bc.pershing.com
- The Bank of New York Mellon -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0f:e6:47:8f:d2:ee:21:a1:f8:05:bf:14:d6:4a:91:59 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
The Bank of New York Mellon
Organization:
The Bank of New York Mellon
State / Province:
Pennsylvania
Locality: Pittsburgh
Country: US
Locality: Pittsburgh
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:e6:47:8f:d2:ee:21:a1:f8:05:bf:14:d6:4a:91:59Serial Number (int): 21134099660225582489961873725371093337
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: c0:3a:b5:16:3e:f3:e2:f5:e4:9b:7f:0b:35:45:8d:e8:bc:18:f6:de
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): 77:03:a0:81:66:9c:21:80:89:5b:cd:99:81:20:dc:0a:8d:b8:92:81
Fingerprint (sha256): 01:5c:2c:e6:69:1c:61:25:fc:c3:11:7d:7f:b8:1e:37:d7:72:33:2a:4a:7e:aa:6d:81:b9:49:00:a1:74:59:77
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Check the revocation status for certificate bc.pershing.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bc.pershing.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bc.pershing.com
Other certificates including the domain name pershing.com
(limited to 100 certificates)
coh.pershing.com
ccenter.pershing.com
bc.pershing.com
support.pershing.com
info.bnymellon.com
inside.pershing.com
investor.pershing.com
pershing.com
information.pershing.com
investor.pershing.com
voiceware.pershing.com
pershing.com
insite.pershing.com
jtapcentral.pershing.com
cfat.pershing.com
ccenter.pershing.com
data.pershing.com
cfat.pershing.com
content.pershing.com
mft.sfg.bnymellon.com
uat-bondwave.pershing.com
pershing.com
roars.pershing.com
uat-bondwave.pershing.com
bc.pershing.com
mqmf-mqu1.pershing.com
remote1.pershing.com
bc.pershing.com
voiceware.pershing.com
remote1.pershing.com
insite.pershing.com
retirement.pershing.com
xat-bondwave.pershing.com
qc.pershing.com
investorportal.pershing.com
xne1e1.bnymellon.net
roars.pershing.com
files.pershing.com
mod-content.pershing.com
qpr.pershing.com
infodirect.pershing.com
demo-pernet.pershing.com
xat-bondwave.pershing.com
services.pershing.com
data.pershing.com
bc.pershing.com
qpr.pershing.com
ice2roars2.bnymellon.net
sni243645.cloudflaressl.com
information.pershing.com
mqmf-mqu2.pershing.com
pershing.com
pershing.com
mansee-test-external.dev.pershing.com
managergateway.pershing.com
support.pershing.com
services.pershing.com
www.pershing.com
data.pershing.com
xat-bondwave.pershing.com
voiceware.pershing.com
sni243645.cloudflaressl.com
controlcenter.pershing.com
cfat.pershing.com
content-demo.pershing.com
cfat.pershing.com
insite.pershing.com
pernet.pershing.com
content.pershing.com
dasf-saml.sso.pershing.com
bc.pershing.com
actimize.pershing.com
pernet.pershing.com
files.pershing.com
www.pershing.com
mqmf-mqu2.pershing.com
managergateway.pershing.com
managergateway.pershing.com
data.pershing.com
standardfiles.pershing.com
communications.pershing.com
actimize.pershing.com
info.bnymellon.com
controlcenter.pershing.com
mod-content.pershing.com
uat-bondwave.pershing.com
actimizedemo.pershing.com
xat-insite.pershing.com
xne1e1.bnymellon.net
remote2.pershing.com
infodirect.pershing.com
uit.pershing.com
ftps5.pershing.com
mft.sfg.bnymellon.com
iceroars2.pershing.com
files.pershing.com
insite.pershing.com
iceroars2.pershing.com
files.pershing.com
insite.pershing.com
ccenter.pershing.com
bc.pershing.com
support.pershing.com
info.bnymellon.com
inside.pershing.com
investor.pershing.com
pershing.com
information.pershing.com
investor.pershing.com
voiceware.pershing.com
pershing.com
insite.pershing.com
jtapcentral.pershing.com
cfat.pershing.com
ccenter.pershing.com
data.pershing.com
cfat.pershing.com
content.pershing.com
mft.sfg.bnymellon.com
uat-bondwave.pershing.com
pershing.com
roars.pershing.com
uat-bondwave.pershing.com
bc.pershing.com
mqmf-mqu1.pershing.com
remote1.pershing.com
bc.pershing.com
voiceware.pershing.com
remote1.pershing.com
insite.pershing.com
retirement.pershing.com
xat-bondwave.pershing.com
qc.pershing.com
investorportal.pershing.com
xne1e1.bnymellon.net
roars.pershing.com
files.pershing.com
mod-content.pershing.com
qpr.pershing.com
infodirect.pershing.com
demo-pernet.pershing.com
xat-bondwave.pershing.com
services.pershing.com
data.pershing.com
bc.pershing.com
qpr.pershing.com
ice2roars2.bnymellon.net
sni243645.cloudflaressl.com
information.pershing.com
mqmf-mqu2.pershing.com
pershing.com
pershing.com
mansee-test-external.dev.pershing.com
managergateway.pershing.com
support.pershing.com
services.pershing.com
www.pershing.com
data.pershing.com
xat-bondwave.pershing.com
voiceware.pershing.com
sni243645.cloudflaressl.com
controlcenter.pershing.com
cfat.pershing.com
content-demo.pershing.com
