yourlifeiowa.com

Issued by R3

About this certificate

This digital certificate with serial number 03:5b:f7:28:90:cb:4b:0c:e7:d6:bb:e7:7a:02:69:d5:32:8c was issued on by Let's Encrypt.

With 93 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=yourlifeiowa.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:5b:f7:28:90:cb:4b:0c:e7:d6:bb:e7:7a:02:69:d5:32:8c
Serial Number (int): 292631083128692882622661607882846754910860
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: d4:e6:1b:49:4f:eb:ca:9b:0e:c2:0a:2b:36:fd:05:c3:49:99:22:30
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): de:d7:41:f3:db:42:6d:05:74:7e:cd:7a:cf:18:17:5e:67:38:84:78
Fingerprint (sha256): e3:ba:e9:38:c1:94:9a:d9:42:e5:7d:d1:b9:a1:17:22:84:82:76:f1:9a:f2:ee:cb:a9:0f:01:ab:24:7f:0e:23

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate yourlifeiowa.com

93

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for yourlifeiowa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

app.iowastem.org
i-pact.com
internal.courts.iowa.gov
iowaabd.com
iowaagriculture.gov
iowacleanair.gov
iowadnr.com
iowadrivingav.org
iowagrants.gov
iowagreatplaces.gov
iowahistory.org
iowahumanitiescouncil.com
iowahumanitiescouncil.org
iowahush.com
iowaintex.gov
iowalmi.gov
iowamissingpersons.com
iowamissingpersons.gov
iowaopiodhelp.com
iowaopioidhelp.com
iowaopioidhelp.org
iowap2services.com
iowareap.com
iowasmokefreeair.gov
iowastem.org
iowastics.com
iowiki.iowaintex.gov
mtest.ialottery.com
onsiteiowa.com
p2infohouse.org
recognizeandreport.org
resultsiowa.org
safeandsoundiowa.com
safeandsoundiowa.gov
safeandsoundiowa.org
safearoundsemis.com
test.ialottery.com
test.icaps.iowacollegeaid.gov
test.iowagrants.gov
test.iowaintex.gov
voterreadyiowa.org
webapp.iecdb.iowa.gov
www.broadband.iowa.gov
www.cmedocviewerportal.iowadot.gov
www.cmesnowboundportal.iowadot.gov
www.cmewebapiportal.iowadot.gov
www.coaching.iowa.gov
www.devertservices.iowadot.gov
www.dlphoto.iowadot.gov
www.envpermits.iowadot.gov
www.ertservices.iowadot.gov
www.historicalphotos.iowadot.gov
www.i-pact.com
www.iahealthlink.gov
www.iowaagriculture.gov
www.iowadrivingav.org
www.iowagrants.gov
www.iowaintex.gov
www.iowalmi.gov
www.iowamissingpersons.com
www.iowamissingpersons.gov
www.iowaoutdoorsmagazine.com
www.iowap2interns.com
www.iowasmokefreeair.gov
www.iowasourcewater.org
www.iowastatepatrol.net
www.iowastatepatrol.org
www.iowastem.org
www.iowastics.com
www.iowatitleguaranty.gov
www.jobs.iowa.gov
www.learning.iowadot.gov
www.licensediniowa.gov
www.majorprojects.iowadot.gov
www.maple.iowadot.gov
www.mtmug.iowadot.gov
www.mydotdocs.iowadot.gov
www.onsiteiowa.com
www.p2infohouse.org
www.recognizeandreport.org
www.recoveryiowa.org
www.resultsiowa.org
www.safearoundsemis.com
www.safeathome.iowa.gov
www.testertservices.iowadot.gov
www.tmcdashboard.iowadot.gov
www.tmcservice.iowadot.gov
www.voterreadyiowa.org
www.yourlifeiowa.com
www.yourlifeiowa.net
www.yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.net

Other certificates including the domain name yourlifeiowa.com

(limited to 100 certificates)
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.envoystaging.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.envoystaging.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com

