chk01.com

Issued by R3

About this certificate

This digital certificate with serial number 04:28:d3:2a:2a:82:ea:f9:1b:4f:05:b5:d5:d2:1e:14:2d:bf was issued on by Let's Encrypt.

With 100 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=chk01.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:28:d3:2a:2a:82:ea:f9:1b:4f:05:b5:d5:d2:1e:14:2d:bf
Serial Number (int): 362341124449690785960987083649000599203263
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 82:4c:ed:c1:57:42:be:65:ff:30:3e:e4:bc:8b:08:64:31:6c:75:32
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): a3:b0:84:8a:1c:81:91:6a:ca:30:20:f3:43:24:9c:7e:9b:7a:40:d2
Fingerprint (sha256): ef:8d:f2:db:9f:2f:4c:d9:eb:11:c1:d2:3e:8b:44:c5:7f:07:31:1c:e8:a5:2f:80:0f:e4:ef:da:0f:cd:e2:56

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate chk01.com

100

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for chk01.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.avtostart.com
*.botoxmelbourne.com.au
*.chinesetutors.com
*.chk01.com
*.clinique-matignon.com
*.coldies.com
*.cowell.com
*.creatandcraft.tv
*.cucinabella.com
*.cursoseo.com
*.energytariff.com
*.equifirst.com
*.firnas.com
*.fraih.com
*.freebitcoingame.com
*.gaalen.com
*.getitthere.com
*.goodfortunestl.com
*.hezhi.com
*.hushenergy.com
*.jantas.com
*.lastminutecarrentals.com
*.latattoos.com
*.levans.com
*.linjun.com
*.michealkorsoutlet.com
*.micolta.com
*.oonlinepokies.com
*.orderrevellkitchen.com
*.painthimblue.com
*.palaiseau.com
*.parrocchia.com
*.platani.com
*.plbo18.com
*.quincianera.com
*.raffoul.com
*.risicoverzekering.com
*.sambplans.com
*.shuana.com
*.tapanuli.com
*.thebrainfood.com
*.timelapsewebcam.com
*.timesdeals.com
*.tortoreto.com
*.usedmoney.com
*.utahautoloan.com
*.watervillage.de
*.wyze.cm
*.xueling.com
*.yamamotodendrobiums.com
avtostart.com
botoxmelbourne.com.au
chinesetutors.com
chk01.com
clinique-matignon.com
coldies.com
cowell.com
creatandcraft.tv
cucinabella.com
cursoseo.com
energytariff.com
equifirst.com
firnas.com
fraih.com
freebitcoingame.com
gaalen.com
getitthere.com
goodfortunestl.com
hezhi.com
hushenergy.com
jantas.com
lastminutecarrentals.com
latattoos.com
levans.com
linjun.com
michealkorsoutlet.com
micolta.com
oonlinepokies.com
orderrevellkitchen.com
painthimblue.com
palaiseau.com
parrocchia.com
platani.com
plbo18.com
quincianera.com
raffoul.com
risicoverzekering.com
sambplans.com
shuana.com
tapanuli.com
thebrainfood.com
timelapsewebcam.com
timesdeals.com
tortoreto.com
usedmoney.com
utahautoloan.com
watervillage.de
wyze.cm
xueling.com
yamamotodendrobiums.com

Other certificates including the domain name chk01.com

(limited to 100 certificates)
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
free-gay-games.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
farpado.com
sni177912.cloudflaressl.com
dealleaks.com.au
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
smgsol.biz
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
dealleaks.com.au
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni138084.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com
chk01.com
sni177912.cloudflaressl.com
sni177912.cloudflaressl.com
sni177912.cloudflaressl.com
sni138084.cloudflaressl.com

