checkout.klarna.com
- Klarna Bank AB -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0b:c6:d8:2c:da:1d:3b:a2:53:82:70:a1:27:cf:d1:f5 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Klarna Bank AB
Organization:
Klarna Bank AB
Locality:
Stockholm
Country: SE
Country: SE
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:c6:d8:2c:da:1d:3b:a2:53:82:70:a1:27:cf:d1:f5Serial Number (int): 15653967285640582464667917026145063413
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 36:d0:51:38:eb:35:bf:29:c1:55:d1:81:fe:44:b5:7b:8d:8f:2f:18
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): 87:25:a3:3b:bb:cf:e8:2f:7a:2c:5f:c1:09:d2:eb:8c:37:22:ff:87
Fingerprint (sha256): 00:0e:29:04:14:1e:f6:20:05:fd:23:9a:3c:77:f9:ac:57:e3:98:db:fe:e2:f5:0b:d7:3c:93:b7:3e:26:f4:42
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl
Check the revocation status for certificate checkout.klarna.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for checkout.klarna.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA512 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
checkout.klarna.com
Other certificates including the domain name klarna.com
(limited to 100 certificates)
checkout.klarna.com
guidelines.klarna.com
online.playground.eu1.kred.klarna.net
adltrust.kinnser.com
*.production.us1.core-banking.klarna.net
adltrust.kinnser.com
twentythree4.map.fastly.net
www.klarna.com
brand.klarna.com
klarna-payments-oc.klarna.com
*.playground.ap1.meta.klarna.net
api.klarna.com
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.c2c.klarna.net
adltrust.kinnser.com
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.msat.production.klarna.com
shop.klarna.com
orders.playground.portal.klarna.com
*.production.us1.scheme.klarna.net
savings.klarna.com
skv-api.playground.klarna.com
adltrust.kinnser.com
seniorshopping.klarna.com
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
checkout-eu.klarna.com
il-na.klarna.com
restapi.klarna.com
statuspage.io
statuspage.io
*.msat.production.klarna.com
statuspage.io
*.playground.eu1.pgw.klarna.net
*.playground.us1.custom-solutions.klarna.net
adltrust.kinnser.com
*.playground.eu1.file-transfer.klarna.net
cards-oc.klarna.com
api-oc.klarna.com
*.playground.eu1.kred.klarna.net
credit-eu.klarna.com
twentythree4.map.fastly.net
merchantdesignlab.klarna.com
adltrust.kinnser.com
klarna-payments-eu.klarna.com
download.virtual-shopping.klarna.com
csg.status.forcepoint.com
outages.discovery.wisc.edu
dc-api-eu.playground.klarna.com
outages.discovery.wisc.edu
outages.discovery.wisc.edu
csg.status.forcepoint.com
ablink.staging-e.klarna.com
partnerportal.klarna.com
signicat.klarna.com
login.klarna.com
download.virtual-shopping.klarna.com
login.playground.klarna.com
www.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
www.klarna.com
system.production.us1.direct-debit.klarna.net
eu.portal.klarna.com
cards-eu.klarna.com
www.klarna.com
cards.playground.klarna.com
*.production.ap1.cobrowse.klarna.net
*.playground.c2c.klarna.net
topup.klarna.com
cms.nonprod.us1.klarna-web.klarna.net
api.staging.us.portal.klarna.com
tripsfe.production.us1.trips-platform-fe.klarna.net
www.gsuite.klarna.com
*.production.eu1.pgw.klarna.net
payment.sofort.klarna.com
*.production.eu1.meta.klarna.net
go.klarna.com
api-na-2.playground.klarna.com
l.klarna.com
salesloft-us.klarna.com
adltrust.kinnser.com
app-api.playground.klarna.com
salesloft-us.klarna.com
credit-na.klarna.com
facetoface.playground.klarna.com
*.nonprod.us1.klapp.klarna.net
klarna.com
*.production.us1.js.klarna.net
*.production.ap1.cobrowse.klarna.net
api.ident.playground.klarna.com
articles.klarna.com
*.playground.eu1.buybutton.klarna.net
settlements.playground.portal.klarna.com
