avalp.iii.com

- Avalon Free Public Library -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 03:41:06:e8:33:68:f1:1e:6b:03:1c:d0:21:9f:60:1f was issued on by DigiCert Inc.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Avalon Free Public Library

Organization: Avalon Free Public Library
State / Province: New Jersey
Locality: Avalon
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:41:06:e8:33:68:f1:1e:6b:03:1c:d0:21:9f:60:1f
Serial Number (int): 4325323374461439071479021230092148767
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 71:c9:f5:71:1c:9f:73:4a:d9:66:38:39:54:17:f0:49:40:7e:2f:8d
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): ca:7f:5f:85:13:45:b3:53:3f:06:c6:13:74:a0:15:08:04:8d:6f:44
Fingerprint (sha256): 00:6c:33:a9:fd:0a:a8:8c:d0:8b:0c:99:bd:fe:a8:8e:39:aa:21:6a:6c:13:44:13:f9:ee:36:b8:2f:f2:d8:a6

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate avalp.iii.com

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for avalp.iii.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

avalp.iii.com
avalonfreelibrary.org
www.avalonfreelibrary.org
encore.avalonfreelibrary.org
catalog.avalonfreelibrary.org

Other certificates including the domain name iii.com

(limited to 100 certificates)
avalp.iii.com
*.encoremildemo.iii.com
iii.com
secure0008.hubspot.com
www.iii.com
irftp.iii.com
secure0008.hubspot.com
secure0008.hubspot.com
army.iii.com
mt-edge-b.3scale.net
mt-edge-b.3scale.net
*.kb-staging.iii.com
*.encoremildemo.iii.com
ftp-virtua.iii.com
rssandbox-api.iii.com
secure0008.hubspot.com
developer.iii.com
secure0008.hubspot.com
rssandbox-api.iii.com
www.iii.com
secure0008.hubspot.com
inn-side-view.iii.com
irftp.iii.com
just.iii.com
inn-side-view.iii.com
spfpl.iii.com
go.iii.com
www.iii.com
usmalibrary.usma.edu
www.iii.com
developer.iii.com
utuls.iii.com
mt-edge-b.3scale.net
go.iii.com
mt-edge-b.3scale.net
iii.com
qa-api.iii.com
www.iii.com
irftp.iii.com
irftp.iii.com
utuls.iii.com
rssandbox-api.iii.com
irftp.iii.com
*.iii.com
ftp-virtua.iii.com
irftp.iii.com
secure0008.hubspot.com
*.kb-staging.iii.com
ftp-virtua.iii.com
idealab.iii.com
automation-workbench.iii.com
developer.iii.com
secure0008.hubspot.com
ftp-virtua.iii.com
utuls.iii.com
developer.iii.com
inn-side-view.iii.com
utuls.iii.com
api.iii.com
developer.iii.com
secure008.hubspot.com
just.iii.com
irftp.iii.com
*.iii.com
www.iii.com
mt-edge-b.3scale.net
iii.com
utuls.iii.com
www.iii.com
mt-edge-b.3scale.net
mt-edge-b.3scale.net
utuls.iii.com
mt-edge-b.3scale.net
www.iii.com
www.iii.com
mt-edge-b.3scale.net
uncw.iii.com
iii.com
www.iii.com
secure0008.hubspot.com
qa-api.iii.com
ftp-virtua.iii.com
usmalibrary.usma.edu
developer.iii.com
www.iii.com
secure0008.hubspot.com
developer.iii.com
go.iii.com
www.iii.com
library.utulsa.edu
iii.com
library.utulsa.edu
secure0008.hubspot.com
support.iii.com
go.iii.com
mt-edge-b.3scale.net
staging-api.iii.com
*.iii.com
utuls.iii.com
automation-workbench.iii.com

