dmp-taxonomyui-s3.advertising.aol.com
- Oath inc -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 08:0f:0d:50:c2:86:84:1d:91:32:c8:12:d7:36:b0:31 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Oath inc
Organization:
Oath inc
Organization unit: SecOps
Organization unit: SecOps
State / Province:
Virginia
Locality: Sterling
Country: US
Locality: Sterling
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:0f:0d:50:c2:86:84:1d:91:32:c8:12:d7:36:b0:31Serial Number (int): 10711978488937909873484198165307895857
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 43:c6:56:15:84:88:ca:7b:ec:9d:14:89:5b:1f:2c:cd:e2:ec:83:d7
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): 9c:d1:e3:e7:b8:05:bc:5f:e9:41:5d:ea:3f:88:ca:46:38:58:e6:a1
Fingerprint (sha256): 00:19:72:fb:77:ef:1b:e0:f0:a3:0d:44:3c:8c:fd:ca:65:61:2e:5c:05:dc:8a:24:7c:10:ed:55:7b:c7:28:0a
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl
Check the revocation status for certificate dmp-taxonomyui-s3.advertising.aol.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dmp-taxonomyui-s3.advertising.aol.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dmp-taxonomyui-s3.advertising.aol.com
dmp-dev-taxonomyui-s3.advertising.aol.com
dmp-qai-taxonomyui-s3.advertising.aol.com
dmp-dev-taxonomyui-s3.advertising.aol.com
dmp-qai-taxonomyui-s3.advertising.aol.com
Other certificates including the domain name aol.com
(limited to 100 certificates)
checkout.yahoo.com
login.yahoo.com
dmp-taxonomyui-s3.advertising.aol.com
orca.onevidao.aol.com
onebyaol.com
imspro.oneadserver.aol.com
psclick.aol.com
*.stage.login.yahoo.com
qa5.add.my.aol.com
sapp-dev-dc-v.ops.aol.com
pic.ops.aol.com
sybil.advertising.aol.com
cuda-ul01.red.aol.com
portal.dev.vidible.tv
portal-dev1-os.aol.com
makersnew.aol.com
stage.contenthub.aol.com
fe-jenkins.mail.aol.com
mybenefits.aol.com
lifestream.aol.com
aws.beta.aopui-service.advertising.aol.com
computercheckup.aol.com
crmtools.teamaol.com
egleqa.ops.aol.com
mysql-iwww.itsec.aol.com
vacationrentals.travel.aol.com
batsclient.mx.aol.com
selfcare.aol.com
imspro.oneadserver.aol.com
api.onesdk.aol.com
dev.productcentral.aol.com
release.sandbox.aol.com
jp.techcrunch.com
*.aol.com
relegence.aol.com
panorama-s01.netsec.aol.com
*.yahoo.com
ree-pci-proxy.services.aol.com
one-central-api-qa-mse-eks.mse-dev.aws.oath.cloud
release.sandbox.aol.com
msync.aol.com
*.sandbox.aol.com
help.channels.aol.com
nva9-lcd2.aolwave.aol.com
lifestore.qh.aol.com
mediaserver.qa.advertising.aol.com
services.onecreative.aol.com
onemobile.aol.com
scs.dev.obi.aol.com
casper.ops.aol.com
s2s-rtb-selector.eu-central-1.prod.one4p.aol.com
extuatdc-m01.externalstest.aol.com
apns-db-qa1-m01.mail.aol.com
api.onesdk.aol.com
*.add.my.aol.com
api.qai.obi.aol.com
aoluatdc-m03.aoltest.adlab.office.aol.com
webmail1.webmail.aol.com
*.ssp.verizonmedia.com
dc.aol.com
ibw-ws.aol.com
qa.onecreative.aol.com
buildbot.office.aol.com
checkout.yahoo.com
one.aol.com
*.mail.aol.com
contenthub.aol.com
gp-otp-mtc.remote.aol.com
src3.yahoo.com
src4.yahoo.com
dev.assist.aol.com
area51.aol.com
internal.calendar.yahoo.com
n.main.welcomescreen.aol.com
logstash.itsec.aol.com
src4.yahoo.com
one-demo.aol.com
*.calendar.aol.com
idsvcs.premiumservices.aol.com
migrationassist.aol.com
api.onemobile.aol.com
identity.aol.com
vzwesb.qa.obi.aol.com
ssp.yahooinc.com
membernotifications.aol.com
devopssec-util-a02.paranoids.aol.com
widgets.onemobile.aol.com
*.login.yahoo.com
