staging-securedrop.huffpost.net
- AOL, Inc -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 02:91:7f:24:25:fb:9c:27:da:0e:f3:ca:d2:d5:dc:45 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
AOL, Inc
Organization:
AOL, Inc
State / Province:
Virginia
Locality: Sterling
Country: US
Locality: Sterling
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:91:7f:24:25:fb:9c:27:da:0e:f3:ca:d2:d5:dc:45Serial Number (int): 3413917766046019196024680964175551557
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 88:e1:9d:d7:b5:cd:ff:db:a9:1b:da:0f:35:71:40:4c:ac:c6:a3:51
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 75:9f:42:f3:6d:a2:89:e3:5f:79:59:c6:19:c4:54:d9:1b:b4:b1:75
Fingerprint (sha256): 00:ee:1d:5c:69:34:42:ef:18:21:3f:18:39:c1:8a:c5:41:68:95:e1:9a:da:79:b0:2e:ab:95:0a:2f:bb:9f:68
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g1.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g1.crl
Check the revocation status for certificate staging-securedrop.huffpost.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging-securedrop.huffpost.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging-securedrop.huffpost.net
Other certificates including the domain name huffpost.net
(limited to 100 certificates)
staging-securedrop.huffpost.net
*.app-west.buzzfeed.io
*.edit.huffpost.net
staging-elections.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
staging-securedrop.huffpost.net
production-securedrop.huffpost.net
staging-securedrop.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
secrets.huffpost.net
staging-athena-mongo-cms.huffpost.net
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
origin-identifiers.huffpost.net
huffpost.net
*.preview.huffpost.net
*.stage.buzzfeed.io
*.edit.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
yamas.huffpost.net
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
accounts.huffingtonpost.com
origin-identifiers.huffpost.net
42.huffpost.net
*.preview.huffpost.net
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-elections.huffpost.net
secrets.huffpost.net
*.app-west.buzzfeed.io
origin-identifiers.huffpost.net
*.stage.buzzfeed.io
*.app-west.buzzfeed.io
production-securedrop.huffpost.net
*.content-internal.huffpost.net
*.app-west.buzzfeed.io
staging-elections.huffpost.net
*.unstable.buzzfeed.io
*.edit.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.app-west.buzzfeed.io
staging-elections.huffpost.net
huffpost.net
*.content-internal.huffpost.net
*.preview.huffpost.net
*.preview.huffpost.net
*.unstable.buzzfeed.io
gamp.huffpost.net
secrets.huffpost.net
accounts.huffingtonpost.com
*.huffpost.net
*.prod.buzzfeed.io
*.unstable.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
huffpost.net
*.tools.huffpost.net
*.stage.buzzfeed.io
*.stage.buzzfeed.io
production-securedrop.huffpost.net
*.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
*.huffpost.net
origin-identifiers.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.stage.buzzfeed.io
*.unstable.buzzfeed.io
huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.prod.buzzfeed.io
production-securedrop.huffpost.net
docker.huffpost.net
jumpmanjumpmanjumpman.huffpost.net
*.tools.huffpost.net
*.edit.huffpost.net
*.app-west.buzzfeed.io
*.edit.huffpost.net
staging-elections.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
staging-securedrop.huffpost.net
production-securedrop.huffpost.net
staging-securedrop.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
secrets.huffpost.net
staging-athena-mongo-cms.huffpost.net
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
origin-identifiers.huffpost.net
