signicat.klarna.net

- Klarna Bank AB -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0c:a4:08:b1:a0:53:2a:31:ff:35:44:2b:03:08:90:d9 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Klarna Bank AB

Organization: Klarna Bank AB
Locality: Stockholm
Country: SE

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:a4:08:b1:a0:53:2a:31:ff:35:44:2b:03:08:90:d9
Serial Number (int): 16802448966498438120191476715940778201
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 69:fc:3f:5e:6c:4b:5b:e7:e5:e3:87:ff:ae:f6:28:5d:74:0b:67:4d
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): cb:9c:2e:d7:3b:9d:17:e7:db:a9:f3:1f:78:8a:af:86:9f:35:ab:5b
Fingerprint (sha256): 00:f6:d1:81:54:4a:89:da:8b:99:46:ee:90:87:fe:6e:24:65:3e:d7:af:80:7a:8e:8c:f7:59:10:28:4a:3a:2f

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate signicat.klarna.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for signicat.klarna.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

signicat.klarna.net

Other certificates including the domain name klarna.net

(limited to 100 certificates)
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
online.playground.eu1.kred.klarna.net
tools.c2c.klarna.net
*.production.eu1.kred.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.us1.core-banking.klarna.net
*.production.c2c.klarna.net
itp-images.playground.klarnaservices.com
ewallet.klarna.com
*.playground.c2c.klarna.net
*.staging.eu1.yaco.klarna.net
*.production.eu1.dvalin-service.klarna.net
signicat.klarna.net
*.playground.ap1.meta.klarna.net
*.playground.us1.bp-internal-systems.klarna.net
*.nonprod.eu1.reaper.klarna.net
*.nonprod.us1.eds.klarna.net
*.production.c2c.klarna.net
*.staging.eu1.redirect.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.eu1.pgp.klarna.net
*.production.c2c.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
iris.klarna.net
*.nonprod.eu1.consumer-banking-deposits-statements.klarna.net
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.performance.c2c.klarna.net
*.msat.production.klarna.com
cppm-1.klarna.net
*.staging.eu1.payments.klarna.net
jetbrains-license-server.klarna.net
*.production.us1.scheme.klarna.net
*.nonprod.eu1.kaas.klarna.net
savings.klarna.com
dennispoe2.nonprod.eu1.poe.klarna.net
*.nonprod.eu1.ai-automation.klarna.net
skv-api.playground.klarna.com
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
*.staging.c2c.klarna.net
*.tools.eu1.bitbucket.klarna.net
production.ap1.product-data-discovery-prod.klarna.net
*.production.eu1.seller-app-be.klarna.net
datahub-elasticsearch.nonprod.eu1.data.klarna.net
racktables.klarna.net
*.msat.production.klarna.com
ach-mandate-api.production.us1.pis.klarna.net
*.stop-request.playground.us1.risk.klarna.net
*.playground.eu1.pgw.klarna.net
cms.performance.us1.klarna-web.klarna.net
*.staging.eu1.disputes-app.klarna.net
*.playground.us1.custom-solutions.klarna.net
*.nonprod.us1.artifactory-api.klarna.net
*.playground.eu1.file-transfer.klarna.net
*.playground.eu1.kaas.klarna.net
*.production.eu1.reaper.klarna.net
*.nonprod.eu1.maxwell.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
cards-oc.klarna.com
skrapi-kred.nonprod.klarna.net
euw1a-print-srv.ad.klarna.net
uipath.klarna.net
*.production.eu1.modeling.klarna.net
*.production.ap1.authentication-service.klarna.net
*.playground.eu1.kred.klarna.net
*.production.c2c.klarna.net
dennispoe2.nonprod.eu1.poe.klarna.net
*.production.c2c.klarna.net
*.production.c2c.klarna.net
*.production.eu1.billpay-api.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.nonprod.eu1.data.klarna.net
*.performance.c2c.klarna.net
*.playground.us1.seller-app-be.klarna.net
*.fulldb.production.eu1.kred-internal.klarna.net
*.playground.us1.mtl.klarna.net
*.staging.c2c.klarna.net
login.klarna.com
ldap-backup-staging.production.klarna.net
commonname.nonprod.eu1.kep-cloud-environment.klarna.net
*.production.us1.static-assets.klarna.net
login.playground.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
system.production.us1.direct-debit.klarna.net
*.production.c2c.klarna.net
*.klarna.net
cards-eu.klarna.com
dennis-test-2.nonprod.eu1.infrasec-tooling.klarna.net
ztn-privatelink.nonprod.eu1.ztn.klarna.net
staging.eu2.lulu.klarna.net
*.tools.eu1.starbug.klarna.net
*.production.eu1.bomgar.klarna.net
*.production.ap1.cobrowse.klarna.net
*.production.eu1.moninfra.klarna.net

