Standard_SSL_Digicert_CASpec.bankofamerica.com

- Bank of America Corporation -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 06:80:e7:3a:5a:4c:ba:cb:c9:4a:c2:02:ea:c9:28:0b was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • The DNS name 'Standard_SSL_Digicert_CASpec.bankofamerica.com' contains an underscore (_) character Before explicitly stating as such in CABF 1.6.2, the stance of RFC5280 is adopted that DNSNames MUST NOT contain an underscore character. (BR 7.1.4.2.1)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • DNSName MUST NOT contain underscore characters (BRs: 7.1.4.2.1)
  • DNSName MUST NOT contain underscore characters (RFC5280: 4.1.2.6)

Bank of America Corporation

Organization: Bank of America Corporation
Organization unit: GIS
State / Province: North Carolina
Locality: Charlotte
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:80:e7:3a:5a:4c:ba:cb:c9:4a:c2:02:ea:c9:28:0b
Serial Number (int): 8644671832400233902645505719659997195
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: a7:65:f3:25:6b:ff:03:8a:9e:67:ab:f8:3b:e3:e5:d7:ff:02:46:84
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): d9:34:2f:38:31:c2:02:72:ed:07:98:32:bd:2b:7f:80:b0:ac:d0:68
Fingerprint (sha256): 00:5a:46:39:7a:97:3f:6a:85:bd:7e:da:93:bd:6d:8a:db:5a:7d:f5:6b:91:25:d9:f4:44:1f:74:20:57:b6:b1

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate Standard_SSL_Digicert_CASpec.bankofamerica.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for Standard_SSL_Digicert_CASpec.bankofamerica.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

