oc.rmz.fi
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:bc:f4:8c:56:cf:ac:c5:7b:cf:ba:2b:54:fa:09:06:f1:19 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=oc.rmz.fi
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bc:f4:8c:56:cf:ac:c5:7b:cf:ba:2b:54:fa:09:06:f1:19Serial Number (int): 325635003089689811139097725997632354447641
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 32:72:0f:27:d3:48:8f:34:c1:3c:d8:4f:94:12:d1:56:c7:41:e6:41
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 6c:b5:a4:e5:6a:9a:e3:59:94:98:88:37:14:49:07:78:bf:7d:e8:af
Fingerprint (sha256): d3:46:91:58:01:b5:f2:76:bb:4a:6e:06:08:8a:48:e8:7c:67:06:c2:50:30:7a:48:41:aa:1e:08:b7:dc:e6:ab
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate oc.rmz.fi
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oc.rmz.fi
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oc.rmz.fi
Other certificates including the domain name rmz.fi
(limited to 100 certificates)
www.rmz.fi
git.rmz.fi
www.rmz.fi
suomi.rmz.fi
git.rmz.fi
git.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
suomi.rmz.fi
oc.rmz.fi
www.rmz.fi
lpi.rmz.fi
www.rmz.fi
mail.rmz.fi
own.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
oc.rmz.fi
oc.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
mail.rmz.fi
lpi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
sms.rmz.fi
www.rmz.fi
www.rmz.fi
oc.rmz.fi
mail.rmz.fi
www.rmz.fi
lpi.rmz.fi
mail.rmz.fi
www.rmz.fi
oc.rmz.fi
own.rmz.fi
www.rmz.fi
git.rmz.fi
lpi.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
rmz.fi
www.rmz.fi
oc.rmz.fi
git.rmz.fi
www.rmz.fi
suomi.rmz.fi
git.rmz.fi
git.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
suomi.rmz.fi
oc.rmz.fi
www.rmz.fi
lpi.rmz.fi
www.rmz.fi
mail.rmz.fi
own.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
own.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
oc.rmz.fi
oc.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
lpi.rmz.fi
suomi.rmz.fi
mail.rmz.fi
lpi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
git.rmz.fi
mail.rmz.fi
sms.rmz.fi
www.rmz.fi
www.rmz.fi
oc.rmz.fi
mail.rmz.fi
www.rmz.fi
lpi.rmz.fi
mail.rmz.fi
www.rmz.fi
oc.rmz.fi
own.rmz.fi
www.rmz.fi
git.rmz.fi
lpi.rmz.fi
www.rmz.fi
suomi.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
www.rmz.fi
rmz.fi
www.rmz.fi
oc.rmz.fi
Certificate
The complete raw certificate details for oc.rmz.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISA7z0jFbPrMV7z7orVPoJBvEZMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA3MjYxOTE3MDBaFw0x NjEwMjQxOTE3MDBaMBQxEjAQBgNVBAMTCW9jLnJtei5maTCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBAKHdibHDkoCBxPC2yG+XYR1aVrYll1SmrivuR7dh ZoNc0JJJlyzHO8ipM5745ZO5Oh2PMwwhMtzrQo+YXJ2ra2DrQ4X7MoCI5SkOBO3L c/daOZYqH8uS80PlrRO8NUZTue0KC7AUYdQAzzkrpfpXbw1Y/JnjivFo739Keury qhpO3c0D6v1V4UcV5nXV8GaeyHiyajW7TSdOs+a7276PfWtmyzFnbey9Yf2Jz+o8 9lBkkbc6DlEgENgjLaFQBQ7j5seWSlo7DC5uiLGqcnCWRfEv4mFgfTzHNzqF+mLm XUhmODtIRj0sKMGVhFYUCjnZCaWfwTj14eVRD9J43mLN04Ve/DFXqrPLF9TJmRTw u17JsBgijzLiLY+5MowMsACay6BEe3eG7nAu5nx1e507C5FBnIix3mN+BhcakkLr 2VDhcVwIfWNoqVCAqHjtRCtvmiO2ILmgCZsN87V8f2b1HSva+oQII8k9tacPUQyq VFGcfHbvweYcq2K5cH3Kqt7AH/ARVgChnCFTsL/IHNw8BHZlj8U9AakuSI9rwJwJ UuSrrS4Fj3S5/SfGtJDf3YbOjnCA5AzxPGnBg8E+kvUxaLN+GgSlQe0NYk/dyNRR 1GR6ymd6EYnxdFAg80gr8GpEU1/0I6qLmGkWoTWvwMZImZpx++eci8FbSBNML6U6 TVoFAgMBAAGjggIKMIICBjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDJyDyfTSI80 wTzYT5QS0VbHQeZBMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAG CCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5s ZXRzZW5jcnlwdC5vcmcvMBQGA1UdEQQNMAuCCW9jLnJtei5maTCB/gYDVR0gBIH2 MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMg