secure.universalstudios.com

- Universal City Studios -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 0b:b7:46:d0:b8:9d:45:ec:e8:ba:53:78:9c:a3:60:07 was issued on by DigiCert Inc.

With 44 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Universal City Studios

Organization: Universal City Studios
Organization unit: Universal City Studios
State / Province: California
Locality: Universal City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0b:b7:46:d0:b8:9d:45:ec:e8:ba:53:78:9c:a3:60:07
Serial Number (int): 15573134584011380016170571022781865991
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ab:02:1b:bf:9d:ef:e0:6e:29:a8:bc:44:5d:d3:79:d4:d6:58:ab:43
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): 90:eb:03:d9:3c:ed:e4:f3:ed:8f:63:43:81:0a:5e:32:d7:2e:01:ea
Fingerprint (sha256): 01:6e:83:30:5b:86:ff:cb:a1:8f:cd:52:c9:5c:26:4c:21:2f:44:85:2d:fc:35:6b:aa:73:52:ac:df:5d:28:c9

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate secure.universalstudios.com

44

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.universalstudios.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.universalstudios.com
www.universalorlandoresort.com
usj.universalplay.games
shop.universalorlando.com
spheresvc.ucdp.net
tickets-services.universalorlando.com
universalparks.com
rtuap.universalorlando.com
sphere.ucdp.net
theuniversalsphere.com
apps.universalparks.com
www.universalorlandoyouth.com
rtutickets.universalorlando.com
purchase.universalorlando.com
www.uomeetingsandevents.com
secure.universalorlando.com
hhnap.universalorlando.com
hhntickets.universalorlando.com
tickets.universalorlando.com
media.universalorlando.com
giftcards.universalorlando.com
www.universaltravelagents.com
www.universalorlando.co.uk
www.universalevents.com
www.theuniversalsphere.com
tmid.universalparks.com
ww2.universalorlando.com
spheresvcqa.ucdp.net
app.tickets2.universalorlando.com
sphereqa.ucdp.net
orlando.halloweenhorrornights.com
harrypotternews.universalorlando.com
tickets2.universalorlando.com
espanol.universalorlando.com
site.universalorlando.com
www.universalparks.com
b2b.universalorlando.com
services.universalorlando.com
portuguese.universalorlando.com
universalorlando.com
prod.universaltravelagents.com
tmidsvc.universalparks.com
www.universalorlando.com
services2.universalorlando.com

Other certificates including the domain name universalstudios.com

(limited to 100 certificates)
www.universalorlando.com
secure.universalstudios.com
secure.universalstudios.com
secure.universalstudios.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
secure.universalstudios.com
www.universalorlando.com
propsstg.universalstudios.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.seeso.com
secure.universalstudios.com
web2.sourceaudio.com
www.universalorlando.com
www.universalpictures.com
www.seeso.com
www.seeso.com
www.universalpictures.com
secure.universalstudios.com
studio.florida.universalstudios.com
www.universalpictures.com
www.universalorlando.com
oltsuat.secure.universalstudios.com
secure.universalstudios.com
www.universalorlando.com
www.universalpictures.com
props.universalstudios.com
www.universalpictures.com
twuat.secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.seeso.com
www.seeso.com
propsstg.universalstudios.com
san-3-s6.tlsprovisioning.exacttarget.com
secure.universalstudios.com
www.universalpictures.com
secure.universalstudios.com
www.universalpictures.com
www.seeso.com
secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.universalpictures.com
www.seeso.com
studioopsportal.universalstudios.com
studio.florida.universalstudios.com
san-3-s6.tlsprovisioning.exacttarget.com
etds.universalstudios.com
web2.sourceaudio.com
etdsuat.universalstudios.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
studioopsportal.universalstudios.com
www.seeso.com
san-3-s6.tlsprovisioning.exacttarget.com
www.seeso.com
www.universalpictures.com
www.universalpictures.com
secure.universalstudios.com
studio.florida.universalstudios.com
web2.sourceaudio.com
www.universalpictures.com
www.universalorlando.com
signup.universalstudios.com
nbcuat.secure.universalstudios.com
www.universalpictures.com
secure.universalstudios.com
www.universalorlando.com
www.universalpictures.com
www.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
props.universalstudios.com
secure.universalstudios.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
web2.sourceaudio.com
www.universalpictures.com
etdsuat-o.ucdp.net
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
propsstg.universalstudios.com

