davidofski.org
Issued by R3
About this certificate
This digital certificate with serial number 04:34:cc:65:3e:3c:20:98:29:c3:e7:be:93:08:9d:e1:32:7a was issued on by Let's Encrypt.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=davidofski.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:34:cc:65:3e:3c:20:98:29:c3:e7:be:93:08:9d:e1:32:7aSerial Number (int): 366415515002325794193783066661347372642938
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: f7:83:0b:47:36:b4:ec:57:96:ac:cd:6d:8f:a7:cc:2d:e6:4e:13:4c
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): b2:20:ed:7f:c5:1a:39:26:62:0e:a7:d6:fe:1d:0b:b7:d1:63:56:8a
Fingerprint (sha256): e6:e5:65:73:a3:cb:0a:12:53:88:ed:48:37:eb:9b:dc:dd:45:10:3b:d0:5c:a9:ae:5e:8e:ce:c8:3a:41:e2:ce
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate davidofski.org
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for davidofski.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
area53.zone
ashevilletantra.org
bitcoin-billionaire.website
chickpeasilk.org
christianaquariumguides.org
davidofski.org
epikhosting.cloud
giardiasis.org
modajet.org
mylabnet.org
perfectday.coffee
radio.bible
thebo.ng
weed.asia
wokejoke.org
www.area53.zone
www.ashevilletantra.org
www.bitcoin-billionaire.website
www.chickpeasilk.org
www.christianaquariumguides.org
www.davidofski.org
www.epikhosting.cloud
www.giardiasis.org
www.modajet.org
www.mylabnet.org
www.perfectday.coffee
www.radio.bible
www.thebo.ng
www.weed.asia
www.wokejoke.org
ashevilletantra.org
bitcoin-billionaire.website
chickpeasilk.org
christianaquariumguides.org
davidofski.org
epikhosting.cloud
giardiasis.org
modajet.org
mylabnet.org
perfectday.coffee
radio.bible
thebo.ng
weed.asia
wokejoke.org
www.area53.zone
www.ashevilletantra.org
www.bitcoin-billionaire.website
www.chickpeasilk.org
www.christianaquariumguides.org
www.davidofski.org
www.epikhosting.cloud
www.giardiasis.org
www.modajet.org
www.mylabnet.org
www.perfectday.coffee
www.radio.bible
www.thebo.ng
www.weed.asia
www.wokejoke.org
Other certificates including the domain name davidofski.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for davidofski.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHGjCCBgKgAwIBAgISBDTMZT48IJgpw+e+kwid4TJ6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDcxNjE4MTlaFw0yNDA4MDUxNjE4MThaMBkxFzAVBgNVBAMT DmRhdmlkb2Zza2kub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA zcduyRE8/G+PGIGIZP1R0iVh+rPUXpmhfh9Ajv/p0pB9lZ8sWLqi+BPEde+vHOri sfi8WJ1dUKEn7fcKbMFrGZXU9v9m5pLXNiNIfLwV3jJx8NySh8+eE4QPTIxyMWPO 88nqkDNsUeW3kj6vOUs9eMuly/YIfLBaWbzYzpoe9A2ZJBISBznxyBvcQoCCPyxH NGV0stUApkXAqqgYd0k9ybWI3lUAYAHhIPQZOBGee2MPu2giAY0EeoFA9A0YKQwr 2DuxvGV0W5XmdBLLFfSwqx7/ZVBjuWO3jgp6wozOmFwxyXiopwse5OjJXxUkH+hU xUIIsuCDxd8F7FYlV8aFAQIDAQABo4IEQTCCBD0wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBT3gwtHNrTsV5aszW2Pp8wt5k4TTDAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzCCAkcGA1UdEQSCAj4wggI6ggthcmVhNTMuem9uZYITYXNoZXZpbGxldGFudHJh Lm9yZ4IbYml0Y29pbi1iaWxsaW9uYWlyZS53ZWJzaXRlghBjaGlja3BlYXNpbGsu b3JnghtjaHJpc3RpYW5hcXVhcml1bWd1aWRlcy5vcmeCDmRhdmlkb2Zza2kub3Jn ghFlcGlraG9zdGluZy5jbG91ZIIOZ2lhcmRpYXNpcy5vcmeCC21vZGFqZXQub3Jn ggxteWxhYm5ldC5vcmeCEXBlcmZlY3RkYXkuY29mZmVlggtyYWRpby5iaWJsZYII dGhlYm8ubmeCCXdlZWQuYXNpYYIMd29rZWpva2Uub3Jngg93d3cuYXJlYTUzLnpv bmWCF3d3dy5hc2hldmlsbGV0YW50cmEub3Jngh93d3cuYml0Y29pbi1iaWxsaW9u YWlyZS53ZWJzaXRlghR3d3cuY2hpY2twZWFzaWxrLm9yZ4Ifd3d3LmNocmlzdGlh bmFxdWFyaXVtZ3VpZGVzLm9yZ4ISd3d3LmRhdmlkb2Zza2kub3JnghV3d3cuZXBp a2hvc3RpbmcuY2xvdWSCEnd3dy5naWFyZGlhc2lzLm9yZ4IPd3d3Lm1vZGFqZXQu b3JnghB3d3cubXlsYWJuZXQub3JnghV3d3cucGVyZmVjdGRheS5jb2ZmZWWCD3d3 dy5yYWRpby5iaWJsZYIMd3d3LnRoZWJvLm5ngg13d3cud2VlZC5hc2lhghB3d3cu d29rZWpva2Uub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHcAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGP VBA4OQAABAMASDBGAiEA/y3cTNDcSapOee8UiaFmQDf7Uebhtvpqxq21St+8q8AC IQD54UDKq1XkW+Y0vifh1EqJTY+DNeVG2fVAz6H8VrKr4AB2AN/hVuuqBa+1nA+G cY2owDJOrlbZbqf1pWoB0cE7vlJcAAABj1QQONAAAAQDAEcwRQIhAKzN2XSzO2WR EqgkXIVy4jK7TK0nSowe8o33b99aLosIAiBBxTOpcEfhOpwwe83Q7/6Mf0QqWPkH f9ZfmzbHfZr/2zANBgkqhkiG9w0BAQsFAAOCAQEABePD3TT390zzE1kXI44NHWj5 1vTGEhrJJSE7RaA/AMOkMKVX0E3Eg6yTOLu5TOBgm7Q3yFwMCK+SSL43XAuXF7Kb 960K9a3P0pRcIKYmYk10msQNi0djhSI86Y2UOKwn6pfejr4Jw1akoJatx3cFj//U ppiC5E/g3BNbyVzmz62nD80We+t2OtdrjUB41XLmRMRNrg18Y7LZdO2su8U/sqev 9ZyPJp+E24Uj/yWxVg9uyMr33yiVqUkWFTtrZeKir7p6+TLTWf0pxUQY2uu+uxtV QtzfPsqdRx62AQ12RKdKXggOod6cVFJGWNEm/3RASCnKAL5KHqeJfxvjgwjHoA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcduyRE8/G+PGIGIZP1R 0iVh+rPUXpmhfh9Ajv/p0pB9lZ8sWLqi+BPEde+vHOrisfi8WJ1dUKEn7fcKbMFr GZXU9v9m5pLXNiNIfLwV3jJx8NySh8+eE4QPTIxyMWPO88nqkDNsUeW3kj6vOUs9 eMuly/YIfLBaWbzYzpoe9A2ZJBISBznxyBvcQoCCPyxHNGV0stUApkXAqqgYd0k9 ybWI3lUAYAHhIPQZOBGee2MPu2giAY0EeoFA9A0YKQwr2DuxvGV0W5XmdBLLFfSw qx7/ZVBjuWO3jgp6wozOmFwxyXiopwse5OjJXxUkH+hUxUIIsuCDxd8F7FYlV8aF AQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 366415515002325794193783066661347372642938 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-07 16:18:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-05 16:18:18 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'davidofski.