main.rhelp.roche.com
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 03:62:4f:1c:45:37:63:46:a8:00:55:cc:c7:c1:37:8d was issued on by DigiCert, Inc..
With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=main.rhelp.roche.com
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:62:4f:1c:45:37:63:46:a8:00:55:cc:c7:c1:37:8dSerial Number (int): 4498133629659825023083628010735220621
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: a4:99:89:d7:fd:78:ce:74:3e:05:86:df:a2:6b:60:9a:48:45:54:ed
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): d9:71:4b:01:ba:34:14:ed:0d:a4:ef:1d:0c:fc:08:b2:09:2c:2f:83
Fingerprint (sha256): 00:74:0a:95:4a:ff:31:9b:44:c0:95:d7:33:dc:19:d2:8a:0a:8e:54:ca:47:6a:1f:c0:68:22:a4:b1:31:87:75
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate main.rhelp.roche.com
15
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for main.rhelp.roche.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
main.rhelp.roche.com
alpha.rhelp.roche.com
apac.rhelp.roche.com
beta.rhelp.roche.com
customer.rhelp.roche.com
delta.rhelp.roche.com
emea1.rhelp.roche.com
emea2.rhelp.roche.com
emea.rhelp.roche.com
gamma.rhelp.roche.com
latam.rhelp.roche.com
noam.rhelp.roche.com
rhelp.roche.com
ssi.rhelp.roche.com
test.rhelp.roche.com
alpha.rhelp.roche.com
apac.rhelp.roche.com
beta.rhelp.roche.com
customer.rhelp.roche.com
delta.rhelp.roche.com
emea1.rhelp.roche.com
emea2.rhelp.roche.com
emea.rhelp.roche.com
gamma.rhelp.roche.com
latam.rhelp.roche.com
noam.rhelp.roche.com
rhelp.roche.com
ssi.rhelp.roche.com
test.rhelp.roche.com
Other certificates including the domain name roche.com
(limited to 100 certificates)
involve.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
Certificate
The complete raw certificate details for main.rhelp.roche.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJ0jCCB7qgAwIBAgIQA2JPHEU3Y0aoAFXMx8E3jTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjIxMDE3MDAwMDAwWhcNMjMxMTE3MjM1OTU5WjAfMR0wGwYDVQQDExRtYWluLnJo ZWxwLnJvY2hlLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANik 1sH/yIBTPMgXUPKhRVS+fUAg45JasF0vEyc7UNIUdF/7BRCFs/5kTL6eZWBQGbAx N7WrAXSNz5K7KHFFm1QkWo8ZSRT6XnwloWoRYWvLPtsWL2TKQmhLUy8adGCtt4Xr gfuO6NKFIukupVnZ0VfCSYG1MVjK9rzD4DwKFdbxVNtRWLgR5lQLicXKZT4HPl0/ FZ7+5NIqzXVhFSEPi+Uuge+qfDlnzsH3zNm/WSlaTvAqK3V3KnRyL6i8IeFih7IN d1n4m3kfW44gAs5JjttINIio9zYVmpZOpFZrd0l7JrzVYBGZ1ozuE1De11vnA2Pj ek+uQJ4+zkdBZ2kXYe6imUhrCSVRM8kfc7QnCJJMa2uvwsSXD3f7iUbWVi3Ksg5l 7eOav5AftafiNsoTVMcBjE4m31//mKmaXwuhDYsF/RtrC4wAIVQK4qm07cIq198P 9rb72qhZd1VSfwHsQR1A+dle7ZWAMMzcGmIVz7xV853xIzCQ7C18UawmJ+OFObXa TMwsIXawQhtNBLVhN0p9nuX58tj6jxT14NkbiOgCkAvhptG7vXdnj9LDC2r2POjK 3HHOLQTOChkPzmPCPXxMFmrWxqf3Mx1lgENloAps5uvcxkhXfvgGdYK9ZwNi040O D18NEx1zyhXHnpVSSfJazRFiFE6FQJtDsp2YPdHFAgMBAAGjggTLMIIExzAfBgNV HSMEGDAWgBSltNbrNsTna6bfxGQLASogBLhmIzAdBgNVHQ4EFgQUpJmJ1/14znQ+ BYbfomtgmkhFVO0wggFbBgNVHREEggFSMIIBToIUbWFpbi5yaGVscC5yb2NoZS5j b22CFWFscGhhLnJoZWxwLnJvY2hlLmNvbYIUYXBhYy5yaGVscC5yb2NoZS5jb22C FGJldGEucmhlbHAucm9jaGUuY29tghhjdXN0b21lci5yaGVscC5yb2NoZS5jb22C FWRlbHRhLnJoZWxwLnJvY2hlLmNvbYIVZW1lYTEucmhlbHAucm9jaGUuY29tghVl bWVhMi5yaGVscC5yb2NoZS5jb22CFGVtZWEucmhlbHAucm9jaGUuY29tghVnYW1t YS5yaGVscC5yb2NoZS5jb22CFWxhdGFtLnJoZWxwLnJvY2hlLmNvbYIUbm9hbS5y aGVscC5yb2NoZS5jb22CD3JoZWxwLnJvY2hlLmNvbYITc3NpLnJoZWxwLnJvY2hl LmNvbYIUdGVzdC5yaGVscC5yb2NoZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJo dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2 U0hBMjU2MjAyMkNBMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv bS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDA+BgNV HSAENzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2lj ZXJ0LmNvbS9DUFMwgYcGCCsGAQUFBwEBBHsweTAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AuZGlnaWNlcnQuY29tMFEGCCsGAQUFBzAChkVodHRwOi8vY2FjZXJ0cy5k aWdpY2VydC5jb20vR2VvVHJ1c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNB MS5jcnQwCQYDVR0TBAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA6D7Q 2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGD6FbjaAAABAMARzBFAiBY /6WyakG8zL1+bQTkcci9Oba8uvfBpmMbRTPIbNRgyQIhAIm0Vc8jGivDyIraP8dL 4vtj8LUgm9WGdSgt52jom3LvAHUAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PAD Dnk2pZoAAAGD6Fbj1AAABAMARjBEAiAvMXrk2iaF4DnF4fmu8wVzmk6jLKlpWxDU YkkFuiSXtwIgKn+BA9Rf1Hr6iCodxgIkTCP9X1SGS3VjCHKe5wpT8Q0AdwC3Pvsk 35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYPoVuOjAAAEAwBIMEYCIQD+ eAJSPlDZfO0Y9yUi5Yr5T8jO4KCSRAcLT4yINUSiwAIhAL7PKaa4TLLq2EdI4XQc MHXNTyQV/KPQGGuwcvutwXcOMA0GCSqGSIb3DQEBCwUAA4ICAQAUMi4vCg+BEYxM rd2WReZ0NMVKi2si7VSxypQZzti/5dz81D+27XY4ZpoCVp9+zhg0KfBrRwXmDzOD 3GqPmdpKFxdL5eDs84N6eBk7eMMunWd4MdSYi0urAxyz382Do5l6cvAA3SewIbPh LRIT2zyLfmNdibgYfGieS4j5pM687XGAqDX61k8v5SkwzcZ94A/IacxZ55n+Q/Af QEthwub6vmJOMHnjzu/3Mpkh5FLB3a13UZ3gWtoEjeDIepQeeFFeBtLxcja9rerP iXc9tcu1wVN/AHJcYvs2CpLOF0enbGTCEAUgrWXzMTHYo50x03KYNlW7eJg2wNyn XWZ3jyIrsQ3H9RlMsXKJohjxo/8V22/S0WZ0r0ZfGwiGEnglEgYi0Rdm1mQD4CKS KSBUdoay0WGbpt594LoTS3YMHGwV+CVHUv0QHLmP+DBjLhPQ41NDaUU2e8L9ojqo Q71mx/Fh565hlwkIhUOpGZG2T1o8+yPo4pMYxDh55LwE09taRgVqtHcEaTi1IXId AlQQgC7UwnnpMRCSm3MjXV/a/5QpVCErZsdxyRArg0pHmz32ZWFwtJWaBStAJzrF 1A6f+Ot69mavaS+PE1Wl4pGbf4/1S3g5PrGdOqT/IrPr4FHljXr+chABh63Dh7Bp GAH35Oph5AKPyk9tkAP1l6aAeC5ywQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2KTWwf/IgFM8yBdQ8qFF VL59QCDjklqwXS8TJztQ0hR0X/sFEIWz/mRMvp5lYFAZsDE3tasBdI3PkrsocUWb VCRajxlJFPpefCWhahFha8s+2xYvZMpCaEtTLxp0YK23heuB+47o0oUi6S6lWdnR V8JJgbUxWMr2vMPgPAoV1vFU21FYuBHmVAuJxcplPgc+XT8Vnv7k0irNdWEVIQ+L 5S6B76p8OWfOwffM2b9ZKVpO8CordXcqdHIvqLwh4WKHsg13WfibeR9bjiACzkmO 20g0iKj3NhWalk6kVmt3SXsmvNVgEZnWjO4TUN7XW+cDY+N6T65Anj7OR0FnaRdh 7qKZSGsJJVEzyR9ztCcIkkxra6/CxJcPd/uJRtZWLcqyDmXt45q/kB+1p+I2yhNU xwGMTibfX/+YqZpfC6ENiwX9G2sLjAAhVAriqbTtwirX3w/2tvvaqFl3VVJ/AexB HUD52V7tlYAwzNwaYhXPvFXznfEjMJDsLXxRrCYn44U5tdpMzCwhdrBCG00EtWE3 Sn2e5fny2PqPFPXg2RuI6AKQC+Gm0bu9d2eP0sMLavY86Mrccc4tBM4KGQ/OY8I9 fEwWatbGp/czHWWAQ2WgCmzm69zGSFd++AZ1gr1nA2LTjQ4PXw0THXPKFceelVJJ 8lrNEWIUToVAm0OynZg90cUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4498133629659825023083628010735220621 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'main.rhelp.roche.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 883830009439022357716776062470696468794595210510798994272926985077104529713217170511842021914506784504666428692286934822464763145383276910714480741747107209218642040961447937839199038457280093103338348780330883593356416449810067856541876711762378252495264760552318883856280265592359603069148410914583398448952182361164871118145048260912753312585299750749809806307093411389886334051739319253439158215867567432518038922344230655670361119982845617956425450007078298172983111715674512711652145901078608273027028152498124826214078714666196316258919505619947916390814