tzoleipzig.de
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:8b:6a:ac:b5:6d:13:58:ab:a2:e0:c2:b8:21:7e:a5:21:e9 was issued on by Let's Encrypt.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=tzoleipzig.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8b:6a:ac:b5:6d:13:58:ab:a2:e0:c2:b8:21:7e:a5:21:e9Serial Number (int): 308777901719662050820355807730508283322857
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: da:09:75:62:3c:ee:2f:8b:91:65:bc:be:ee:fe:83:15:a8:f2:bf:c3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 30:f5:5a:d5:79:b1:bb:6a:55:9c:a9:05:26:2a:33:13:81:ab:6a:58
Fingerprint (sha256): d3:e0:62:27:0f:7d:1f:18:8f:c5:a9:f3:76:80:ea:9a:4d:9a:8c:d1:61:62:0b:4b:55:87:ed:5c:89:ee:89:d0
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate tzoleipzig.de
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tzoleipzig.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tzo-leipzig.com
tzo-leipzig.eu
tzoleipzig.com
tzoleipzig.de
tzoleipzig.eu
tzoleipzig.isp-vhost04.domservice.de
www.tzo-leipzig.com
www.tzo-leipzig.eu
www.tzoleipzig.com
www.tzoleipzig.de
www.tzoleipzig.eu
tzo-leipzig.eu
tzoleipzig.com
tzoleipzig.de
tzoleipzig.eu
tzoleipzig.isp-vhost04.domservice.de
www.tzo-leipzig.com
www.tzo-leipzig.eu
www.tzoleipzig.com
www.tzoleipzig.de
www.tzoleipzig.eu
Other certificates including the domain name tzoleipzig.de
(limited to 100 certificates)
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.isp-vhost04.domservice.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.isp-vhost04.domservice.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
tzoleipzig.de
Certificate
The complete raw certificate details for tzoleipzig.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHHDCCBgSgAwIBAgISA4tqrLVtE1irouDCuCF+pSHpMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMjYwMTA0MTdaFw0y MDA2MjQwMTA0MTdaMBgxFjAUBgNVBAMTDXR6b2xlaXB6aWcuZGUwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDN63mcQ7UFsutRsIPr/ZR3lE62F4q6vBbO 2LZpBA34mojwPmPJ8GsKHSpibPk3mBy8uRCtqqrmpBjpLGIhylz0wkzTXNTwrFKa iZMqKXe+o11e6cjPwd5RKGPUFK5Fy8G9jW6zVDb96mg7ksydba1M2AgJCkEqLdsO RWZIyh4zb0+s4+4WRaYJJBTUHBF1MJAzFYDkVRCK9Isx2pdyumy1kXWSEQXCjG7N YOsMsKvGVe9pT0SlQeQDnb5Ps4ZaBNmWiqMeJ/Pkk3gBca1VXLzmRuRVAqlPNX1E UQQQIz1/2pxyypaYc13mbdfsWik0YPHb8oX1a0xw+HBlZAIenV/OpV//CwPLysp7 jufVdHhVbD2fOo7epW3AkmKMWnCDpD4P086RNw/Kn4c56+JjyR2VAi2UavxInH3k H5im+HpCeN7c9wpxQ6i9t/JhVtNX1MG4F0EDEypZz1Z7FJ+frnRbLINdgAPcp5kF WJi7PnKXqa2va+dQ7eaAbCYxz1uo0yIK39OKy5/vfV/B3L2D6hYoHZN15oxXSTqD WLbGypqM9IfB+k0GxlQLx/O7dbogMzIC6MPxSZPKukcBjHfJtCf+Rskj/vdMduVn 3V/ZA+n/6jGkdEaE2FNaN3EnVj783YWBQLahpTdJC+aL0N+d9Kn5DJVdj5ni/mAI jRPNpgDtxwIDAQABo4IDLDCCAygwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTaCXVi PO4vi5FlvL7u/oMVqPK/wzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMIHjBgNVHREEgdswgdiCD3R6by1sZWlwemlnLmNv bYIOdHpvLWxlaXB6aWcuZXWCDnR6b2xlaXB6aWcuY29tgg10em9sZWlwemlnLmRl gg10em9sZWlwemlnLmV1giR0em9sZWlwemlnLmlzcC12aG9zdDA0LmRvbXNlcnZp Y2UuZGWCE3d3dy50em8tbGVpcHppZy5jb22CEnd3dy50em8tbGVpcHppZy5ldYIS d3d3LnR6b2xlaXB6aWcuY29tghF3d3cudHpvbGVpcHppZy5kZYIRd3d3LnR6b2xl aXB6aWcuZXUwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggECBgorBgEE AdZ5AgQCBIHzBIHwAO4AdQBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFF WAAAAXEUlT/RAAAEAwBGMEQCIEk63191fano1P0kF7EvSz2HHB32ssd52j2w6sWD OG1JAiB6m7JtBN4x2uqPM1iaSSDMDuN/A6CusCS0CdjqvlqYiAB1ALIeBcyLos2K IE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABcRSVP74AAAQDAEYwRAIgZqqRrFjN D0Rzbqnm0H9iihD510oHreJlwANyPVwDADQCIHje9l7yzGvUFY1WB1UFeCsV7D/B wbW5CXACujys48XmMA0GCSqGSIb3DQEBCwUAA4IBAQCYp8vXzr0j/+TyE67aqhE9 1wYc2tpOzyYYx0Mio6D2BB7b8lOigucgQHLIKvteqYDwmI95eD/gmzCbM3TLE5Kc ETm5QyBtx+Uo0h8dHA7RxtDCrcQSMoMByHC3Z11YfpH1DSiIdFBequ6594BwWhkd OdWK2/irrX8xc6JtkH233mJcnRI5VCoD7JPMD5nmC9NaqyQtrS+5Xiyu2Q6O3V3a Xbv7IYZXtf/uJY4EaVsrwlMTWkGLwLcnvcQvj0+qZzLnhdzORtBkeXb+6czwLo4i 7f8xkrVEMW5/w2nuZQLYkbRAqWyw1qoippoW8Wapj5dL3bfDsGU4jaE0CwNnXcQF -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzet5nEO1BbLrUbCD6/2U