www.thelandproject.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:a3:c7:fa:40:02:a7:5c:1d:08:e9:9b:99:ad:7c:33:1b:81 was issued on by Let's Encrypt.
With 30 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.thelandproject.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:a3:c7:fa:40:02:a7:5c:1d:08:e9:9b:99:ad:7c:33:1b:81Serial Number (int): 404180985278814254410304689403571249290113
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: b4:6b:8e:3b:19:b6:28:c3:6d:85:81:06:e8:d3:fd:4e:ba:6d:5c:10
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 31:cf:61:03:c8:9a:eb:2a:03:9f:75:0b:9b:62:9b:fd:d4:97:28:e8
Fingerprint (sha256): f6:9c:e4:bc:1f:4e:14:9d:e3:e6:76:70:f5:4c:d8:eb:22:64:3c:43:7f:55:f1:7a:47:0b:03:17:ab:74:ee:0c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.thelandproject.ca
30
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.thelandproject.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aivissa.com
americancrusade.org
beachybnb.com
countrymusicmilitia.com
countyassembly.org
financewithjoshua.com
givemy.org
gpsana.com
hotelslancasterpa.com
illnessbima.com
mtvmedia.com
psicon.ai
synloktechnologies.org
thelandproject.ca
www.aivissa.com
www.americancrusade.org
www.beachybnb.com
www.countrymusicmilitia.com
www.countyassembly.org
www.financewithjoshua.com
www.givemy.org
www.gpsana.com
www.hotelslancasterpa.com
www.illnessbima.com
www.mtvmedia.com
www.psicon.ai
www.synloktechnologies.org
www.thelandproject.ca
www.xn--5dbgacve0hsa.com
xn--5dbgacve0hsa.com
americancrusade.org
beachybnb.com
countrymusicmilitia.com
countyassembly.org
financewithjoshua.com
givemy.org
gpsana.com
hotelslancasterpa.com
illnessbima.com
mtvmedia.com
psicon.ai
synloktechnologies.org
thelandproject.ca
www.aivissa.com
www.americancrusade.org
www.beachybnb.com
www.countrymusicmilitia.com
www.countyassembly.org
www.financewithjoshua.com
www.givemy.org
www.gpsana.com
www.hotelslancasterpa.com
www.illnessbima.com
www.mtvmedia.com
www.psicon.ai
www.synloktechnologies.org
www.thelandproject.ca
www.xn--5dbgacve0hsa.com
xn--5dbgacve0hsa.com
Other certificates including the domain name thelandproject.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.thelandproject.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHQDCCBiigAwIBAgISBKPH+kACp1wdCOmbma18MxuBMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDcyMDAwMTJaFw0yNDA4MDUyMDAwMTFaMCAxHjAcBgNVBAMT FXd3dy50aGVsYW5kcHJvamVjdC5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOwR84bNuwM99FXMdYkbu0tz6fs1EvB5D3wAFVVH3uK7llFFC0UT+hSf YZ+LnFva7YohvICWMlJRYT/YLg9kGzOgz9wnrkYHjhOmEGpUWFVsAaxA1/be0eGn RUq/MsdqWwV3uMDbz1B0oeoskgaoH4KfsPlGgdAqMAdiAIbil95tvAQeNXjac9qJ fCko77AsHFASs1md4LchgRMhO4aGJu9OqvSjzhNDW/zlt22iFAZgQIft8qjPQD93 XHOUuoWSnkbiz9L7Jy4Q3tuKveyWsRg4ZGFxS2YcDfnUMDFH4RwBm/973qbBi9w9 scTRtIl8f1M3+Z8pFWvoQ/WvWarA1dkCAwEAAaOCBGAwggRcMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUtGuOOxm2KMNthYEG6NP9TrptXBAwHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wggJnBgNVHREEggJeMIICWoILYWl2aXNzYS5jb22CE2FtZXJpY2Fu Y3J1c2FkZS5vcmeCDWJlYWNoeWJuYi5jb22CF2NvdW50cnltdXNpY21pbGl0aWEu Y29tghJjb3VudHlhc3NlbWJseS5vcmeCFWZpbmFuY2V3aXRoam9zaHVhLmNvbYIK Z2l2ZW15Lm9yZ4IKZ3BzYW5hLmNvbYIVaG90ZWxzbGFuY2FzdGVycGEuY29tgg9p bGxuZXNzYmltYS5jb22CDG10dm1lZGlhLmNvbYIJcHNpY29uLmFpghZzeW5sb2t0 ZWNobm9sb2dpZXMub3JnghF0aGVsYW5kcHJvamVjdC5jYYIPd3d3LmFpdmlzc2Eu Y29tghd3d3cuYW1lcmljYW5jcnVzYWRlLm9yZ4IRd3d3LmJlYWNoeWJuYi5jb22C G3d3dy5jb3VudHJ5bXVzaWNtaWxpdGlhLmNvbYIWd3d3LmNvdW50eWFzc2VtYmx5 Lm9yZ4IZd3d3LmZpbmFuY2V3aXRoam9zaHVhLmNvbYIOd3d3LmdpdmVteS5vcmeC Dnd3dy5ncHNhbmEuY29tghl3d3cuaG90ZWxzbGFuY2FzdGVycGEuY29tghN3d3cu aWxsbmVzc2JpbWEuY29tghB3d3cubXR2bWVkaWEuY29tgg13d3cucHNpY29uLmFp ghp3d3cuc3lubG9rdGVjaG5vbG9naWVzLm9yZ4IVd3d3LnRoZWxhbmRwcm9qZWN0 LmNhghh3d3cueG4tLTVkYmdhY3ZlMGhzYS5jb22CFHhuLS01ZGJnYWN2ZTBoc2Eu Y29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHcAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPVNtbVwAABAMA SDBGAiEAqcKkdzYa9kxnKkbIAapjzaBkgZM0z8AQ5KzRt3t7m7oCIQDvSDU/p/gX 771xPPEp+Dg+2R/iXymdG1MCrw1NA/GTMAB1AEiw42vapkc0D+VqAvqdMOscUgHL Vt0sgdm7v6s52IRzAAABj1TbW1EAAAQDAEYwRAIgJDrQhPlX0+3dOKXpH0fVycO6 ShZazWDzn0bTf3N9zOECIE/iQNNEnESCKUWEjKyWuHsWQttNkfyu/6IEaf+Fglu6 MA0GCSqGSIb3DQEBCwUAA4IBAQADUb50WvSatryUCD4+uT9n3Ji8AiBvhj6aAGHN aoFAXadwip2YeYo7t4ekgIHLg+EIeQb7uotIGQItC+8qVPwh8G5DDsPDh3hIuOop BppBwWMZ/ziHaFe0w/FhiLaWxOaY0gKNta1mo6qGh/1T0lvhtfJ1xeT61NuhohyM 2HW5bdpmQnoUQNsecEpLSM0lXpmK8NZuXX7asw/UaGM3+sid1wcVH/SQqhb4SYdD 8i9wRL8k8hd+rgyynRIfGTA3OdcJ1h47yBNjl/AduTerxqUefIQKOn7uckCfeuv+ 