cl.kp.org
- Kaiser Foundation Health Plan, Inc. -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 15:f4:d3:28:c7:f3:43:8c:57:a7:e9:21:77:8d:23:3e was issued on by Sectigo Limited.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Kaiser Foundation Health Plan, Inc.
Organization:
Kaiser Foundation Health Plan, Inc.
Organization unit: KPIT
Organization unit: Multi-Domain SSL
Organization unit: KPIT
Organization unit: Multi-Domain SSL
Address:
1 Kaiser Plaza
Postal code: 94612
State / Province: CA
Locality: Oakland
Country: US
Postal code: 94612
State / Province: CA
Locality: Oakland
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 15:f4:d3:28:c7:f3:43:8c:57:a7:e9:21:77:8d:23:3eSerial Number (int): 29184991164400207261403165465607217982
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: c6:93:e7:5a:21:8c:66:2c:d5:a0:eb:57:64:fa:c4:2e:64:c3:30:20
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 17:29:61:b6:7c:29:dc:39:f4:82:b2:3c:d0:28:57:0e:71:26:6a:53
Fingerprint (sha256): 00:0d:b7:3a:ab:41:c2:c2:05:6b:a6:b5:87:3e:18:38:12:e3:da:a2:28:da:de:f6:2b:e9:ed:69:84:79:9b:fb
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate cl.kp.org
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cl.kp.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cl.kp.org
cl-preview.kp.org
clm.kp.org
cl-preview.kp.org
clm.kp.org
Other certificates including the domain name kp.org
(limited to 100 certificates)
idm-uat.kp.org
nplms.kp.org
national-implantregistries.kaiserpermanente.org
cl.kp.org
paultestcertone.venafi-qa.kp.org
kplocator.kp.org
cnndcsqlp040.nndc.kp.org
ive-crdc.kp.org
opscpos01102.appl.kp.org
prod-cryptoservicev2-biz-live.pmt.aksp.azure.kp.org
physiciancareers-ncal.kp.org
kpfaxwebdev.appl.kp.org
epiclink-oh.kp.org
cnndcappgrp080.ccst.kp.org
opncpos02447.appl.kp.org
kpwapdcdrvpn.appl.kp.org
opscpos01152.appl.kp.org
cnndcsmrp216.nndc.kp.org
finesse-amcimc2.appl.kp.org
digiphobcs.appl.kp.org
lzpoc.kp.org
tpmghr.kp.org
digitalproductroadmaptool.kp.org
cnqmsiarc.appl.kp.org
cscdcimppm01.crdc.kp.org
onelinkinfo.kp.org
test1.uat.kp.org
venafipatchninecsorp.venafi-qa.kp.org
essearch.tro-splunk.kp.org
nps-dev.appl.kp.org
dev-personalcondtest-biz-live.cd.aksnp.azure.kp.org
residency.kp.org
ivvpexip.appl.kp.org
csbdc-vmax0247-emgmt1.bcdc.kp.org
myit-ws-xm.kp.org
kpgadatamart.ga.kp.org
finesse-amcimc1.appl.kp.org
tpmghcm-rpt.appl.kp.org
copdf-temp.ssdc.kp.org
afl-wa.appl.kp.org
czapwb8.crdc.kp.org
onelinktax.appl.kp.org
csc2cwn00000309.cloud.kp.org
staffprovider-qa-appl.wa.kp.org
czapwb7.crdc.kp.org
ncalethics.kp.org
myit-xm-uat.kp.org
ncalethics.kp.org
webforms-qa.appl.kp.org
nw-inventrix-prod.appl.kp.org
kpschedule.kp.org
appsdev.kp.org
hits-dev.appl.kp.org
test1csr.md.uat.kp.org
coats-uat.kp.org
api-services-pp.kp.org
scpmghcmrpt.kp.org
singledomain5.demo.kp.org
vcoltme21.ntwk.kp.org
downey-physicianpeersurvey.appl.kp.org
apps.kp.org
ndc1ctxnsa.nndc.kp.org
*.clm1-ezp.kp.org
*.sts.ext-svc-bmxp.appl.kp.org
dev-tasktracker-bff-live.memb.aksnp.azure.kp.org