Certificate

The complete raw certificate details for yourlifeiowa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIINCzCCC/OgAwIBAgISA1v3KJDLSwzn1rvnegJp1TKMMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMTMxNTU3MzdaFw0yNDAzMTIxNTU3MzZaMBsxGTAXBgNVBAMT
EHlvdXJsaWZlaW93YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkywCAp/2NJOVp29ZPPWksqDT8Q5CkuEZmx/pl56WKkCgs0YXZS5X5AxSseHmq
sgnkz063Cpzb9Y8HaAbAf4PXmi2DINZclfz4nmcGJEyNkz3HAKIS7ZQtv79nIuKx
CNcl7WQtFaC+9Hm7Ma85P5EGBW0iAaOIKZgtrw21RGkWowxQ9mRlLWM2IIKo3qAk
u2em6bZdkjh4MVi2Vql4hImiBNaoTvFoj3lTE4H/phf83NGd++wBZF62PsTxS4U2
3aFCzC8NJhqiXy6AEBh5VxiJBP3c4KY7dYVVm89Q5zrrZ6aTTSyHcwPkHL0je3Bv
VRj+iv+YJd76xd4hYsDAwvpTAgMBAAGjggowMIIKLDAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFNTmG0lP68qbDsIKKzb9BcNJmSIwMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMIIINgYDVR0RBIIILTCCCCmCEGFwcC5pb3dhc3RlbS5vcmeCCmktcGFjdC5j
b22CGGludGVybmFsLmNvdXJ0cy5pb3dhLmdvdoILaW93YWFiZC5jb22CE2lvd2Fh
Z3JpY3VsdHVyZS5nb3aCEGlvd2FjbGVhbmFpci5nb3aCC2lvd2FkbnIuY29tghFp
b3dhZHJpdmluZ2F2Lm9yZ4IOaW93YWdyYW50cy5nb3aCE2lvd2FncmVhdHBsYWNl
cy5nb3aCD2lvd2FoaXN0b3J5Lm9yZ4IZaW93YWh1bWFuaXRpZXNjb3VuY2lsLmNv
bYIZaW93YWh1bWFuaXRpZXNjb3VuY2lsLm9yZ4IMaW93YWh1c2guY29tgg1pb3dh
aW50ZXguZ292ggtpb3dhbG1pLmdvdoIWaW93YW1pc3NpbmdwZXJzb25zLmNvbYIW
aW93YW1pc3NpbmdwZXJzb25zLmdvdoIRaW93YW9waW9kaGVscC5jb22CEmlvd2Fv
cGlvaWRoZWxwLmNvbYISaW93YW9waW9pZGhlbHAub3JnghJpb3dhcDJzZXJ2aWNl
cy5jb22CDGlvd2FyZWFwLmNvbYIUaW93YXNtb2tlZnJlZWFpci5nb3aCDGlvd2Fz
dGVtLm9yZ4INaW93YXN0aWNzLmNvbYIUaW93aWtpLmlvd2FpbnRleC5nb3aCE210
ZXN0LmlhbG90dGVyeS5jb22CDm9uc2l0ZWlvd2EuY29tgg9wMmluZm9ob3VzZS5v
cmeCFnJlY29nbml6ZWFuZHJlcG9ydC5vcmeCD3Jlc3VsdHNpb3dhLm9yZ4IUc2Fm
ZWFuZHNvdW5kaW93YS5jb22CFHNhZmVhbmRzb3VuZGlvd2EuZ292ghRzYWZlYW5k
c291bmRpb3dhLm9yZ4ITc2FmZWFyb3VuZHNlbWlzLmNvbYISdGVzdC5pYWxvdHRl
cnkuY29tgh10ZXN0LmljYXBzLmlvd2Fjb2xsZWdlYWlkLmdvdoITdGVzdC5pb3dh
Z3JhbnRzLmdvdoISdGVzdC5pb3dhaW50ZXguZ292ghJ2b3RlcnJlYWR5aW93YS5v
cmeCFXdlYmFwcC5pZWNkYi5pb3dhLmdvdoIWd3d3LmJyb2FkYmFuZC5pb3dhLmdv
doIid3d3LmNtZWRvY3ZpZXdlcnBvcnRhbC5pb3dhZG90LmdvdoIid3d3LmNtZXNu
b3dib3VuZHBvcnRhbC5pb3dhZG90LmdvdoIfd3d3LmNtZXdlYmFwaXBvcnRhbC5p
b3dhZG90LmdvdoIVd3d3LmNvYWNoaW5nLmlvd2EuZ292gh53d3cuZGV2ZXJ0c2Vy
dmljZXMuaW93YWRvdC5nb3aCF3d3dy5kbHBob3RvLmlvd2Fkb3QuZ292ghp3d3cu
ZW52cGVybWl0cy5pb3dhZG90LmdvdoIbd3d3LmVydHNlcnZpY2VzLmlvd2Fkb3Qu
Z292giB3d3cuaGlzdG9yaWNhbHBob3Rvcy5pb3dhZG90LmdvdoIOd3d3LmktcGFj
dC5jb22CFHd3dy5pYWhlYWx0aGxpbmsuZ292ghd3d3cuaW93YWFncmljdWx0dXJl
LmdvdoIVd3d3Lmlvd2Fkcml2aW5nYXYub3JnghJ3d3cuaW93YWdyYW50cy5nb3aC
EXd3dy5pb3dhaW50ZXguZ292gg93d3cuaW93YWxtaS5nb3aCGnd3dy5pb3dhbWlz
c2luZ3BlcnNvbnMuY29tghp3d3cuaW93YW1pc3NpbmdwZXJzb25zLmdvdoIcd3d3
Lmlvd2FvdXRkb29yc21hZ2F6aW5lLmNvbYIVd3d3Lmlvd2FwMmludGVybnMuY29t
ghh3d3cuaW93YXNtb2tlZnJlZWFpci5nb3aCF3d3dy5pb3dhc291cmNld2F0ZXIu
b3Jnghd3d3cuaW93YXN0YXRlcGF0cm9sLm5ldIIXd3d3Lmlvd2FzdGF0ZXBhdHJv
bC5vcmeCEHd3dy5pb3dhc3RlbS5vcmeCEXd3dy5pb3dhc3RpY3MuY29tghl3d3cu
aW93YXRpdGxlZ3VhcmFudHkuZ292ghF3d3cuam9icy5pb3dhLmdvdoIYd3d3Lmxl
YXJuaW5nLmlvd2Fkb3QuZ292ghZ3d3cubGljZW5zZWRpbmlvd2EuZ292gh13d3cu
bWFqb3Jwcm9qZWN0cy5pb3dhZG90LmdvdoIVd3d3Lm1hcGxlLmlvd2Fkb3QuZ292
ghV3d3cubXRtdWcuaW93YWRvdC5nb3aCGXd3dy5teWRvdGRvY3MuaW93YWRvdC5n
b3aCEnd3dy5vbnNpdGVpb3dhLmNvbYITd3d3LnAyaW5mb2hvdXNlLm9yZ4Iad3d3
LnJlY29nbml6ZWFuZHJlcG9ydC5vcmeCFHd3dy5yZWNvdmVyeWlvd2Eub3JnghN3
d3cucmVzdWx0c2lvd2Eub3Jnghd3d3cuc2FmZWFyb3VuZHNlbWlzLmNvbYIXd3d3
LnNhZmVhdGhvbWUuaW93YS5nb3aCH3d3dy50ZXN0ZXJ0c2VydmljZXMuaW93YWRv
dC5nb3aCHHd3dy50bWNkYXNoYm9hcmQuaW93YWRvdC5nb3aCGnd3dy50bWNzZXJ2
aWNlLmlvd2Fkb3QuZ292ghZ3d3cudm90ZXJyZWFkeWlvd2Eub3JnghR3d3cueW91
cmxpZmVpb3dhLmNvbYIUd3d3LnlvdXJsaWZlaW93YS5uZXSCFHd3dy55b3VybGlm
ZWlvd2Eub3JnghB5b3VybGlmZWlvd2EuY29tghB5b3VybGlmZWlvd2EubmV0MBMG
A1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAO1N3
dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGMZBzK7QAABAMARzBFAiB+
