chivalry.icka.eu

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:83:34:bb:fd:a4:14:3e:a7:da:ab:22:6f:89:c4:86:a8:61 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=chivalry.icka.eu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:83:34:bb:fd:a4:14:3e:a7:da:ab:22:6f:89:c4:86:a8:61
Serial Number (int): 305983943821666354114209441272153499936865
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 5f:e1:08:e2:42:a8:34:dc:6b:1e:c0:d8:68:b0:70:fb:45:83:f0:ce
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 25:5a:be:f0:1c:a6:57:69:1b:7d:b1:9e:b3:27:b5:c5:9c:d8:cd:5c
Fingerprint (sha256): ee:e9:36:d9:ea:61:11:d1:97:62:01:1c:47:f0:ef:bf:ad:7e:e3:9d:b2:02:b9:fb:97:2e:51:c7:ac:8e:4b:f3

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate chivalry.icka.eu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for chivalry.icka.eu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

chivalry.icka.eu

Other certificates including the domain name icka.eu

(limited to 100 certificates)
blogs.icka.eu
puys.icka.eu
forum.icka.eu
factorio.icka.eu
zimbra.icka.eu
icka.eu
blog.icka.eu
icka.eu
icka.eu
zp1.icka.eu
icka.eu
icka.eu
icka.eu
icka.eu
factorio.icka.eu
icka.eu
test.icka.eu
scp.icka.eu
icka.eu
kf2.icka.eu
forum.icka.eu
sentora.icka.eu
test.icka.eu
zimbra.icka.eu
test.icka.eu
icka.eu
blog.icka.eu
forum.icka.eu
forum.icka.eu
blogs.icka.eu
kf2.icka.eu
blog.icka.eu
chivalry.icka.eu
icka.eu
icka.eu
forum.icka.eu
kf2.icka.eu
zimbra.icka.eu
factorio.icka.eu
forum.icka.eu
forum.icka.eu
blogs.icka.eu
zimbra.icka.eu
blogs.icka.eu
www.icka.eu
icka.eu
puys.icka.eu
factorio.icka.eu
test.icka.eu
icka.eu
test.icka.eu
chivalry.icka.eu
zimbra.icka.eu
forum.icka.eu
blog.icka.eu
forum.icka.eu
blog.icka.eu
scp.icka.eu
scp.icka.eu
forum.icka.eu
icka.eu
forum.icka.eu
puys.icka.eu
blog.icka.eu
icka.eu
kf2.icka.eu
factorio.icka.eu
test.icka.eu
puys.icka.eu
scp.icka.eu
chivalry.icka.eu
icka.eu
icka.eu
forum.icka.eu
scp.icka.eu
icka.eu
chivalry.icka.eu
test.icka.eu
forum.icka.eu
blog.icka.eu
blogs.icka.eu
factorio.icka.eu
icka.eu
kf2.icka.eu
chivalry.icka.eu
icka.eu
forum.icka.eu
chivalry.icka.eu
kf2.icka.eu
forum.icka.eu
blog.icka.eu
scp.icka.eu
chivalry.icka.eu
kf2.icka.eu
icka.eu

