lafchicago.org
Issued by PositiveSSL CA 2
About this certificate
This digital certificate with serial number c5:39:83:91:d9:c6:bd:68:2b:1a:58:46:01:cf:5f:81 was issued on by COMODO CA Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=lafchicago.org,OU=Domain Control Validated+OU=Provided by New Dream Network\, LLC+OU=DreamHost Basic SSL
COMODO CA Limited
Organization:
COMODO CA Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): c5:39:83:91:d9:c6:bd:68:2b:1a:58:46:01:cf:5f:81Serial Number (int): 262156544641705063966378831789119463297
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 0e:44:61:c3:90:a9:18:89:21:a1:20:4c:1b:f1:4d:65:23:2f:c6:bf
AuthorityKeyId: 99:e4:40:5f:6b:14:5e:3e:05:d9:dd:d3:63:54:fc:62:b8:f7:00:ac
Fingerprint (sha1): 91:9b:5e:d3:98:e9:37:4c:f6:6e:03:0b:ea:00:06:ce:f4:4f:60:5e
Fingerprint (sha256): de:58:39:2e:d8:b2:a4:8c:85:09:0b:5e:dc:b0:2e:00:bf:32:a2:f4:19:d9:c1:69:67:5a:f5:25:03:a0:92:20
Issuing Certificate URL: http://crt.comodoca.com/PositiveSSLCA2.crt
Revocation information
OCSP Server: http://ocsp.comodoca.comCRL Distribution Point: http://crl.comodoca.com/PositiveSSLCA2.crl
Check the revocation status for certificate lafchicago.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lafchicago.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lafchicago.org
www.lafchicago.org
www.lafchicago.org
Other certificates including the domain name lafchicago.org
(limited to 100 certificates)
officeonlineserver.lafchicago.org
officewebapps.ad.lafchicago.org
lafchicago.org
lync.lafchicago.org
webremote.lafchicago.org
UC-CUCM-01-ms.ad.lafchicago.org
UC-UCXN-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
uc-exp-e01.ad.lafchicago.org
lync.lafchicago.org
www.lafchicago.org
uc-exp-c01.ad.lafchicago.org
lafchicago.org
officeonlineserver.lafchicago.org
file.lafchicago.org
file.lafchicago.org
lync.lafchicago.org
UC-UCCX-02.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
uc-exp-e01.ad.lafchicago.org
lafchicago.org
file.lafchicago.org
file.lafchicago.org
UC-CUCM-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
lafchicago.org
lafchicago.org
file.lafchicago.org
www.lafchicago.org
mail.lafchicago.org
file.lafchicago.org
uc-exp-c01.ad.lafchicago.org
mail1.ad.lafchicago.org
mail.lafchicago.org
file.lafchicago.org
file.lafchicago.org
file.lafchicago.org
lafchicago.org
lafchicago.org
mail.lafchicago.org
mail1.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
lafchicago.org
lync.lafchicago.org
mail.lafchicago.org
mail1.lafchicago.org
mail.lafchicago.org
mail.lafchicago.org
lafchicago.org
officeonlineserver.lafchicago.org
mail.lafchicago.org
lafchicago.org
mail.lafchicago.org
lync.ad.lafchicago.org
UC-UCXN-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
file.lafchicago.org
lafchicago.org
UC-UCCX-01.ad.lafchicago.org
file.lafchicago.org
lafchicago.org
mail1.lafchicago.org
mail.lafchicago.org
lync.lafchicago.org
lafchicago.org
mail1.ad.lafchicago.org
lafpoint.lafchicago.org
lync.ad.lafchicago.org
mail2.lafchicago.org
mail.lafchicago.org
UC-UCCX-01.ad.lafchicago.org
file.lafchicago.org
lync.lafchicago.org
lafchicago.org
lync.ad.lafchicago.org
mail.lafchicago.org