Certificate

The complete raw certificate details for avalp.iii.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIQA0EG6DNo8R5rAxzQIZ9gHzANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAxMjQwMDAwMDBa
Fw0yMzAyMjQyMzU5NTlaMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVy
c2V5MQ8wDQYDVQQHEwZBdmFsb24xIzAhBgNVBAoTGkF2YWxvbiBGcmVlIFB1Ymxp
YyBMaWJyYXJ5MRYwFAYDVQQDEw1hdmFscC5paWkuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAsXAnafwUPyN0Xm918E9ebM4a0of4593ig3UECoI9
nQgKKeAPR6QKlds2NR1ZplFRsoDUFHhijP1MtdRGyorF6zZmjVu7RkadTvivlaC9
sOTMk/CooAun6TWS3rQHWFWgTlprOTKj0GuLxak3vOo3YDTWrdai8k8HK5QHjtMu
hOQDpM73+ywiVDIPQU3PcSwxmI1eGiTBfswVD/aKyn1K5bT0acoQyV3crk/WpC8n
sxopjntQ3vEn9dET/HtVWyOzxOGsf6Euq0uRGk7ggeZZbrH1zTu8mCxT1lmRMhIn
CX6Ohz0Ajd7VVsA+LkBWZWrGCttwIzhXbKRuWX+9XhbMZwIDAQABo4ICdDCCAnAw
HwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYDVR0OBBYEFHHJ9XEc
n3NK2WY4OVQX8ElAfi+NMIGIBgNVHREEgYAwfoINYXZhbHAuaWlpLmNvbYIVYXZh
bG9uZnJlZWxpYnJhcnkub3Jnghl3d3cuYXZhbG9uZnJlZWxpYnJhcnkub3Jnghxl
bmNvcmUuYXZhbG9uZnJlZWxpYnJhcnkub3Jngh1jYXRhbG9nLmF2YWxvbmZyZWVs
aWJyYXJ5Lm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2lj
ZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwQKA+oDyG
Omh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIw
MjBDQTEtNC5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYb
aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH8GCCsGAQUFBwEBBHMwcTAkBggr
BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1o
dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYy
MDIwQ0ExLTEuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAw
DQYJKoZIhvcNAQELBQADggEBAD1Py1L/kwHUQSrDWC5e1/1XLTjQC45oRpn9Gnsd
fH0jAByuu7L2kZfEn0FbQWuZu7DDfNwhYQ4rHP2YV6cS2ukOQCMfUhWFNftKgK9G
+zV6Ss5y+41iZon0xtdukfeaHC/YPotKOQl9vflWlQuz5tY7tYegAbqMWPpswuy+
kBdhyiCzRJkUVGLJkszfmv5j+Uw0vIZQzvhv63SUvp4zPYtTFcHIxn/EBlsnOsOx
SExDIogWxdFDBn37Mi7bj1hzOZ+kQh6JhvAi68wcqpJDvtv1PJGEIlOd48kPA+5P
+H6r8f3SiaaquGBXP8MDe1choCxziNO+5u3LY94s9bp9cFo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXAnafwUPyN0Xm918E9e
bM4a0of4593ig3UECoI9nQgKKeAPR6QKlds2NR1ZplFRsoDUFHhijP1MtdRGyorF
6zZmjVu7RkadTvivlaC9sOTMk/CooAun6TWS3rQHWFWgTlprOTKj0GuLxak3vOo3
YDTWrdai8k8HK5QHjtMuhOQDpM73+ywiVDIPQU3PcSwxmI1eGiTBfswVD/aKyn1K
5bT0acoQyV3crk/WpC8nsxopjntQ3vEn9dET/HtVWyOzxOGsf6Euq0uRGk7ggeZZ
brH1zTu8mCxT1lmRMhInCX6Ohz0Ajd7VVsA+LkBWZWrGCttwIzhXbKRuWX+9XhbM
ZwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4325323374461439071479021230092148767
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Avalon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Avalon Free Public Library'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'avalp.iii.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22399485158388067486825174624693545107440060128606283934881418474940608955327918221631786163099164676040938197024593482643870162860165830763865537294182416914237222569194237925122695045911189290042545211641935506905493420504410507698566975236701890784781534211115354990443658256841037087004342708902718707973612631691102060218256669464046347676877916351225692185870293504658082720315273162093717439170068465373939922915392828723499739468873773268389194155592201715028074510532663412718133815451447543160112397476945783452716928528314362814185880833777048939521689626814864067378587696502655441430872022514724561669223
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							71c9f5711c9f734ad96638395417f049407e2f8d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (128 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avalp.iii.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avalonfreelibrary.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avalonfreelibrary.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'encore.avalonfreelibrary.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'catalog.avalonfreelibrary.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003d4fcb52ff9301d4412ac3582e5ed7fd572d38d00b8e684699fd1a7b1d7c7d23001caebbb2f69197c49f415b416b99bbb0c37cdc21610e2b1cfd9857a712dae90e40231f52158535fb4a80af46fb357a4ace72fb8d626689f4c6d76e91f79a1c2fd83e8b4a39097dbdf956950bb3e6d63bb587a001ba8c58fa6cc2ecbe901761ca20b34499145462c992ccdf9afe63f94c34bc8650cef86feb7494be9e333d8b5315c1c8c67fc4065b273ac3b1484c43228816c5d143067dfb322edb8f5873399fa4421e8986f022ebcc1caa9243bedbf53c918422539de3c90f03ee4ff87eabf1fdd289a6aab860573fc3037b5721a02c7388d3bee6edcb63de2cf5ba7d705a