huffpost.net
*.preview.huffpost.net
*.stage.buzzfeed.io
*.edit.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
yamas.huffpost.net
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
accounts.huffingtonpost.com
origin-identifiers.huffpost.net
42.huffpost.net
*.preview.huffpost.net
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-elections.huffpost.net
secrets.huffpost.net
*.app-west.buzzfeed.io
origin-identifiers.huffpost.net
*.stage.buzzfeed.io
*.app-west.buzzfeed.io
production-securedrop.huffpost.net
*.content-internal.huffpost.net
*.app-west.buzzfeed.io
staging-elections.huffpost.net
*.unstable.buzzfeed.io
*.edit.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.app-west.buzzfeed.io
staging-elections.huffpost.net
huffpost.net
*.content-internal.huffpost.net
*.preview.huffpost.net
*.preview.huffpost.net
*.unstable.buzzfeed.io
gamp.huffpost.net
secrets.huffpost.net
accounts.huffingtonpost.com
*.huffpost.net
*.prod.buzzfeed.io
*.unstable.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
huffpost.net
*.tools.huffpost.net
*.stage.buzzfeed.io
*.stage.buzzfeed.io
production-securedrop.huffpost.net
*.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
*.huffpost.net
origin-identifiers.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.stage.buzzfeed.io
*.unstable.buzzfeed.io
huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.prod.buzzfeed.io
production-securedrop.huffpost.net
docker.huffpost.net
jumpmanjumpmanjumpman.huffpost.net
*.tools.huffpost.net
*.edit.huffpost.net
Certificate
The complete raw certificate details for staging-securedrop.huffpost.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHXjCCBkagAwIBAgIQApF/JCX7nCfaDvPK0tXcRTANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xNzA2MjAwMDAwMDBaFw0yMDA2MjQxMjAwMDBa MHAxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5pYTERMA8GA1UEBxMIU3Rl cmxpbmcxETAPBgNVBAoTCEFPTCwgSW5jMSgwJgYDVQQDEx9zdGFnaW5nLXNlY3Vy ZWRyb3AuaHVmZnBvc3QubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmIuXbWkBPbI1cULqy1Gmew3stQBFjcBpeQ421F3QnSZpMU1ipsIOdqdGHSVV vM5T7d4yi6zRvFgPL2xXccR+IhoMS+pXljVO+BCM8KymoxehSZu44/wwN+jHdmPu TZp27/7ZFiWs464FzUvcLx/HrUqyddXfN2CrDvFJPkiCag2+Uu6dTJ/v/M1Igxr+ tE5tvJHA1JxXJsC1ONCzodi3YQob6hkfLSvBPQuwSBH3KeiNQtmVUBueQaThBaQB eg9DJzpZkhQeYwblTPaqoYm3UpELhqvDDxFrXc1W4S5VB98jit5iJ8vcmxbTekJ3 DWH+Dkjxqzh6e21+3zvGnrVNkwIDAQABo4ID8jCCA+4wHwYDVR0jBBgwFoAUUWj/ kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFIjhnde1zf/bqRvaDzVxQEysxqNR MCoGA1UdEQQjMCGCH3N0YWdpbmctc2VjdXJlZHJvcC5odWZmcG9zdC5uZXQwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNV HR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1z ZXJ2ZXItZzEuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hh Mi1oYS1zZXJ2ZXItZzEuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYI KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIC MIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj ZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t L0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/ BAIwADCCAfYGCisGAQQB1nkCBAIEggHmBIIB4gHgAHYApLkJkLQYWBSHuxOizGdw Cjw1mAT5G9+443fNDsgN3BAAAAFcx0eu2AAABAMARzBFAiEA0+Hm7z3YKTaIPqxx yghW9y1o1PhTFtbA7auf2a6v3fMCID7Y46xMI9nMRFRDiTlCsSqsvBCgNeDvqJuH XBekX8t9AHYAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFcx0ev QwAABAMARzBFAiEAqKivDs1as2XJg3iNHke6urFxn/0FTGkIPXws4CkeZBgCICHS qCv3TQTkslJEJH6SBznzYBfnuu4ApxE1yW3jGxpjAHUA7ku9t3XOYLrhQmkfq+Ge ZqMPfl+wctiDAMR7iXqo/csAAAFcx0ex1wAABAMARjBEAiAcjCWbkx0W9IH9m3fx U2gyR8R8f/eMfqg/+alOmCq9+wIgdijLpm5mfDUqIbtlQCtDmdm5O75cC0nl9lT7 ylMUofsAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAVzHR6+e