mx2-cdu-sp1.mta.salesforce.com

- salesforce.com, inc. -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0a:96:4b:6e:60:43:8e:9c:93:c7:7b:02:c0:38:3e:c0 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

salesforce.com, inc.

Organization: salesforce.com, inc.
State / Province: California
Locality: San Francisco
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:96:4b:6e:60:43:8e:9c:93:c7:7b:02:c0:38:3e:c0
Serial Number (int): 14072654412239765754821141222148030144
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 0a:22:ba:27:0c:93:16:0c:61:3a:48:28:f7:f9:99:cc:24:29:54:9a
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 21:2f:68:74:a8:1a:6b:5d:e3:c6:93:4d:6a:d1:d7:b3:2a:e4:4c:af
Fingerprint (sha256): 01:d7:62:68:c0:ad:d4:30:f6:ba:c7:bf:fd:e9:83:e6:19:42:66:87:29:b8:2e:84:78:6a:a3:a6:5a:59:06:eb

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate mx2-cdu-sp1.mta.salesforce.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mx2-cdu-sp1.mta.salesforce.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mx2-cdu-sp1.mta.salesforce.com

Other certificates including the domain name salesforce.com

(limited to 100 certificates)
*.cs109.force.com
*.cs26.my.salesforce.com
*.cs16.my.salesforce.com
*.cs54.force.com
mx2-was.mta.salesforce.com
*.cs73.force.com
na156.salesforce.com
*.umps1c4.salesforce.com
*.cs55.force.com
*.na151.force.com
*.c360a.salesforce.com
mx2-chi3.mta.salesforce.com
*.na202.force.com
config.cccnp0010.cnp-dev.commercecloud.salesforce.com
*.cs54.force.com
orgchart-dev.it.salesforce.com
*.na85.force.com
na149.salesforce.com
slotmatching22.salesforce.com
cs290.salesforce.com
emea.salesforce.com
*.eu27.force.com
sfm-ucm1.internal.salesforce.com
devforce.map.fastly.net
slotmatching19.salesforce.com
eef-eu.mce.salesforce.com
*.cs30.force.com
vpn-emea.corp.salesforce.com
ap19.salesforce.com
*.na127.force.com
*.sandbox.us01.dx.commercecloud.salesforce.com
na8-api.salesforce.com
*.cs81.force.com
mx2-phx-sp4.mta.salesforce.com
cs30.salesforce.com
sfm-cup2.internal.salesforce.com
vision-us.mce.salesforce.com
mx4-hio-sp1.mta.salesforce.com
dns-vetting1l.map.fastly.net
www.assistly.com
*.cs1.my.salesforce.com
*.na64.force.com
mx3-dfw-sp4.mta.salesforce.com
*.cs34.force.com
cs122.salesforce.com
*.na72.force.com
na166.salesforce.com
salesforce.com
*.cs68.my.salesforce.com
oid.internal.salesforce.com
spell-sjl.salesforce.com
lo2.my.lightning-container.com
dns-vetting1a.map.fastly.net
*.na36.force.com
ext-am-sbx.am.commercecloud.salesforce.com
slotmatching7.salesforce.com
na140.salesforce.com
vpn-na-east.corp.salesforce.com
*.na36.force.com
hyd-wlc-a.internal.salesforce.com
sfdc-x579t5.perf1i.login.pc-rnd.salesforce.com
*.na107.force.com
*.na86.force.com
*.cs30.my.salesforce.com
sfm-anchor-a.internal.salesforce.com
mobile1.t.force.com
*.eu46.force.com
*.cs4.force.com
prod.13.slot.cdn.salesforce-communities.com
mx2-cdu-sp1.mta.salesforce.com
cs308.salesforce.com
preprod.bluetail.salesforce.com
hyd-wlc-a.internal.salesforce.com
qa-api.docs.salesforce.com
umps1-c2-frf.salesforce.com
*.na34.force.com
*.cs15.force.com
*.na152.force.com
mx3-ord-sp1.mta.salesforce.com
mx2-frf-sp1.mta.salesforce.com
*.cs15.force.com
brand.salesforce.com
ora-ccore-wp001.internal.salesforce.com
*.cs173.force.com
dns-vetting1l.map.fastly.net
slotmatchinggs0.salesforce.com
perf1-useast2.cloudatlas.perf1o.pc-rnd.pc-aws.salesforce.com
dns-vetting1a.map.fastly.net
mx4-ord-sp2.mta.salesforce.com
*.eu25.force.com
cs225.salesforce.com
*.na18.force.com
mx3-frf-sp1.mta.salesforce.com
*.na74.force.com
www-perf2-pub.salesforce.com
*.cs115.my.salesforce.com
*.na38.force.com
app.datorama.com
*.na137.force.com
cmn1-wlc-a.internal.salesforce.com