Certificate

The complete raw certificate details for signicat.klarna.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgIQDKQIsaBTKjH/NUQrAwiQ2TANBgkqhkiG9w0BAQ0FADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjA4MTAwMDAwMDBa
Fw0yMzA4MTAyMzU5NTlaMFgxCzAJBgNVBAYTAlNFMRIwEAYDVQQHEwlTdG9ja2hv
bG0xFzAVBgNVBAoTDktsYXJuYSBCYW5rIEFCMRwwGgYDVQQDExNzaWduaWNhdC5r
bGFybmEubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRuscKh/
uD/S09k+PfvdAS+w7DI0UMBQ5K2otP/ZQDsjuy5BBy9nuhYZushxxsO0iIa5aLia
wENMFyBCSVIrCI5P/PxDOBH8nASs8HT0Daar3P6bA5CVAalw8HZOLYYOR+HMlGZu
bUFd3ejOKSpHcscZ8+Nd08hjId0JXFI5nap6TkPxlOAbCxrKoIwLUePtInO5E5UN
NL1XTzQW8OBa1BmGQKINwL44NGZyGOq0+HYRgKDE2hDHQLXR87g8SGrOln9Ne2bD
sYZKmETTuKjdbVyEMS6Kquh9DbegE5QietyjJA/spya4t2o5nxIw0fFHTpYwnGq+
c74pp3n6/5foGQIDAQABo4IDcjCCA24wHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTa
D5iyxZV2ufQwHQYDVR0OBBYEFGn8P15sS1vn5eOH/672KF10C2dNMB4GA1UdEQQX
MBWCE3NpZ25pY2F0LmtsYXJuYS5uZXQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRw
Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex
LTQuY3JsMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRU
TFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkw
JwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEF
BQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJ
BggrBgEFBQcwAoY9aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
VExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHW
eQIEAgSCAW0EggFpAWcAdQDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9
bgAAAYKIBXEjAAAEAwBGMEQCIAf/QwdRG5E7yUGSnYHO+zk6bPVjvPmm6bxQKq76
8YCeAiBgB6Lc6BjMc/65O1LLNT5XCyuMEwuhxhQXdbqUwagc9wB2ADXPGRu/sWxX
vw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABgogFcJcAAAQDAEcwRQIhAJVct+yN
pfzVBoMnqmLUXQnVxqXuGuWzdBXbbLcOnhOuAiBgO3KfVWMrIRyqgiHIxzPcWAVB
hPkjIzfC0F1uLbgNXQB2ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWa
AAABgogFcO0AAAQDAEcwRQIhAIm1IwCBySv1aL7kGchxsyHVXWOZjbTjHhPTZcO8
57AbAiAQUp6tBMq/Q5ZK2u4t0iOVh0khyhXA7YnXJxaXFKDycjANBgkqhkiG9w0B
AQ0FAAOCAQEABeRCXPXxHNFZZR4ZEPoLl0I4VrFKv1wH1Z1ceTRud3yv2EnMgJ94
cjQgPWFkcFV0yQzXGBiqWPYCjOAhKo1mI+VAsbC/HkRn26rP6S6+qfK2yJXdkc3H
8x2riffeL/hrO5PveH4DraLi9EqhVLxg3XoJHPmv6rXBQKzGaBSmFB61VIjQHshN
BGP7UIdXUOcndlyOE8n6CyV6Q8zMJfk9QesGpy1xMbdBZI4xwxaHHlRW9DiGQJiJ
P9L7zBurSPlyMbBtP2U1YE6YF9V4XT+Aj1DHmjMWeD00MmPpqsZTvUrojs+Mz9vU
2+9K/jVC2MLB/IK7bQIonmQvQsfctt72xQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRuscKh/uD/S09k+Pfvd
AS+w7DI0UMBQ5K2otP/ZQDsjuy5BBy9nuhYZushxxsO0iIa5aLiawENMFyBCSVIr
CI5P/PxDOBH8nASs8HT0Daar3P6bA5CVAalw8HZOLYYOR+HMlGZubUFd3ejOKSpH