AAAEAwBIMEYCIQCs1su92lzel0jC9Ogt3SqTdL1fLgq95yF34f5X3AzH4QIhANoP sroZ7tHc2VTLPFk6VPZ7X5osKrKLiaEdcFRjLSOgMA0GCSqGSIb3DQEBCwUAA4IB AQA/jQQkKd9u4B02V4ORUQ5FqXXVviUnKhG4XXPSAt82CmCojIuVS1OX7ioszrio seo641RdikkzzzvQgcEjoYMcmnzmT5b72m8VA6OieYJvOnctHf8FfC81cAo5gZaF uuA8qhS4h719b4r3RDoFaRtO8wh2uHPBo+IN17JF4+wpFIjL308XXUwNLScnxqLI By92aMCsa41Py4wBaeJBda1td8RgQ3vKHb9bIgWAxl27ynuvMSbPWteAZXFSiei4 Zu9cDzTgCrzq2lkk8TPoxG2/oIkdwe1buXiEKyCN8iJJ2FtwWQKyQ9MyZFbTqVuK RMxlZhNaq/56+ivuv6PbcOTt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIuXbWkBPbI1cULqy1Gm ew3stQBFjcBpeQ421F3QnSZpMU1ipsIOdqdGHSVVvM5T7d4yi6zRvFgPL2xXccR+ IhoMS+pXljVO+BCM8KymoxehSZu44/wwN+jHdmPuTZp27/7ZFiWs464FzUvcLx/H rUqyddXfN2CrDvFJPkiCag2+Uu6dTJ/v/M1Igxr+tE5tvJHA1JxXJsC1ONCzodi3 YQob6hkfLSvBPQuwSBH3KeiNQtmVUBueQaThBaQBeg9DJzpZkhQeYwblTPaqoYm3 UpELhqvDDxFrXc1W4S5VB98jit5iJ8vcmxbTekJ3DWH+Dkjxqzh6e21+3zvGnrVN kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3413917766046019196024680964175551557 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-24 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sterling' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AOL, Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging-securedrop.huffpost.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19257057495528934175058388875642240393017912973378186474110451360358435279663434576884407089735479060161291023234643862816602768182659903734358288887488985820721175673751138211809467323634418442769766516806226821445972078054919583658845723344932330679390450055109407837885452130116997488687801113539702453669051030660711620575004349218290969641116144257255525539308927374700147128734955462878225235460388090881256217607302993671569686260450480257256971153039927723640043342733451943316280214280325276525952037151461725632086598411509597141429522998952468862709189812997392707026232009445231074594006778959737249942931 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 88e19dd7b5cdffdba91bda0f3571404cacc6a351 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-securedrop.huffpost.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes) 01e0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015cc747aed80000040300473045022100d3e1e6ef3dd82936883eac71ca0856f72d68d4f85316d6c0edab9fd9aeafddf302203ed8e3ac4c23d9cc445443893942b12aacbc10a035e0efa89b875c17a45fcb7d0076005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015cc747af430000040300473045022100a8a8af0ecd5ab365c983788d1e47babab1719ffd054c69083d7c2ce0291e6418022021d2a82bf74d04e4b25244247e920739f36017e7baee00a71135c96de31b1a63007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015cc747b1d7000004030046304402201c8c259b931d16f481fd9b77f153683247c47c7ff78c7ea83ff9a94e982abdfb02207628cba66e667c352a21bb65402b4399d9b93bbe5c0b49e5f654fbca5314a1fb007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015cc747af9e0000040300483046022100acd6cbbdda5cde9748c2f4e82ddd2a9374bd5f2e0abde72177e1fe57dc0cc7e1022100da0fb2ba19eed1dcd954cb3c593a54f67b5f9a2c2ab28b89a11d7054632d23a0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003f8d042429df6ee01d36578391510e45a975d5be25272a11b85d73d202df360a60a88c8b954b5397ee2a2cceb8a8b1ea3ae3545d8a4933cf3bd081c123a1831c9a7ce64f96fbda6f1503a3a279826f3a772d1dff057c2f35700a39819685bae03caa14b887bd7d6f8af7443a05691b4ef30876b873c1a3e20dd7b245e3ec291488cbdf4f175d4c0d2d2727c6a2c8072f7668c0ac6b8d4fcb8c0169e24175ad6d77c460437bca1dbf5b220580c65dbbca7baf3126cf5ad78065715289e8b866ef5c0f34e00abceada5924f133e8c46dbfa0891dc1ed5bb978842b208df22249d85b705902b243d3326456d3a95b8a44cc6566135aabfe7afa2beebfa3db70e4ed