ote-accounts-otp.verisign.com
- Verisign, Inc -
Issued by DigiCert Global CA G2
About this certificate
This digital certificate with serial number 04:51:4b:90:8b:83:b0:5a:1e:ef:68:fd:f5:de:d1:b5 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Verisign, Inc
Organization:
Verisign, Inc
Organization unit: Production Operations
Organization unit: Production Operations
State / Province:
Virginia
Locality: Reston
Country: US
Locality: Reston
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:51:4b:90:8b:83:b0:5a:1e:ef:68:fd:f5:de:d1:b5Serial Number (int): 5739020661434278905346156404544557493
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 4d:ce:40:a5:7b:f8:e4:40:55:7e:f2:9c:d4:1d:57:68:39:f7:e5:b7
AuthorityKeyId: 24:6e:2b:2d:d0:6a:92:51:51:25:69:01:aa:9a:47:a6:89:e7:40:20
Fingerprint (sha1): c3:7a:23:06:36:4d:1d:9b:7b:09:1d:81:a9:3e:77:f2:d8:54:d3:f2
Fingerprint (sha256): 00:41:61:f7:4d:47:a2:90:67:bb:71:5f:53:c6:40:18:98:89:10:b9:fc:f8:25:20:3f:f8:96:3a:a2:ba:63:b3
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalCAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalCAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalCAG2.crl
Check the revocation status for certificate ote-accounts-otp.verisign.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ote-accounts-otp.verisign.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ote-accounts-otp.verisign.com
Other certificates including the domain name verisign.com
(limited to 100 certificates)
www.verisign.com
pilotsc-admin-enroll.verisign.com
ote-accounts-otp.verisign.com
ssl-certificate-center-enterprise-ncsa-ilg.verisign.net
namestudio.com
sc-admin-enroll.verisign.com
san-28-s12.tlsprovisioning.exacttarget.com
pilot-ocsp.verisign.com
sipaccess-dr.verisign.com
pilotonsite.verisign.com
qa.domainscope.verisign.com
mdm1.verisign.com
ipsapi.verisign.com
mem-lab.corparch.verisign.com
styleguide.verisign.com
connect.verisign.com
idprotect.vip.symantec.com
advocacy.verisign.com
ite-rdap.verisign.com
investor.verisign.com
pilot-pkiservices.verisign.com
ncilg1vacmpub.corparch.verisign.com
accountsdr-otp.verisign.com
knowledge.symantec.com
ssp.vip.symantec.com
www.tlab.verisign.com
user-apis.verisign.com
cofense-reporter.verisign.com
epki-admin.verisign.com
jamfdp.verisign.com
san-28-s12.tlsprovisioning.exacttarget.com
pkiservices.verisign.com
pilotonsite.verisign.com
ilg1vcsexpe.verisign.com
testdrive.verisign.com
mem-lab.corparch.verisign.com
testcr-payflow.verisign.com
Tun-r.verisign.com
pilot-certmanager.verisign.com
ua.verisign.com
eol-redirect.verisign.net
accounts.verisign.com
directservice.verisign.com
ote-accounts.verisign.com
san-28-s12.tlsprovisioning.exacttarget.com
manager.verisign.com
ua-portal.verisign.com
view.messages.verisign.com
seal.websecurity.norton.com
advocacy.verisign.com
ote-login.verisign.com
gp.verisign.com
sentinel.websecurity.symantec.com
publicdnsforum.verisign.com
pilotsc-admin-enroll.verisign.com
pilot-enterprise-ssl-admin.jp.websecurity.symantec.com
ssl-certificate-center-ncsa-ilg.verisign.net
mem.verisign.com
publicdnsforum.verisign.com
certmanager.websecurity.symantec.com
acano.vrsn.com
ias.verisign.com
pilot-ua.verisign.com
corpqa1uccxpub-ms.corparch.verisign.com
services-auth.vip.symantec.com
seal.websecurity.norton.com
support.verisign.com
neilg1lxsfm201.verisign.com
user-apisote.verisign.com
payments.verisign.com
userservices.vip.symantec.com
sc-admin-enroll.verisign.com
qa.verisigndns.com
verified-domains.verisign.com
pilotservicecenter.verisign.com
vendorportal.verisign.com
publicdnsforum.verisign.com
userservices.vip.symantec.com
gp-qa.verisign.com
lwas.verisign.com
click.messages.verisign.com
ssl-certificate-center.verisign.com
investor.verisign.com
pilot-epki-admin.verisign.com
os1-accounts-otp.verisign.com
accountsdr.verisign.com
startonline.verisign.com
sandboxkms.verisign.com
mdm1.verisign.com
vipdeveloper.verisign.com
www.verisign.com
ssl-tools.verisign.com
sealinfo.verisign.com
checkout.verisign.com
vidn.verisign.com
webmail.verisign.com
connect.verisign.com
seal.verisign.com
