*.bestbuy.com

- BBY Solutions, Inc. -

Issued by Verizon Akamai SureServer CA G14-SHA2

About this certificate

This digital certificate with serial number 6f:bb:40:ce:68:f3:6b:2a:1b:5b:4c:d0:0e:f6:5d:1a:96:33:f2:ef was issued on by Verizon Enterprise Solutions.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • When the id-ad-caIssuers accessMethod is used, at least one instance SHOULD specify an accessLocation that is an HTTP or LDAP URI (RFC 5280: 4.2.2.1)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

BBY Solutions, Inc.

Organization: BBY Solutions, Inc.
Organization unit: Systems Operations
State / Province: MN
Locality: Richfield
Country: US

Verizon Enterprise Solutions

Organization: Verizon Enterprise Solutions
Organization unit: Cybertrust
Locality: Amsterdam
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 6f:bb:40:ce:68:f3:6b:2a:1b:5b:4c:d0:0e:f6:5d:1a:96:33:f2:ef
Serial Number (int): 637873860337542245338587107613479628416738390767
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: e8:24:75:3d:ab:9e:4f:b8:7e:03:34:97:d2:83:25:92:83:ae:12:b0
AuthorityKeyId: f8:bd:fa:af:73:77:c6:c7:1b:f9:4b:4d:11:a7:d1:33:af:af:72:11

Fingerprint (sha1): bf:33:b3:4d:ad:95:53:c3:3f:11:07:e5:08:7d:d1:9a:eb:6c:42:41
Fingerprint (sha256): 00:de:3f:d1:cf:e6:39:41:aa:14:09:3b:04:a4:37:0e:7a:16:23:ac:74:08:da:9f:23:1f:67:8b:71:bd:72:f9

Issuing Certificate URL: https://cacert.a.omniroot.com/vassg142.crt
Issuing Certificate URL: https://cacert.a.omniroot.com/vassg142.der

Revocation information

OCSP Server: http://vassg142.ocsp.omniroot.com
CRL Distribution Point: http://vassg142.crl.omniroot.com/vassg142.crl

Check the revocation status for certificate *.bestbuy.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.bestbuy.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.bestbuy.com

