davidwaring.net

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:2a:a0:9b:4a:d8:45:5e:50:2a:ec:5a:a6:37:ce:be:17:a7 was issued on by Let's Encrypt.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=davidwaring.net

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:2a:a0:9b:4a:d8:45:5e:50:2a:ec:5a:a6:37:ce:be:17:a7
Serial Number (int): 275842200009331877099871001241861551429543
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 11:a2:e7:f3:e0:83:e1:8e:c0:5d:69:5f:31:17:e4:72:ba:a3:b4:f1
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 16:25:26:de:d8:c1:f0:2b:d5:94:51:f6:d8:65:4b:ce:07:28:10:a2
Fingerprint (sha256): d3:f1:ae:be:54:77:3d:4b:87:87:a8:db:da:82:b1:61:e5:34:b5:92:3e:7f:b4:c0:49:39:56:8e:30:f2:bd:5b

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate davidwaring.net

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for davidwaring.net

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

arch.davidwaring.net
davidwaring.net
pass.davidwaring.net
pswd.davidwaring.net
webmail.davidwaring.net
www.davidwaring.net

Other certificates including the domain name davidwaring.net

(limited to 100 certificates)
davidwaring.net
www.davidwaring.net
davidwaring.net
arch.davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net
pswd.davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net
pswd.davidwaring.net
davidwaring.net
status.davidwaring.net
davidwaring.net
davidwaring.net
gitlab.davidwaring.net
davidwaring.net
www.davidwaring.net
davidwaring.net
www.davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net
cany.davidwaring.net
davidwaring.net
davidwaring.net
www.davidwaring.net
davidwaring.net
davidwaring.net
pswd.davidwaring.net
davidwaring.net
davidwaring.net
cany.davidwaring.net
davidwaring.net
davidwaring.net
davidwaring.net