ntc.remote.aol.com
usersettings-core.search.aol.com
web-qh.lifestream.aol.com
onedisplay.aol.com
searchfe.mail.aol.com
portal-os.aol.com
engineering.aol.com
api.qat.obi.aol.com
*.imap.mail.aol.com
*.ssp.verizonmedia.com
mps-qa.aol.com
wap.aol.com
login.yahoo.com
dmp-taxonomyui-s3.advertising.aol.com
orca.onevidao.aol.com
onebyaol.com
imspro.oneadserver.aol.com
psclick.aol.com
*.stage.login.yahoo.com
qa5.add.my.aol.com
sapp-dev-dc-v.ops.aol.com
pic.ops.aol.com
sybil.advertising.aol.com
cuda-ul01.red.aol.com
portal.dev.vidible.tv
portal-dev1-os.aol.com
makersnew.aol.com
stage.contenthub.aol.com
fe-jenkins.mail.aol.com
mybenefits.aol.com
lifestream.aol.com
aws.beta.aopui-service.advertising.aol.com
computercheckup.aol.com
crmtools.teamaol.com
egleqa.ops.aol.com
mysql-iwww.itsec.aol.com
vacationrentals.travel.aol.com
batsclient.mx.aol.com
selfcare.aol.com
imspro.oneadserver.aol.com
api.onesdk.aol.com
dev.productcentral.aol.com
release.sandbox.aol.com
jp.techcrunch.com
*.aol.com
relegence.aol.com
panorama-s01.netsec.aol.com
*.yahoo.com
ree-pci-proxy.services.aol.com
one-central-api-qa-mse-eks.mse-dev.aws.oath.cloud
release.sandbox.aol.com
msync.aol.com
*.sandbox.aol.com
help.channels.aol.com
nva9-lcd2.aolwave.aol.com
lifestore.qh.aol.com
mediaserver.qa.advertising.aol.com
services.onecreative.aol.com
onemobile.aol.com
scs.dev.obi.aol.com
casper.ops.aol.com
s2s-rtb-selector.eu-central-1.prod.one4p.aol.com
extuatdc-m01.externalstest.aol.com
apns-db-qa1-m01.mail.aol.com
api.onesdk.aol.com
*.add.my.aol.com
api.qai.obi.aol.com
aoluatdc-m03.aoltest.adlab.office.aol.com
webmail1.webmail.aol.com
*.ssp.verizonmedia.com
dc.aol.com
ibw-ws.aol.com
qa.onecreative.aol.com
buildbot.office.aol.com
checkout.yahoo.com
one.aol.com
*.mail.aol.com
contenthub.aol.com
gp-otp-mtc.remote.aol.com
src3.yahoo.com
src4.yahoo.com
dev.assist.aol.com
area51.aol.com
internal.calendar.yahoo.com
n.main.welcomescreen.aol.com
logstash.itsec.aol.com
src4.yahoo.com
one-demo.aol.com
*.calendar.aol.com
idsvcs.premiumservices.aol.com
migrationassist.aol.com
api.onemobile.aol.com
identity.aol.com
vzwesb.qa.obi.aol.com
ssp.yahooinc.com
membernotifications.aol.com
devopssec-util-a02.paranoids.aol.com
widgets.onemobile.aol.com
*.login.yahoo.com
ntc.remote.aol.com
usersettings-core.search.aol.com
web-qh.lifestream.aol.com
onedisplay.aol.com
searchfe.mail.aol.com
portal-os.aol.com
engineering.aol.com
api.qat.obi.aol.com
*.imap.mail.aol.com
*.ssp.verizonmedia.com
mps-qa.aol.com
wap.aol.com
Certificate
The complete raw certificate details for dmp-taxonomyui-s3.advertising.aol.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFuTCCBKGgAwIBAgIQCA8NUMKGhB2RMsgS1zawMTANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMDAzMDAwMDAwWhcN MjAxMDA3MTIwMDAwWjCBhzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlh MREwDwYDVQQHEwhTdGVybGluZzERMA8GA1UEChMIT2F0aCBpbmMxDzANBgNVBAsT BlNlY09wczEuMCwGA1UEAxMlZG1wLXRheG9ub215dWktczMuYWR2ZXJ0aXNpbmcu YW9sLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIjUWVTtGGeR F5DMoVFD0SLs0WcJY5yJ+QXNZTKxcoK7ltu1LA3Lp+k+3CgmG+rj7PSNiTFoktCx dDeT8/LJfLrJu3eGb6hmbD+YlHsl2rcl7fa2Jple+wj3ClygrDucxR9XP0kXnlDM T8XWFpBLDtlNzlU/oiSJFp6qQ33GJJF/Lybx+1bPlmO9pBpPCxQmClnfAF8LhLzK JCcWZRbKh6GmJRxaOtF+9sMb7G5BrfIy1jDdepAwx/Eutlv7VZchqcqSoiJdknJ/ mqGidwo6KTBe7sftfKZuZu1JoA9ZnAELIdYY1Irivhs2oHJGzkBxQXqt3r6jaGFU Fw3GaBB3IrsCAwEAAaOCAlgwggJUMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4 tCzhxtniMB0GA1UdDgQWBBRDxlYVhIjKe+ydFIlbHyzN4uyD1zCBhgYDVR0RBH8w