*.fnal.gov
- Fermi National Accelerator Laboratory -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 03:17:f8:57:74:44:c8:a5:21:b8:4b:1f:07:f6:dc:b0 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Fermi National Accelerator Laboratory
Organization:
Fermi National Accelerator Laboratory
State / Province:
Illinois
Locality: Batavia
Country: US
Locality: Batavia
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:17:f8:57:74:44:c8:a5:21:b8:4b:1f:07:f6:dc:b0Serial Number (int): 4112143781516308623879075595745156272
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: ed:46:36:67:c9:bc:5a:e5:7e:76:4e:a6:2a:5c:1b:d1:ac:10:24:4e
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): b9:c3:e4:ac:e2:f4:30:0d:67:94:59:b4:2b:03:43:6d:2d:40:17:a8
Fingerprint (sha256): 01:3d:68:75:bd:cd:c8:e7:4e:bb:d3:41:c4:d3:45:95:f1:a5:fb:3f:57:ba:d3:e3:26:31:ca:02:35:ee:bd:de
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Check the revocation status for certificate *.fnal.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.fnal.gov
Public Key Algorithm
RSA
Key Size
3072
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.fnal.gov
fnal.gov
fnal.gov
Other certificates including the domain name fnal.gov
(limited to 100 certificates)
uboonepro-uboonegpvm01.fnal.gov
gpce03.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
stkendca71a.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
lpcschedd3.fnal.gov
samwebgpvm03.fnal.gov
ftdc2.fermitest.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
pubstor2231.fnal.gov
*.fnal.gov
nsexpe2.fnal.gov
cmsstor341.fnal.gov
*.fnal.gov
uhosts.fnal.gov
www-bss.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmssi-factory02.fnal.gov
*.fnal.gov
uhosts.fnal.gov
fermi-rsa-2.fnal.gov
*.fnal.gov
cmseos-tf1103.fnal.gov
rcds01.fnal.gov
*.fnal.gov
*.fnal.gov
ssiadmin3.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos511.fnal.gov
uhosts.fnal.gov
fcdfcache122.fnal.gov
*.fnal.gov
*.fnal.gov
cmssrv628.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
cmseos1144.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
icaruspro-icarusgpvm01.fnal.gov
cmsstor907.fnal.gov
*.fnal.gov
*.fnal.gov
fifeutilgpvm01.fnal.gov
fermicloud527.fnal.gov
*.fnal.gov
*.fnal.gov
fndcaitb1.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos-if1102.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
fermicloud363.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos517.fnal.gov
rcodegpvm02.fnal.gov
cmseos56.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
accelaipro-accelaigpvm01.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos34.fnal.gov
fndca5b.fnal.gov
*.fnal.gov
lariatpro-lariatsamgpvm01.fnal.gov
*.fnal.gov
gpce03.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
stkendca71a.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
lpcschedd3.fnal.gov
samwebgpvm03.fnal.gov
ftdc2.fermitest.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
pubstor2231.fnal.gov
*.fnal.gov
nsexpe2.fnal.gov
cmsstor341.fnal.gov
*.fnal.gov
uhosts.fnal.gov
www-bss.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmssi-factory02.fnal.gov
*.fnal.gov
uhosts.fnal.gov
fermi-rsa-2.fnal.gov
*.fnal.gov
cmseos-tf1103.fnal.gov
rcds01.fnal.gov
*.fnal.gov
*.fnal.gov
ssiadmin3.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos511.fnal.gov
uhosts.fnal.gov
fcdfcache122.fnal.gov
*.fnal.gov
*.fnal.gov
