*.library.ca.gov
- California State Library -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 03:17:9e:95:50:e8:47:4f:e9:71:06:a3:2a:26:db:20 was issued on by DigiCert Inc.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
California State Library
Organization:
California State Library
State / Province:
California
Locality: Sacramento
Country: US
Locality: Sacramento
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:17:9e:95:50:e8:47:4f:e9:71:06:a3:2a:26:db:20Serial Number (int): 4110323265854248581473406115606092576
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: d0:47:ba:cb:4f:45:03:11:f9:d1:f8:d7:06:e5:f3:50:42:0e:57:e7
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): a7:a3:55:8b:36:21:be:c9:d6:ea:6a:d7:a3:84:04:17:7b:45:b3:04
Fingerprint (sha256): 00:b5:21:0e:27:d2:ec:3b:9a:f7:70:3f:c6:f7:83:da:1a:71:a4:7e:eb:cb:15:2f:ad:23:c2:4b:0c:73:34:d5
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl
Check the revocation status for certificate *.library.ca.gov
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.library.ca.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.library.ca.gov
www.btbl.library.ca.gov
www.catalog.library.ca.gov
www.cahomelessyouth.library.ca.gov
www.elf2.library.ca.gov
www.pickup.library.ca.gov
www.governors.library.ca.gov
www.dbs.library.ca.gov
library.ca.gov
www.btbl.library.ca.gov
www.catalog.library.ca.gov
www.cahomelessyouth.library.ca.gov
www.elf2.library.ca.gov
www.pickup.library.ca.gov
www.governors.library.ca.gov
www.dbs.library.ca.gov
library.ca.gov
Other certificates including the domain name ca.gov
(limited to 100 certificates)
tomalescsd.ca.gov
calbar.ca.gov
cbdmpdcs.cdph.ca.gov
test.cnips.ca.gov
eams.dwc.ca.gov
incapsula.com
staging3.rcpa.ca.gov
5671617594130432-fe3.pantheonsite.io
cases.oehha.ca.gov
google.ftb.ca.gov
incapsula.com
jobstraining.ca.gov
test-web-lws.edu.help
test.cairhub-vic-api.cdph.ca.gov
*.fire.ca.gov
www.dgsapps.dgs.ca.gov
*.cammis-mod-sit.dhcs.ca.gov
carpepm.almonds.com
*.dmhc.ca.gov
familieschange.ca.gov
incapsula.com
accountportalstg.cdph.ca.gov
cert00091-azurecdn.akamaized.net
supedocs.jud.ca.gov
pes.post.ca.gov
espssrs.oshpd.ca.gov
assist.dsh.ca.gov
cert00025-azurecdn.akamaized.net
test-www.ots.ca.gov
www.privacy.ca.gov
passwordreset.stg.courts.ca.gov
tnm.ftb.ca.gov
cert00080-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
www.scout.ca.gov
brdcvpnb.net.ca.gov
californiasolarstatistics.ca.gov
ecr1.si.odi.cdt.ca.gov
imperva.com
cert00060-azurecdn.akamaized.net
performance.medi-cal.ca.gov
sdiom.edd.ca.gov
caleprocure.ca.gov
incapsula.com
wca.ca.gov
portal.ncric.ca.gov
dtsc.ca.gov
tahoe.ca.gov
*.ctc.ca.gov
incapsula.com
cert00078-azurecdn.akamaized.net
imperva.com
cert00091-azurecdn.akamaized.net
*.sos.ca.gov
pas.familieschange.ca.gov
calgold.ca.gov
*.kern.courts.ca.gov
saltoncsd.ca.gov
cert00078-azurecdn.akamaized.net
incapsula.com
www.sonoma.courts.ca.gov
www.cba.ca.gov
cert00078-azurecdn.akamaized.net