Certificate

The complete raw certificate details for chk01.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMyDCCC7CgAwIBAgISBCjTKiqC6vkbTwW11dIeFC2/MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA1MTgwOTQzMDBaFw0yMzA4MTYwOTQyNTlaMBQxEjAQBgNVBAMT
CWNoazAxLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK6Kv4bS
aw4LvuveOgZFDKuZzYt/VBNVCaol4MP41TI+GkqBWGAU3Zk0D1fdl5GXwcJ8Yz3Z
hGYcTEmn6dxaHhNtoW7I79ni1CBPHMcGDChk1v4G8pYRpVyesgf0+AJNgeUV5lH3
ErI3R+i/IMfUHR+vFVpcK3U65+SqPrO9yjiaR+gOlsFpLQ/+gk12SUcrqfURisM3
qEInAyaM70IchH8ZFyWiglwvtp+GNvDr96ygyP2o+NO/glE83lgYNw+GOeK/+lKh
GsEwpjEKFysUVB+TU/abpblZuy2FJgMJrYNy7bEzBMLTynz/wLVSc5M8wZO16BVQ
9ESeWtogINVuCD/wTj9Wz0Lree0FZVfm0GuUIqtBCdOetcaszP243j402PJfzuWd
kqcOiiuaRiavvTyt/dLW/UP2lVz6tgNdTG718H+yyQUJzNjEg50D9WGQEBJB92DT
J2UPeXW5yUroExsmvDZ8HLKnqzEzqGgkt70xKHKdcBJlKmE6YAwMQtp4T6i5IyEV
Bjf8QoPYDkl+LlWUWHsTYl0QbTFtUJjjuLRwVgRM5cfwibhnGGgvSYJB7QqR9ZQy
EDoaKcW+UxmPH77CPdyQWQapyuu1woERc6KZqiu+cNzk6CW0FoPQdltjNASKKsjR
40M3QCBvssv/wUMYr5agGajWrw83/SJSDDd3AgMBAAGjggj0MIII8DAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFIJM7cFXQr5l/zA+5LyLCGQxbHUyMB8GA1UdIwQYMBaA
FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw
AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu
aS5sZW5jci5vcmcvMIIGwQYDVR0RBIIGuDCCBrSCDyouYXZ0b3N0YXJ0LmNvbYIX
Ki5ib3RveG1lbGJvdXJuZS5jb20uYXWCEyouY2hpbmVzZXR1dG9ycy5jb22CCyou
Y2hrMDEuY29tghcqLmNsaW5pcXVlLW1hdGlnbm9uLmNvbYINKi5jb2xkaWVzLmNv
bYIMKi5jb3dlbGwuY29tghIqLmNyZWF0YW5kY3JhZnQudHaCESouY3VjaW5hYmVs
bGEuY29tgg4qLmN1cnNvc2VvLmNvbYISKi5lbmVyZ3l0YXJpZmYuY29tgg8qLmVx
dWlmaXJzdC5jb22CDCouZmlybmFzLmNvbYILKi5mcmFpaC5jb22CFSouZnJlZWJp
dGNvaW5nYW1lLmNvbYIMKi5nYWFsZW4uY29tghAqLmdldGl0dGhlcmUuY29tghQq
Lmdvb2Rmb3J0dW5lc3RsLmNvbYILKi5oZXpoaS5jb22CECouaHVzaGVuZXJneS5j
b22CDCouamFudGFzLmNvbYIaKi5sYXN0bWludXRlY2FycmVudGFscy5jb22CDyou
bGF0YXR0b29zLmNvbYIMKi5sZXZhbnMuY29tggwqLmxpbmp1bi5jb22CFyoubWlj
aGVhbGtvcnNvdXRsZXQuY29tgg0qLm1pY29sdGEuY29tghMqLm9vbmxpbmVwb2tp
ZXMuY29tghgqLm9yZGVycmV2ZWxsa2l0Y2hlbi5jb22CEioucGFpbnRoaW1ibHVl
LmNvbYIPKi5wYWxhaXNlYXUuY29tghAqLnBhcnJvY2NoaWEuY29tgg0qLnBsYXRh
bmkuY29tggwqLnBsYm8xOC5jb22CESoucXVpbmNpYW5lcmEuY29tgg0qLnJhZmZv
dWwuY29tghcqLnJpc2ljb3Zlcnpla2VyaW5nLmNvbYIPKi5zYW1icGxhbnMuY29t
ggwqLnNodWFuYS5jb22CDioudGFwYW51bGkuY29tghIqLnRoZWJyYWluZm9vZC5j
b22CFSoudGltZWxhcHNld2ViY2FtLmNvbYIQKi50aW1lc2RlYWxzLmNvbYIPKi50
b3J0b3JldG8uY29tgg8qLnVzZWRtb25leS5jb22CEioudXRhaGF1dG9sb2FuLmNv
bYIRKi53YXRlcnZpbGxhZ2UuZGWCCSoud3l6ZS5jbYINKi54dWVsaW5nLmNvbYIZ
Ki55YW1hbW90b2RlbmRyb2JpdW1zLmNvbYINYXZ0b3N0YXJ0LmNvbYIVYm90b3ht
ZWxib3VybmUuY29tLmF1ghFjaGluZXNldHV0b3JzLmNvbYIJY2hrMDEuY29tghVj
bGluaXF1ZS1tYXRpZ25vbi5jb22CC2NvbGRpZXMuY29tggpjb3dlbGwuY29tghBj
cmVhdGFuZGNyYWZ0LnR2gg9jdWNpbmFiZWxsYS5jb22CDGN1cnNvc2VvLmNvbYIQ
ZW5lcmd5dGFyaWZmLmNvbYINZXF1aWZpcnN0LmNvbYIKZmlybmFzLmNvbYIJZnJh
aWguY29tghNmcmVlYml0Y29pbmdhbWUuY29tggpnYWFsZW4uY29tgg5nZXRpdHRo
ZXJlLmNvbYISZ29vZGZvcnR1bmVzdGwuY29tggloZXpoaS5jb22CDmh1c2hlbmVy
Z3kuY29tggpqYW50YXMuY29tghhsYXN0bWludXRlY2FycmVudGFscy5jb22CDWxh
dGF0dG9vcy5jb22CCmxldmFucy5jb22CCmxpbmp1bi5jb22CFW1pY2hlYWxrb3Jz
b3V0bGV0LmNvbYILbWljb2x0YS5jb22CEW9vbmxpbmVwb2tpZXMuY29tghZvcmRl
cnJldmVsbGtpdGNoZW4uY29tghBwYWludGhpbWJsdWUuY29tgg1wYWxhaXNlYXUu
Y29tgg5wYXJyb2NjaGlhLmNvbYILcGxhdGFuaS5jb22CCnBsYm8xOC5jb22CD3F1
aW5jaWFuZXJhLmNvbYILcmFmZm91bC5jb22CFXJpc2ljb3Zlcnpla2VyaW5nLmNv
bYINc2FtYnBsYW5zLmNvbYIKc2h1YW5hLmNvbYIMdGFwYW51bGkuY29tghB0aGVi
cmFpbmZvb2QuY29tghN0aW1lbGFwc2V3ZWJjYW0uY29tgg50aW1lc2RlYWxzLmNv
bYINdG9ydG9yZXRvLmNvbYINdXNlZG1vbmV5LmNvbYIQdXRhaGF1dG9sb2FuLmNv
bYIPd2F0ZXJ2aWxsYWdlLmRlggd3eXplLmNtggt4dWVsaW5nLmNvbYIXeWFtYW1v
dG9kZW5kcm9iaXVtcy5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC
3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcw
ggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwB6MoxU2LcttiDqOOBSHumEFnAyE4VN
O9IrwTpXo1LrUgAAAYgudLcvAAAEAwBIMEYCIQDMhwUnY7RiazbWHWh+dumZMCaG
5cKFQTS0Z7OIw54S4wIhAO/+nB0dN6gW2o0X6O6qhCAXVziw3d3hRZnvDPc6sB2N
AHYAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGILnS3IgAABAMA
RzBFAiEAhTa1FgL12rgeB4vq+NDofD2TwXEGY1B3OYCSue8YC2QCIHYYMcOUnakL
Fd26JJ6CWv7y62jnbWK6cT0E4JVsRadoMA0GCSqGSIb3DQEBCwUAA4IBAQAcDigc
JOjD8A+44gWhNW064wEoRxlQL+mXMsW2Dzn1goRRHj/TYTuA6fuTrN/gVSzCdL2q
e/NRulfjCc5P1re3zs76aisW+Og6X/9ry+CS7h0gpzoRXAzS3hwsjy3dkdG0TCe1
pn1dROIVyOeBSu1nuEUhnqHsdq+rQgwPtsX22FF1+805UcTwZGSHGi7p+bIZD6x3
gcIHGISbzRZZEQppeG/ip/xX6NXL8Ox6EuK6OyL0ui0IDxLx6DJPywnlsNMXMWCn
XEjuLesIbgXJb6WKwWHDxoUeFmsfWRUd8PhLkYpKShLkdC+dQI7h5trG5WvlRep1
S9kpb1jbpWW5537K
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAroq/htJrDgu+6946BkUM
q5nNi39UE1UJqiXgw/jVMj4aSoFYYBTdmTQPV92XkZfBwnxjPdmEZhxMSafp3Foe
E22hbsjv2eLUIE8cxwYMKGTW/gbylhGlXJ6yB/T4Ak2B5RXmUfcSsjdH6L8gx9Qd
H68VWlwrdTrn5Ko+s73KOJpH6A6WwWktD/6CTXZJRyup9RGKwzeoQicDJozvQhyE
fxkXJaKCXC+2n4Y28Ov3rKDI/aj407+CUTzeWBg3D4Y54r/6UqEawTCmMQoXKxRU