Other certificates including the domain name bestbuy.com

(limited to 100 certificates)
san.bestbuy.com
attechapi-app-int-east.stage.browse.bestbuy.com
kibana.test.monitoring.bestbuy.com
bttnview-njs-int-east.test.browse.bestbuy.com
advsmlssrvc-app-int-west.prod.browse.bestbuy.com
swift1.prod.skyblue.bestbuy.com
access.bestbuy.com
addsource-app-int-east.prod.browse.bestbuy.com
pricevw-njs-ext-west.prod.browse.bestbuy.com
ofrsvapi-app-ext-east.test.browse.bestbuy.com
commerce-api.test.bestbuy.com
apid-app-west-int.prod.browse.bestbuy.com
identity-ingress-global.dev.gcp.bestbuy.com
apex-configservice-global.test.gcp.bestbuy.com
mexico-web-west.prod.browse.bestbuy.com
platmanpb-app-int-west.prod.browse.bestbuy.com
accessfedpl.bestbuy.com
lstsrvces-app-ext-east.test.browse.bestbuy.com
bestbuyconnect.com
drwsmpanntwlv-app-int-east.test.cgraph.bestbuy.com
priceviewn-app-ext-east.test.browse.bestbuy.com
profulfil-web-east.test.browse.bestbuy.com
bbytagservices.bestbuy.com
tableau-qa.na.bestbuy.com
dhodawkthrtne-app-int-east.prod.browse.bestbuy.com
marf-app-int-east.prod.browse.bestbuy.com
bryntstpplctn-app-int-east.prod.browse.bestbuy.com
trnrsksrv-app-int-west.prod.browse.bestbuy.com
airwatch-linux.bestbuy.com
ugc-slr-east.prod.browse.bestbuy.com
*.bestbuy.com
ordrhstrpblsh-app-int-west.prod.browse.bestbuy.com
leviathanapi-app-ext-east.stage.aws.bestbuy.com
aw.bestbuy.com
sherlock-core-stage.test.gcp.bestbuy.com
trk.email.bestbuy.com
sidcs-app-east.stage.browse.bestbuy.com
*.bestbuy.com
span-api-east-int.prod.browse.bestbuy.com
secure03.lithium.com
ggleassrt-app-int-east.stage.browse.bestbuy.com
fulfview-njs-int-east.test.browse.bestbuy.com
cartagg-app-int-east.test.browse.bestbuy.com
sercalendar-app-int-east.stage.browse.bestbuy.com
sentry-app-int-east.stage.cgraph.bestbuy.com
plt-images-ssl-pls.stage.bestbuy.com
psccreturns-app-int-east.stage.browse.bestbuy.com
remixslr-app-int-east.test.browse.bestbuy.com
sts.bestbuy.com
mexico-web-east.prod.browse.bestbuy.com
dhodawkthrtne-app-int-west.prod.browse.bestbuy.com
bttnstate-app-int-east.prod.browse.bestbuy.com
MPOSDEV.na.bestbuy.com
lstsrvces-app-ext-east.stage.browse.bestbuy.com
pdmpblshr-app-int-east.test.browse.bestbuy.com
appdirectory.bestbuy.com
drwsmpanmthrt-app-int-east.test.cgraph.bestbuy.com
payments-prod.actdvc.bestbuy.com
shipping-app-int-east.test.browse.bestbuy.com
images-ssl.bestbuy.com
mexco-njs-ext-west.prod.cgraph.bestbuy.com
ostmonitor-app-int-east.stage.browse.bestbuy.com
shipping-api-east-int.test.browse.bestbuy.com
hub.bestbuy.com
pl.bestbuy.com
dhdatrggerrex-app-int-west.prod.browse.bestbuy.com
ext.location-west.prod.browse.bestbuy.com
fulfview-njs-int-west.prod.browse.bestbuy.com
bestbuybusiness.com
actdvcs-app-east.test.browse.bestbuy.com
vpt-slr-int-east.stage.browse.bestbuy.com
ofrsvapi-app-int-east.prod.browse.bestbuy.com
csi-app-ext-west.prod.browse.bestbuy.com
cap-pt-spring-use.bestbuy.com
secure03.lithium.com
esd-pl1.bestbuy.com
aaa.bestbuy.com
vpt-slr-int-east.test.browse.bestbuy.com
pl.bestbuy.com
cfgread-app-west.prod.browse.bestbuy.com
dhdarelsrfdaf-app-ext-east.prod.browse.bestbuy.com
search-slr-east.stage.browse.bestbuy.com
solrindex-app-int-east.stage.browse.bestbuy.com
suggest-web-east.prod.browse.bestbuy.com
aquisview-njs-int-east.prod.browse.bestbuy.com
BBYSTAR-HP-DEV.bestbuy.com
jwaller-app-int-east.test.cgraph.bestbuy.com
carbonaggaws-njs-int-west.prod.cgraph.bestbuy.com
cx-ccai-dfcx-api-stage.prod.gcp.bestbuy.com
searchruleslr-app-int-west.prod.browse.bestbuy.com
pdmingest-app-int-west.prod.browse.bestbuy.com
scheddelvsrvc-app-ext-west.prod.browse.bestbuy.com
payments-stage.actdvc.bestbuy.com
epro-qa.bestbuybusiness.com
stscld-app-ext-east.prod.browse.bestbuy.com
pl.bestbuy.com
suggest-web-east-int.stage.browse.bestbuy.com
gglepaidm-app-int-east.test.browse.bestbuy.com
mytlc.bestbuy.com
zkagentsvc-app-int-east.test.browse.bestbuy.com

