clearpass.hscs.virginia.edu

- University of Virginia Medical Center -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0f:19:a6:c3:5a:4a:b5:36:5a:eb:1d:d8:14:f6:64:32 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

University of Virginia Medical Center

Organization: University of Virginia Medical Center
Organization unit: Health System Technology Services
State / Province: VA
Locality: Charlottesville
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:19:a6:c3:5a:4a:b5:36:5a:eb:1d:d8:14:f6:64:32
Serial Number (int): 20071609715666972388688055324319835186
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ab:d9:ad:40:97:da:a9:fc:86:88:ef:c1:3c:17:3a:bd:57:73:d6:15
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): dc:c3:75:8b:a2:5f:90:1e:51:80:e0:2f:86:1c:4c:77:80:1d:df:02
Fingerprint (sha256): 00:63:15:42:f0:25:bc:1b:3c:5c:0a:30:35:ee:d5:c2:17:b3:73:13:df:ef:01:49:f8:85:58:23:56:47:f4:99

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate clearpass.hscs.virginia.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for clearpass.hscs.virginia.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

clearpass.hscs.virginia.edu
netrad.hscs.virginia.edu

Other certificates including the domain name virginia.edu

(limited to 100 certificates)
5654645158445056-fe4.pantheonsite.io
5754903989321728-fe2.pantheonsite.io
gracula.psyc.virginia.edu
ei-mon2.its.virginia.edu
www.berg.evsc.virginia.edu
5654645158445056-fe4.pantheonsite.io
blog.radiology.virginia.edu
5645914630782976-fe1.pantheonsite.io
andvari.org
blogs.darden.virginia.edu
5641826627223552-fe3.pantheonsite.io
*.jiveon.com
clearpass.hscs.virginia.edu
schedule.hscs.virginia.edu
cluster3.technolutions.net
wtdc11.wintest.virginia.edu
mygroups.virginia.edu
cluster.technolutions.net
tammlab.medicine.virginia.edu
*.mail.virginia.edu
video.comm.virginia.edu
vanity7.jiveon.com
cluster3.technolutions.net
stacey-aruba-7240-1.hscs.virginia.edu
uvaclubs.virginia.edu
atmos.evsc.virginia.edu
csc.virginia.edu
jagienka.med.virginia.edu
religionlab.virginia.edu
calendar.virginia.edu
realestate.virginia.edu
satellite01.its.virginia.edu
blogs.darden.virginia.edu
mdm.healthsystem.virginia.edu
evscta.evsc.virginia.edu
climate.evsc.virginia.edu
falmouth.lib.virginia.edu
helpdesk.evsc.virginia.edu
uconnectlabs.com
hstsbitableau1.hscs.virginia.edu
eso.evsc.virginia.edu
banking-business-review.com
tableau.admin.virginia.edu
staffsenate.virginia.edu
securemail.healthsystem.virginia.edu
www.uva2021.virginia.edu
apply.darden.virginia.edu
HSTSXCONT2.HSCS.VIRGINIA.EDU
advancement.virginia.edu
hsts3parmgt.hscs.virginia.edu
hstsmdaudithosp.hscs.virginia.edu
uconnectlabs.com
proteindiffraction.org
network-setup.itc.virginia.edu
5645914630782976-fe1.pantheonsite.io
cluster3.technolutions.net
learn.med.virginia.edu
vanity22.jiveon.com
ascs10.clas.virginia.edu
tams.nursing.virginia.edu
HSCSEBLOB.HSCS.VIRGINIA.EDU
5754903989321728-fe2.pantheonsite.io
devhub.virginia.edu
guides.lib.virginia.edu
5754903989321728-fe2.pantheonsite.io
erode.evsc.virginia.edu
findtrees.blandy.virginia.edu
apply.darden.virginia.edu
apply.undergradadmission.virginia.edu
*.cs.virginia.edu
wsx.lab.voice.virginia.edu
208.lsnc.net
falmouth.internal.lib.virginia.edu
hstsepiccaret.hscs.virginia.edu
hstsscrubip1.hscs.virginia.edu
5641826627223552-fe3.pantheonsite.io
www.arch.virginia.edu
acs.evsc.virginia.edu
ships.internal.lib.virginia.edu
xsp-cs.lab.voice.virginia.edu
*.jiveon.com
www.apps.studyabroad.virginia.edu
at.virginia.edu
hydrology.evsc.virginia.edu
gembaadmittedqc2.darden.virginia.edu
helpdesk.evsc.virginia.edu
vmssqlrp.eservices.virginia.edu
equityatlas.lib.virginia.edu
bioreproducibility.org
libanswers.law.virginia.edu
learningtech.virginia.edu
madcap.virginia.edu
epiccarelink.healthsystem.virginia.edu
apply.darden.virginia.edu
vdi-vcenter-s.eservices.virginia.edu
gracula.psyc.virginia.edu
cluster.technolutions.net
gwpapers.virginia.edu
panopto.eservices.virginia.edu
upenn-it.asc.upenn.edu