cmssrv628.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
cmseos1144.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
icaruspro-icarusgpvm01.fnal.gov
cmsstor907.fnal.gov
*.fnal.gov
*.fnal.gov
fifeutilgpvm01.fnal.gov
fermicloud527.fnal.gov
*.fnal.gov
*.fnal.gov
fndcaitb1.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos-if1102.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
uhosts.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
fermicloud363.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos517.fnal.gov
rcodegpvm02.fnal.gov
cmseos56.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
*.fnal.gov
accelaipro-accelaigpvm01.fnal.gov
*.fnal.gov
*.fnal.gov
cmseos34.fnal.gov
fndca5b.fnal.gov
*.fnal.gov
lariatpro-lariatsamgpvm01.fnal.gov
*.fnal.gov
Certificate
The complete raw certificate details for *.fnal.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHRjCCBi6gAwIBAgIQAxf4V3REyKUhuEsfB/bcsDANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzAxMTcwMDAwMDBa Fw0yNDAyMDMyMzU5NTlaMHcxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9p czEQMA4GA1UEBxMHQmF0YXZpYTEuMCwGA1UEChMlRmVybWkgTmF0aW9uYWwgQWNj ZWxlcmF0b3IgTGFib3JhdG9yeTETMBEGA1UEAwwKKi5mbmFsLmdvdjCCAaIwDQYJ KoZIhvcNAQEBBQADggGPADCCAYoCggGBAKzLgsWwYdajah19DzDqZSEHt8nDm8LD jRJILfjzwaWyY3ehCJYiDQmrryulCSjFcqDF1n+xCyBg4Pjxb4MFbTlgbwFDSkZX Y8A86cg4hN6LtmCON1ete5VAFUepzxB5eOAAiLoHzlJkSwPtgyOolPfyLHqNhc04 ztMeODm6wn1LkeWT3cfb8tg8HC7N0hjQwyw6O51ngX7ljW6Vl9+r9qMw3q1T2qkb ygHeWU3hxbciFsHjyMs1hfekwbiAk+oyNSXQzSjjnYQTefKF7CF4MKMUvpNemAWZ KVxTAuwtWn6YmT9F9iTDr28Bk+lAftuLm8Y1asbjr0dn2w9iE81Wir1M+dXrCYuy tuoSqA3FCOzF7K0l9Xfji7pCT9GbU9NDwMZBo4iqH6A9O2UE7/m0qBt3oR8NIn+W NY67IwGiMd2gM8VzOuNJ4PaSf7fCy2Rd77l6L8s6wr62ixs2+7Ton3QvMd2zSlx3 TxO206UprE/pXCrp0Acdtl1omRgN92G8cwIDAQABo4IDdDCCA3AwHwYDVR0jBBgw FoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYDVR0OBBYEFO1GNmfJvFrlfnZOpipc G9GsECROMB8GA1UdEQQYMBaCCiouZm5hbC5nb3aCCGZuYWwuZ292MA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgY8GA1UdHwSB hzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExT UlNBU0hBMjU2MjAyMENBMS00LmNybDBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNl cnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS00LmNybDA+BgNVHSAE NzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0 LmNvbS9DUFMwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz cC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9jYWNlcnRzLmRpZ2lj ZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcnQwCQYDVR0T BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA7s3QZNXbGs7FXLedtM0T ojKHRny87N7DUUhZRnEftZsAAAGFwMK91AAABAMASDBGAiEAheSjdg4mrhLktmAk OZUXFfAER8brSzQSrfaR0uLkpfgCIQDgwDp9OTnhpPqJ0sfBbmQD5ifxKhQgo1Op 4iex6lmL3gB1AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABhcDC vjgAAAQDAEYwRAIgG5eojDth8opMv2BamOb+K3O2F8NDSBggU0i8532XSMACIGoQ U3SrJVHIl8C8QRKQ4lBOpOK0Epcg416d8UXfAiHkAHYASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGFwMK+DQAABAMARzBFAiEA3Rd8nLaQ4qIrCz05 yhMOb/m3MBcvSvc2z+SIDMDDHRgCIB4AhDme1M1TkhygQ/NsZt7OBqj/pEEHiQ1s pLxBXCTbMA0GCSqGSIb3DQEBCwUAA4IBAQC0yiHAfjj5BMozbuvjhVeMvGg275rd b3vmsO4TCowfse9Su3NGc6MWcD7DNK5RXpprF3yz6yyx70SqMXZTSi0F2CHJ8i2j gBRSPIQr6CbmaATmZst5ZcsxeGaTUvdgVnO74jm/Qs/LnxdIelrJtRlJAtq36X3j Ws+0bE1p5KavV1YqmH4WiyiUo3W9c6Jk9HRT2q3GYmWmyGNQpkMIJbySeCTwBENb n3/L0AG+c9YeJ4/Mfoz+0tpZSaigbY2pIkrxA/2gQwWpC8gU5FC6cV0iiqu5mWNk 