cfat.pershing.com
insite.pershing.com
pernet.pershing.com
content.pershing.com
dasf-saml.sso.pershing.com
bc.pershing.com
actimize.pershing.com
pernet.pershing.com
files.pershing.com
www.pershing.com
mqmf-mqu2.pershing.com
managergateway.pershing.com
managergateway.pershing.com
data.pershing.com
standardfiles.pershing.com
communications.pershing.com
actimize.pershing.com
info.bnymellon.com
controlcenter.pershing.com
mod-content.pershing.com
uat-bondwave.pershing.com
actimizedemo.pershing.com
xat-insite.pershing.com
xne1e1.bnymellon.net
remote2.pershing.com
infodirect.pershing.com
uit.pershing.com
ftps5.pershing.com
mft.sfg.bnymellon.com
iceroars2.pershing.com
files.pershing.com
insite.pershing.com
iceroars2.pershing.com
files.pershing.com
insite.pershing.com
Certificate
The complete raw certificate details for bc.pershing.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgIQD+ZHj9LuIaH4Bb8U1kqRWTANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMTEyMDMwMDAwMDBa Fw0yMzAxMDMyMzU5NTlaMHkxCzAJBgNVBAYTAlVTMRUwEwYDVQQIEwxQZW5uc3ls dmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxJDAiBgNVBAoTG1RoZSBCYW5rIG9m IE5ldyBZb3JrIE1lbGxvbjEYMBYGA1UEAxMPYmMucGVyc2hpbmcuY29tMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GRKmUUn8sydlWxsOCEGYe+hxfmq ngs5214+05cWGO3RX/BVGfVZPXeM0z91dsg5TQOVIo+UNJimLZfrrjCixw289/yv doVML08vohkWE12q0pgGOoLwK0gYzloBJn28gjRibDf97To1kdlzru/aXf61h1Cn JgB7vypDYB9hm2j8zNO8m8ZfW2u7EGeQKowZmthHm6/JinBrAT74iEcRu0cWPU+k LSHoN7qs8ETaal0fPE+CuEdf9Bowp0Ys27anVihsC0dL+LpRGiN5bYSDOrZAZDV6 UipmnnCg+WbBpQkuRCCi0+2C5AILFEPvyYZ2wxc7x/IwheGPnXa8eugGZQIDAQAB o4ICBTCCAgEwHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYDVR0O BBYEFMA6tRY+8+L15Jt/CzVFjei8GPbeMBoGA1UdEQQTMBGCD2JjLnBlcnNoaW5n LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv bS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwQKA+oDyGOmh0dHA6 Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEt NC5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDov L3d3dy5kaWdpY2VydC5jb20vQ1BTMH8GCCsGAQUFBwEBBHMwcTAkBggrBgEFBQcw AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1odHRwOi8v Y2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex LTEuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZI hvcNAQELBQADggEBAIP0M5WnvtvoOzik6k8Suhz0ynFEKNTPAs+4YyKN8vJJW+ja RKo5uk/75iS/PDI7LqUFM9ERf1L/ORuDwUC8c3fqWrFvXDcRyTkiK54WgyK4se47 6V+5cghUwkFESh2SMZgHVIxI7DjLQDaY5iLzrYliBZ/M0aRbdkPrmIvNY7zTvusj +4EO29XbbPuKFK9fFqgPP5gzjlCcKOFi4zhlm64B1K6jiZLzzROzoEYf8jO8cGrc Wv2jAI5FNmyKJy5dmGxX9KpbrtYKbUdF+hnjtrU7tu37bF4/ISqT5hBFGjRUligG ppFiC5K/IRXcwCP5PSoCfpELKIvNCRu7+3TP7WA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GRKmUUn8sydlWxsOCEG Ye+hxfmqngs5214+05cWGO3RX/BVGfVZPXeM0z91dsg5TQOVIo+UNJimLZfrrjCi xw289/yvdoVML08vohkWE12q0pgGOoLwK0gYzloBJn28gjRibDf97To1kdlzru/a Xf61h1CnJgB7vypDYB9hm2j8zNO8m8ZfW2u7EGeQKowZmthHm6/JinBrAT74iEcR u0cWPU+kLSHoN7qs8ETaal0fPE+CuEdf9Bowp0Ys27anVihsC0dL+LpRGiN5bYSD OrZAZDV6UipmnnCg+WbBpQkuRCCi0+2C5AILFEPvyYZ2wxc7x/IwheGPnXa8eugG ZQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 21134099660225582489961873725371093337 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pittsburgh' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Bank of New York Mellon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bc.pershing.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28326835845570073619012572511601130253042075948094261655089002217336683639207836756946823262753835515749432820700816918387938451528770780202320690357819521499721407006950777624132632651204254535027857909262366132617139311796394409454935628173889972516836314030190605936747444851356804023851708560184366756954840679225728979572674291601266572078362467489390610317655836002519181271047970131453518899740697535962579493492000280255493954826546028427184718259594841808452156631116958768743081855788951544796541401132707243221514854540928570188558141427405928355421828776315449083534072234981069779686201013390560360662629 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c03ab5163ef3e2f5e49b7f0b35458de8bc18f6de . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bc.pershing.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0083f43395a7bedbe83b38a4ea4f12ba1cf4ca714428d4cf02cfb863228df2f2495be8da44aa39ba4ffbe624bf3c323b2ea50533d1117f52ff391b83c140bc7377ea5ab16f5c3711c939222b9e168322b8b1ee3be95fb9720854c241444a1d92319807548c48ec38cb403698e622f3ad8962059fccd1a45b7643eb988bcd63bcd3beeb23fb810edbd5db6cfb8a14af5f16a80f3f98338e509c28e162e338659bae01d4aea38992f3cd13b3a0461ff233bc706adc5afda3008e45366c8a272e5d986c57f4aa5baed60a6d4745fa19e3b6b53bb6edfb6c5e3f212a93e610451a3454962806a691620b92bf2115dcc023f93d2a027e910b288bcd091bbbfb74cfed60