Q2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQ YXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNh dGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9z aXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQBWCYnjzpS4RBorFbAF5K8XKOZPMH0+ YbeoIzLacL29KcRBzP/J9jvdnICCNj3kOHlGiDzwHD/oxEClHZ7+3EEAc0cGqYVl ij/XKT/sd3tVic+yPaGfmEmgoAi1L7oOpmuLQru5ViRt/+MkMrlUFw+63/zZrg9r EdVpRrOes+ODq75ZSiM5oP0SFosPUjOSPUSNDAjhQAhC2JVlxk0Mh/0HObOG2s5E hJV384QHApe04kYjhmtaqrJa8kVPaPNs5IKiX2DkQ3NDGJP1yyhVu5NNed+uWOoX g+aMFYO/oiIcUWuSxAhrzggS65QNo3ZXeaZuA05JqGj00xhMIQ7d740o -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAod2JscOSgIHE8LbIb5dh HVpWtiWXVKauK+5Ht2Fmg1zQkkmXLMc7yKkznvjlk7k6HY8zDCEy3OtCj5hcnatr YOtDhfsygIjlKQ4E7ctz91o5liofy5LzQ+WtE7w1RlO57QoLsBRh1ADPOSul+ldv DVj8meOK8Wjvf0p66vKqGk7dzQPq/VXhRxXmddXwZp7IeLJqNbtNJ06z5rvbvo99 a2bLMWdt7L1h/YnP6jz2UGSRtzoOUSAQ2CMtoVAFDuPmx5ZKWjsMLm6IsapycJZF 8S/iYWB9PMc3OoX6YuZdSGY4O0hGPSwowZWEVhQKOdkJpZ/BOPXh5VEP0njeYs3T hV78MVeqs8sX1MmZFPC7XsmwGCKPMuItj7kyjAywAJrLoER7d4bucC7mfHV7nTsL kUGciLHeY34GFxqSQuvZUOFxXAh9Y2ipUICoeO1EK2+aI7YguaAJmw3ztXx/ZvUd K9r6hAgjyT21pw9RDKpUUZx8du/B5hyrYrlwfcqq3sAf8BFWAKGcIVOwv8gc3DwE dmWPxT0BqS5Ij2vAnAlS5KutLgWPdLn9J8a0kN/dhs6OcIDkDPE8acGDwT6S9TFo s34aBKVB7Q1iT93I1FHUZHrKZ3oRifF0UCDzSCvwakRTX/QjqouYaRahNa/AxkiZ mnH755yLwVtIE0wvpTpNWgUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325635003089689811139097725997632354447641 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-07-26 19:17:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-24 19:17:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oc.rmz.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 660353146716613515607441915543742716911139013350356452046771474211484695124569022526229590957653583708626930372899971865302579853275649311970855402405217386921098147035081271597734946296323763205215433464454470871428729834659462366081458040513855304575414168312979402812979457842760919884544083131537387774343402941000862672401111838889836601840886670298171939074503805410486037725405466446225508672192415804269014160988961690149339361429495664661789957174667449425247468762936211859994832560236758976291354650132804166788181643173078502351983045070306027672149687464117049329768859997974279880511531671826369600293476952204975617586997927982546324369030681958891415454230024846228823685852916712560959003199649502687176892627506845798083239862495841293202864752553279488929867577401080307541947433829275783218099880999272167467078721483404174595767772817468400274878262499896419707515304975368094405355676036480154980533840981199717478285229139439849617021449561038739535328758180311522360304852155048176123546581205864940025407366367441949835129360786847205617503737551306243708618378856783726720793419543910714861261738997527217098743735885148107931325292953720872903653309359226564760568415597868436868958855005080963467749186053 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 32720f27d3488f34c13cd84f9412d156c741e641 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oc.rmz.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00560989e3ce94b8441a2b15b005e4af1728e64f307d3e61b7a82332da70bdbd29c441ccffc9f63bdd9c8082363de4387946883cf01c3fe8c440a51d9efedc4100734706a985658a3fd7293fec777b5589cfb23da19f9849a0a008b52fba0ea66b8b42bbb956246dffe32432b954170fbadffcd9ae0f6b11d56946b39eb3e383abbe594a2339a0fd12168b0f5233923d448d0c08e1400842d89565c64d0c87fd0739b386dace44849577f384070297b4e24623866b5aaab25af2454f68f36ce482a25f60e44373431893f5cb2855bb934d79dfae58ea1783e68c1583bfa2221c516b92c4086bce0812eb940da3765779a66e034e49a868f4d3184c210eddef8d28