Standard_SSL_Digicert_CASpec.bankofamerica.com

Other certificates including the domain name bankofamerica.com

(limited to 100 certificates)
dcpr-apac.bankofamerica.com
b2bservice-dev4.ecnp.bankofamerica.com
elink-mbi-s.bankofamerica.com
atmhold-tt.bankofamerica.com
abwebpay-mbod.bankofamerica.com
webatm-test-dev1b-pipB.bankofamerica.com
webatm-test-cer1a-pipD.bankofamerica.com
fix-mtls-prod-out-ma-order.bankofamerica.com
CAPTIVESERVICE.BANKOFAMERICA.COM
mqt.qtjrchin.bankofamerica.com
secure.bankofamerica.com
travelcenter2.bankofamerica.com
directsso.bankofamerica.com
gpx-discover-diners-pulse-lle-clientcert.ecnp.bankofamerica.com
testingNotifications-CertAdminPlzApprove.bankofamerica.com
origin-bac-assets-cert.ecnp.bankofamerica.com
sso-prd.bankofamerica.com
eib-vgs-sit1.bankofamerica.com
cpo-accelerate-websvcs-test2.bankofamerica.com
usvarchvp2isa01.bankofamerica.com
ibsshopsafedev6.bankofamerica.com
rxserve-9H.bankofamerica.com
Standard_SSL_Digicert_CASpec.bankofamerica.com
globalcommissionpayments.bankofamerica.com
appb1.paymentsinvoicing.bankofamerica.com
secure-devps.ecnp.bankofamerica.com
mservice-qa5.ecnp.bankofamerica.com
mservice-qaps.ecnp.bankofamerica.com
bl-qip.emea.bankofamerica.com
cldirect.bankofamerica.com
fbrm-pssit.bankofamerica.com
sbbankers.ltngp2dev.bankofamerica.com
wmobile.bankofamerica.com
escrowonline-lt.bankofamerica.com
socialapp-pt1.ecnp.bankofamerica.com
MO8XCHRS002.bankofamerica.com
winsso-stg.sm.bankofamerica.com
oos0i.lbxatl.bankofamerica.com
CRDTCTR-70336-nCinoClientAuth-BFUAT.bankofamerica.com
outlookanywhere.bankofamerica.com
epass-uat.bankofamerica.com
eftx-pt1.ecnp.bankofamerica.com
NDM.9M33.bankofamerica.com
mqt.mub1chin.bankofamerica.com
ssologon-deveast.bankofamerica.com
finapp.allmyaccounts.test2.bankofamerica.com
boardvantage-uat.bankofamerica.com
portalb2b-rch.bankofamerica.com
ftp-vmsdf1.bankofamerica.com
uat-authorprimary-merch.bankofamerica.com
travelcenter.bankofamerica.com
cmbsi-uat1.bankofamerica.com
travelpaymentsystem.bankofamerica.com
winsso-prd.sm.bankofamerica.com
rvdealer-cit.bankofamerica.com
ftp-hbs.bankofamerica.com
safepass-cpo.bankofamerica.com
cictsc3a.9s.bankofamerica.com
secure-preview1.ecnp.bankofamerica.com
corp.bankofamerica.com
origin-bac-assets-dev.ecnp.bankofamerica.com
everest-qa.bankofamerica.com
racf-1R.bankofamerica.com
fbrm.bankofamerica.com
symphony-online-dr-vip.bankofamerica.com
rmbs.bankofamerica.com
WAS.prodeu01.bankofamerica.com
crm.fxqa.ml.com
corp.bankofamerica.com
ecsb.bankofamerica.com
elink-as2h8.bankofamerica.com
portal.bankofamerica.com
bofacapital-certs.bankofamerica.com
mqp.mqwxchin.bankofamerica.com
bofacapital-certs-pp.bankofamerica.com
viewinv-techtest.bankofamerica.com
cicpvx62.1s.bankofamerica.com
remotepc-us.bankofamerica.com
akamai-san10.exacttarget.com
tx8aiucm02403.bankofamerica.com
secure-review1.ecnp.bankofamerica.com
socialapp-devflex.ecnp.bankofamerica.com
mlqua400.bankofamerica.com
support-services.bankofamerica.com
ustxrdncu01aac0001.network.bankofamerica.com
soap-aci1.bankofamerica.com
mqp.qpc1chin.bankofamerica.com
ecds-uat.bankofamerica.com
mservice-dev2.ecnp.bankofamerica.com
ccpsbob.bankofamerica.com
cporms-test.bankofamerica.com
resfcmbs.bankofamerica.com
IMSPW3CA.1S.bankofamerica.com
globalroutingdirectory.bankofamerica.com
aeadmin.bankofamerica.com
fedsso.bankofamerica.com
rest-cert2.ecnp.bankofamerica.com
psgws.bankofamerica.com
cboapp01.bankofamerica.com
eib-hrt-cit2.bankofamerica.com