Certificate

The complete raw certificate details for chivalry.icka.eu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgISA4M0u/2kFD6n2qsib4nEhqhhMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA4MTMwMDAwMTZaFw0x
ODExMTEwMDAwMTZaMBsxGTAXBgNVBAMTEGNoaXZhbHJ5Lmlja2EuZXUwggIiMA0G
CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDPt3PY21M6F7QQBGaP1fbClrcEVDw9
8SxlC4NuMuHb8NYcSqkHYSFJYfHSYqRSrFEuxXRrfft281ZVibEVHSiVwiODgX3F
dDBaATNOOYoqj2k7rx8K95b/hc3XfRWS+vebFuEvc72H7Ayd0PaCKlA+P2ga3tTt
aI1gVmIHWp/aGUDCTM3I2091UAw13zaVSBJUTHQMlItHgBjdtBadV/A+HdYzLu5F
f/JCISSlkEzzvuZIZdcdun/4iKpELpJO5n73kjjblWes6swPHObRRPkhzNpVoRWl
aMqEuzuHRmrMphFX0qq5aO9gbbXH6NXGIkqkB1ohmxLaI83swO8l2Cmb2sysFWlH
L6mrpH+jGvDlnuIcqaoZShvAwfcP/oBBhHFLvrVCuYpnkBA4/VAno1mnHQGT7Z0Z
Lycn+CUO62dpLr1COnV5xUtBbNbvq5yCxJqi55efuxfe8Pz7hMytioabKwuJdNqh
raUz882GwXe//NnjjDOx7I/aXNgJldWdjlZn5A62OftTJq0/GuuOVWdDf7t5bUiO
wqXfVMIwvLAEiblqAVoAsuw1fnM1EaO3W3KigB9jQI1lNzpy1KYoGMAjbVQOuOe0
yTx1FD4EVH9YzaUFKYGZ860M5kR+j4ytFrAIdmWQ05MdiPPglJrFcaraH8CDikTr
w3OmmfV0iityGQIDAQABo4IDFzCCAxMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRf
4QjiQqg03GsewNhosHD7RYPwzjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv
86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu
dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu
dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEGNoaXZhbHJ5Lmlja2Eu
ZXUwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYG
CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH
AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u
IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg
dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy
eXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ACk8
UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABZTDMP0YAAAQDAEYwRAIg
bhHLHUM3QM65ML7WCsqA5WlJk3jNiih8Mt1TJ3xjRwQCIDNnPI24QVDjS2EYt/T+
ml4vuZYsYtjNioVSrxK79vVRAHYAwRZK4Kdy0tQ5LcgKwQdw1PDEm96ZGkhAwfoH
UWT2M2AAAAFlMMxDIAAABAMARzBFAiBZf7yUf8bbtaufiBNC94ZJNtbGB47hBLuv
dThC8+qINwIhAObPiWJgLYjFPfszpP28OsZ1ciruT5HE8cpWxNOrIJPiMA0GCSqG
SIb3DQEBCwUAA4IBAQBOUsfrS+CnxP1ixY4Qag262fP8GZKxqLNigzkiPJyY8oTa
pPG8/0nsNcnMXMNsRM4CoVuAmgMD+u+ELwNed3ny+bsqOuVmBYQlkDS33fI2dXt8
ua8SYxpPnWq4ouju6wnD5mMmAUHsBMeH+GmWJbuaHnH/+kNM7OtbBaFmMm7B/1By
NGrJ4LgNEmke1AVrCmkEwUhXvVrIHYUnPXbblAV+MjaLgWM6ISz1ezeG+vVgqUGT
iU7hCJvCMEDjqxw3wgbGCFe/myqqGS18t+TYm6RKv6+AxDuo/DlVVBXPRHnyJDDn
oQdx/pToh2SDxIs82KrXbyX0bzbuy1YiYQaYqe60
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAz7dz2NtTOhe0EARmj9X2
wpa3BFQ8PfEsZQuDbjLh2/DWHEqpB2EhSWHx0mKkUqxRLsV0a337dvNWVYmxFR0o
lcIjg4F9xXQwWgEzTjmKKo9pO68fCveW/4XN130Vkvr3mxbhL3O9h+wMndD2gipQ
Pj9oGt7U7WiNYFZiB1qf2hlAwkzNyNtPdVAMNd82lUgSVEx0DJSLR4AY3bQWnVfw
Ph3WMy7uRX/yQiEkpZBM877mSGXXHbp/+IiqRC6STuZ+95I425VnrOrMDxzm0UT5
IczaVaEVpWjKhLs7h0ZqzKYRV9KquWjvYG21x+jVxiJKpAdaIZsS2iPN7MDvJdgp
m9rMrBVpRy+pq6R/oxrw5Z7iHKmqGUobwMH3D/6AQYRxS761QrmKZ5AQOP1QJ6NZ
px0Bk+2dGS8nJ/glDutnaS69Qjp1ecVLQWzW76ucgsSaoueXn7sX3vD8+4TMrYqG
mysLiXTaoa2lM/PNhsF3v/zZ44wzseyP2lzYCZXVnY5WZ+QOtjn7UyatPxrrjlVn
Q3+7eW1IjsKl31TCMLywBIm5agFaALLsNX5zNRGjt1tyooAfY0CNZTc6ctSmKBjA
I21UDrjntMk8dRQ+BFR/WM2lBSmBmfOtDOZEfo+MrRawCHZlkNOTHYjz4JSaxXGq
2h/Ag4pE68Nzppn1dIorchkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 305983943821666354114209441272153499936865
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-13 00:00:16 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-11 00:00:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chivalry.icka.eu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 847409841675796065984281282585233901083011875177487515992226297028226600560743729252991764890464896662907683210757506279974388485593755143733150105157896598378761036148989797987805107815051157294426149011137423707631893731896663995449182056235672943306962759716118254262020424617664738571390386170282656829553120624904031252314980318237552866699685869458331014201732498162261963002860804321595353702715261183830700257142717744175869858587694021118002260009010294923607150610878946851966815567858546104285485581364466541656455329918052964239811747610056496361619847691898753564004217271105537630025799100009111292716002329863769478657117865998390963033863224235743288817426637924442115729251306620285020019443031880299910070565019733501112954491494021295173866049302640761680449382267898793207356222413381796284932222520271546469499208129845831494080325076227794147454291643775591057760865543673676307673333999149168624203240737048920139179913259583336652411398021842993314671188711332197139532085848999309457096090165482334901022350665276917466307451157779867059642852957725280150111571657176226427403298151637534052591001852395692937121809405158365021218692367472827355561052871906102394222928225297545876566538376072359516230611481
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5fe108e242a834dc6b1ec0d868b070fb4583f0ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chivalry.icka.eu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016530cc3f46000004030046304402206e11cb1d433740ceb930bed60aca80e569499378cd8a287c32dd53277c634704022033673c8db84150e34b6118b7f4fe9a5e2fb9962c62d8cd8a8552af12bbf6f551007600c1164ae0a772d2d4392dc80ac10770d4f0c49bde991a4840c1fa075164f633600000016530cc432000000403004730450220597fbc947fc6dbb5ab9f881342f7864936d6c6078ee104bbaf753842f3ea8837022100e6cf8962602d88c53dfb33a4fdbc3ac675722aee4f91c4f1ca56c4d3ab2093e2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004e52c7eb4be0a7c4fd62c58e106a0dbad9f3fc1992b1a8b3628339223c9c98f284daa4f1bcff49ec35c9cc5cc36c44ce02a15b809a0303faef842f035e7779f2f9bb2a3ae5660584259034b7ddf236757b7cb9af12631a4f9d6ab8a2e8eeeb09c3e663260141ec04c787f8699625bb9a1e71fffa434ceceb5b05a166326ec1ff5072346ac9e0b80d12691ed4056b0a6904c14857bd5ac81d85273d76db94057e32368b81633a212cf57b3786faf560a94193894ee1089bc23040e3ab1c37c206c60857bf9b2aaa192d7cb7e4d89ba44abfaf80c43ba8fc39555415cf4479f22430e7a10771fe94e8876483c48b3cd8aad76f25f46f36eecb5622610698a9eeb4