5677303661068288-fe3.pantheonsite.io

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:1d:7d:73:55:2c:19:4f:86:8d:de:e8:46:3a:72:8e:61:0b was issued on by Let's Encrypt.

With 66 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=5677303661068288-fe3.pantheonsite.io

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:1d:7d:73:55:2c:19:4f:86:8d:de:e8:46:3a:72:8e:61:0b
Serial Number (int): 358484084708858736743042780371533410754827
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: b0:ad:28:7d:6c:db:11:b0:47:19:b8:bd:da:4e:7c:cc:71:97:ba:f8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 29:88:ea:9a:69:26:fb:eb:cb:8f:db:67:4d:1b:fa:69:16:58:b3:64
Fingerprint (sha256): d9:77:1f:09:06:fc:98:6d:2f:04:b7:5b:d3:19:06:30:c7:1c:cb:0e:d1:69:e3:c9:e8:a4:9e:89:11:a6:db:75

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate 5677303661068288-fe3.pantheonsite.io

66

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for 5677303661068288-fe3.pantheonsite.io

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

320york.yale.edu
5677303661068288-fe3.pantheonsite.io
archaia.yale.edu
dev.archaia.yale.edu
dev.berkeleycollegeorchestra.sites.yale.edu
dev.blavatnik.ocr.yale.edu
dev.forests.yale.edu
dev.kitamura.sites.yale.edu
dev.oir.yale.edu
dev.peaceways.yale.edu
dev.printer.yale.edu
dev.student-accounts.yale.edu
dev.urbanhimalaya.yale.edu
dev.yalecollege.yale.edu
dev.yalewell.yale.edu
dev.yaxx.yale.edu
dev.ypr.sites.yale.edu
gw-694.360dx.com
gw-700.360dx.com
gw-703.360dx.com
haroldbloom.yale.edu
jetzlab.yale.edu
kitamura.sites.yale.edu
macmillan.yale.edu
oir.yale.edu
qbi.yale.edu
qbio.yale.edu
slavery.yale.edu
studenttechnology.yale.edu
tamar-gendler.yale.edu
thedrakecenter.com
transhumanistsociety.sites.yale.edu
tst.admin.macmillan.yale.edu
tst.blavatnik.ocr.yale.edu
tst.cbb.yale.edu
tst.cpcr.ipch.yale.edu
tst.cybersecurity.yale.edu
tst.epi.envirocenter.yale.edu
tst.faculty.yale.edu
tst.francesco.iachello.yale.edu
tst.gpsenate.yale.edu
tst.grandstrategy.yale.edu
tst.medialibrary.yale.edu
tst.microsyntax.sites.yale.edu
tst.mpyc.yale.edu
tst.ogc.yale.edu
tst.oir.yale.edu
tst.peaceways.yale.edu
tst.slavery.yale.edu
tst.smr.yale.edu
tst.summerstudy.yale.edu
tst.update.directory.yale.edu
tst.westcampusresourcecenter.yale.edu
tst.world-toolkit.yale.edu
tst.ygdp.yale.edu
tst.yupa.sites.yale.edu
unitedway.yale.edu
urban.yale.edu
workday.training.yale.edu
world-toolkit.yale.edu
worldaesthetics.yale.edu
www.publixcharities.org
www.thedrakecenter.com
www.urban.yale.edu
yalecollege.yale.edu
yisap.yale.edu

Other certificates including the domain name 5677303661068288-fe3.pantheonsite.io

(limited to 100 certificates)
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io
5677303661068288-fe3.pantheonsite.io