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
incapsula.com
*.sdcourt.ca.gov
incapsula.com
cert00052-azurecdn.akamaized.net
healthstrategicplan.sonomacounty.ca.gov
incapsula.com
apps.calbar.ca.gov
nartc.fcm.arizona.edu
www.yuba.courts.ca.gov
*.library.ca.gov
stanct.org
capiaa.ca.gov
cws.access.ca.gov
bboard.technology.ca.gov
SIS2STAGING.CDPH.CA.GOV
author.chhsa.ca.gov
5675267779461120-fe4.pantheonsite.io
grants.ca.gov
accepttest.medi-cal.ca.gov
calendar.sdzsafaripark.org
phnsdcounty.us
listserv.sco.ca.gov
pass.cdcr.ca.gov
www.casgem.water.ca.gov
mail.buttecourt.ca.gov
cert00068-azurecdn.akamaized.net
cert00098-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
incapsula.com
sip.fiscal.ca.gov
panorama.epanet.ca.gov
SVGCALCDRM.ct.dot.ca.gov
incapsula.com
vpn1.dhcs.ca.gov
Info.fresno.courts.ca.gov
calbar.ca.gov
cbdmpdcs.cdph.ca.gov
test.cnips.ca.gov
eams.dwc.ca.gov
incapsula.com
staging3.rcpa.ca.gov
5671617594130432-fe3.pantheonsite.io
cases.oehha.ca.gov
google.ftb.ca.gov
incapsula.com
jobstraining.ca.gov
test-web-lws.edu.help
test.cairhub-vic-api.cdph.ca.gov
*.fire.ca.gov
www.dgsapps.dgs.ca.gov
*.cammis-mod-sit.dhcs.ca.gov
carpepm.almonds.com
*.dmhc.ca.gov
familieschange.ca.gov
incapsula.com
accountportalstg.cdph.ca.gov
cert00091-azurecdn.akamaized.net
supedocs.jud.ca.gov
pes.post.ca.gov
espssrs.oshpd.ca.gov
assist.dsh.ca.gov
cert00025-azurecdn.akamaized.net
test-www.ots.ca.gov
www.privacy.ca.gov
passwordreset.stg.courts.ca.gov
tnm.ftb.ca.gov
cert00080-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
www.scout.ca.gov
brdcvpnb.net.ca.gov
californiasolarstatistics.ca.gov
ecr1.si.odi.cdt.ca.gov
imperva.com
cert00060-azurecdn.akamaized.net
performance.medi-cal.ca.gov
sdiom.edd.ca.gov
caleprocure.ca.gov
incapsula.com
wca.ca.gov
portal.ncric.ca.gov
dtsc.ca.gov
tahoe.ca.gov
*.ctc.ca.gov
incapsula.com
cert00078-azurecdn.akamaized.net
imperva.com
cert00091-azurecdn.akamaized.net
*.sos.ca.gov
pas.familieschange.ca.gov
calgold.ca.gov
*.kern.courts.ca.gov
saltoncsd.ca.gov
cert00078-azurecdn.akamaized.net
incapsula.com
www.sonoma.courts.ca.gov
www.cba.ca.gov
cert00078-azurecdn.akamaized.net
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
incapsula.com
*.sdcourt.ca.gov
incapsula.com
cert00052-azurecdn.akamaized.net
healthstrategicplan.sonomacounty.ca.gov
incapsula.com
apps.calbar.ca.gov
nartc.fcm.arizona.edu
www.yuba.courts.ca.gov
*.library.ca.gov
stanct.org
capiaa.ca.gov
cws.access.ca.gov
bboard.technology.ca.gov
SIS2STAGING.CDPH.CA.GOV
author.chhsa.ca.gov
5675267779461120-fe4.pantheonsite.io
grants.ca.gov
accepttest.medi-cal.ca.gov
calendar.sdzsafaripark.org
phnsdcounty.us
listserv.sco.ca.gov
pass.cdcr.ca.gov
www.casgem.water.ca.gov
mail.buttecourt.ca.gov
cert00068-azurecdn.akamaized.net
cert00098-azurecdn.akamaized.net
cert00025-azurecdn.akamaized.net
incapsula.com
sip.fiscal.ca.gov
panorama.epanet.ca.gov
SVGCALCDRM.ct.dot.ca.gov
incapsula.com
vpn1.dhcs.ca.gov
Info.fresno.courts.ca.gov
Certificate