573740602810202240096253037611606652514280899557065455489536219397058871998129797667933445572205570628855558030717729413744817072807288452389592461683597594484250311592100099469661101589465023311704243789804608287690677260050592509329890865606217092979168968781772545213159717007768962715121388152827590682161192191105772068479987119640947144841377017230135225212434054544142919462170484629393080816667249162044642122552589202847468532018132636233468407449571392927871406184859906022527327170081003975323273548947230526179820297406604716171830386889614660903205310367247723484871349007980635714455531663429473581672699043555818960269263226404243069500030404350673405465029 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a49989d7fd78ce743e0586dfa26b609a484554ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (338 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'main.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alpha.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apac.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'customer.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'delta.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'emea1.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'emea2.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'emea.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gamma.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'latam.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'noam.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssi.rhelp.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.rhelp.roche.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000183e856e3680000040300473045022058ffa5b26a41bcccbd7e6d04e471c8bd39b6bcbaf7c1a6631b4533c86cd460c902210089b455cf231a2bc3c88ada3fc74be2fb63f0b5209bd58675282de768e89b72ef007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000183e856e3d4000004030046304402202f317ae4da2685e039c5e1f9aef305739a4ea32ca9695b10d4624905ba2497b702202a7f8103d45fd47afa882a1dc602244c23fd5f54864b756308729ee70a53f10d007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000183e856e3a30000040300483046022100fe7802523e50d97ced18f72522e58af94fc8cee0a09244070b4f8c883544a2c0022100becf29a6b84cb2ead84748e1741c3075cd4f2415fca3d0186bb072fbadc1770e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0014322e2f0a0f81118c4caddd9645e67434c54a8b6b22ed54b1ca9419ced8bfe5dcfcd43fb6ed7638669a02569f7ece183429f06b4705e60f3383dc6a8f99da4a17174be5e0ecf3837a78193b78c32e9d677831d4988b4bab031cb3dfcd83a3997a72f000dd27b021b3e12d1213db3c8b7e635d89b8187c689e4b88f9a4cebced7180a835fad64f2fe52930cdc67de00fc869cc59e799fe43f01f404b61c2e6fabe624e3079e3ceeff7329921e452c1ddad77519de05ada048de0c87a941e78515e06d2f17236bdadeacf89773db5cbb5c1537f00725c62fb360a92ce1747a76c64c2100520ad65f33131d8a39d31d372983655bb789836c0dca75d66778f222bb10dc7f5194cb17289a218f1a3ff15db6fd2d16674af465f1b0886127825120622d11766d66403e022922920547686b2d1619ba6de7de0ba134b760c1c6c15f8254752fd101cb98ff830632e13d0e353436945367bc2fda23aa843bd66c7f161e7ae619709088543a91991b64f5a3cfb23e8e29318c43879e4bc04d3db5a46056ab477046938b521721d025410802ed4c279e93110929b73235d5fdaff942954212b66c771c9102b834a479b3df6656170b4959a052b40273ac5d40e9ff8eb7af666af692f8f1355a5e2919b7f8ff54b78393eb19d3aa4ff22b3ebe051e58d7afe72100187adc387b0691801f7e4ea61e4028fca4f6d9003f597a680782e72c1