W66V3689CSUASoXqSgirRHVObdrT8kgTNhqMQMZ5SwIhAOKEwPSD8scJZ4moPdm0
/uWhZbCYyU1Ifaz6UGUBm+DJAHcA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZ
RnEftZsAAAGMZBzK3QAABAMASDBGAiEAij3FpfoOpWKHBZ/A4S0qixSJsej2vwCq
OvOOb/B1Rs8CIQCpI9h6eDcO5XpCUCDvqrKPnlOv2lCGABe4Uyc4mELeEDANBgkq
hkiG9w0BAQsFAAOCAQEAUUUq8x4UXZn8qIQimt4dRJmGx0mWp4Fjhg83ZBQ1b478
Du3GZfK7fXvnjaMKy2ep9epsU5pqSOUhFxCJ/I5GA7M1MeuiGoarb9vLuLWDJYHz
Ph8qjtxGinbQfH3Rgxq7epR6lydOefB6LCT4naNlVL5uqIpNFsnIX6jgHW2n341B
C0UlhqqredSuSpVPoz/w90bIeWEjxBf/pz2zNXl2/SXcsh7qFdNNGL8D8SIcFHKN
AYtKdNjY6IQ/DXOpc5XpEmlVEtSAlGeMdR0QmdLdcFF75i+2iOwqwzCuzX72ouzx
dgTAHT/eT9s/NdVCuNv3b9nbmiY2OQLJQqqGUSUZRQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMsAgKf9jSTladvWTz1p
LKg0/EOQpLhGZsf6ZeelipAoLNGF2UuV+QMUrHh5qrIJ5M9Otwqc2/WPB2gGwH+D
15otgyDWXJX8+J5nBiRMjZM9xwCiEu2ULb+/ZyLisQjXJe1kLRWgvvR5uzGvOT+R
BgVtIgGjiCmYLa8NtURpFqMMUPZkZS1jNiCCqN6gJLtnpum2XZI4eDFYtlapeISJ
ogTWqE7xaI95UxOB/6YX/NzRnfvsAWRetj7E8UuFNt2hQswvDSYaol8ugBAYeVcY
iQT93OCmO3WFVZvPUOc662emk00sh3MD5By9I3twb1UY/or/mCXe+sXeIWLAwML6
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 292631083128692882622661607882846754910860
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 15:57:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-12 15:57:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'yourlifeiowa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20803186013384101249016298271917946076291053665116101055756307419963120107994204177275188082499268408096391875330020989554596882363408735037908592603976584158185736545614816867640602594093197009714191235705755967910182778215666523657558741446790155328819066972097747003001351163897789052059330308070143142933098855902180324922612798233472577689396277432558516373240720574283746398801178329212889773774193886018865852395410895335528789470433593525509397463859068306478351008932312511574669515928824061234978781576101867176444299435798551284125128243267329562536712441575810363738820676211618779542071267046241350122067
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d4e61b494febca9b0ec20a2b36fd05c349992230
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2093 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'i-pact.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.courts.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaabd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaagriculture.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacleanair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadnr.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadrivingav.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowagreatplaces.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahistory.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahush.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowalmi.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowamissingpersons.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowamissingpersons.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopiodhelp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopioidhelp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopioidhelp.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowap2services.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowareap.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowasmokefreeair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowastics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowiki.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtest.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onsiteiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p2infohouse.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recognizeandreport.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resultsiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safearoundsemis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.icaps.iowacollegeaid.