Certificate

The complete raw certificate details for *.bestbuy.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUb7tAzmjzayobW0zQDvZdGpYz8u8wDQYJKoZIhvcNAQEL
BQAwgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJkYW0xJTAjBgNVBAoT
HFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNVBAsTCkN5YmVydHJ1
c3QxLjAsBgNVBAMTJVZlcml6b24gQWthbWFpIFN1cmVTZXJ2ZXIgQ0EgRzE0LVNI
QTIwHhcNMTUwOTMwMTE1MTEyWhcNMTYwOTMwMTE1MTExWjCBgTELMAkGA1UEBhMC
VVMxCzAJBgNVBAgTAk1OMRIwEAYDVQQHEwlSaWNoZmllbGQxHDAaBgNVBAoTE0JC
WSBTb2x1dGlvbnMsIEluYy4xGzAZBgNVBAsTElN5c3RlbXMgT3BlcmF0aW9uczEW
MBQGA1UEAwwNKi5iZXN0YnV5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAMOG5Hb9c2+peY5Ut2sBI1DXUicayUKCTr1v0HINr+Xrf9jtrxUN053W
hITDHx8KumojcclQyKuWm+qAKohldcQi/EiMe3iMeTGE1/2E8+yuVgkfvtjq3ubn
hlttECeSG8bpYtmM620tcpMo0AHLgOs9KruCFMAYZwJRsd7usCOYuVxz689l0K6M
BRi4w7WSmOqNzNBPclSOdWj2/+/2jHHfiRRBE7AxM+hDbc3LpuXZydoGlBnCs6U/
+u4pM4iNVYDvdXIeEslJOW8DVhRtz5LF+zjl0ujClIei3+D847fULinZ9fK/ZW74
wf5CGiVPYWfUQp0evWYOhWKHj8X5BxsCAwEAAaOCAdswggHXMAwGA1UdEwEB/wQC
MAAwTAYDVR0gBEUwQzBBBgkrBgEEAbE+ATIwNDAyBggrBgEFBQcCARYmaHR0cHM6
Ly9zZWN1cmUub21uaXJvb3QuY29tL3JlcG9zaXRvcnkwga8GCCsGAQUFBwEBBIGi
MIGfMC0GCCsGAQUFBzABhiFodHRwOi8vdmFzc2cxNDIub2NzcC5vbW5pcm9vdC5j
b20wNgYIKwYBBQUHMAKGKmh0dHBzOi8vY2FjZXJ0LmEub21uaXJvb3QuY29tL3Zh
c3NnMTQyLmNydDA2BggrBgEFBQcwAoYqaHR0cHM6Ly9jYWNlcnQuYS5vbW5pcm9v
dC5jb20vdmFzc2cxNDIuZGVyMBgGA1UdEQQRMA+CDSouYmVzdGJ1eS5jb20wDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNV
HSMEGDAWgBT4vfqvc3fGxxv5S00Rp9Ezr69yETA+BgNVHR8ENzA1MDOgMaAvhi1o
dHRwOi8vdmFzc2cxNDIuY3JsLm9tbmlyb290LmNvbS92YXNzZzE0Mi5jcmwwHQYD
VR0OBBYEFOgkdT2rnk+4fgM0l9KDJZKDrhKwMA0GCSqGSIb3DQEBCwUAA4IBAQAu
CqBhq00ljsxsBnMoGjROnWuQBaDJWVUnwxNs2ISnAzbB163VJcCrdZmOD3qGWLA1
b6Szxs3uMMnf18hopSjYsnls3Y4OPUJA6i2zKclIRPeRDNUGKHhZnrgRDMK85Aq5
/JqyNHGF89APR5Ssc02jCRd8kxV47OGRLIVNeA1g3WUgu41TqPiRjfMSLI65Fif0
6JhoYiGOtQS1A2hooBBI268VdvjCNUgxwXNKJLoA6IBmWZcbR9dP/vWowYqBE9jZ
96IOTvD1bsiduK6QnRnWbTnwUtmMPm3rvgUsLbHrP2qxRD4mru8ObhfQouz79AFK
pfqQdsZPwxjnG/6kHXCx
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4bkdv1zb6l5jlS3awEj
UNdSJxrJQoJOvW/Qcg2v5et/2O2vFQ3TndaEhMMfHwq6aiNxyVDIq5ab6oAqiGV1
xCL8SIx7eIx5MYTX/YTz7K5WCR++2Ore5ueGW20QJ5Ibxuli2YzrbS1ykyjQAcuA
6z0qu4IUwBhnAlGx3u6wI5i5XHPrz2XQrowFGLjDtZKY6o3M0E9yVI51aPb/7/aM
cd+JFEETsDEz6ENtzcum5dnJ2gaUGcKzpT/67ikziI1VgO91ch4SyUk5bwNWFG3P
ksX7OOXS6MKUh6Lf4Pzjt9QuKdn18r9lbvjB/kIaJU9hZ9RCnR69Zg6FYoePxfkH
GwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 637873860337542245338587107613479628416738390767
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amsterdam'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Verizon Enterprise Solutions'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cybertrust'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Verizon Akamai SureServer CA G14-SHA2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-09-30 11:51:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-30 11:51:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MN'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Richfield'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BBY Solutions, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Systems Operations'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.bestbuy.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24682987410020604715261085673266303556574909228800022120326693248394114672178251263154559809525671960558117506285024003471371446631480104676741097548436582104455228556027779271206884318983919333511527615944570794531172256336467494037940877964562022795943968911560645304603226090572283036950279051500069900078274136030777226634098110635153332555022713066085697972199840447802634307121619072875568879904254353973028893681424500302102387720338167864683470597376077160446654943139185379248138048672565860625996731629155872673636598357614191822245863886113742376534956080567158785058397432013341217386201893308134405506843
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6334.1.50
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.omniroot.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (162 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://vassg142.ocsp.omniroot.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'https://cacert.a.omniroot.com/vassg142.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'https://cacert.a.omniroot.com/vassg142.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bestbuy.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8bdfaaf7377c6c71bf94b4d11a7d133afaf7211
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://vassg142.crl.omniroot.com/vassg142.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e824753dab9e4fb87e033497d283259283ae12b0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002e0aa061ab4d258ecc6c0673281a344e9d6b9005a0c9595527c3136cd884a70336c1d7add525c0ab75998e0f7a8658b0356fa4b3c6cdee30c9dfd7c868a528d8b2796cdd8e0e3d4240ea2db329c94844f7910cd5062878599eb8110cc2bce40ab9fc9ab2347185f3d00f4794ac734da309177c931578ece1912c854d780d60dd6520bb8d53a8f8918df3122c8eb91627f4e8986862218eb504b5036868a01048dbaf1576f8c2354831c1734a24ba00e8806659971b47d74ffef5a8c18a8113d8d9f7a20e4ef0f56ec89db8ae909d19d66d39f052d98c3e6debbe052c2db1eb3f6ab1443e26aeef0e6e17d0a2ecfbf4014aa5fa9076c64fc318e71bfea41d70b1