insights.klarna.com
hytalestatus.io
guidelines.klarna.com
online.playground.eu1.kred.klarna.net
adltrust.kinnser.com
*.production.us1.core-banking.klarna.net
adltrust.kinnser.com
twentythree4.map.fastly.net
www.klarna.com
brand.klarna.com
klarna-payments-oc.klarna.com
*.playground.ap1.meta.klarna.net
api.klarna.com
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.c2c.klarna.net
adltrust.kinnser.com
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.msat.production.klarna.com
shop.klarna.com
orders.playground.portal.klarna.com
*.production.us1.scheme.klarna.net
savings.klarna.com
skv-api.playground.klarna.com
adltrust.kinnser.com
seniorshopping.klarna.com
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
checkout-eu.klarna.com
il-na.klarna.com
restapi.klarna.com
statuspage.io
statuspage.io
*.msat.production.klarna.com
statuspage.io
*.playground.eu1.pgw.klarna.net
*.playground.us1.custom-solutions.klarna.net
adltrust.kinnser.com
*.playground.eu1.file-transfer.klarna.net
cards-oc.klarna.com
api-oc.klarna.com
*.playground.eu1.kred.klarna.net
credit-eu.klarna.com
twentythree4.map.fastly.net
merchantdesignlab.klarna.com
adltrust.kinnser.com
klarna-payments-eu.klarna.com
download.virtual-shopping.klarna.com
csg.status.forcepoint.com
outages.discovery.wisc.edu
dc-api-eu.playground.klarna.com
outages.discovery.wisc.edu
outages.discovery.wisc.edu
csg.status.forcepoint.com
ablink.staging-e.klarna.com
partnerportal.klarna.com
signicat.klarna.com
login.klarna.com
download.virtual-shopping.klarna.com
login.playground.klarna.com
www.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
www.klarna.com
system.production.us1.direct-debit.klarna.net
eu.portal.klarna.com
cards-eu.klarna.com
www.klarna.com
cards.playground.klarna.com
*.production.ap1.cobrowse.klarna.net
*.playground.c2c.klarna.net
topup.klarna.com
cms.nonprod.us1.klarna-web.klarna.net
api.staging.us.portal.klarna.com
tripsfe.production.us1.trips-platform-fe.klarna.net
www.gsuite.klarna.com
*.production.eu1.pgw.klarna.net
payment.sofort.klarna.com
*.production.eu1.meta.klarna.net
go.klarna.com
api-na-2.playground.klarna.com
l.klarna.com
salesloft-us.klarna.com
adltrust.kinnser.com
app-api.playground.klarna.com
salesloft-us.klarna.com
credit-na.klarna.com
facetoface.playground.klarna.com
*.nonprod.us1.klapp.klarna.net
klarna.com
*.production.us1.js.klarna.net
*.production.ap1.cobrowse.klarna.net
api.ident.playground.klarna.com
articles.klarna.com
*.playground.eu1.buybutton.klarna.net
settlements.playground.portal.klarna.com
insights.klarna.com
hytalestatus.io
Certificate
The complete raw certificate details for checkout.klarna.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGKDCCBRCgAwIBAgIQC8bYLNodO6JTgnChJ8/R9TANBgkqhkiG9w0BAQ0FADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMTAxMjEwMDAwMDBa Fw0yMjAxMjUyMzU5NTlaMFgxCzAJBgNVBAYTAlNFMRIwEAYDVQQHEwlTdG9ja2hv bG0xFzAVBgNVBAoTDktsYXJuYSBCYW5rIEFCMRwwGgYDVQQDExNjaGVja291dC5r bGFybmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4W/G+QT 1aEyxL8gc5/KQsRbRxNq6zEq9zxJ5otjyUaEs+3YUDBPwtpYDSPlX8dw5lxYjtgN +iFpfn5SHVuslIAsiIgTmGhgBz9zqVqMsK/vGaG1WBhx4Q7S/n233jQLiHazp59D AAwy90CzfxnVOznxdse39d3rf6Ah+6WcNI6lRBeEj89m7Episz/FngVoqNjm5ALX HaLr5A5TqPxmt1VQEVnQVEwl5riVVaLjqhka3fAhpOTVA6jOjtkzuUU4EwmlpxMm arMxE75VfOiCdRcHbUbW3bhH1L0xgZJsks5K45vpdi61Qdg5SEsbTFdp6awX+1NF pGCwwvMZL/6jDwIDAQABo4IC9TCCAvEwHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTa D5iyxZV2ufQwHQYDVR0OBBYEFDbQUTjrNb8pwVXRgf5EtXuNjy8YMB4GA1UdEQQX MBWCE2NoZWNrb3V0LmtsYXJuYS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBiwYDVR0fBIGDMIGAMD6gPKA6hjhodHRw Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex LmNybDA+oDygOoY4aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExT UlNBU0hBMjU2MjAyMENBMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggr BgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH0GCCsGAQUFBwEB BHEwbzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEcGCCsG AQUFBzAChjtodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNS U0FTSEEyNTYyMDIwQ0ExLmNydDAMBgNVHRMBAf8EAjAAMIIBAwYKKwYBBAHWeQIE AgSB9ASB8QDvAHUAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF3 JBiwiAAABAMARjBEAiAxMSxsu6Uzv71aUNjRRkhF2gjvBP8IyLogLy/1bCK1VgIg MjkwZ6+sl869v+qH2B+s5186GfwmkEXpLz8rbaOlYyUAdgAiRUUHWVUkVpY/oS/x 922G4CMmY63AS39dxoNcbuIPAgAAAXckGLDHAAAEAwBHMEUCIQCwg//633NmmSpW wkhLCSRgLPeO3WRnKRMt23wWRyCoWgIgF0cnqJvpRyWtROCCfgN3aMAGrhTp6cbx t7BvGZq8vv0wDQYJKoZIhvcNAQENBQADggEBADZV8CixEZTzkf/F41OeFs7dC6im jIX22SMcDvLkVr4Trbl36OjDa2GsMn+3+3jlxm1Q2u5AukfnrQMjolb3v5s5GW87 fuzeoP+K73Vw81VtrUZH48JngL9Md7qfS0Ahvd3BR48qXprvpGpK0wMhOS50/gJW g9VkrYQBYQDwqGtIZKMuMDyLXvM93bl4sp/Xdc0LCcdnBPtkV4dDAxej1euqby8N 7l3Wqp4XN+hoIW7Vz58Va20Nn+VmhqfBRUFh2aDV1CX4G1zLduF4zmBOA1Lb3Rzw hW3CBoFMwBrjtJDUlee0/cL2cgfOPDuKkTtGaKZKxhaVubPon/HzGDi0LTg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4W/G+QT1aEyxL8gc5/K QsRbRxNq6zEq9zxJ5otjyUaEs+3YUDBPwtpYDSPlX8dw5lxYjtgN+iFpfn5SHVus lIAsiIgTmGhgBz9zqVqMsK/vGaG1WBhx4Q7S/n233jQLiHazp59DAAwy90CzfxnV Oznxdse39d3rf6Ah+6WcNI6lRBeEj89m7Episz/FngVoqNjm5ALXHaLr5A5TqPxm t1VQEVnQVEwl5riVVaLjqhka3fAhpOTVA6jOjtkzuUU4EwmlpxMmarMxE75VfOiC dRcHbUbW3bhH1L0xgZJsks5K45vpdi61Qdg5SEsbTFdp6awX+1NFpGCwwvMZL/6j DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15653967285640582464667917026145063413 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stockholm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Klarna Bank AB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'checkout.klarna.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25187375555025174904047454758126435978826903583520029924597777597952082358501290681251997769898538290055675503238232933650969883639577622169930881617288317849207991996894730140436615758554726190763568274539887448285765567469422987551977566517521327159816756716576735731949749228720016637911407407018323707347886356636834938304123376591331508155709539933684461779118988445188162839409322598313114712360961548120727412644429652442614783495043382387990305937289202646946427718383673277700861135118643309475183450601047099365910765696774183156062105159843190732508403720449344136258385704059876104751756357714660890157839 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 36d05138eb35bf29c155d181fe44b57b8d8f2f18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkout.klarna.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0075002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc784000001772418b0880000040300463044022031312c6cbba533bfbd5a50d8d1464845da08ef04ff08c8ba202f2ff56c22b556022032393067afac97cebdbfea87d81face75f3a19fc269045e92f3f2b6da3a563250076002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f02000001772418b0c70000040300473045022100b083fffadf7366992a56c2484b0924602cf78edd646729132ddb7c164720a85a0220174727a89be94725ad44e0827e037768c006ae14e9e9c6f1b7b06f199abcbefd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003655f028b11194f391ffc5e3539e16cedd0ba8a68c85f6d9231c0ef2e456be13adb977e8e8c36b61ac327fb7fb78e5c66d50daee40ba47e7ad0323a256f7bf9b39196f3b7eecdea0ff8aef7570f3556dad4647e3c26780bf4c77ba9f4b4021bdddc1478f2a5e9aefa46a4ad30321392e74fe025683d564ad84016100f0a86b4864a32e303c8b5ef33dddb978b29fd775cd0b09c76704fb645787430317a3d5ebaa6f2f0dee5dd6aa9e1737e868216ed5cf9f156b6d0d9fe56686a7c1454161d9a0d5d425f81b5ccb76e178ce604e0352dbdd1cf0856dc206814cc01ae3b490d495e7b4fdc2f67207ce3c3b8a913b4668a64ac61695b9b3e89ff1f31838b42d38