OV SSL/TLS Certificate for *.squarespace.com Issued to Squarespace, Inc.

Certificate is witin its validity period

Issued by DigiCert Inc (DigiCert Global G2 TLS RSA SHA256 2020 CA1)

About the *.squarespace.com OV SSL/TLS Certificate

This certificate with serial number 06:76:76:71:5c:d0:60:96:65:a9:3f:99:29:97:ec:3f for *.squarespace.com was issued on by DigiCert Inc.

With 14 subject alternative names, this certificate can be used to secure multiple FQDNs. This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for *.squarespace.com provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:76:76:71:5c:d0:60:96:65:a9:3f:99:29:97:ec:3f
Serial Number (int): 8590461309856733502132626703995366463
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: b4:a8:52:61:d2:cb:e4:08:a6:d1:05:f0:76:94:60:b4:dc:1b:12:23
Authority Key Identifier: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17

Fingerprint (SHA-1): 03:03:22:f2:2e:d6:85:04:20:8f:6c:b5:75:a2:17:54:e7:af:b2:76
Fingerprint (SHA-256): b7:0e:6b:7e:42:bd:5c:99:72:0e:dc:22:dc:e1:13:f0:09:f9:8c:55:e1:eb:80:9f:aa:6d:f4:cb:a4:e4:e1:6e

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt

Revocation Information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate *.squarespace.com
14
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.squarespace.com

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

*.squarespace.com
squarespace.com
*.campaign-preferences.com
campaign-preferences.com
*.sqsp.net
sqsp.net
*.sqspcdn.com
static1.1.sqspcdn.com
static2.1.sqspcdn.com
static1.2.sqspcdn.com
cdn1.1.sqspcdn.com
sqspcdn.com
*.engage.squarespace-mail.com
engage.squarespace-mail.com