H5NT9puluVm7LYUmAwmtg3LtsTMEwtPKfP/AtVJzkzzBk7XoFVD0RJ5a2iAg1W4I
P/BOP1bPQut57QVlV+bQa5Qiq0EJ0561xqzM/bjePjTY8l/O5Z2Spw6KK5pGJq+9
PK390tb9Q/aVXPq2A11MbvXwf7LJBQnM2MSDnQP1YZAQEkH3YNMnZQ95dbnJSugT
Gya8NnwcsqerMTOoaCS3vTEocp1wEmUqYTpgDAxC2nhPqLkjIRUGN/xCg9gOSX4u
VZRYexNiXRBtMW1QmOO4tHBWBEzlx/CJuGcYaC9JgkHtCpH1lDIQOhopxb5TGY8f
vsI93JBZBqnK67XCgRFzopmqK75w3OToJbQWg9B2W2M0BIoqyNHjQzdAIG+yy//B
QxivlqAZqNavDzf9IlIMN3cCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 362341124449690785960987083649000599203263
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-18 09:43:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-16 09:42:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'chk01.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 712069173581799103051507026779041827621959584546067546035393981539025655657507357588711884227648489729559676450379866969899150373108607824677623631239029852902759302384423313961584998105360487536571160027994172150705941383822544384793128908661149113473574093721364992362847307457761612050289938338193174219654832709582120042627428898017034803820694981264128235339236378999663347745781607836732826195905339299701684187292724976858125776022077363108526624646412074417277944166150672125225308809732882563391470775056752491248761958649075373664872985674408314466345282998274436787934408288476472685082073748766370538241391003114021537725303702124409105116150253061711320584875847033869349710524993616039789999725389907746468334916829598373686635175994214811750544987478356965133121955391039236622100920734443543604292279216024307649204298760581694948456150156720808967574648372954264748109021904759383273468341356247265168644528464302540588319562108044237734475565042643587702748609372612093276586305732862451796656121304136866549101453392263915027539743268523640033590361273641469134487108948691254905418685744628924219827079493154348203800415125934819214021314544952614762900156439612865668700340563848781972644174520543615839676151671
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							824cedc15742be65ff303ee4bc8b0864316c7532
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1720 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avtostart.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.botoxmelbourne.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.chinesetutors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.chk01.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.clinique-matignon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.coldies.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cowell.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.creatandcraft.tv'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cucinabella.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cursoseo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.energytariff.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.equifirst.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.firnas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fraih.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.freebitcoingame.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gaalen.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.getitthere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.goodfortunestl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hezhi.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hushenergy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jantas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lastminutecarrentals.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.latattoos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.levans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.linjun.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.michealkorsoutlet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.micolta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.oonlinepokies.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.orderrevellkitchen.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.painthimblue.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.palaiseau.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.parrocchia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.platani.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.plbo18.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.quincianera.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.raffoul.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risicoverzekering.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sambplans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shuana.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tapanuli.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thebrainfood.