Certificate

The complete raw certificate details for secure.universalstudios.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILBzCCCe+gAwIBAgIQC7dG0LidRezoulN4nKNgBzANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xOTA5MjAwMDAwMDBaFw0xOTEyMjkxMjAwMDBaMIGjMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxMOVW5pdmVyc2FsIENpdHkxHzAd
BgNVBAoTFlVuaXZlcnNhbCBDaXR5IFN0dWRpb3MxHzAdBgNVBAsTFlVuaXZlcnNh
bCBDaXR5IFN0dWRpb3MxJDAiBgNVBAMTG3NlY3VyZS51bml2ZXJzYWxzdHVkaW9z
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALbx6QU6u5FyHMVz
fIgv/JmEhR1HDot2l6Q+AgqUDIlXC/K6xdY2dHVLjnuVPZvvoa05bzqUYQtQwcD1
FLCBm2fWHYFh+meCBD/yqyWStiuFASCYgExw+ecadVs8TWbuwO4TEnJV7vX6dExF
JVUUiT64fqFGrWbrwHajep7IcZrJIUeEPTkE7bROQzd4oGRphRBXEY16ZTzXaKvB
Kk+VAERZuFz5kZZrqaLdtLk/gFcYKW47ds7m4KSl+9wBYBGEUmSPMrUuoCBu+yir
SOxI8oj40F4jgxLOgLLxVMqCYb7ju5JP6iThd7krpPHOrUQEUyuDIBQ58IPQnQkh
A/wtJPECAwEAAaOCB3kwggd1MB8GA1UdIwQYMBaAFJBY/7CcdahRVHex7fKjQxY4
nmzFMB0GA1UdDgQWBBSrAhu/ne/gbimovERd03nU1lirQzCCBOkGA1UdEQSCBOAw
ggTcghtzZWN1cmUudW5pdmVyc2Fsc3R1ZGlvcy5jb22CHnd3dy51bml2ZXJzYWxv
cmxhbmRvcmVzb3J0LmNvbYIXdXNqLnVuaXZlcnNhbHBsYXkuZ2FtZXOCGXNob3Au
dW5pdmVyc2Fsb3JsYW5kby5jb22CEnNwaGVyZXN2Yy51Y2RwLm5ldIIldGlja2V0
cy1zZXJ2aWNlcy51bml2ZXJzYWxvcmxhbmRvLmNvbYISdW5pdmVyc2FscGFya3Mu
Y29tghpydHVhcC51bml2ZXJzYWxvcmxhbmRvLmNvbYIPc3BoZXJlLnVjZHAubmV0
ghZ0aGV1bml2ZXJzYWxzcGhlcmUuY29tghdhcHBzLnVuaXZlcnNhbHBhcmtzLmNv
bYIdd3d3LnVuaXZlcnNhbG9ybGFuZG95b3V0aC5jb22CH3J0dXRpY2tldHMudW5p
dmVyc2Fsb3JsYW5kby5jb22CHXB1cmNoYXNlLnVuaXZlcnNhbG9ybGFuZG8uY29t
ght3d3cudW9tZWV0aW5nc2FuZGV2ZW50cy5jb22CG3NlY3VyZS51bml2ZXJzYWxv
cmxhbmRvLmNvbYIaaGhuYXAudW5pdmVyc2Fsb3JsYW5kby5jb22CH2hobnRpY2tl
dHMudW5pdmVyc2Fsb3JsYW5kby5jb22CHHRpY2tldHMudW5pdmVyc2Fsb3JsYW5k
by5jb22CGm1lZGlhLnVuaXZlcnNhbG9ybGFuZG8uY29tgh5naWZ0Y2FyZHMudW5p
dmVyc2Fsb3JsYW5kby5jb22CHXd3dy51bml2ZXJzYWx0cmF2ZWxhZ2VudHMuY29t
ghp3d3cudW5pdmVyc2Fsb3JsYW5kby5jby51a4IXd3d3LnVuaXZlcnNhbGV2ZW50
cy5jb22CGnd3dy50aGV1bml2ZXJzYWxzcGhlcmUuY29tghd0bWlkLnVuaXZlcnNh
bHBhcmtzLmNvbYIYd3cyLnVuaXZlcnNhbG9ybGFuZG8uY29tghRzcGhlcmVzdmNx
YS51Y2RwLm5ldIIhYXBwLnRpY2tldHMyLnVuaXZlcnNhbG9ybGFuZG8uY29tghFz
cGhlcmVxYS51Y2RwLm5ldIIhb3JsYW5kby5oYWxsb3dlZW5ob3Jyb3JuaWdodHMu
Y29tgiRoYXJyeXBvdHRlcm5ld3MudW5pdmVyc2Fsb3JsYW5kby5jb22CHXRpY2tl
dHMyLnVuaXZlcnNhbG9ybGFuZG8uY29tghxlc3Bhbm9sLnVuaXZlcnNhbG9ybGFu
ZG8uY29tghlzaXRlLnVuaXZlcnNhbG9ybGFuZG8uY29tghZ3d3cudW5pdmVyc2Fs
cGFya3MuY29tghhiMmIudW5pdmVyc2Fsb3JsYW5kby5jb22CHXNlcnZpY2VzLnVu
aXZlcnNhbG9ybGFuZG8uY29tgh9wb3J0dWd1ZXNlLnVuaXZlcnNhbG9ybGFuZG8u
Y29tghR1bml2ZXJzYWxvcmxhbmRvLmNvbYIecHJvZC51bml2ZXJzYWx0cmF2ZWxh
Z2VudHMuY29tghp0bWlkc3ZjLnVuaXZlcnNhbHBhcmtzLmNvbYIYd3d3LnVuaXZl
cnNhbG9ybGFuZG8uY29tgh5zZXJ2aWNlczIudW5pdmVyc2Fsb3JsYW5kby5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+
BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVz
dFJTQUNBMjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEF
BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdQYI
KwYBBQUHAQEEaTBnMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0
LmNvbTA9BggrBgEFBQcwAoYxaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dl
b1RydXN0UlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMIIBBQYKKwYBBAHWeQIEAgSB
9gSB8wDxAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFtUGx2
jwAABAMASDBGAiEArD7Q9qrwLoQgnLxSDhd3KVUxgL8hTORhULkeb9bt3XgCIQCg
499AoEWtdAOljqmZ/jkpNv7LDorNF+yrt7FCZXftEQB2AId1v+dZfPiMQ5lfvfNu
/1aNR1Y2/0q1YMG06v9eoIMPAAABbVBsdvsAAAQDAEcwRQIgVdk0XDq82x3W2pl/
9wAPbqXaC2VNbuN+l/AhTprCfKACIQCb64pgNdoq+mOVI+W5bu0H0QxoUEYGkzn4
Huv++6YcOjANBgkqhkiG9w0BAQsFAAOCAQEAWBklj0sd2T7ykDsrkLTzm0X8Lfx3
u6CyKLG+95hJ4hyjOBGtF9HYrfRU+7vnTNkoVpn/eTqZgi+1D8YFR/XkZSm/VNYK
3MTrH9g5Tj7My3+hpm73hTYktrzLWmROYKv2K3J8oh6sT3uXcm7lU5LnJ193oOcZ
jLddCyUYYj2yjVoEaGfZdMSIGXcq0IgzDOTnnnV4yiDnME76DwLI28nNEjoOAdPe
D8mfWF7Q0szwnp6atWJR7BpWr5RCxdp/iN7pVZzffxpGs8tVb3EtnYPEp3FdXsCP
LjLWNaRigxSe3MbfZ+Y+DXxN9NhP2NyARrDjWowf5XzlOofJ8A3lXjTF/A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvHpBTq7kXIcxXN8iC/8
mYSFHUcOi3aXpD4CCpQMiVcL8rrF1jZ0dUuOe5U9m++hrTlvOpRhC1DBwPUUsIGb
Z9YdgWH6Z4IEP/KrJZK2K4UBIJiATHD55xp1WzxNZu7A7hMSclXu9fp0TEUlVRSJ
Prh+oUatZuvAdqN6nshxmskhR4Q9OQTttE5DN3igZGmFEFcRjXplPNdoq8EqT5UA
RFm4XPmRlmupot20uT+AVxgpbjt2zubgpKX73AFgEYRSZI8ytS6gIG77KKtI7Ejy
iPjQXiODEs6AsvFUyoJhvuO7kk/qJOF3uSuk8c6tRARTK4MgFDnwg9CdCSED/C0k
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15573134584011380016170571022781865991
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-29 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City Studios'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City Studios'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.universalstudios.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23094661887229779951462322257775289140306717495289476281019795064215085974477982523187139232162711886792142653498504004671369320977678156504052996247175697409534505823305534348588075054834198551202720302955859526345285816320399425238332004307636119773110597621935929514966931692541145072766195329652196530906450109501928608186014778800247748144741443043136270861709827498350785454165209049429608429647634824834851948219457194572223635466043173449597673183480656613571675005727184989414332827166953924424030311927520024193697851965255370879348894202680038332904509284271002646652918394047195828525148070244080407094513
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ab021bbf9defe06e29a8bc445dd379d4d658ab43