Certificate

The complete raw certificate details for 5677303661068288-fe3.pantheonsite.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMOzCCCyOgAwIBAgISBB19c1UsGU+Gjd7oRjpyjmELMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA4MjIxNzA2MzNaFw0x
ODExMjAxNzA2MzNaMC8xLTArBgNVBAMTJDU2NzczMDM2NjEwNjgyODgtZmUzLnBh
bnRoZW9uc2l0ZS5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOcO
3BQUCldGQJs/+hMzVT1wIOtv4KKXc4XRSrXcKz+/6ruWR+G1tz+dPWjuL77k+pug
LAIMlpjLUlR040jvkgFj4z+0YkKQYYt9rrbd1T1mhNkKqPBxr0krK1y7RYoBugxR
2z3gXRhxo+MFkKsVjzNscDRRoPKxABBPgEf4e0D1RNzVkyRroUNfZGgSJQsp8Mv4
IM5hfuduK+pBprKf0aTtYwQdw7e3aqi5rXC9gUsbD+hePcECS5fMUB5p3LwQ5sly
xgfLyxM8dMXYH5LPBquIzItOM0KSY8F0bhvURAnmk63HwAcG+YBMvBpKJ08rjPiR
oEeI0yblUyOCVpbswgMCAwEAAaOCCTQwggkwMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUsK0ofWzbEbBHGbi92k58zHGXuvgwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3
pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2Nz
cC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2Vy
dC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzCCBjQGA1UdEQSCBiswggYnghAzMjB5
b3JrLnlhbGUuZWR1giQ1Njc3MzAzNjYxMDY4Mjg4LWZlMy5wYW50aGVvbnNpdGUu
aW+CEGFyY2hhaWEueWFsZS5lZHWCFGRldi5hcmNoYWlhLnlhbGUuZWR1gitkZXYu
YmVya2VsZXljb2xsZWdlb3JjaGVzdHJhLnNpdGVzLnlhbGUuZWR1ghpkZXYuYmxh
dmF0bmlrLm9jci55YWxlLmVkdYIUZGV2LmZvcmVzdHMueWFsZS5lZHWCG2Rldi5r
aXRhbXVyYS5zaXRlcy55YWxlLmVkdYIQZGV2Lm9pci55YWxlLmVkdYIWZGV2LnBl
YWNld2F5cy55YWxlLmVkdYIUZGV2LnByaW50ZXIueWFsZS5lZHWCHWRldi5zdHVk
ZW50LWFjY291bnRzLnlhbGUuZWR1ghpkZXYudXJiYW5oaW1hbGF5YS55YWxlLmVk
dYIYZGV2LnlhbGVjb2xsZWdlLnlhbGUuZWR1ghVkZXYueWFsZXdlbGwueWFsZS5l
ZHWCEWRldi55YXh4LnlhbGUuZWR1ghZkZXYueXByLnNpdGVzLnlhbGUuZWR1ghBn
dy02OTQuMzYwZHguY29tghBndy03MDAuMzYwZHguY29tghBndy03MDMuMzYwZHgu
Y29tghRoYXJvbGRibG9vbS55YWxlLmVkdYIQamV0emxhYi55YWxlLmVkdYIXa2l0
YW11cmEuc2l0ZXMueWFsZS5lZHWCEm1hY21pbGxhbi55YWxlLmVkdYIMb2lyLnlh
bGUuZWR1ggxxYmkueWFsZS5lZHWCDXFiaW8ueWFsZS5lZHWCEHNsYXZlcnkueWFs
ZS5lZHWCGnN0dWRlbnR0ZWNobm9sb2d5LnlhbGUuZWR1ghZ0YW1hci1nZW5kbGVy
LnlhbGUuZWR1ghJ0aGVkcmFrZWNlbnRlci5jb22CI3RyYW5zaHVtYW5pc3Rzb2Np
ZXR5LnNpdGVzLnlhbGUuZWR1ghx0c3QuYWRtaW4ubWFjbWlsbGFuLnlhbGUuZWR1
ghp0c3QuYmxhdmF0bmlrLm9jci55YWxlLmVkdYIQdHN0LmNiYi55YWxlLmVkdYIW
dHN0LmNwY3IuaXBjaC55YWxlLmVkdYIadHN0LmN5YmVyc2VjdXJpdHkueWFsZS5l
ZHWCHXRzdC5lcGkuZW52aXJvY2VudGVyLnlhbGUuZWR1ghR0c3QuZmFjdWx0eS55
YWxlLmVkdYIfdHN0LmZyYW5jZXNjby5pYWNoZWxsby55YWxlLmVkdYIVdHN0Lmdw
c2VuYXRlLnlhbGUuZWR1ghp0c3QuZ3JhbmRzdHJhdGVneS55YWxlLmVkdYIZdHN0
Lm1lZGlhbGlicmFyeS55YWxlLmVkdYIedHN0Lm1pY3Jvc3ludGF4LnNpdGVzLnlh
bGUuZWR1ghF0c3QubXB5Yy55YWxlLmVkdYIQdHN0Lm9nYy55YWxlLmVkdYIQdHN0
Lm9pci55YWxlLmVkdYIWdHN0LnBlYWNld2F5cy55YWxlLmVkdYIUdHN0LnNsYXZl
cnkueWFsZS5lZHWCEHRzdC5zbXIueWFsZS5lZHWCGHRzdC5zdW1tZXJzdHVkeS55
YWxlLmVkdYIddHN0LnVwZGF0ZS5kaXJlY3RvcnkueWFsZS5lZHWCJXRzdC53ZXN0
Y2FtcHVzcmVzb3VyY2VjZW50ZXIueWFsZS5lZHWCGnRzdC53b3JsZC10b29sa2l0
LnlhbGUuZWR1ghF0c3QueWdkcC55YWxlLmVkdYIXdHN0Lnl1cGEuc2l0ZXMueWFs
ZS5lZHWCEnVuaXRlZHdheS55YWxlLmVkdYIOdXJiYW4ueWFsZS5lZHWCGXdvcmtk
YXkudHJhaW5pbmcueWFsZS5lZHWCFndvcmxkLXRvb2xraXQueWFsZS5lZHWCGHdv
cmxkYWVzdGhldGljcy55YWxlLmVkdYIXd3d3LnB1YmxpeGNoYXJpdGllcy5vcmeC
Fnd3dy50aGVkcmFrZWNlbnRlci5jb22CEnd3dy51cmJhbi55YWxlLmVkdYIUeWFs
ZWNvbGxlZ2UueWFsZS5lZHWCDnlpc2FwLnlhbGUuZWR1MIH+BgNVHSAEgfYwgfMw
CAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDov
L2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0
aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRp
ZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQ
b2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9y
eS8wggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDbdK/uyynssf7KPnFtLOW5qrs2
94Rxg8ddnU83th+/ZAAAAWVi0REBAAAEAwBHMEUCICyNzAm32DRr0eQKlhuOuPAn
r3fTZyNM84vMhidrUwsyAiEAo2rRUTCJc4QPAouS9J30BdaxIeLbDKecLyUoD5if
jUgAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWVi0RD0AAAE
AwBIMEYCIQCpAfSZY9E3dAuZ+72YpEc3sYTjzCx0RguQ9yitXuGvkgIhAIcE/kdM
iAvM/0kTKXcB50VwPCf580eMV2VdHcd/BjT6MA0GCSqGSIb3DQEBCwUAA4IBAQAR
a9WhGhZY91o01VQ7o0CBXkJDkrJVWylR+th3Wi6nXBlR5u0LXJyNdqwD1D3q1eec
JPK5e5qAQufQh/VlgqSi1uMmWY8oAWOJkUoJbZR6dUu/cTcrZUL6iTpIUhOqWF+D
2Wozcxjxc9HvNUPujLYI72Pa/AcqFgM3fgemDrwVOX6xdVPCVhhsv75DMqw4+EPN
Cfvi2j9Dw32iw1WKERyokW5S7bAgUMfFKMgWZRAk1Fc2Ud7t0eiopzLMkiKavkhl
uah2wlueDq+yqPkMKNAlAdjQS+C4lk80xxIkfx23Z4m5GtridMKLdR+w4doncsTq
eMMaw9Ec+NF9o4tA//h5
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5w7cFBQKV0ZAmz/6EzNV
PXAg62/gopdzhdFKtdwrP7/qu5ZH4bW3P509aO4vvuT6m6AsAgyWmMtSVHTjSO+S
AWPjP7RiQpBhi32utt3VPWaE2Qqo8HGvSSsrXLtFigG6DFHbPeBdGHGj4wWQqxWP
M2xwNFGg8rEAEE+AR/h7QPVE3NWTJGuhQ19kaBIlCynwy/ggzmF+524r6kGmsp/R
pO1jBB3Dt7dqqLmtcL2BSxsP6F49wQJLl8xQHmncvBDmyXLGB8vLEzx0xdgfks8G
q4jMi04zQpJjwXRuG9RECeaTrcfABwb5gEy8GkonTyuM+JGgR4jTJuVTI4JWluzC
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 358484084708858736743042780371533410754827
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-22 17:06:33 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-20 17:06:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5677303661068288-fe3.pantheonsite.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29168376029145948373794962978731830303103301886710704942153624222506600681699931657011283128223630243545968773684619213763478574464820586388029336577057793324037663242174500534635626160066506692470829972901988579832273152044351892968362980395718088285017397794135614913197106730544815924862274579840517084180487288373455017347549940090987440829640363011615380060936187026394271943885162812722269598732510662511509847542199618338348670932854622617909652843273592703773361490199614258527587867566672308613733180724688747132289154558377748623179688840308892554568336925544373440588450892271502108901389231658647860068867
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b0ad287d6cdb11b04719b8bdda4e7ccc7197baf8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1579 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '320york.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '5677303661068288-fe3.pantheonsite.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'archaia.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.archaia.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.berkeleycollegeorchestra.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.blavatnik.ocr.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.forests.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.kitamura.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.oir.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.peaceways.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.printer.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.student-accounts.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.urbanhimalaya.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.yalecollege.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.yalewell.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.yaxx.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.ypr.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gw-694.360dx.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gw-700.360dx.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gw-703.360dx.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'haroldbloom.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jetzlab.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kitamura.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'macmillan.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oir.