The complete raw certificate details for *.library.ca.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHfjCCBmagAwIBAgIQAxeelVDoR0/pcQajKibbIDANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwNTEzMDAwMDAwWhcN MjIwNzI5MTIwMDAwWjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p YTETMBEGA1UEBxMKU2FjcmFtZW50bzEhMB8GA1UEChMYQ2FsaWZvcm5pYSBTdGF0 ZSBMaWJyYXJ5MRkwFwYDVQQDDBAqLmxpYnJhcnkuY2EuZ292MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpMaVYlqZALeydXZY3rqmMV5/wiR8LMRwHNx Op2FSpad5vJqg5Z0sMboPc4dQhYWqPBqLGoH6DDnv4mTk3ks4BhZcD7Sz/qHJqGG 2u5J4iu+dnb+KkCRYNCa2QCvEpg7AQaV9XTVvhLX8kr+WInaPV+42bEJD4p7MHcy lhiZV9OqWHftioQEU14W/OXN+/lDF+h4qD0xkIWGjJnfCp2LLVnxTOeMIRwEWbR9 oAJelnQ+kF6ClDiNoCbpfgiGmzyAdL2gtDvLrpDIk19M1MeY5hTD63GzpYPdIHZM zD+4m+sfEBFAx8TKlMg9py4tLLe0qXfVwuYc37jhxZ4ZtkRg0wIDAQABo4IEMDCC BCwwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFNBH ustPRQMR+dH41wbl81BCDlfnMIHwBgNVHREEgegwgeWCECoubGlicmFyeS5jYS5n b3aCF3d3dy5idGJsLmxpYnJhcnkuY2EuZ292ghp3d3cuY2F0YWxvZy5saWJyYXJ5 LmNhLmdvdoIid3d3LmNhaG9tZWxlc3N5b3V0aC5saWJyYXJ5LmNhLmdvdoIXd3d3 LmVsZjIubGlicmFyeS5jYS5nb3aCGXd3dy5waWNrdXAubGlicmFyeS5jYS5nb3aC HHd3dy5nb3Zlcm5vcnMubGlicmFyeS5jYS5nb3aCFnd3dy5kYnMubGlicmFyeS5j YS5nb3aCDmxpYnJhcnkuY2EuZ292MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2Ny bDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9j cmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJ YIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNv bS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0 cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0 cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwG A1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2ACl5vvCeOTkh 8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABcg/uFxQAAAQDAEcwRQIgLD7buRL/ le9Jl5MMK865FLzv/FZ8B7N2rZD3KB/0YZsCIQDudJHaxcIlt2fMadTO8vxvY4dp FxBzWlBK3j5FB5jsAwB2ACJFRQdZVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8C AAABcg/uFzMAAAQDAEcwRQIhAONHzTCMYDdr29z/eoMMCXcanqhxyZlUjlDh1OaV pwwNAiAkIxDwlJxxRTVANMOQqUe8CDtN5IY+UD0GQu2sUUy4RQB3AFGjsPX9AXmc Vm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABcg/uF34AAAQDAEgwRgIhAKy8msvG YoZGH6FaUwX12yodNrd8AuVk7HyBVlTIF65cAiEAw3dy1iIcG8UICy/MHLMaVBbk fzJms9QC+06bHzqL21MwDQYJKoZIhvcNAQELBQADggEBAAc0Khn/wexR+SVXyM+l tw8pIUzQyFmS4DI9dSJU25MTHG/8o6aRrt7POE1FrvfNBzXvbrWKXD06HD23it6r dHOKYuFwjFagCC/xUGesc9NIm/Vexo+i4Bno2sLCWpEnc23cDVraIAGc1j/CB5f1 wZJ183eIXKFS5pZ9Lc65OWIGGkXrbq8rPjYaKgACFRSLRUAPNHfybklb8NhPO5/N iK4W0ZWkEHSBoV97aWvtg2cJolHSmtJuhOaHFGY6cU1iq5gZvsDeumVMUvcHt9ka a6ZMgxup8xSpRON1/JLRy8gUfynEt+BEM+ygt55fAzmVUxXa9glhazTNneBmNpg5 K8o= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpMaVYlqZALeydXZY3rq mMV5/wiR8LMRwHNxOp2FSpad5vJqg5Z0sMboPc4dQhYWqPBqLGoH6DDnv4mTk3ks 4BhZcD7Sz/qHJqGG2u5J4iu+dnb+KkCRYNCa2QCvEpg7AQaV9XTVvhLX8kr+WIna PV+42bEJD4p7MHcylhiZV9OqWHftioQEU14W/OXN+/lDF+h4qD0xkIWGjJnfCp2L LVnxTOeMIRwEWbR9oAJelnQ+kF6ClDiNoCbpfgiGmzyAdL2gtDvLrpDIk19M1MeY 5hTD63GzpYPdIHZMzD+4m+sfEBFAx8TKlMg9py4tLLe0qXfVwuYc37jhxZ4ZtkRg 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4110323265854248581473406115606092576 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-29 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sacramento' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California State Library' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.library.ca.