secure.netflix.com
- Netflix, Inc. -
Issued by Netflix Public SHA2 RSA CA 1
About this certificate
This digital certificate with serial number 05:1c:b1:71:8d:bf:58:be:72:a5:3b:3b:e6:7f:cc:3b was issued on by Netflix, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Netflix, Inc.
Organization:
Netflix, Inc.
Organization unit: Content Delivery
Organization unit: Content Delivery
State / Province:
California
Locality: Los Gatos
Country: US
Locality: Los Gatos
Country: US
Netflix, Inc.
Organization:
Netflix, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 05:1c:b1:71:8d:bf:58:be:72:a5:3b:3b:e6:7f:cc:3bSerial Number (int): 6795123274114475293402065548657806395
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: b5:55:82:20:86:d2:17:68:9b:4c:6f:3d:bf:07:b4:56:ad:c6:a2:41
AuthorityKeyId: de:d1:e2:b1:6c:08:49:46:77:a4:9f:71:68:8d:62:84:6a:2d:fa:cd
Fingerprint (sha1): 05:dc:0c:90:59:03:8b:e1:13:ca:5e:e6:67:76:69:1d:a6:5f:5e:20
Fingerprint (sha256): 00:04:44:72:f0:75:a4:8c:2c:2f:cc:31:a3:04:92:cc:c0:d1:ea:59:f4:e3:48:13:66:e8:77:ba:de:a1:ae:87
Issuing Certificate URL: http://cacerts.digicert.com/NetflixPublicSHA2RSACA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCheck the revocation status for certificate secure.netflix.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for secure.netflix.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
secure.netflix.com
secure.netflix.ca
secure.netflix.ca
Other certificates including the domain name netflix.com
(limited to 100 certificates)
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
secure.netflix.com
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
secure.netflix.com
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
secure.netflix.com
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
secure.netflix.com
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
*.1.nflxso.net
Certificate
The complete raw certificate details for secure.netflix.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIQBRyxcY2/WL5ypTs75n/MOzANBgkqhkiG9w0BAQsFADBM MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTmV0ZmxpeCwgSW5jLjElMCMGA1UEAxMc TmV0ZmxpeCBQdWJsaWMgU0hBMiBSU0EgQ0EgMTAeFw0xOTEyMTkwMDAwMDBaFw0y MDAxMjMxMjAwMDBaMIGGMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p YTESMBAGA1UEBxMJTG9zIEdhdG9zMRYwFAYDVQQKEw1OZXRmbGl4LCBJbmMuMRkw FwYDVQQLExBDb250ZW50IERlbGl2ZXJ5MRswGQYDVQQDExJzZWN1cmUubmV0Zmxp eC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHosDf2Afgzfsk Iz0Up/d24/kokENx4C0z7ThHfkcctylF/f1QBcOnUZychppvfwazfloq/tW0cFY7 ivi0QpAOYh5JmcDRXNNAeTOSedjIZ3Pp/5S7K26pmmYMw9hyDIBM1zMFNHNpX2tk te5L0V4I/2ViwXGmK4oNvt23eKTt5T1/nlg5sEhRcjK2+bI7UTu1+GZ9cM5JKwXZ GhBPP8aOvjKhguCRPdxmL8pgTBRww4Y1t1biajdSoRzLlJp4a+vzvmnUC5QG63Qt hWRmr45vVQ6pSVtlMO95XFnqn+1uaTsMoWZZwICP5Ztbs+qApDTSBU0ZWg8obFbY 0aUumVeHAgMBAAGjggGRMIIBjTAfBgNVHSMEGDAWgBTe0eKxbAhJRnekn3FojWKE ai36zTAdBgNVHQ4EFgQUtVWCIIbSF2ibTG89vwe0Vq3GokEwMAYDVR0RBCkwJ4IS c2VjdXJlLm5ldGZsaXguY29tghFzZWN1cmUubmV0ZmxpeC5jYTAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEwGA1UdIARFMEMw NwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0 LmNvbS9DUFMwCAYGZ4EMAQICMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYY aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2Fj ZXJ0cy5kaWdpY2VydC5jb20vTmV0ZmxpeFB1YmxpY1NIQTJSU0FDQTEuY3J0MAwG A1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQAD ggEBAJFsi3SK3Ehsnc1Z9B7CSfqBgyDg02W8CBcolEoR7GjWn86xqGgFIgktXQTb xU8KjA+Fs/Om0KLM+BS/BMmdIoiKM90q+fM4kcV46bak+0T0PDFIikmwe2Z75poa ORmJpqFlr5Cp2l9KYYi3J4Rp4XcwKlk3Vii7X8hc5xiGRvorPkIKudjAiPqAb8xl kKoBNzpH0LWA4gXLJzMuqawwLesICDmJkPrahFYyG1VP7BXMjWbWFXXyW1FpBd22 Jf2aSYz5MZVrZh4zulHbqUmU9/ZI5RA3+RehzpYzka4aWMsftux3iCz4ndvBLJy6 Nh4qcGzkAOnqEWzLtSJguuR9cMs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6LA39gH4M37JCM9FKf3 duP5KJBDceAtM+04R35HHLcpRf39UAXDp1GcnIaab38Gs35aKv7VtHBWO4r4tEKQ DmIeSZnA0VzTQHkzknnYyGdz6f+UuytuqZpmDMPYcgyATNczBTRzaV9rZLXuS9Fe CP9lYsFxpiuKDb7dt3ik7eU9f55YObBIUXIytvmyO1E7tfhmfXDOSSsF2RoQTz/G jr4yoYLgkT3cZi/KYEwUcMOGNbdW4mo3UqEcy5SaeGvr875p1AuUBut0LYVkZq+O b1UOqUlbZTDveVxZ6p/tbmk7DKFmWcCAj+WbW7PqgKQ00gVNGVoPKGxW2NGlLplX hwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6795123274114475293402065548657806395 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Netflix, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Netflix Public SHA2 RSA CA 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-23 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Los Gatos' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Netflix, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Content Delivery' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.netflix.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25201679388679507434066209951963318891560603307388909145955043490132782623593070375774862123902816708044653280731841835411058459849096823983225251689852137703759955128871903286608102329192422500670137114334807653376335904714313472890475978171146280530629792236486933703027288206627293064305018184977959890340412411156154318495851402569602653943545816915125334673128198963042047709640983606966049100528334574355192760107073251847616871523185628537410238338519626497086113952230645554137061728540105918622443597121964506236890908764279630212054459142979919676204893183307642288188710724542675911629413833198714484250503 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ded1e2b16c08494677a49f71688d62846a2dfacd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b555822086d217689b4c6f3dbf07b456adc6a241 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.netflix.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.netflix.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (109 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/NetflixPublicSHA2RSACA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00916c8b748adc486c9dcd59f41ec249fa818320e0d365bc081728944a11ec68d69fceb1a8680522092d5d04dbc54f0a8c0f85b3f3a6d0a2ccf814bf04c99d22888a33dd2af9f33891c578e9b6a4fb44f43c31488a49b07b667be69a1a391989a6a165af90a9da5f4a6188b7278469e177302a59375628bb5fc85ce7188646fa2b3e420ab9d8c088fa806fcc6590aa01373a47d0b580e205cb27332ea9ac302deb0808398990fada8456321b554fec15cc8d66d61575f25b516905ddb625fd9a498cf931956b661e33ba51dba94994f7f648e51037f917a1ce963391ae1a58cb1fb6ec77882cf89ddbc12c9cba361e2a706ce400e9ea116ccbb52260bae47d70cb