fYIlZG1wLXRheG9ub215dWktczMuYWR2ZXJ0aXNpbmcuYW9sLmNvbYIpZG1wLWRl di10YXhvbm9teXVpLXMzLmFkdmVydGlzaW5nLmFvbC5jb22CKWRtcC1xYWktdGF4 b25vbXl1aS1zMy5hZHZlcnRpc2luZy5hb2wuY29tMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4Yp aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuG KWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1Ud IARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRp Z2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEF BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRw Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVy Q0EuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZI hvcNAQELBQADggEBAHM5V0OyB6oE/yrDJY/JKaG1craAYXldr/DRVqLrbDotd/oh BuIJmQkPJw2sXbFmWLx3Xms2cwtciLhUUJQoYC2OfraKM3xfnDN1uZBe/QRgl6yg eealZP14keXqlsuTVPnEDcJLp/dl508Cl+XwysL0LSD9UNeoB9kSiQZXHz2K/eEy 6nIZ/VrRcj9VhCYgT5RDuUTYq01kEGbv+eao8d4yhfAUDYXxL01E4JhaLoWAOF1U CKjyNARmVKkPkyGsRWaaHahGtlb4cGbERvaYqDW6ibjtd6sViMeZRRO82V/KsVkZ XhjJrz6LT3aOsuALmP6lYlAVmfZ7M3fpR2caDCg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNRZVO0YZ5EXkMyhUUPR IuzRZwljnIn5Bc1lMrFygruW27UsDcun6T7cKCYb6uPs9I2JMWiS0LF0N5Pz8sl8 usm7d4ZvqGZsP5iUeyXatyXt9rYmmV77CPcKXKCsO5zFH1c/SReeUMxPxdYWkEsO 2U3OVT+iJIkWnqpDfcYkkX8vJvH7Vs+WY72kGk8LFCYKWd8AXwuEvMokJxZlFsqH oaYlHFo60X72wxvsbkGt8jLWMN16kDDH8S62W/tVlyGpypKiIl2Scn+aoaJ3Cjop MF7ux+18pm5m7UmgD1mcAQsh1hjUiuK+GzagckbOQHFBeq3evqNoYVQXDcZoEHci uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10711978488937909873484198165307895857 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-07 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sterling' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oath inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SecOps' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dmp-taxonomyui-s3.advertising.aol.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17273122646387804236253920468921112296784307262508708113759351442270604670586120168293966951683983407784898060869868248205459491591030947122678508839296020953470142423864806997668225283140783218414077258829941104903220290910773886677495639719201837813609108458551149933756797484004508916026399117956807610939853616031398402806080638817263967416459145983319952968918539577801176937657279202145239240657366201780388302792803773505340015923476336424953953553730725376611371056394889327721827955999215615686200848475886368306402209274064720405787263226677217510395938421208705153824929124269561304208045839771083587658427 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 43c656158488ca7bec9d14895b1f2ccde2ec83d7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dmp-taxonomyui-s3.advertising.aol.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dmp-dev-taxonomyui-s3.advertising.aol.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dmp-qai-taxonomyui-s3.advertising.aol.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0073395743b207aa04ff2ac3258fc929a1b572b68061795daff0d156a2eb6c3a2d77fa2106e20999090f270dac5db16658bc775e6b36730b5c88b854509428602d8e7eb68a337c5f9c3375b9905efd046097aca079e6a564fd7891e5ea96cb9354f9c40dc24ba7f765e74f0297e5f0cac2f42d20fd50d7a807d9128906571f3d8afde132ea7219fd5ad1723f558426204f9443b944d8ab4d641066eff9e6a8f1de3285f0140d85f12f4d44e0985a2e8580385d5408a8f234046654a90f9321ac45669a1da846b656f87066c446f698a835ba89b8ed77ab1588c7994513bcd95fcab159195e18c9af3e8b4f768eb2e00b98fea562501599f67b3377e947671a0c28