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26077629950635180962717544793792162811534965449120877488173004436085336902066571128421379655159242277876550219751528963765661939705823984471613586220328023106010927835780672133858706645563242889716285801982787967114874797296825304841306481759288935939485935016172537445511476618945251060485532535506171678730645463665511931322640656746963019562536767353140067886422969256027946401303322802554220370075545851861057227787220035424577941078559495712429189567922490004080795066987133834535476519828072121461551052492544089497701503074166253034656897101448423651886114794824136684272018599130322986935278486059994694574291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d047bacb4f450311f9d1f8d706e5f350420e57e7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (232 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.btbl.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.catalog.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cahomelessyouth.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.elf2.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pickup.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.governors.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dbs.library.ca.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'library.ca.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc784000001720fee1714000004030047304502202c3edbb912ff95ef4997930c2bceb914bceffc567c07b376ad90f7281ff4619b022100ee7491dac5c225b767cc69d4cef2fc6f6387691710735a504ade3e450798ec030076002245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f02000001720fee17330000040300473045022100e347cd308c60376bdbdcff7a830c09771a9ea871c999548e50e1d4e695a70c0d0220242310f0949c7145354034c390a947bc083b4de4863e503d0642edac514cb84500770051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e5000001720fee177e0000040300483046022100acbc9acbc66286461fa15a5305f5db2a1d36b77c02e564ec7c815654c817ae5c022100c37772d6221c1bc5080b2fcc1cb31a5416e47f3266b3d402fb4e9b1f3a8bdb53 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0007342a19ffc1ec51f92557c8cfa5b70f29214cd0c85992e0323d752254db93131c6ffca3a691aedecf384d45aef7cd0735ef6eb58a5c3d3a1c3db78adeab74738a62e1708c56a0082ff15067ac73d3489bf55ec68fa2e019e8dac2c25a9127736ddc0d5ada20019cd63fc20797f5c19275f377885ca152e6967d2dceb93962061a45eb6eaf2b3e361a2a000215148b45400f3477f26e495bf0d84f3b9fcd88ae16d195a4107481a15f7b696bed836709a251d29ad26e84e68714663a714d62ab9819bec0deba654c52f707b7d91a6ba64c831ba9f314a944e375fc92d1cbc8147f29c4b7e04433eca0b79e5f0339955315daf609616b34cd9de0663698392bca