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voterreadyiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapp.iecdb.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.broadband.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmedocviewerportal.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmesnowboundportal.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmewebapiportal.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.coaching.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.devertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dlphoto.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.envpermits.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.historicalphotos.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.i-pact.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iahealthlink.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaagriculture.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadrivingav.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowalmi.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowamissingpersons.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowamissingpersons.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaoutdoorsmagazine.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowap2interns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasmokefreeair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasourcewater.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastatepatrol.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastatepatrol.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowatitleguaranty.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jobs.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.learning.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.licensediniowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.majorprojects.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maple.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mtmug.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mydotdocs.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onsiteiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.p2infohouse.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.recognizeandreport.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.recoveryiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.resultsiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.safearoundsemis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.safeathome.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tmcdashboard.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tmcservice.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.voterreadyiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c641ccaed000004030047304502207e5bae95dfaf3d0925004a85ea4a08ab44754e6ddad3f24813361a8c40c6794b022100e284c0f483f2c7096789a83dd9b4fee5a165b098c94d487dacfa5065019be0c9007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c641ccadd00000403004830460221008a3dc5a5fa0ea56287059fc0e12d2a8b1489b1e8f6bf00aa3af38e6ff07546cf022100a923d87a78370ee57a425020efaab28f9e53afda50860017b85327389842de10
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0051452af31e145d99fca884229ade1d449986c74996a78163860f376414356f8efc0eedc665f2bb7d7be78da30acb67a9f5ea6c539a6a48e521171089fc8e4603b33531eba21a86ab6fdbcbb8b5832581f33e1f2a8edc468a76d07c7dd1831abb7a947a97274e79f07a2c24f89da36554be6ea88a4d16c9c85fa8e01d6da7df8d410b452586aaab79d4ae4a954fa33ff0f746c8796123c417ffa73db3357976fd25dcb21eea15d34d18bf03f1221c14728d018b4a74d8d8e8843f0d73a97395e912695512d48094678c751d1099d2dd70517be62fb688ec2ac330aecd7ef6a2ecf17604c01d3fde4fdb3f35d542b8dbf76fd9db9a26363902c942aa8651251945