d5ROtheKurwWzti2aQQN+JqI8D5jyfBrCh0qYmz5N5gcvLkQraqq5qQY6SxiIcpc 9MJM01zU8KxSmomTKil3vqNdXunIz8HeUShj1BSuRcvBvY1us1Q2/epoO5LMnW2t TNgICQpBKi3bDkVmSMoeM29PrOPuFkWmCSQU1BwRdTCQMxWA5FUQivSLMdqXcrps tZF1khEFwoxuzWDrDLCrxlXvaU9EpUHkA52+T7OGWgTZloqjHifz5JN4AXGtVVy8 5kbkVQKpTzV9RFEEECM9f9qccsqWmHNd5m3X7FopNGDx2/KF9WtMcPhwZWQCHp1f zqVf/wsDy8rKe47n1XR4VWw9nzqO3qVtwJJijFpwg6Q+D9POkTcPyp+HOeviY8kd lQItlGr8SJx95B+Ypvh6Qnje3PcKcUOovbfyYVbTV9TBuBdBAxMqWc9WexSfn650 WyyDXYAD3KeZBViYuz5yl6mtr2vnUO3mgGwmMc9bqNMiCt/Tisuf731fwdy9g+oW KB2TdeaMV0k6g1i2xsqajPSHwfpNBsZUC8fzu3W6IDMyAujD8UmTyrpHAYx3ybQn /kbJI/73THblZ91f2QPp/+oxpHRGhNhTWjdxJ1Y+/N2FgUC2oaU3SQvmi9DfnfSp +QyVXY+Z4v5gCI0TzaYA7ccCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308777901719662050820355807730508283322857 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-26 01:04:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-24 01:04:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tzoleipzig.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 840079590009681181056685425200674290941751399930948200072000342689494344343320259680604059505493914475303786893497734913434616262576321599913331903048583444327977972505445110133288340768185516157887406048554722751036929890055943857089856651937036839427851244946657348035487973223100271142914876007258717325586934192604776798137521947676416863612822986947980387006763929334552709227137494781884685025224854190565096078057843536587862010493808133223870871583012209472475431970788349100091968784317454784049315459702294411705299780263704801425599193425057961260566450608278725493723213141554171173803085826642513584500853051017319630429743993296833385833908604156526549385747920179297509569812899502976416035355116871713273819213153385849291431788016493641310388165803095024670333589405606074130771715366526782231139877052922199057898252567827248661935067028157497960567316909144133871349992353849859229787366778830674471520758311939209313385341424630211840825517922425239289199038161165808388104138359188840368766680849040393977772055820055990372348715518897122975504267365862719049759139094416759829451216002462941870669256309135908393465933550587070760205783970369393639907155590514678466588277762904546919213570076674740040656547271 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) da0975623cee2f8b9165bcbeeefe8315a8f2bfc3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (219 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzo-leipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzo-leipzig.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tzoleipzig.isp-vhost04.domservice.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzo-leipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzo-leipzig.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzoleipzig.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzoleipzig.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tzoleipzig.eu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000017114953fd100000403004630440220493adf5f757da9e8d4fd2417b12f4b3d871c1df6b2c779da3db0eac583386d4902207a9bb26d04de31daea8f33589a4920cc0ee37f03a0aeb024b409d8eabe5a9888007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000017114953fbe0000040300463044022066aa91ac58cd0f44736ea9e6d07f628a10f9d74a07ade265c003723d5c030034022078def65ef2cc6bd4158d56075505782b15ec3fc1c1b5b9097002ba3cace3c5e6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0098a7cbd7cebd23ffe4f213aedaaa113dd7061cdada4ecf2618c74322a3a0f6041edbf253a282e7204072c82afb5ea980f0988f79783fe09b309b3374cb13929c1139b943206dc7e528d21f1d1c0ed1c6d0c2adc412328301c870b7675d587e91f50d288874505eaaeeb9f780705a191d39d58adbf8abad7f3173a26d907db7de625c9d1239542a03ec93cc0f99e60bd35aab242dad2fb95e2caed90e8edd5dda5dbbfb218657b5ffee258e04695b2bc253135a418bc0b727bdc42f8f4faa6732e785dcce46d0647976fee9ccf02e8e22edff3192b544316e7fc369ee6502d891b440a96cb0d6aa22a69a16f166a98f974bddb7c3b065388da1340b03675dc405