ddcship.bnymellon.com

- The Bank of New York Mellon -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0a:22:dc:e6:e9:95:2f:2e:bd:cd:89:60:34:0c:d1:7a was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The Bank of New York Mellon

Organization: The Bank of New York Mellon
Organization unit: LOAN DOCUMENT CUSTODY
State / Province: Pennsylvania
Locality: Pittsburgh
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:22:dc:e6:e9:95:2f:2e:bd:cd:89:60:34:0c:d1:7a
Serial Number (int): 13473298475919884565646664101935239546
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 0d:b3:3d:41:ce:7d:8a:d3:c8:b0:8c:ae:78:2e:3d:3f:42:87:ff:b5
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 32:73:4e:30:b8:7c:00:89:7a:7e:e5:bb:5e:e3:b4:e6:f5:e1:2a:e8
Fingerprint (sha256): 01:9d:5c:d0:53:20:d9:64:49:46:72:ba:67:46:bf:8c:47:6c:8f:dd:0f:1d:b7:8f:b0:b4:be:be:7c:d0:cd:6e

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate ddcship.bnymellon.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ddcship.bnymellon.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ddcship.bnymellon.com

Other certificates including the domain name bnymellon.com

(limited to 100 certificates)
demo-directbizmonitor.qa.bnymellon.com
billpayadvantage.bnymellon.com
csd.bnymellon.com
M-DCAT.BNYMELLON.COM
supplier.qa.bnymellon.com
xat-res-netx360.bnymellon.com
connectfiletransfer.bnymellon.com
brms.bnymellon.com
dev-marketprofiles.bnymellon.com
*.bnymellon.com
wm-proxyin-uat.qa.bnymellon.com
lionremote-bxp2.qa.bnymellon.com
ecommerce.bnymellon.com
xat-sagepointfinancial-netxinvestor.bnymellon.com
xat-jefferies-netxinvestor.bnymellon.com
BENPAY.DEMO.BNYMELLON.COM
xuat-syndicatedcapital-netxinvestor.bnymellon.com
xuat-harris-netxinvestor.bnymellon.com
debitcard-api.bnymellon.com
uat-connectaisapp.bnymellon.com
cumulus-migration-for-michelle-dmz1.qa.bnymellon.com
iaw.bnymellon.com
ecommerce-dev.bnymellon.com
xat-searleco-netxinvestor.bnymellon.com
ppc.bnymellon.com
authenticate.bnymellon.com
xuat-henley-netxinvestor.bnymellon.com
xuat-juliusbaer-netxinvestor.bnymellon.com
jpass10.bnymellon.com
ae-routing-demo.qa.bnymellon.com
dcat-ciservices.qa.bnymellon.com
remote2.bnymellon.com
awh-ds.bnymellon.com
StructuredCreditConnection.BNYMellon.com
rj101nsgw.bnymellon.com
netxservices.bnymellon.com
remote.bnymellon.com
xat-test-netxinvestor.bnymellon.com
vdsna.bnymellon.com
gm-fxanalytics.bnymellon.com
design.dev.bnymellon.com
xat-gmers2-static.bnymellon.com
odb.bnymellon.com
topsdcat.bnymellon.com
m-privatebanking.bnymellon.com
wbcrparam.bnymellon.com
shaffi-testing5.qa.bnymellon.com
xat-wbcrparam.bnymellon.com
xat-app-liquiditydirect.bnymellon.com
esfsf.qa.bnymellon.com
ccenter.pershing.com
xat-tic-netxinvestor.bnymellon.com
QSEPROD.bnymellon.com
appstudio-api-legacy.bnymellon.com
compliance.bnymellon.com
cctcfindm.mar2020.bnymellon.com
fxanalytics-demo.bnymellon.com
xat-nexen.bnymellon.com
ngej1cs.bnymellon.com
connectais.qa.bnymellon.com
surpasisvc.bnymellon.com
SecuritiesDirectPlus-UAT.bnymellon.com
wca.bnymellon.com
dgtools-mapping.bnymellon.com
bpmconnect.bnymellon.com
fcs-dashboard-1.qa.bnymellon.com
xat-connectfiletransfer.bnymellon.com
eanalytics-demo.qa.bnymellon.com
IFXCLIENT2.DEV.BNYMELLON.COM
shareowners.bnymellon.com
marketplace.bnymellon.com
im.bnymellon.com
design.bnymellon.com
xat-gmsgroup-netxinvestor.bnymellon.com
xuat-saturna-netxinvestor.bnymellon.com
treasuryedge.bnymellon.com
my360-cata.qa.bnymellon.com
ddcship.bnymellon.com
im-user-service.bnymellon.com
xat-hewittfs-netxinvestor.bnymellon.com
firstcitizens-xat-netxinvestor.qa.bnymellon.com
ctdataservices.bnymellon.com
ers2-static.bnymellon.com
bnymdesktop.qa.bnymellon.com
fundadmin.bnymellon.com
structuredsolutions.bnymellon.com
ebi42.qa.bnymellon.com
wvr.bnymellon.com
lionremote-bxp.qa.bnymellon.com
filetransfer.qa.bnymellon.com
mobius.bnymellon.com
connectapp.bnymellon.com
xat-ssi-netxinvestor.bnymellon.com
fundpricing.qa.bnymellon.com
nexenapp.bnymellon.com
xuat-nmis-netxinvestor.bnymellon.com
bds-bdcdrin-xb.bnymellon.com
connectapp-dcat.bnymellon.com
ClientCentral.bnymellon.com
opd2.qa.bnymellon.com