1HNHZsdw41AQ5KeUiQ6AQdqpWLUf2gdAPGhv4fTM4xkqgIRG -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BHzhs27Az30Vcx1iRu7 S3Pp+zUS8HkPfAAVVUfe4ruWUUULRRP6FJ9hn4ucW9rtiiG8gJYyUlFhP9guD2Qb M6DP3CeuRgeOE6YQalRYVWwBrEDX9t7R4adFSr8yx2pbBXe4wNvPUHSh6iySBqgf gp+w+UaB0CowB2IAhuKX3m28BB41eNpz2ol8KSjvsCwcUBKzWZ3gtyGBEyE7hoYm 706q9KPOE0Nb/OW3baIUBmBAh+3yqM9AP3dcc5S6hZKeRuLP0vsnLhDe24q97Jax GDhkYXFLZhwN+dQwMUfhHAGb/3vepsGL3D2xxNG0iXx/Uzf5nykVa+hD9a9ZqsDV 2QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 404180985278814254410304689403571249290113 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-07 20:00:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-05 20:00:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.thelandproject.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29801092075955119628391730794634050794543719214035685500794240555568644156376735875304165644428770601024132390405714703758961728486072257110212506156243064134473209656251244462883651459971919141529012716440052907823454634298877360756324605446869960954882643462681363555001057345985748438724250305091244802980112574128357762356852662075183237174482123863314522524771217044334330668876769082573382882430289855634270190867753344492777262808389216193973476995871082522405411594901511200439312355486050626841173671792093650128013084186155969943231798925375826748127906289009545673475437572559943128040882296467519231284697 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b46b8e3b19b628c36d858106e8d3fd4eba6d5c10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aivissa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'americancrusade.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beachybnb.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'countrymusicmilitia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'countyassembly.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'financewithjoshua.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'givemy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gpsana.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hotelslancasterpa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'illnessbima.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtvmedia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'psicon.ai' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'synloktechnologies.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thelandproject.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aivissa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.americancrusade.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.beachybnb.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.countrymusicmilitia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.countyassembly.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.financewithjoshua.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.givemy.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gpsana.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hotelslancasterpa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.illnessbima.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mtvmedia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.psicon.ai' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.synloktechnologies.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thelandproject.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.xn--5dbgacve0hsa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xn--5dbgacve0hsa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f54db5b570000040300483046022100a9c2a477361af64c672a46c801aa63cda064819334cfc010e4acd1b77b7b9bba022100ef48353fa7f817efbd713cf129f8383ed91fe25f299d1b5302af0d4d03f1933000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f54db5b5100000403004630440220243ad084f957d3eddd38a5e91f47d5c9c3ba4a165acd60f39f46d37f737dcce102204fe240d3449c44822945848cac96b87b1642db4d91fcaeffa20469ff85825bba . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000351be745af49ab6bc94083e3eb93f67dc98bc02206f863e9a0061cd6a81405da7708a9d98798a3bb787a48081cb83e1087906fbba8b4819022d0bef2a54fc21f06e430ec3c3877848b8ea29069a41c16319ff38876857b4c3f16188b696c4e698d2028db5ad66a3aa8687fd53d25be1b5f275c5e4fad4dba1a21c8cd875b96dda66427a1440db1e704a4b48cd255e998af0d66e5d7edab30fd4686337fac89dd707151ff490aa16f8498743f22f7044bf24f2177eae0cb29d121f19303739d709d61e3bc8136397f01db937abc6a51e7c840a3a7eee72409f7aebfed4734766c770e35010e4a794890e8041daa958b51fda07403c686fe1f4cce3192a808446