lafchicago.org
UC-UCCX-02.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
lafchicago.org
lync.lafchicago.org
officeonlineserver.ad.lafchicago.org
www.lafchicago.org
officewebapps.ad.lafchicago.org
lafchicago.org
lync.lafchicago.org
webremote.lafchicago.org
UC-CUCM-01-ms.ad.lafchicago.org
UC-UCXN-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
uc-exp-e01.ad.lafchicago.org
lync.lafchicago.org
www.lafchicago.org
uc-exp-c01.ad.lafchicago.org
lafchicago.org
officeonlineserver.lafchicago.org
file.lafchicago.org
file.lafchicago.org
lync.lafchicago.org
UC-UCCX-02.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
uc-exp-e01.ad.lafchicago.org
lafchicago.org
file.lafchicago.org
file.lafchicago.org
UC-CUCM-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
lafchicago.org
lafchicago.org
file.lafchicago.org
www.lafchicago.org
mail.lafchicago.org
file.lafchicago.org
uc-exp-c01.ad.lafchicago.org
mail1.ad.lafchicago.org
mail.lafchicago.org
file.lafchicago.org
file.lafchicago.org
file.lafchicago.org
lafchicago.org
lafchicago.org
mail.lafchicago.org
mail1.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
lafchicago.org
lync.lafchicago.org
mail.lafchicago.org
mail1.lafchicago.org
mail.lafchicago.org
mail.lafchicago.org
lafchicago.org
officeonlineserver.lafchicago.org
mail.lafchicago.org
lafchicago.org
mail.lafchicago.org
lync.ad.lafchicago.org
UC-UCXN-01-ms.ad.lafchicago.org
lafchicago.org
lafchicago.org
file.lafchicago.org
lafchicago.org
UC-UCCX-01.ad.lafchicago.org
file.lafchicago.org
lafchicago.org
mail1.lafchicago.org
mail.lafchicago.org
lync.lafchicago.org
lafchicago.org
mail1.ad.lafchicago.org
lafpoint.lafchicago.org
lync.ad.lafchicago.org
mail2.lafchicago.org
mail.lafchicago.org
UC-UCCX-01.ad.lafchicago.org
file.lafchicago.org
lync.lafchicago.org
lafchicago.org
lync.ad.lafchicago.org
mail.lafchicago.org
lafchicago.org
UC-UCCX-02.ad.lafchicago.org
lafchicago.org
mail.lafchicago.org
lafchicago.org
lync.lafchicago.org
officeonlineserver.ad.lafchicago.org
www.lafchicago.org
Certificate
The complete raw certificate details for lafchicago.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIRAMU5g5HZxr1oKxpYRgHPX4EwDQYJKoZIhvcNAQEFBQAw czELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxGTAXBgNV BAMTEFBvc2l0aXZlU1NMIENBIDIwHhcNMTQxMTE0MDAwMDAwWhcNMTUxMTE0MjM1 OTU5WjCBhzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSswKQYD VQQLEyJQcm92aWRlZCBieSBOZXcgRHJlYW0gTmV0d29yaywgTExDMRwwGgYDVQQL ExNEcmVhbUhvc3QgQmFzaWMgU1NMMRcwFQYDVQQDEw5sYWZjaGljYWdvLm9yZzCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6LNbdGRAcBDGr1XwXRR5Oe bW0ETO4eC5H7yHP0qM0H7WRYmyxYdKHePadrsF3GUfvWHWQ1ScY6RrQ/Uhkk5H0b NnAe/7xYCykPB4fqvv1eJkTMTaLHkyrEr9hgL6RxADHZAS/8CT5RSnKBZ9Gn7QsV JmTNJF6Ot+G743mhmL08kF5rLsdEgQv2/UYkFYypmIYPXP+5gAkT9lF51Q8nAPS5 UbyKcyq5b/lwTKtbcaswRNwp1ORWV/a4LL7eU32h8fcC6og5v869wln7DKyTPjPz bMC4uwLRzl9FYSOJHH2DdWRb+VxSTbOt1CdNsmvS1BWC7hgdwmLfuSRgbprzRkUC AwEAAaOCAa0wggGpMB8GA1UdIwQYMBaAFJnkQF9rFF4+Bdnd02NU/GK49wCsMB0G A1UdDgQWBBQORGHDkKkYiSGhIEwb8U1lIy/GvzAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwUAYDVR0g BEkwRzA7BgsrBgEEAbIxAQICBzAsMCoGCCsGAQUFBwIBFh5odHRwOi8vd3d3LnBv