Certificate

The complete raw certificate details for ddcship.bnymellon.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIQCiLc5umVLy69zYlgNAzRejANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE1MDAwMDAwWhcN
MTkxMDIwMTIwMDAwWjCBnzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBlbm5zeWx2
YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDEkMCIGA1UEChMbVGhlIEJhbmsgb2Yg
TmV3IFlvcmsgTWVsbG9uMR4wHAYDVQQLExVMT0FOIERPQ1VNRU5UIENVU1RPRFkx
HjAcBgNVBAMTFWRkY3NoaXAuYm55bWVsbG9uLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALPB4U8+cpmdg518/BI2uF7c7Pvpr6R19tkAG2QDUVbM
qRdknH/9z1druwgduLbfbTN+v46Hn/NJiyVVcM01kl6l482/TSV1iZDdHxjG5JiA
gSTQL2HYyk4ZF/CacnU38soP7Hif7EhicN21LTtTORUqIwkWN3IDawQ/CWqSQ/ZI
DNN/iyj3PtiXbqFAToO1AQWDrHvDogAeZ1jzf0jYS6XSltBPDun95zY1hE2D/rya
W+xXMTIpr1NZgS2dfgUY+D5aLkf+IEFc7aENoB3F++lsAK6k2efXKQgmvjTKYgAD
nNRwc71w0nCkFcfXP7/pVu9ei2uCN4C1BeXjuueTjCkCAwEAAaOCAe4wggHqMB8G
A1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQNsz1Bzn2K
08iwjK54Lj0/Qof/tTAgBgNVHREEGTAXghVkZGNzaGlwLmJueW1lbGxvbi5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBr
BgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1z
aGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Et
c2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcC
ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYB
BQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
RgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
dFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQD
AQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEADp2+kJzfj0nzYZt5q5HGUKLQxryY
Pz7BTt2X9W8HY7ikLKXtZlyDewvtqqqoQw8b2AI7K2ibNwSAlKj1ecNQjy2Gt7S1
mLuTiNi/iPRMfoh5LGI3STWww48uP8OkfmLMT4ZNQO0RGJAacJl+6LF4L1fKYhTB
uliAFDAe/C7Z04w/tiZRsRBx5QGu8SEATJ/C90IcDPfTuObO1jOXwKaGCdbjnfkZ
YHtM1lqZ2ybK8sxSMFhXaTPCv8KdbCl0UCcvOVzb9DgsnQYtvFm2t7Sz/JKyeD09
PARaVleTXacPDIkTooqSFwTyVa7ZCT/pucZt+dw/IKtcHkMunLclFSKxnw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8HhTz5ymZ2DnXz8Eja4
Xtzs++mvpHX22QAbZANRVsypF2Scf/3PV2u7CB24tt9tM36/joef80mLJVVwzTWS
XqXjzb9NJXWJkN0fGMbkmICBJNAvYdjKThkX8JpydTfyyg/seJ/sSGJw3bUtO1M5
FSojCRY3cgNrBD8JapJD9kgM03+LKPc+2JduoUBOg7UBBYOse8OiAB5nWPN/SNhL
pdKW0E8O6f3nNjWETYP+vJpb7FcxMimvU1mBLZ1+BRj4PlouR/4gQVztoQ2gHcX7
6WwArqTZ59cpCCa+NMpiAAOc1HBzvXDScKQVx9c/v+lW716La4I3gLUF5eO655OM
KQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13473298475919884565646664101935239546
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-20 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pittsburgh'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Bank of New York Mellon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LOAN DOCUMENT CUSTODY'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ddcship.bnymellon.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22692262437115132325620924251814627251980523788496258087975657018754048683418776353764439936924119339240343207345843214247217800406456933416877990045216268033047312989097196642319316729089869213812716370728546055518559868000698723387910922246848474210644866720220378740273167040201304487686895167501666713853888720093170643641196733928116199695162673098583057825708735627020771182440673749540426709228487319532799873028929380317428955727084051575640207972220424862742376411451780335941837484744202454244631756609369602393431015512829765095418058449418671638352427687384890145191667037934553334715174421494594077428777
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0db33d41ce7d8ad3c8b08cae782e3d3f4287ffb5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ddcship.bnymellon.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000e9dbe909cdf8f49f3619b79ab91c650a2d0c6bc983f3ec14edd97f56f0763b8a42ca5ed665c837b0bedaaaaa8430f1bd8023b2b689b37048094a8f579c3508f2d86b7b4b598bb9388d8bf88f44c7e88792c62374935b0c38f2e3fc3a47e62cc4f864d40ed1118901a70997ee8b1782f57ca6214c1ba588014301efc2ed9d38c3fb62651b11071e501aef121004c9fc2f7421c0cf7d3b8e6ced63397c0a68609d6e39df919607b4cd65a99db26caf2cc523058576933c2bfc29d6c297450272f395cdbf4382c9d062dbc59b6b7b4b3fc92b2783d3d3c045a5657935da70f0c8913a28a921704f255aed9093fe9b9c66df9dc3f20ab5c1e432e9cb7251522b19f