Certificate

The complete raw certificate details for mx2-cdu-sp1.mta.salesforce.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIQCpZLbmBDjpyTx3sCwDg+wDANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMjAzMDAwMDAwWhcN
MjAxMjAzMTIwMDAwWjCBgjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
aWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xHTAbBgNVBAoTFHNhbGVzZm9yY2Uu
Y29tLCBpbmMuMScwJQYDVQQDEx5teDItY2R1LXNwMS5tdGEuc2FsZXNmb3JjZS5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2DRUsa4CzjR/6ymWq
TgFBubPoJjPynmedLy/wrnRjKpOWK/XRe0PoP93fWq7sSEfN2sMFJpvUIWVI56fK
KOzGis2OPC0WsMAIcPytjaADDSj82uL3fiJKP4l51KNikH9w/98qelA2Lh7+ddZf
N0v9SUmxUME+bN5X7wp6tEV+btoGWjv+GAv4UiIhcrFMelMZk8TLDc4YuQczBfnM
MzcYaNWxbUb2QPwXxpvV9j/GM5PWQlrg4fnYXq3Lu/gdVsXotVtaXQnOFfZwlxOw
jVLAGmHcDZnDvk+7WjOGfHk2quwpG8KkbPJp/KUsWFNyquEcnaDxTwzKW0ta3r++
2L8VAgMBAAGjggH3MIIB8zAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ
4jAdBgNVHQ4EFgQUCiK6JwyTFgxhOkgo9/mZzCQpVJowKQYDVR0RBCIwIIIebXgy
LWNkdS1zcDEubXRhLnNhbGVzZm9yY2UuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0
cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0
dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARF
MEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8v
Y2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0Eu
Y3J0MAkGA1UdEwQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQEL
BQADggEBANlgUK9BH1mxVcCJwQUEe3TECDyrB4uBtdYU41QMSgzZGIQZcvBalicu
HaSPJLwGviBASf/YD8HVIC14Ncye8hAcNMVlaLU+I+DLkdn3I5CEY79ROWvVDPSy
AEBj+3BXF8GlwcrojRBfnKgKRHWzpdSIB98o3/lCHpRZusfmyYZYBkA5d6fgaD/e
3GgaqXUAHBZTJTJNpeFU3xYSN6zsIasaknOHISKO9qjc8pGj7Ow0drA+oQvT/krV
EQyHYD4iccwsOiuQWumwmzdOGkNKnVGwGW7mi2HkLn9LaLOSJkUIhjjhgSiRGwBM
pWwBjFzBhpMLuWwIEZx6O4O4dwTSt2g=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9g0VLGuAs40f+splqk4B
Qbmz6CYz8p5nnS8v8K50YyqTliv10XtD6D/d31qu7EhHzdrDBSab1CFlSOenyijs
xorNjjwtFrDACHD8rY2gAw0o/Nri934iSj+JedSjYpB/cP/fKnpQNi4e/nXWXzdL
/UlJsVDBPmzeV+8KerRFfm7aBlo7/hgL+FIiIXKxTHpTGZPEyw3OGLkHMwX5zDM3
GGjVsW1G9kD8F8ab1fY/xjOT1kJa4OH52F6ty7v4HVbF6LVbWl0JzhX2cJcTsI1S
wBph3A2Zw75Pu1ozhnx5NqrsKRvCpGzyafylLFhTcqrhHJ2g8U8MyltLWt6/vti/
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14072654412239765754821141222148030144
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-03 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'salesforce.com, inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mx2-cdu-sp1.mta.salesforce.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31061074345924354000027531078991555160466034562024177907873469748338641513402878650460070853217609356527821491478077270113443107724366138033875800459815847215544237880230207695603760170996244126939583449631758497009597209170482986417758297387310292050128831760747972236636875101290503932290812871769984575337818217248888803511643493765025595013927415379843150008610350738806587662878065305885763009698118424274238662343018183867832013064103893650522578756177861778227167038586925294491936659999819971614639813464731382040644398802557385496856244758361603582770056942995365584219713149275212005141456943138160414080789
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0a22ba270c93160c613a4828f7f999cc2429549a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mx2-cdu-sp1.mta.salesforce.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00d96050af411f59b155c089c105047b74c4083cab078b81b5d614e3540c4a0cd918841972f05a96272e1da48f24bc06be204049ffd80fc1d5202d7835cc9ef2101c34c56568b53e23e0cb91d9f723908463bf51396bd50cf4b2004063fb705717c1a5c1cae88d105f9ca80a4475b3a5d48807df28dff9421e9459bac7e6c9865806403977a7e0683fdedc681aa975001c165325324da5e154df161237acec21ab1a92738721228ef6a8dcf291a3ecec3476b03ea10bd3fe4ad5110c87603e2271cc2c3a2b905ae9b09b374e1a434a9d51b0196ee68b61e42e7f4b68b3922645088638e18128911b004ca56c018c5cc186930bb96c08119c7a3b83b87704d2b768