Certificate

The complete raw certificate details for Standard_SSL_Digicert_CASpec.bankofamerica.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIQBoDnOlpMusvJSsIC6skoCzANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcN
MTkwNTMxMTIwMDAwWjCBpzELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENh
cm9saW5hMRIwEAYDVQQHEwlDaGFybG90dGUxJDAiBgNVBAoTG0Jhbmsgb2YgQW1l
cmljYSBDb3Jwb3JhdGlvbjEMMAoGA1UECxMDR0lTMTcwNQYDVQQDDC5TdGFuZGFy
ZF9TU0xfRGlnaWNlcnRfQ0FTcGVjLmJhbmtvZmFtZXJpY2EuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEa5gPsH9ya5oB3l/s8pRc10js0YLqW8
pW16QAmWPD8CMgR/pHBCnSMmie9U3CsMg/UiGHAm6pPfLTR30AV4IfsMv6qdreXt
0jT/TjtZe9foNuwcft2Cni20huxM4aYbQyBrJ1xCWkAwG5iTJbhnHdPXWZS1dloU
B3J9vhUONRQl7I8HJwkxry6NclnogWbujIOiIAT4PBEFQGhGcBAr3xWVRgtX3no6
DhvfoUDrKHogTbyNMNVk6etgZRefR9O7vlYxnc7MlL3Go6Eh/rl11GAtn21GFUOr
99b8KaaWwFN6cC5ZPiZIoDOGs1R4TguErPh0R6Gn3wBiyA6+Tx4eJQIDAQABo4IC
BzCCAgMwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYE
FKdl8yVr/wOKnmer+Dvj5df/AkaEMDkGA1UdEQQyMDCCLlN0YW5kYXJkX1NTTF9E
aWdpY2VydF9DQVNwZWMuYmFua29mYW1lcmljYS5jb20wDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaAr
hilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2g
K4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYD
VR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
ZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsG
AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0
dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2
ZXJDQS5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG
9w0BAQsFAAOCAQEAtVz0PDP23sZR7Cpr/h0niXuKAca9KQWsGLadfr9yLDHKAcOZ
xXEVRVmUDueGW6IKaIN6edck0wHMD2ajfWTPF2CZtGJJDlRKv4bpw0n67zvHeOOz
QGvCaDfXX2Msypr5Ym621hAUtN21FJj8csEbknk0KxBtJ3XJj10/4DvnfgtEXDAO
CO5uLR5aa4MWFlqCcg6MXCIKJu/gl07AHUC+irMX2xze97SFfC7g/P8E7KEB2mVC
xaBKgkopIQVsYxNyhK3Jvc7hqvs2U2P5/WusVdbSU2NpfkRZkFH2T7r4gDYbGv1R
SMUjfS3G0XVxUu8SMuPbDNdj0mB7zOF0HMZWYg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEa5gPsH9ya5oB3l/s8p
Rc10js0YLqW8pW16QAmWPD8CMgR/pHBCnSMmie9U3CsMg/UiGHAm6pPfLTR30AV4
IfsMv6qdreXt0jT/TjtZe9foNuwcft2Cni20huxM4aYbQyBrJ1xCWkAwG5iTJbhn
HdPXWZS1dloUB3J9vhUONRQl7I8HJwkxry6NclnogWbujIOiIAT4PBEFQGhGcBAr
3xWVRgtX3no6DhvfoUDrKHogTbyNMNVk6etgZRefR9O7vlYxnc7MlL3Go6Eh/rl1
1GAtn21GFUOr99b8KaaWwFN6cC5ZPiZIoDOGs1R4TguErPh0R6Gn3wBiyA6+Tx4e
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8644671832400233902645505719659997195
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-31 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'North Carolina'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Charlotte'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bank of America Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Standard_SSL_Digicert_CASpec.bankofamerica.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21747864066254827015994771432875101402287654018667510472189073590532612119477478596282270659145349890355120800655318882830615418793431614265595624522985027960530315431131372239995432452890751074299030360672307174819715658574793093693249003063005390893203652085997979078757454351396167414890833937384790278559182752491024520627723420183994529001512550055606188536381488026271999681605582754988045963511966218935446974318975827045550427717331519299409336056264596224002177209123289847612356893564063498885831194793812418096624007561680625709811067620720626078277368671186540965989133058894491323156649702064513995382309
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a765f3256bff038a9e67abf83be3e5d7ff024684
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'Standard_SSL_Digicert_CASpec.bankofamerica.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b55cf43c33f6dec651ec2a6bfe1d27897b8a01c6bd2905ac18b69d7ebf722c31ca01c399c571154559940ee7865ba20a68837a79d724d301cc0f66a37d64cf176099b462490e544abf86e9c349faef3bc778e3b3406bc26837d75f632cca9af9626eb6d61014b4ddb51498fc72c11b9279342b106d2775c98f5d3fe03be77e0b445c300e08ee6e2d1e5a6b8316165a82720e8c5c220a26efe0974ec01d40be8ab317db1cdef7b4857c2ee0fcff04eca101da6542c5a04a824a2921056c63137284adc9bdcee1aafb365363f9fd6bac55d6d25363697e44599051f64fbaf880361b1afd5148c5237d2dc6d1757152ef1232e3db0cd763d2607bcce1741cc65662