3MvNrPHN1oCjaf+AcdX83Zwbs1EMpipeRc9B0hOtYSgpgN13YZmRwFyi -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEArMuCxbBh1qNqHX0PMOpl IQe3ycObwsONEkgt+PPBpbJjd6EIliINCauvK6UJKMVyoMXWf7ELIGDg+PFvgwVt OWBvAUNKRldjwDzpyDiE3ou2YI43V617lUAVR6nPEHl44ACIugfOUmRLA+2DI6iU 9/Iseo2FzTjO0x44ObrCfUuR5ZPdx9vy2DwcLs3SGNDDLDo7nWeBfuWNbpWX36v2 ozDerVPaqRvKAd5ZTeHFtyIWwePIyzWF96TBuICT6jI1JdDNKOOdhBN58oXsIXgw oxS+k16YBZkpXFMC7C1afpiZP0X2JMOvbwGT6UB+24ubxjVqxuOvR2fbD2ITzVaK vUz51esJi7K26hKoDcUI7MXsrSX1d+OLukJP0ZtT00PAxkGjiKofoD07ZQTv+bSo G3ehHw0if5Y1jrsjAaIx3aAzxXM640ng9pJ/t8LLZF3vuXovyzrCvraLGzb7tOif dC8x3bNKXHdPE7bTpSmsT+lcKunQBx22XWiZGA33YbxzAgMBAAE= -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4112143781516308623879075595745156272 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Batavia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fermi National Accelerator Laboratory' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.fnal.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 3921369765020446460555480558748944039802263080471382758876919377426558751763859714203028183849458535407015423128930639087405996873528082545284156361105391506633494277469216647932996598783442410909232792396437424449808795951120800330246179486466992511879897464319297103250682266382668826581506405037646814003073599755451557239080651497005891277232255395589149476580093829417031571477276563750817270228684316194238073838155507682815071914116105156180311969490996199424480180906630347014740835045510867587019672619408826468435921943143243130908682365236080019624031178410761176436344304807746625733928531814598002846567105443132231179675386971554842749609999396816706633088747321559339105480334671697765514080672440822836831648666199511831307029305300729266203256819453635256399778709533133798758028344132645956917932355225690954074328491065819204028859143364202600703375383253136599152118922210136763786843058104005416880028787 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ed463667c9bc5ae57e764ea62a5c1bd1ac10244e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fnal.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fnal.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000185c0c2bdd4000004030048304602210085e4a3760e26ae12e4b6602439951715f00447c6eb4b3412adf691d2e2e4a5f8022100e0c03a7d3939e1a4fa89d2c7c16e6403e627f12a1420a353a9e227b1ea598bde00750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000185c0c2be38000004030046304402201b97a88c3b61f28a4cbf605a98e6fe2b73b617c3434818205348bce77d9748c002206a105374ab2551c897c0bc411290e2504ea4e2b4129720e35e9df145df0221e400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000185c0c2be0d0000040300473045022100dd177c9cb690e2a22b0b3d39ca130e6ff9b730172f4af736cfe4880cc0c31d1802201e0084399ed4cd53921ca043f36c66dece06a8ffa44107890d6ca4bc415c24db . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b4ca21c07e38f904ca336eebe385578cbc6836ef9add6f7be6b0ee130a8c1fb1ef52bb734673a316703ec334ae515e9a6b177cb3eb2cb1ef44aa3176534a2d05d821c9f22da38014523c842be826e66804e666cb7965cb3178669352f7605673bbe239bf42cfcb9f17487a5ac9b5194902dab7e97de35acfb46c4d69e4a6af57562a987e168b2894a375bd73a264f47453daadc66265a6c86350a6430825bc927824f004435b9f7fcbd001be73d61e278fcc7e8cfed2da5949a8a06d8da9224af103fda04305a90bc814e450ba715d228aabb9996364dccbcdacf1cdd680a369ff8071d5fcdd9c1bb3510ca62a5e45cf41d213ad61282980dd77619991c05ca2