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25977196475130279218732517599388338784426620098191003771095557738941112713631509080571520093706882189754888294867283761317344988318782235429541529483948947524956834783724991877430657301913009492422881841485380207312801243542484926456370822196967159815155372812700011693194327091238466151841023739093975926088731950950690692224131890715210785553520362013143104241232579543910723807026674830590309020989231919299108365656896124169645651970802440525023535543640979381405789839018975236419937788718193531567341984562233800383061842495474984947162500669663597287207870905137951040871362051565911666885005571422277878580481 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f7830b4736b4ec5796accd6d8fa7cc2de64e134c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (574 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'area53.zone' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ashevilletantra.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bitcoin-billionaire.website' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chickpeasilk.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'christianaquariumguides.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'davidofski.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'epikhosting.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giardiasis.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'modajet.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mylabnet.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'perfectday.coffee' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'radio.bible' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thebo.ng' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weed.asia' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wokejoke.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.area53.zone' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ashevilletantra.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bitcoin-billionaire.website' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chickpeasilk.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.christianaquariumguides.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.davidofski.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.epikhosting.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.giardiasis.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.modajet.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mylabnet.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.perfectday.coffee' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.radio.bible' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thebo.ng' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.weed.asia' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wokejoke.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018f541038390000040300483046022100ff2ddc4cd0dc49aa4e79ef1489a1664037fb51e6e1b6fa6ac6adb54adfbcabc0022100f9e140caab55e45be634be27e1d44a894d8f8335e546d9f540cfa1fc56b2abe0007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f541038d00000040300473045022100accdd974b33b659112a8245c8572e232bb4cad274a8c1ef28df76fdf5a2e8b08022041c533a97047e13a9c307bcdd0effe8c7f442a58f9077fd65f9b36c77d9affdb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0005e3c3dd34f7f74cf3135917238e0d1d68f9d6f4c6121ac925213b45a03f00c3a430a557d04dc483ac9338bbb94ce0609bb437c85c0c08af9248be375c0b9717b29bf7ad0af5adcfd2945c20a626624d749ac40d8b476385223ce98d9438ac27ea97de8ebe09c356a4a096adc777058fffd4a69882e44fe0dc135bc95ce6cfada70fcd167beb763ad76b8d4078d572e644c44dae0d7c63b2d974edacbbc53fb2a7aff59c8f269f84db8523ff25b1560f6ec8caf7df2895a94916153b6b65e2a2afba7af932d359fd29c54418daebbebb1b5542dcdf3eca9d471eb6010d7644a74a5e080ea1de9c54524658d126ff74404829ca00be4a1ea7897f1be38308c7a0