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1248 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.universalstudios.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlandoresort.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usj.universalplay.games'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spheresvc.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets-services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtuap.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sphere.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theuniversalsphere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlandoyouth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtutickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uomeetingsandevents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhnap.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhntickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftcards.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlando.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalevents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theuniversalsphere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmid.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ww2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spheresvcqa.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.tickets2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sphereqa.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orlando.halloweenhorrornights.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'harrypotternews.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'espanol.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'site.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2b.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portuguese.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmidsvc.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services2.universalorlando.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016d506c768f0000040300483046022100ac3ed0f6aaf02e84209cbc520e177729553180bf214ce46150b91e6fd6eddd78022100a0e3df40a045ad7403a58ea999fe392936fecb0e8acd17ecabb7b1426577ed110076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016d506c76fb0000040300473045022055d9345c3abcdb1dd6da997ff7000f6ea5da0b654d6ee37e97f0214e9ac27ca00221009beb8a6035da2afa639523e5b96eed07d10c685046069339f81eebfefba61c3a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005819258f4b1dd93ef2903b2b90b4f39b45fc2dfc77bba0b228b1bef79849e21ca33811ad17d1d8adf454fbbbe74cd9285699ff793a99822fb50fc60547f5e46529bf54d60adcc4eb1fd8394e3ecccb7fa1a66ef7853624b6bccb5a644e60abf62b727ca21eac4f7b97726ee55392e7275f77a0e7198cb75d0b2518623db28d5a046867d974c48819772ad088330ce4e79e7578ca20e7304efa0f02c8dbc9cd123a0e01d3de0fc99f585ed0d2ccf09e9e9ab56251ec1a56af9442c5da7f88dee9559cdf7f1a46b3cb556f712d9d83c4a7715d5ec08f2e32d635a46283149edcc6df67e63e0d7c4df4d84fd8dc8046b0e35a8c1fe57ce53a87c9f00de55e34c5fc