Certificate

The complete raw certificate details for clearpass.hscs.virginia.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIQDxmmw1pKtTZa6x3YFPZkMjANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNjExMDAwMDAwWhcN
MjAwNjE1MTIwMDAwWjCBtjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlZBMRgwFgYD
VQQHEw9DaGFybG90dGVzdmlsbGUxLjAsBgNVBAoTJVVuaXZlcnNpdHkgb2YgVmly
Z2luaWEgTWVkaWNhbCBDZW50ZXIxKjAoBgNVBAsTIUhlYWx0aCBTeXN0ZW0gVGVj
aG5vbG9neSBTZXJ2aWNlczEkMCIGA1UEAxMbY2xlYXJwYXNzLmhzY3MudmlyZ2lu
aWEuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1onPnkkzK9Gr
w/fFujJ6uQCyCBv5fYfSRWEdqtpCTrIYU894l6Y9NyMazkbKpGO66jZ07qcVFmt/
TldkFtOXZPaJpuhaZUO5FMu6Ap6J9Xt8qppwrdi6AVttmqFT9v5oWlST+fmclJt+
bKUgWfMB187WJ+xAMw3DEP9X+eYGP+E1VjfWdZGVHA3F0bDygX+Sww4Rvz+SE8Ei
/qigF8um9w1yRJKXdH1bNggfJvwiv2kqHo2V4N5Sjaa+JrYsxAUeS64xDQtuLyZR
oZmMxOU9ELIc8tw/7FjWvVJWq8KzVk6YSQGl6ZcwA/9VuEAwK7YWb1Z0+Tq6K/Kb
QDZ0WkBf5QIDAQABo4ICETCCAg0wHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0
LOHG2eIwHQYDVR0OBBYEFKvZrUCX2qn8hojvwTwXOr1Xc9YVMEAGA1UdEQQ5MDeC
G2NsZWFycGFzcy5oc2NzLnZpcmdpbmlhLmVkdYIYbmV0cmFkLmhzY3MudmlyZ2lu
aWEuZWR1MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29t
L3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv
bS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYI
KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIC
MHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
cnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v
RGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJgYJt4YcejqwJav
QjSYpfemfV9QjlV0WqtXIhKrGF8pXJK/ZnbNN9evqbjfv3fbOHFNw7R//epotiUc
ee9K+tbMNtMGCx6KkFo1nTMrM8NvVMusd3+StC6XvpXQAqgS5tNJktEa8FRKX1i+
6+SXIWv+NXu7aAekcYtXZ5JHdT6B2PoCfmKLC0sbepBi7JahA+21FbGcw5V4hQny
Ke4RVpPphvNfkPXSxNnbMI8LA1kAcU2cLXxSJIe0vVS9voth1thqLiYCXWL28s3I
4+azqJcnI3k52UDlqgcZ+/4pnrqxMoNFA9DMb8W8MesMS/sHcfG1nopt8ZcC+9h1
BglEht8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1onPnkkzK9Grw/fFujJ6
uQCyCBv5fYfSRWEdqtpCTrIYU894l6Y9NyMazkbKpGO66jZ07qcVFmt/TldkFtOX
ZPaJpuhaZUO5FMu6Ap6J9Xt8qppwrdi6AVttmqFT9v5oWlST+fmclJt+bKUgWfMB
187WJ+xAMw3DEP9X+eYGP+E1VjfWdZGVHA3F0bDygX+Sww4Rvz+SE8Ei/qigF8um
9w1yRJKXdH1bNggfJvwiv2kqHo2V4N5Sjaa+JrYsxAUeS64xDQtuLyZRoZmMxOU9
ELIc8tw/7FjWvVJWq8KzVk6YSQGl6ZcwA/9VuEAwK7YWb1Z0+Tq6K/KbQDZ0WkBf
5QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20071609715666972388688055324319835186
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-15 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Charlottesville'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'University of Virginia Medical Center'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Health System Technology Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'clearpass.hscs.virginia.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27082954404072639035410207195687056080086841648797203957136608456603444117591688352899299377809183179788304810427830610794714250370044345317848218849412663118968974709611282990543938411916695079294931593507839318877821551760104376444990891067641574338220172324559793943307384125877944823565310552337959556053553064920941727457797412963059311718809631223486678829217898756082676465293470121635905376566856689320829818988749258606745567932303389135263580483093229031597191317239587446792534492067400520763689513077381381566458315657673455498269943482676871696055852433983794866195029932130352040699814108861970134360037
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							abd9ad4097daa9fc8688efc13c173abd5773d615
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clearpass.hscs.virginia.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netrad.hscs.virginia.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00981826de1871e8eac096af423498a5f7a67d5f508e55745aab572212ab185f295c92bf6676cd37d7afa9b8dfbf77db38714dc3b47ffdea68b6251c79ef4afad6cc36d3060b1e8a905a359d332b33c36f54cbac777f92b42e97be95d002a812e6d34992d11af0544a5f58beebe497216bfe357bbb6807a4718b57679247753e81d8fa027e628b0b4b1b7a9062ec96a103edb515b19cc395788509f229ee115693e986f35f90f5d2c4d9db308f0b035900714d9c2d7c522487b4bd54bdbe8b61d6d86a2e26025d62f6f2cdc8e3e6b3a89727237939d940e5aa0719fbfe299ebab132834503d0cc6fc5bc31eb0c4bfb0771f1b59e8a6df19702fbd87506094486df