*.kpvv.int-svc.bmxnp.appl.kp.org
mobileiron50.kp.org
mobileiron13.kp.org
wdcvnx5400-mgm3.wpoc.kp.org
econsult-dev.kp.org
ccsp.appl.kp.org
aaccesp.kp.org
prod-npl.eglb.kp.org
izadap8.ivdc.kp.org
securemail.kp.org
aperturepatchsixninegfgnj.venafi-qa.kp.org
velocity-preprod-intranet.crdc.kp.org
bookingservice-p1.kpaths.appl.kp.org
cnlenam3900303.len.ca.kp.org
pdasweb-uat-tmp.appl.kp.org
prod-kpdfeaturestoreui-biz-live.daml.aksp.azure.kp.org
kpa-prod.kaiserpermanente.org
violenceprevention.kp.org
csc2cwn00000330.cloud.kp.org
hp-mbr-admn-crdc.kp.org
scpmghcmint.kp.org
onelinkppt-uat.appl.kp.org
downey-isitepics.appl.kp.org
csidcwvzp537.ccst.kp.org
aperturepatchsixninegjgfj.venafi-qa.kp.org
jira-aes.kp.org
jenkins.mobilepipeline.kp.org
vcarwce11.ntwk.kp.org
mars-dev.appl.kp.org
venafipatchninesyjfg.venafi-qa.kp.org
csc2cwp00000862.cloud.kp.org
aperturepatchsixninehwkvl.venafi-qa.kp.org
msonet-ncal.kp.org
ezrpt-qa.appl.kp.org
pacts-qa.appl.kp.org
nplms.kp.org
national-implantregistries.kaiserpermanente.org
cl.kp.org
paultestcertone.venafi-qa.kp.org
kplocator.kp.org
cnndcsqlp040.nndc.kp.org
ive-crdc.kp.org
opscpos01102.appl.kp.org
prod-cryptoservicev2-biz-live.pmt.aksp.azure.kp.org
physiciancareers-ncal.kp.org
kpfaxwebdev.appl.kp.org
epiclink-oh.kp.org
cnndcappgrp080.ccst.kp.org
opncpos02447.appl.kp.org
kpwapdcdrvpn.appl.kp.org
opscpos01152.appl.kp.org
cnndcsmrp216.nndc.kp.org
finesse-amcimc2.appl.kp.org
digiphobcs.appl.kp.org
lzpoc.kp.org
tpmghr.kp.org
digitalproductroadmaptool.kp.org
cnqmsiarc.appl.kp.org
cscdcimppm01.crdc.kp.org
onelinkinfo.kp.org
test1.uat.kp.org
venafipatchninecsorp.venafi-qa.kp.org
essearch.tro-splunk.kp.org
nps-dev.appl.kp.org
dev-personalcondtest-biz-live.cd.aksnp.azure.kp.org
residency.kp.org
ivvpexip.appl.kp.org
csbdc-vmax0247-emgmt1.bcdc.kp.org
myit-ws-xm.kp.org
kpgadatamart.ga.kp.org
finesse-amcimc1.appl.kp.org
tpmghcm-rpt.appl.kp.org
copdf-temp.ssdc.kp.org
afl-wa.appl.kp.org
czapwb8.crdc.kp.org
onelinktax.appl.kp.org
csc2cwn00000309.cloud.kp.org
staffprovider-qa-appl.wa.kp.org
czapwb7.crdc.kp.org
ncalethics.kp.org
myit-xm-uat.kp.org
ncalethics.kp.org
webforms-qa.appl.kp.org
nw-inventrix-prod.appl.kp.org
kpschedule.kp.org
appsdev.kp.org
hits-dev.appl.kp.org
test1csr.md.uat.kp.org
coats-uat.kp.org
api-services-pp.kp.org
scpmghcmrpt.kp.org
singledomain5.demo.kp.org
vcoltme21.ntwk.kp.org
downey-physicianpeersurvey.appl.kp.org
apps.kp.org
ndc1ctxnsa.nndc.kp.org
*.clm1-ezp.kp.org
*.sts.ext-svc-bmxp.appl.kp.org
dev-tasktracker-bff-live.memb.aksnp.azure.kp.org
*.kpvv.int-svc.bmxnp.appl.kp.org
mobileiron50.kp.org
mobileiron13.kp.org
wdcvnx5400-mgm3.wpoc.kp.org
econsult-dev.kp.org
ccsp.appl.kp.org
aaccesp.kp.org
prod-npl.eglb.kp.org
izadap8.ivdc.kp.org
securemail.kp.org
aperturepatchsixninegfgnj.venafi-qa.kp.org
velocity-preprod-intranet.crdc.kp.org
bookingservice-p1.kpaths.appl.kp.org
cnlenam3900303.len.ca.kp.org
pdasweb-uat-tmp.appl.kp.org
prod-kpdfeaturestoreui-biz-live.daml.aksp.azure.kp.org
kpa-prod.kaiserpermanente.org
violenceprevention.kp.org
csc2cwn00000330.cloud.kp.org