X.509 Certificate

The complete raw X.509 certificate details for *.squarespace.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH8DCCBtigAwIBAgIQBnZ2cVzQYJZlqT+ZKZfsPzANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjUw
MjEwMDAwMDAwWhcNMjYwMzAzMjM1OTU5WjBrMQswCQYDVQQGEwJVUzERMA8GA1UE
CBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRowGAYDVQQKExFTcXVhcmVz
cGFjZSwgSW5jLjEaMBgGA1UEAwwRKi5zcXVhcmVzcGFjZS5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9vineQny3UJ9TzW86TM2CttTHsptxcdwh
XL7flTmQHZVdBxdsMCOZ6jWI541gpkJveOy9mKUN0YLRZhjR/mpiVYQZ8/BvB7Xh
qZJPL5J+dDzBe9ELZGmKpfRyyBvBxdkr1Ods7vGrnNFbsZ0iZIPvX1TlDnGb9Uep
PUD68JZX3nbhYfTWsagr/kUWKuShHUPm+rsw4Hl/Abe+tHGPHSuNxL0RNupFpKc6
4xQO5noi7J0x7fTM4/8CzPFjo7rEmlG87024A/dyH6bxSk4bpHnIKvEyxXXF/fab
s8I8toWfAgDT5sG2d4ssKtU4/mF10nJwOXZGQTvUeq7y+LyhuFerAgMBAAGjggSg
MIIEnDAfBgNVHSMEGDAWgBR0hYDAZsffN97PvSk3qgMdvu3NFzAdBgNVHQ4EFgQU
tKhSYdLL5Aim0QXwdpRgtNwbEiMwggEuBgNVHREEggElMIIBIYIRKi5zcXVhcmVz
cGFjZS5jb22CD3NxdWFyZXNwYWNlLmNvbYIaKi5jYW1wYWlnbi1wcmVmZXJlbmNl
cy5jb22CGGNhbXBhaWduLXByZWZlcmVuY2VzLmNvbYIKKi5zcXNwLm5ldIIIc3Fz
cC5uZXSCDSouc3FzcGNkbi5jb22CFXN0YXRpYzEuMS5zcXNwY2RuLmNvbYIVc3Rh
dGljMi4xLnNxc3BjZG4uY29tghVzdGF0aWMxLjIuc3FzcGNkbi5jb22CEmNkbjEu
MS5zcXNwY2RuLmNvbYILc3FzcGNkbi5jb22CHSouZW5nYWdlLnNxdWFyZXNwYWNl
LW1haWwuY29tghtlbmdhZ2Uuc3F1YXJlc3BhY2UtbWFpbC5jb20wPgYDVR0gBDcw
NTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5j
b20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3JsMEig
RqBEhkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRM
U1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEF
BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRw
Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNI
QTI1NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIE
ggFtBIIBaQFnAHYADleUvPOuqT4zGyyZB7P3kN+bwj1xMiXdIaklrGHFTiEAAAGU
8cSyxgAABAMARzBFAiA3MhzPlTYTzCWlaGZPikaecGrZvrTi8dKR71bahu7tIQIh
ANsi5hmqmH/9lQHkAxZZg74GzlJLwrhA+EerpYYUDS5/AHYAZBHEbKQS7KeJHKIC
LgC8q08oB9QeNSer6v7VA8l9zfAAAAGU8cSzCQAABAMARzBFAiAwaX6bSUiM7qsp
WZyFA81dG+WSw/vdxIXqh0N7DRw/5AIhALZDaI7IS2CMbq0+ZHUxKHrd/MxR/LNi
AK3sH6bYGooRAHUASZybad4dfOz8Nt7Nh2SmuFuvCoeAGdFVUvvp6ynd+MMAAAGU
8cSzFgAABAMARjBEAiA3PDnyMcbLW3K/ZnDIuvYiGPPTX3Ex4ZCioQ431wp9qAIg
XkXY8ec9+0vRKOIfHj4tA8pTHCAIDTcIZcyNbaP0I9wwDQYJKoZIhvcNAQELBQAD
ggEBAL9jhJWY2hGmIfce7TJ5zkpxB8ZvMFAfauLL4Ko2NyYF86SHtsQhFhNDAdJ7
iHhK6gx8E/eR/YHV2nGpXLnLVsNq/M7tOBIFXboS9LXBjzSfpVwdHtQgKP2KBMyS
zEDVTfHaZ3rtc5KwrfTJ34b5k4ORHBdN3AQHGBTBCmDtODqMjtdIdCOuD4MfUHt9
ayvkMIrCI2tR8iJa67CFUfmax1PGxexf3vwhm204KooM+u0QkfVbIkKNxI3agSkr
iZiW9LezSzS2Xm5LcuRo68yr9T0794B7YePxVH5QNhkgfuNG0vDgxvTXei99jR8M
QhAIPTo9FN5VONZGut9TecpvgAs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb4p3kJ8t1CfU81vOkzN
grbUx7KbcXHcIVy+35U5kB2VXQcXbDAjmeo1iOeNYKZCb3jsvZilDdGC0WYY0f5q
YlWEGfPwbwe14amSTy+SfnQ8wXvRC2RpiqX0csgbwcXZK9TnbO7xq5zRW7GdImSD
719U5Q5xm/VHqT1A+vCWV9524WH01rGoK/5FFirkoR1D5vq7MOB5fwG3vrRxjx0r
jcS9ETbqRaSnOuMUDuZ6IuydMe30zOP/AszxY6O6xJpRvO9NuAP3ch+m8UpOG6R5
yCrxMsV1xf32m7PCPLaFnwIA0+bBtneLLCrVOP5hddJycDl2RkE71Hqu8vi8obhX
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8590461309856733502132626703995366463
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-03-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Squarespace, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.squarespace.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23952812778911057420431704921189743430516180707233045752685554414929305355932892238305571854183308994854484873975176821461986807130324795145082345676036304306333185716462719838551073491879112275285483150088965750989895807845574694209743697957598209614532590386998722937836212775943338472701561970017563261553783927535852322589299584895292570347169693921287273474307942048995437959536332192339598045239648926953273046028528744451245430108963357413623084268416303428408115981056109822052611753726031301411398519854815598722637648499852826870139855985931353225519528736072521579750667652112968787603349672046000432764843
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b4a85261d2cbe408a6d105f0769460b4dc1b1223
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (293 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.squarespace.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'squarespace.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.campaign-preferences.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'campaign-preferences.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sqsp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sqsp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sqspcdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static1.1.sqspcdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static2.1.sqspcdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static1.2.sqspcdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn1.1.sqspcdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sqspcdn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engage.squarespace-mail.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engage.squarespace-mail.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e2100000194f1c4b2c60000040300473045022037321ccf953613cc25a568664f8a469e706ad9beb4e2f1d291ef56da86eeed21022100db22e619aa987ffd9501e403165983be06ce524bc2b840f847aba586140d2e7f0076006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000194f1c4b3090000040300473045022030697e9b49488ceeab29599c8503cd5d1be592c3fbddc485ea87437b0d1c3fe4022100b643688ec84b608c6ead3e647531287addfccc51fcb36200adec1fa6d81a8a11007500499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c300000194f1c4b31600000403004630440220373c39f231c6cb5b72bf6670c8baf62218f3d35f7131e190a2a10e37d70a7da802205e45d8f1e73dfb4bd128e21f1e3e2d03ca531c20080d370865cc8d6da3f423dc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00bf63849598da11a621f71eed3279ce4a7107c66f30501f6ae2cbe0aa36372605f3a487b6c42116134301d27b88784aea0c7c13f791fd81d5da71a95cb9cb56c36afcceed3812055dba12f4b5c18f349fa55c1d1ed42028fd8a04cc92cc40d54df1da677aed7392b0adf4c9df86f99383911c174ddc04071814c10a60ed383a8c8ed7487423ae0f831f507b7d6b2be4308ac2236b51f2225aebb08551f99ac753c6c5ec5fdefc219b6d382a8a0cfaed1091f55b22428dc48dda81292b899896f4b7b34b34b65e6e4b72e468ebccabf53d3bf7807b61e3f1547e503619207ee346d2f0e0c6f4d77a2f7d8d1f0c4210083d3a3d14de5538d646badf5379ca6f800b