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qbi.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qbio.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slavery.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'studenttechnology.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tamar-gendler.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thedrakecenter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transhumanistsociety.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.admin.macmillan.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.blavatnik.ocr.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.cbb.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.cpcr.ipch.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.cybersecurity.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.epi.envirocenter.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.faculty.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.francesco.iachello.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.gpsenate.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.grandstrategy.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.medialibrary.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.microsyntax.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.mpyc.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.ogc.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.oir.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.peaceways.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.slavery.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.smr.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.summerstudy.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.update.directory.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.westcampusresourcecenter.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.world-toolkit.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.ygdp.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst.yupa.sites.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unitedway.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'urban.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'workday.training.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'world-toolkit.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldaesthetics.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.publixcharities.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thedrakecenter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.urban.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yalecollege.yale.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yisap.yale.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf640000016562d11101000004030047304502202c8dcc09b7d8346bd1e40a961b8eb8f027af77d367234cf38bcc86276b530b32022100a36ad151308973840f028b92f49df405d6b121e2db0ca79c2f25280f989f8d48007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016562d110f40000040300483046022100a901f49963d137740b99fbbd98a44737b184e3cc2c74460b90f728ad5ee1af920221008704fe474c880bccff4913297701e745703c27f9f3478c57655d1dc77f0634fa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00116bd5a11a1658f75a34d5543ba340815e424392b2555b2951fad8775a2ea75c1951e6ed0b5c9c8d76ac03d43dead5e79c24f2b97b9a8042e7d087f56582a4a2d6e326598f28016389914a096d947a754bbf71372b6542fa893a485213aa585f83d96a337318f173d1ef3543ee8cb608ef63dafc072a1603377e07a60ebc15397eb17553c256186cbfbe4332ac38f843cd09fbe2da3f43c37da2c3558a111ca8916e52edb02050c7c528c816651024d4573651deedd1e8a8a732cc92229abe4865b9a876c25b9e0eafb2a8f90c28d02501d8d04be0b8964f34c712247f1db76789b91adae274c28b751fb0e1da2772c4ea78c31ac3d11cf8d17da38b40fff879