hp-mbr-admn-crdc.kp.org
scpmghcmint.kp.org
onelinkppt-uat.appl.kp.org
downey-isitepics.appl.kp.org
csidcwvzp537.ccst.kp.org
aperturepatchsixninegjgfj.venafi-qa.kp.org
jira-aes.kp.org
jenkins.mobilepipeline.kp.org
vcarwce11.ntwk.kp.org
mars-dev.appl.kp.org
venafipatchninesyjfg.venafi-qa.kp.org
csc2cwp00000862.cloud.kp.org
aperturepatchsixninehwkvl.venafi-qa.kp.org
msonet-ncal.kp.org
ezrpt-qa.appl.kp.org
pacts-qa.appl.kp.org
Certificate
The complete raw certificate details for cl.kp.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHUjCCBjqgAwIBAgIQFfTTKMfzQ4xXp+khd40jPjANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTE5MDMyMTAwMDAwMFoXDTIxMDMyMDIzNTk1OVowgcExCzAJBgNV BAYTAlVTMQ4wDAYDVQQREwU5NDYxMjELMAkGA1UECBMCQ0ExEDAOBgNVBAcTB09h a2xhbmQxFzAVBgNVBAkTDjEgS2Fpc2VyIFBsYXphMSwwKgYDVQQKEyNLYWlzZXIg Rm91bmRhdGlvbiBIZWFsdGggUGxhbiwgSW5jLjENMAsGA1UECxMES1BJVDEZMBcG A1UECxMQTXVsdGktRG9tYWluIFNTTDESMBAGA1UEAxMJY2wua3Aub3JnMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3sxLHBvxXL4F7CIcI+FKgUsA8Jf VA/kfiE2NG5hLlJjwBTlOiDu/KSNxS/XknsHlmfbDD2JGdIlAkr/6LVmzJkKP4db 9/Fg2IrebpBWwCK29JeR0pFc8FJYPOXT2UZzLOn1ONChLLb3XnvRnn3np9m2jhgF IcrUJlTLWdUxEVIDm/rJceHfS/J567PiY9fvSMoxxD68AVvnsZWwlXqKxJP0ooUa x9cnHnSaz7Uzr7OBqiGSpjTx0bv6UDbOI1W7lLplUJAbP5yzOo6T6Yeyl6KwwGUe chyGfxNGA0Sdqob+ir6nWvLPO2XqQN2MwdMXz7b8TmZdmCmzDNpbARdxjQIDAQAB o4IDbjCCA2owHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0O BBYEFMaT51ohjGYs1aDrV2T6xC5kwzAgMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBB MDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28u Y29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5z ZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3Vy ZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRw Oi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0 aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5z ZWN0aWdvLmNvbTAzBgNVHREELDAqggljbC5rcC5vcmeCEWNsLXByZXZpZXcua3Au b3JnggpjbG0ua3Aub3JnMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwC72d+8 H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWmh09oLAAAEAwBIMEYCIQCS cGxjmHP58wztZVuWR9xWMn6OyDfRojjWLpVCCnaJNwIhANFN5Cr3tGaT0NkFN8Ls Vn0u48wdX/oc4o3B+1PePX8yAHUARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9Mz lrW2gagAAAFpodPaRAAABAMARjBEAiBcNf6TJGhBsLEjAY3f3tb2yt0nmJVrvuLo MfCOQJbG6gIgAbOtqAiEkDp8NdjeOuRyWdNHhOPKNVSLxgSwfs9J+LgAdwBc3EOS /uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAWmh09pYAAAEAwBIMEYCIQCk x05m/YcuggOg3KtJr3bLSiVuDz6ILvrK/J0IbMojpgIhAMA5vG3pZnj519dKuVQC SYnCXHpgs/0v128gHmmVi+TRMA0GCSqGSIb3DQEBCwUAA4IBAQBy0NOBkFb0j+9g ewy5amgQAXPmezM1F1cWhlAkdRUrywj8rxvaZNRf3SOgIAkNmmdqNY54BgrQ2e+9 uBfhP/1Jxx9p58H1onHPtfQZYyJV9kzx+7ZMgGdzn94+3ffVKSThX/z1DD6F6fIN D3IAzbdNYXpJrWrD4rZl9Oki/9SybrGa/grDT48pOOtHVGf4sp9wXxkLtED9iAvV JECGKqlMGSi9bRxo8bp5Dg+Yxz4UpiTKdvxVOJsNIcLWSKSefQuiGXfQCk5kDDSB TqYYQGYCOIIBSM1v9dfOrTP+FfVxsdVupWJrq6BNk3HHC2npEWZ0jtWEE7yTn14j LbZErdHv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3sxLHBvxXL4F7CIcI+F KgUsA8JfVA/kfiE2NG5hLlJjwBTlOiDu/KSNxS/XknsHlmfbDD2JGdIlAkr/6LVm