Certificate

The complete raw certificate details for davidwaring.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgISAyqgm0rYRV5QKuxapjfOvhenMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA3MzEyMDQ5MDBaFw0x
NzEwMjkyMDQ5MDBaMBoxGDAWBgNVBAMTD2Rhdmlkd2FyaW5nLm5ldDCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJ/QN7d1Ibwe/+icXl4X08EgtIzae1E9
E5GkxnshSgPQXQtrMF9pq3KFA/CLvghtTaDgxmPDFzfOGMgGHzY0P/VZsoOdwRN2
/rfR0d3F5aGgFCdSd1EEmkcVmVJj6CwTF2FaCm/kNULwU4HS0OYNGcgkQMxFJpmx
oVzjZtJMTXCF5IgYQfS/G0lrxhOMawsmw/Mj66N5MsIH6p2AwI0SgeXdDsnZK7/S
5A1bA0zOHSjpVL1LBF8R1zwv57SMK1r+r6M96+bINaa0u+qIAdCGhpHqBfAtG+G1
cli1NHKje/rLkgDS0Cyw8jx5TZARfkUa3X+l4pcMAkVhhTwYPDweQvv5CpSAjzeV
N2GuJRD+yG6pJ13BJpWV4GuNG5PsyPXA4nOSVQa12RZXntDUM4t72Lgsa8iRyGLz
Ka+2AHTEMmhKRljnDyPlcZHm6JqkJdfWD15WMOXT/Twmj2IcZ7/ChxFRrpNsYZLh
Fjt7XNtkDz55cNWzVWqsOfLFHRwEWbCTPcwumHUYQGAkTSZPUASF2jWLp7zUgtAK
+A3ywYgaxAz27RSFVZufAzcB0I1xR3gntUv3CyJWfXs2KTDS/nv+Nf8KkUV0SFOj
Ju0JWpJc/nPBLmIzY5wl1Am1/xWslsOtJ0mpFoJd4b0o+PtCoQwcqx7Y+pGQeK5v
GCUDIMMGirbhAgMBAAGjggKCMIICfjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBGi
5/Pgg+GOwF1pXzEX5HK6o7TxMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z
qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZy8wgYwGA1UdEQSBhDCBgYIUYXJjaC5kYXZpZHdh
cmluZy5uZXSCD2Rhdmlkd2FyaW5nLm5ldIIUcGFzcy5kYXZpZHdhcmluZy5uZXSC
FHBzd2QuZGF2aWR3YXJpbmcubmV0ghd3ZWJtYWlsLmRhdmlkd2FyaW5nLm5ldIIT
d3d3LmRhdmlkd2FyaW5nLm5ldDCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYL
KwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5
cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9u
bHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGlu
IGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0
IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEB
CwUAA4IBAQCZXJ8KJ8HIKMpsh8ft1Xqx2zbtAyiz9FRFP0Uj8lTciC+fFFxoFjap
SwieL8W0XWs6DR6joNV9HtwK30yq6OZJlQSycLApUXgTp0UEjjy0qwZ0DOjhrm3p
0bSy4L8oiQKxBbu44Rd29OVjf/I2MRTCP1kOx4vDccgWSY8SAieg50tl/0NqUTVm
utyDIHpQ5mRdo5d+x7NJekCvgaz9o4zxN9GBBIQi2TOZTCgEKkZOL+HSYcsTDiC4
/a37I7moYTuQFL/WwSFNM/9PxcVmRpe42T7HkRNiplmPdmNmUc4q561xc7hUin5p
n2lnC+S/2oVp+OoKbyoiM9GpFuH+Tjiq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn9A3t3UhvB7/6JxeXhfT
wSC0jNp7UT0TkaTGeyFKA9BdC2swX2mrcoUD8Iu+CG1NoODGY8MXN84YyAYfNjQ/
9Vmyg53BE3b+t9HR3cXloaAUJ1J3UQSaRxWZUmPoLBMXYVoKb+Q1QvBTgdLQ5g0Z
yCRAzEUmmbGhXONm0kxNcIXkiBhB9L8bSWvGE4xrCybD8yPro3kywgfqnYDAjRKB
5d0Oydkrv9LkDVsDTM4dKOlUvUsEXxHXPC/ntIwrWv6voz3r5sg1prS76ogB0IaG
keoF8C0b4bVyWLU0cqN7+suSANLQLLDyPHlNkBF+RRrdf6XilwwCRWGFPBg8PB5C
+/kKlICPN5U3Ya4lEP7IbqknXcEmlZXga40bk+zI9cDic5JVBrXZFlee0NQzi3vY
uCxryJHIYvMpr7YAdMQyaEpGWOcPI+VxkebomqQl19YPXlYw5dP9PCaPYhxnv8KH
EVGuk2xhkuEWO3tc22QPPnlw1bNVaqw58sUdHARZsJM9zC6YdRhAYCRNJk9QBIXa
NYunvNSC0Ar4DfLBiBrEDPbtFIVVm58DNwHQjXFHeCe1S/cLIlZ9ezYpMNL+e/41
/wqRRXRIU6Mm7Qlaklz+c8EuYjNjnCXUCbX/FayWw60nSakWgl3hvSj4+0KhDByr
Htj6kZB4rm8YJQMgwwaKtuECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 275842200009331877099871001241861551429543
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-31 20:49:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-29 20:49:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'davidwaring.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 651981586004611266752270957974603252284788092815450996603612374765952180861977354237778125347745726434585468224817392458657834019620245281981054383745971463245624062709645600682647359399071847488649518264523691720793484224139739675679452235321171987842253026770653849397622126597942070089190025205594882378308134703189322345113052852309885971859460190523088567475338963802502215452588645111324034554042316207835054347245244761244151256048127301348527386903498741301294587928223145557814201739508570534776123399455833326302166390985318639025928676319077578165044192544760659480144043680359972922709726352937475466220320686827611126530253945063961775705093975515233644253533394144485997869172437809022138284303985841268179151975875576710077167813663915894955329207426532083073084886948732822838352315967032908085273814401621827410850861361009512220456040274684678657135117780971514787668073437749188690215078090085816065601798457503411088922721703070462164517373052655719954692925056546109108724110850701304168963123721658563459881306805457812416744565382047026501197256609374574854033029658357310760708827932184499668332899310720210468775362269803320314031243767601776677941491163348923503887758304579906137241854855359561987921721057
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							11a2e7f3e083e18ec05d695f3117e472baa3b4f1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (132 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arch.davidwaring.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'davidwaring.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pass.davidwaring.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pswd.davidwaring.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.davidwaring.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.davidwaring.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00995c9f0a27c1c828ca6c87c7edd57ab1db36ed0328b3f454453f4523f254dc882f9f145c681636a94b089e2fc5b45d6b3a0d1ea3a0d57d1edc0adf4caae8e6499504b270b029517813a745048e3cb4ab06740ce8e1ae6de9d1b4b2e0bf288902b105bbb8e11776f4e5637ff2363114c23f590ec78bc371c816498f120227a0e74b65ff436a513566badc83207a50e6645da3977ec7b3497a40af81acfda38cf137d181048422d933994c28042a464e2fe1d261cb130e20b8fdadfb23b9a8613b9014bfd6c1214d33ff4fc5c5664697b8d93ec7911362a6598f76636651ce2ae7ad7173b8548a7e699f69670be4bfda8569f8ea0a6f2a2233d1a916e1fe4e38aa