epki-admin.verisign.com
authentication.verisign.com
pilotsc-admin-enroll.verisign.com
ote-accounts-otp.verisign.com
ssl-certificate-center-enterprise-ncsa-ilg.verisign.net
namestudio.com
sc-admin-enroll.verisign.com
san-28-s12.tlsprovisioning.exacttarget.com
pilot-ocsp.verisign.com
sipaccess-dr.verisign.com
pilotonsite.verisign.com
qa.domainscope.verisign.com
mdm1.verisign.com
ipsapi.verisign.com
mem-lab.corparch.verisign.com
styleguide.verisign.com
connect.verisign.com
idprotect.vip.symantec.com
advocacy.verisign.com
ite-rdap.verisign.com
investor.verisign.com
pilot-pkiservices.verisign.com
ncilg1vacmpub.corparch.verisign.com
accountsdr-otp.verisign.com
knowledge.symantec.com
ssp.vip.symantec.com
www.tlab.verisign.com
user-apis.verisign.com
cofense-reporter.verisign.com
epki-admin.verisign.com
jamfdp.verisign.com
san-28-s12.tlsprovisioning.exacttarget.com
pkiservices.verisign.com
pilotonsite.verisign.com
ilg1vcsexpe.verisign.com
testdrive.verisign.com
mem-lab.corparch.verisign.com
testcr-payflow.verisign.com
Tun-r.verisign.com
pilot-certmanager.verisign.com
ua.verisign.com
eol-redirect.verisign.net
accounts.verisign.com
directservice.verisign.com
ote-accounts.verisign.com
san-28-s12.tlsprovisioning.exacttarget.com
manager.verisign.com
ua-portal.verisign.com
view.messages.verisign.com
seal.websecurity.norton.com
advocacy.verisign.com
ote-login.verisign.com
gp.verisign.com
sentinel.websecurity.symantec.com
publicdnsforum.verisign.com
pilotsc-admin-enroll.verisign.com
pilot-enterprise-ssl-admin.jp.websecurity.symantec.com
ssl-certificate-center-ncsa-ilg.verisign.net
mem.verisign.com
publicdnsforum.verisign.com
certmanager.websecurity.symantec.com
acano.vrsn.com
ias.verisign.com
pilot-ua.verisign.com
corpqa1uccxpub-ms.corparch.verisign.com
services-auth.vip.symantec.com
seal.websecurity.norton.com
support.verisign.com
neilg1lxsfm201.verisign.com
user-apisote.verisign.com
payments.verisign.com
userservices.vip.symantec.com
sc-admin-enroll.verisign.com
qa.verisigndns.com
verified-domains.verisign.com
pilotservicecenter.verisign.com
vendorportal.verisign.com
publicdnsforum.verisign.com
userservices.vip.symantec.com
gp-qa.verisign.com
lwas.verisign.com
click.messages.verisign.com
ssl-certificate-center.verisign.com
investor.verisign.com
pilot-epki-admin.verisign.com
os1-accounts-otp.verisign.com
accountsdr.verisign.com
startonline.verisign.com
sandboxkms.verisign.com
mdm1.verisign.com
vipdeveloper.verisign.com
www.verisign.com
ssl-tools.verisign.com
sealinfo.verisign.com
checkout.verisign.com
vidn.verisign.com
webmail.verisign.com
connect.verisign.com
seal.verisign.com
epki-admin.verisign.com
authentication.verisign.com
Certificate
The complete raw certificate details for ote-accounts-otp.verisign.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGyTCCBbGgAwIBAgIQBFFLkIuDsFoe72j99d7RtTANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTgwNDE4MDAwMDAwWhcNMjAwNDE4MTIw MDAwWjCBkTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMQ8wDQYDVQQH EwZSZXN0b24xFjAUBgNVBAoTDVZlcmlzaWduLCBJbmMxHjAcBgNVBAsTFVByb2R1 Y3Rpb24gT3BlcmF0aW9uczEmMCQGA1UEAxMdb3RlLWFjY291bnRzLW90cC52ZXJp c2lnbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiVLPS+Dlj TPXjV7b3WlsAZuY3zuFfYoiS91orHqipcNnp78WsWs2glOo1V1IT1Kcf0lbVyZRc /Lxg272MW4z6IkfoX/+McJ3fRO3MzDiESxuC1sbGDouhE9QdHTaMbf4quz1stqC6 7jaUrwzjnW/yY1jz8aevNXF/lkVkNQzS18i7IfHGmID9a/D8dTLUtHi3P7d1+9vn xCC/ShkRe5cgBD/4PEhGuuZ4wXST/A485Tg6RLJNofJMuZBH2aC1TrbWHvCvRwJ+ edOB8WlORdliu+HNEw55UV4DF9F6+XDl9GmtFlgLeDwfFVjULQyisMPXjWPkAqVv axVLiV9ZmSeXAgMBAAGjggNnMIIDYzAfBgNVHSMEGDAWgBQkbist0GqSUVElaQGq mkemiedAIDAdBgNVHQ4EFgQUTc5ApXv45EBVfvKc1B1XaDn35bcwKAYDVR0RBCEw H4Idb3RlLWFjY291bnRzLW90cC52ZXJpc2lnbi5jb20wDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Ax hi9odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNy bDA1oDOgMYYvaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFs Q0FHMi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdAYIKwYBBQUH AQEEaDBmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPgYI KwYBBQUHMAKGMmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEds b2JhbENBRzIuY3J0MAkGA1UdEwQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoB aAB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABYtm3lUEAAAQD AEgwRgIhAPafLLCWLN7zXNzHt5H9BWPWtS2ZYsuSUIjh0JJqraBkAiEAipRVvDZ/ b4twYwuIxaCGW0PsjckX9vTYXJazHEZrYgoAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4 eHAlCBcvo6odBxPTDAAAAWLZt7xxAAAEAwBHMEUCIQDcYeXgHv6NDC6xkSWuKFfL u3RDKY5/fqkLZdxCvXiYggIgJluBfQo9uiAsbb3p+yJu8aVfB5U29CJKQZzVrME+ 9hcAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWLZt5WZAAAE AwBGMEQCIF1a5wOq9+Z5F4M/qdE8x1nHsS9Ya2QDj1xtfRFRbEKjAiBLTu9BZExq fUK/EpjtgQfh49BOJEFB4W3hSuPbCEkUkDANBgkqhkiG9w0BAQsFAAOCAQEAvAHr SKLX7qrIAbmrBjrYUo9y4rwU9mMYRPykcbF63XLaqMY9lbEby91GgmzgRELfT/jp gSKbXm1E+1SDvK3SzPyGWjIPqM15Et5Bi6oOSajxRHXIAZqQLqc+vfC7CKt1hg62 daFHPkgdd/v5oQaJPU1Ovm57qJJuaxzbKZz/5kinZ99SXVGwHAlgCS8G7q3tk8ZO ACeD8h8cORjvRSGuJg1145jiY0Ft3b3diiJ4cZlc0GRcXzf9B2lW0XTDqYJZzjks Wb65PYjEzc5sI8Yy7dPeCvCMps1nPx3qUrUpQuptLnqC4W/trFLvJvZ9uYFRcLPZ lXFYixHeRy4uywfyzg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolSz0vg5Y0z141e291pb AGbmN87hX2KIkvdaKx6oqXDZ6e/FrFrNoJTqNVdSE9SnH9JW1cmUXPy8YNu9jFuM +iJH6F//jHCd30TtzMw4hEsbgtbGxg6LoRPUHR02jG3+Krs9bLaguu42lK8M451v 8mNY8/GnrzVxf5ZFZDUM0tfIuyHxxpiA/Wvw/HUy1LR4tz+3dfvb58Qgv0oZEXuX IAQ/+DxIRrrmeMF0k/wOPOU4OkSyTaHyTLmQR9mgtU621h7wr0cCfnnTgfFpTkXZ YrvhzRMOeVFeAxfRevlw5fRprRZYC3g8HxVY1C0MorDD141j5AKlb2sVS4lfWZkn lwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5739020661434278905346156404544557493 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-18 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Reston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Verisign, Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Production Operations' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ote-accounts-otp.verisign.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20492373733352492136212938485231255460084908218829079213453095249353379377123090413568692058614708813234614954573444288386125805483576419258692494548954982260938809731884929102458203518202792687371972911496857062268835902844993714344692368069539579576910095932866606208582482754184275832432588683832248958656849705648926264593669290573783161942560091009771226190240847367135889280430027956085258686243395650319026057497298567923561339437209790307964654886512607223737956097733764440332564745641211393229575004819482754571899342527458965301247481257902615037550958112302693150735120832151929266253815087824889215264663 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 246e2b2dd06a925151256901aa9a47a689e74020 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4dce40a57bf8e440557ef29cd41d576839f7e5b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ote-accounts-otp.verisign.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalCAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000162d9b795410000040300483046022100f69f2cb0962cdef35cdcc7b791fd0563d6b52d9962cb925088e1d0926aada0640221008a9455bc367f6f8b70630b88c5a0865b43ec8dc917f6f4d85c96b31c466b620a0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000162d9b7bc710000040300473045022100dc61e5e01efe8d0c2eb19125ae2857cbbb7443298e7f7ea90b65dc42bd7898820220265b817d0a3dba202c6dbde9fb226ef1a55f079536f4224a419cd5acc13ef617007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000162d9b79599000004030046304402205d5ae703aaf7e67917833fa9d13cc759c7b12f586b64038f5c6d7d11516c42a302204b4eef41644c6a7d42bf1298ed8107e1e3d04e244141e16de14ae3db08491490 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bc01eb48a2d7eeaac801b9ab063ad8528f72e2bc14f6631844fca471b17add72daa8c63d95b11bcbdd46826ce04442df4ff8e981229b5e6d44fb5483bcadd2ccfc865a320fa8cd7912de418baa0e49a8f14475c8019a902ea73ebdf0bb08ab75860eb675a1473e481d77fbf9a106893d4d4ebe6e7ba8926e6b1cdb299cffe648a767df525d51b01c0960092f06eeaded93c64e002783f21f1c3918ef4521ae260d75e398e263416dddbddd8a227871995cd0645c5f37fd076956d174c3a98259ce392c59beb93d88c4cdce6c23c632edd3de0af08ca6cd673f1dea52b52942ea6d2e7a82e16fedac52ef26f67db9815170b3d99571588b11de472e2ecb07f2ce