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.timelapsewebcam.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.timesdeals.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tortoreto.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.usedmoney.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.utahautoloan.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.watervillage.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wyze.cm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.xueling.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yamamotodendrobiums.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avtostart.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'botoxmelbourne.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chinesetutors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chk01.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clinique-matignon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'coldies.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cowell.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'creatandcraft.tv'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucinabella.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cursoseo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'energytariff.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'equifirst.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firnas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fraih.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'freebitcoingame.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gaalen.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'getitthere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goodfortunestl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hezhi.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hushenergy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jantas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lastminutecarrentals.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'latattoos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'levans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'linjun.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'michealkorsoutlet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'micolta.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oonlinepokies.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orderrevellkitchen.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'painthimblue.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'palaiseau.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parrocchia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'platani.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plbo18.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'quincianera.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'raffoul.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'risicoverzekering.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sambplans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shuana.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tapanuli.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thebrainfood.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'timelapsewebcam.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'timesdeals.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tortoreto.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usedmoney.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'utahautoloan.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'watervillage.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wyze.cm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xueling.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yamamotodendrobiums.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001882e74b72f0000040300483046022100cc87052763b4626b36d61d687e76e999302686e5c2854134b467b388c39e12e3022100effe9c1d1d37a816da8d17e8eeaa8420175738b0dddde14599ef0cf73ab01d8d007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001882e74b72200000403004730450221008536b51602f5dab81e078beaf8d0e87c3d93c17106635077398092b9ef180b640220761831c3949da90b15ddba249e825afef2eb68e76d62ba713d04e0956c45a768
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001c0e281c24e8c3f00fb8e205a1356d3ae301284719502fe99732c5b60f39f58284511e3fd3613b80e9fb93acdfe0552cc274bdaa7bf351ba57e309ce4fd6b7b7cecefa6a2b16f8e83a5fff6bcbe092ee1d20a73a115c0cd2de1c2c8f2ddd91d1b44c27b5a67d5d44e215c8e7814aed67b845219ea1ec76afab420c0fb6c5f6d85175fbcd3951c4f06464871a2ee9f9b2190fac7781c20718849bcd1659110a69786fe2a7fc57e8d5cbf0ec7a12e2ba3b22f4ba2d080f12f1e8324fcb09e5b0d3173160a75c48ee2deb086e05c96fa58ac161c3c6851e166b1f59151df0f84b918a4a4a12e4742f9d408ee1e6dac6e56be545ea754bd9296f58dba565b9e77eca