cscZ8+Nd08hjId0JXFI5nap6TkPxlOAbCxrKoIwLUePtInO5E5UNNL1XTzQW8OBa
1BmGQKINwL44NGZyGOq0+HYRgKDE2hDHQLXR87g8SGrOln9Ne2bDsYZKmETTuKjd
bVyEMS6Kquh9DbegE5QietyjJA/spya4t2o5nxIw0fFHTpYwnGq+c74pp3n6/5fo
GQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16802448966498438120191476715940778201
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stockholm'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Klarna Bank AB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'signicat.klarna.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21347919897085683453154993846104878623824694385051471704816088615205146803112428552346310197959307914039379265646140993483454510651283944572389257417800366984828988756493023301664555244693883138140444126332598347732356153959959232493923998338229408991258817615335122382651393669817048902642302143604104414838400700545885914931529775306566968124533891147154256573287502419859513222064481545141825564804260213563642025347095036166169996192223075618372271873424732496968393893378131958679131936886489753786653586458285167586785427631130879567711632676141583060097528845331048118250945156405242766572797855513724507908121
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							69fc3f5e6c4b5be7e5e387ffaef6285d740b674d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'signicat.klarna.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000182880571230000040300463044022007ff4307511b913bc941929d81cefb393a6cf563bcf9a6e9bc502aaefaf1809e02206007a2dce818cc73feb93b52cb353e570b2b8c130ba1c6141775ba94c1a81cf700760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000182880570970000040300473045022100955cb7ec8da5fcd5068327aa62d45d09d5c6a5ee1ae5b37415db6cb70e9e13ae0220603b729f55632b211caa8221c8c733dc58054184f9232337c2d05d6e2db80d5d007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000182880570ed000004030047304502210089b5230081c92bf568bee419c871b321d55d63998db4e31e13d365c3bce7b01b022010529ead04cabf43964adaee2dd22395874921ca15c0ed89d727169714a0f272
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0005e4425cf5f11cd159651e1910fa0b97423856b14abf5c07d59d5c79346e777cafd849cc809f787234203d6164705574c90cd71818aa58f6028ce0212a8d6623e540b1b0bf1e4467dbaacfe92ebea9f2b6c895dd91cdc7f31dab89f7de2ff86b3b93ef787e03ada2e2f44aa154bc60dd7a091cf9afeab5c140acc66814a6141eb55488d01ec84d0463fb50875750e727765c8e13c9fa0b257a43cccc25f93d41eb06a72d7131b741648e31c316871e5456f438864098893fd2fbcc1bab48f97231b06d3f6535604e9817d5785d3f808f50c79a3316783d343263e9aac653bd4ae88ecf8ccfdbd4dbef4afe3542d8c2c1fc82bb6d02289e642f42c7dcb6def6c5