zJkKP4db9/Fg2IrebpBWwCK29JeR0pFc8FJYPOXT2UZzLOn1ONChLLb3XnvRnn3n p9m2jhgFIcrUJlTLWdUxEVIDm/rJceHfS/J567PiY9fvSMoxxD68AVvnsZWwlXqK xJP0ooUax9cnHnSaz7Uzr7OBqiGSpjTx0bv6UDbOI1W7lLplUJAbP5yzOo6T6Yey l6KwwGUechyGfxNGA0Sdqob+ir6nWvLPO2XqQN2MwdMXz7b8TmZdmCmzDNpbARdx jQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 29184991164400207261403165465607217982 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '94612' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oakland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1 Kaiser Plaza' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kaiser Foundation Health Plan, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KPIT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Multi-Domain SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cl.kp.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19627685550645817991414705766972720346214347083064571236224468520088702786886066680789147672937352258355854638414040465360969608297039462504197278347593252553669355625129340828300117693295206698974024812905486960854303070423038581674584109296467714462768728315719814180490326372768396652588627176684342999528470904093126979624073774705139829895241337725806692280944059081023540124718397577006787837332932582519116528981160613188119418993415383985061993173338431604387923012782765627712961896390024826566886147460736345761322166044992025563228913982934044007363379596686974653427669765180693211979598630746239362625933 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c693e75a218c662cd5a0eb5764fac42e64c33020 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cl.kp.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cl-preview.kp.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clm.kp.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000169a1d3da0b000004030048304602210092706c639873f9f30ced655b9647dc56327e8ec837d1a238d62e95420a768937022100d14de42af7b46693d0d90537c2ec567d2ee3cc1d5ffa1ce28dc1fb53de3d7f320075004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000169a1d3da44000004030046304402205c35fe93246841b0b123018ddfded6f6cadd2798956bbee2e831f08e4096c6ea022001b3ada80884903a7c35d8de3ae47259d34784e3ca35548bc604b07ecf49f8b80077005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca00000169a1d3da580000040300483046022100a4c74e66fd872e8203a0dcab49af76cb4a256e0f3e882efacafc9d086cca23a6022100c039bc6de96678f9d7d74ab954024989c25c7a60b3fd2fd76f201e69958be4d1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0072d0d3819056f48fef607b0cb96a68100173e67b333517571686502475152bcb08fcaf1bda64d45fdd23a020090d9a676a358e78060ad0d9efbdb817e13ffd49c71f69e7c1f5a271cfb5f419632255f64cf1fbb64c8067739fde3eddf7d52924e15ffcf50c3e85e9f20d0f7200cdb74d617a49ad6ac3e2b665f4e922ffd4b26eb19afe0ac34f8f2938eb475467f8b29f705f190bb440fd880bd52440862aa94c1928bd6d1c68f1ba790e0f98c73e14a624ca76fc55389b0d21c2d648a49e7d0ba21977d00a4e640c34814ea61840660238820148cd6ff5d7cead33fe15f571b1d56ea5626baba04d9371c70b69e91166748ed58413bc939f5e232db644add1ef