c2l0aXZlc3NsLmNvbS9DUFMwCAYGZ4EMAQIBMDsGA1UdHwQ0MDIwMKAuoCyGKmh0 dHA6Ly9jcmwuY29tb2RvY2EuY29tL1Bvc2l0aXZlU1NMQ0EyLmNybDBsBggrBgEF BQcBAQRgMF4wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL1Bv c2l0aXZlU1NMQ0EyLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv Y2EuY29tMC0GA1UdEQQmMCSCDmxhZmNoaWNhZ28ub3JnghJ3d3cubGFmY2hpY2Fn by5vcmcwDQYJKoZIhvcNAQEFBQADggEBAJmISZkYoryKocdT8/osyCGT6LDbqTdU QqwI4bRxNiI9RT/bUeYsMpxhgM3Zz0LHuJt43tWWRDTaqFS0WpH5IjBa428grYwW 0T/ddJRVlm/65+gslNTZh3on5/DNKkwTRsgPQT3Gzp/1fWze0k4DmTPsju55ncE9 KSZpcdaemrKg9A2KS8lqHQMkSdEyQDN+rkTqC2/xWuFsOQ3ydNvOH7SsRG3skHwg cOhXgrJ5qzo03dS8PBwZwGXs1PqmbV3FPxRdYpwM4LNSUxyRBaviAqOIqGbuDfZP GHO5/WrPk6zGoy5Ek5P5WtmJcRCd/HSTYr1UO84nY+BWGztQlXxskAY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvos1t0ZEBwEMavVfBdFH k55tbQRM7h4LkfvIc/SozQftZFibLFh0od49p2uwXcZR+9YdZDVJxjpGtD9SGSTk fRs2cB7/vFgLKQ8Hh+q+/V4mRMxNoseTKsSv2GAvpHEAMdkBL/wJPlFKcoFn0aft CxUmZM0kXo634bvjeaGYvTyQXmsux0SBC/b9RiQVjKmYhg9c/7mACRP2UXnVDycA 9LlRvIpzKrlv+XBMq1txqzBE3CnU5FZX9rgsvt5TfaHx9wLqiDm/zr3CWfsMrJM+ M/NswLi7AtHOX0VhI4kcfYN1ZFv5XFJNs63UJ02ya9LUFYLuGB3CYt+5JGBumvNG RQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 262156544641705063966378831789119463297 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Provided by New Dream Network, LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DreamHost Basic SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lafchicago.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24053924868143540387648256728056610914149911523158032390126390596821700667667072001848609623100851774328826376373497240113152506272836197609694671319740922155834047972633108708989446063515805173003442714548408286482069954565638828383992650479855550132075671935202145304480351793600070344754627021861399840180805632377597100479605595917068697538462012704346976898975988969529256868427693097028701038840111882144531796773165375488484328177651696344311742912964011083264327494974880973771902880448780093940126902884537600630940376401213001324564329012019575664548285568560957086496950726652484480752368633850743202465349 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 99e4405f6b145e3e05d9ddd36354fc62b8f700ac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0e4461c390a9188921a1204c1bf14d65232fc6bf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.positivessl.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/PositiveSSLCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/PositiveSSLCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lafchicago.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lafchicago.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009988499918a2bc8aa1c753f3fa2cc82193e8b0dba9375442ac08e1b47136223d453fdb51e62c329c6180cdd9cf42c7b89b78ded5964434daa854b45a91f922305ae36f20ad8c16d13fdd749455966ffae7e82c94d4d9877a27e7f0cd2a4c1346c80f413dc6ce9ff57d6cded24e039933ec8eee799dc13d29266971d69e9ab2a0f40d8a4bc96a1d032449d13240337eae44ea0b6ff15ae16c390df274dbce1fb4ac446dec907c2070e85782b279ab3a34ddd4bc3c1c19c065ecd4faa66d5dc53f145d629c0ce0b352531c9105abe202a388a866ee0df64f1873b9fd6acf93acc6a32e449393f95ad98971109dfc749362bd543bce2763e0561b3b50957c6c9006