd515c9491710da8f3910af972ca36eb91bc7a269cd12a0872e78a286ee8852becdfc914b8900f654cb73d5946617a651b11b66a55640a12dbfa7771bc4edf788419f8e76f4915d9ec934099a860a3ce0d5224f0f895d86d1622cf45806917d052a6fa35b433a5aac5e36041d05979e7320796b86865f75caecefcb83f322a53acdee6632f63f28afe0db05e6711d77428b03490786fa2ed9f3947fa9ada26117f4a576199b03e00b098ee7a0eae7fe4a0371f089d7b290e890f522247809900d74be93502044e8ca985e2f3a89f5ae54232243b08804421c778df20e36da7fca20eed9e36afdb2a8509f0