files.dnr.state.mn.us

- State of Minnesota -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number b3:37:3b:2d:6c:06:79:51:12:ff:bb:2e:99:95:f0:8c was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

State of Minnesota

Company registration number: Government Entity
Organization: State of Minnesota
Organization unit: Dept of Natural Resources
State / Province: Minnesota
Country: US

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): b3:37:3b:2d:6c:06:79:51:12:ff:bb:2e:99:95:f0:8c
Serial Number (int): 238218587833585492877323516701025104012
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: f5:be:8b:f7:dd:83:a1:ea:9a:bc:da:af:65:4a:70:be:70:28:e2:3b
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 26:06:9b:4c:ea:c4:fb:30:2e:b2:ec:49:46:ca:40:b6:6e:64:9f:6a
Fingerprint (sha256): 01:fc:0d:11:b3:e4:00:ad:8d:2b:a1:d4:02:8c:9f:bc:bd:38:6f:d8:7f:ea:f4:92:d8:1b:c2:18:ed:6b:0b:da

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate files.dnr.state.mn.us

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for files.dnr.state.mn.us

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

files.dnr.state.mn.us
www.files.dnr.state.mn.us

Other certificates including the domain name state.mn.us

(limited to 100 certificates)
fyidocs.web.health.state.mn.us
maps1.dnr.state.mn.us
edocs.dhs.state.mn.us
www.brewermiddleschool.wsisd.com
mndatarest.web.health.state.mn.us
drainage.pca.state.mn.us
ww2.commissions.leg.state.mn.us
support.mdor.state.mn.us
autodiscover.state.mn.us
mnhumanservices-test.dhs.state.mn.us
www.westkm.pubdef.state.mn.us
svn.nonprod.health.state.mn.us
guestvdi.dps.state.mn.us
arclookup.dhs.int.state.mn.us
education.mn.gov
printprint.x.state.mn.us
mnwellindex.web.health.state.mn.us
nslp.web.health.state.mn.us
podprecheck.health.state.mn.us
ccbhcreporting.dhs.state.mn.us
evve.health.state.mn.us
archerdev.int.state.mn.us
merc.health.state.mn.us
www.dlan.dps.state.mn.us
trng.mec2.dhs.state.mn.us
mhis.dhs.mn.gov
lic-dev.dnr.state.mn.us
mnchoices-train.dhs.state.mn.us
tmon.dhs.int.state.mn.us
mnch-supplan-train.dhs.state.mn.us
webportal3.dot.state.mn.us
elm.systems.state.mn.us
www2.mainserver.state.mn.us
cannabis.web.health.state.mn.us
support.elm.swift.state.mn.us
dutchelm.dps.state.mn.us
www.cty.dhs.state.mn.us
mnlars-iam-prod-app-v201.dps.int.state.mn.us
mars.doc.state.mn.us
www.msrs.state.mn.us
aurora.msrs.state.mn.us
ftp.sos.state.mn.us
www.cfbreport.state.mn.us
coms.stage.doc.state.mn.us
swa.web.health.state.mn.us
rpo.dev.dhs.int.state.mn.us
passwordreset.mnit.state.mn.us
leadrenovator.web.health.state.mn.us
files.dnr.state.mn.us
www.ecmportal.pubdef.state.mn.us
revvpnsdp.mdor.state.mn.us
wm.courts.state.mn.us
www.gideon2test.pubdef.state.mn.us
www.dashboardtest.pubdef.state.mn.us
www.yorkprepsc.org
webportal2.dot.state.mn.us
pfas400.dhs.int.state.mn.us
www.ble.mn.gov
arsdev.itg.state.mn.us
www.lawyerregulation.mn.gov
mnsurebda2node09.hix.int.state.mn.us
www.mcla.state.mn.us
mnchoices-train.dhs.state.mn.us
g45ppwcsldww001.admin.state.mn.us
neien.pca.state.mn.us
ddi.itg.state.mn.us
g46pilvcmseo104.voice.state.mn.us
asthmahealthyhomes.web.health.state.mn.us
commissionsandappointments.sos.state.mn.us
samtest.dhs.state.mn.us
dps.mn.gov
dev.sema4.systems.state.mn.us
www.selfloan.state.mn.us
analytics.education.state.mn.us
caseworks.x.state.mn.us
*.devapi.hlb.state.mn.us
g46pilvcmsco104.voice.state.mn.us
image.enx.web.health.state.mn.us
www.ag.state.mn.us
www.fafsaweb.state.mn.us
services.swift.state.mn.us
admin.bakerschools.org
*.sos.state.mn.us
forums.doc.state.mn.us
registrationportal.dot.state.mn.us
fimpwreset.ead.state.mn.us
bcacrimestats.x.state.mn.us
iibvhn.mneiam.int.state.mn.us
remote.oah.state.mn.us
www.ohe.state.mn.us
survey.dnr.state.mn.us
edocs.dhs.state.mn.us
west.commerce.state.mn.us
mdaonbaseapp.mda.state.mn.us
mdatwa2.state.mn.us
licensinglookup.dhs.state.mn.us
ocm.web.health.state.mn.us
support.mdor.state.mn.us
mcla.es.state.mn.us
hchhomes.web.health.state.mn.us

Certificate

The complete raw certificate details for files.dnr.state.mn.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIWjCCB0KgAwIBAgIRALM3Oy1sBnlREv+7LpmV8IwwDQYJKoZIhvcNAQELBQAw
gZExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UE
AxMwU2VjdGlnbyBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy
IENBMB4XDTIyMDcwMTAwMDAwMFoXDTIzMDcwMTIzNTk1OVowgc8xGjAYBgNVBAUT
EUdvdmVybm1lbnQgRW50aXR5MRMwEQYLKwYBBAGCNzwCAQMTAlVTMRowGAYDVQQP
ExFHb3Zlcm5tZW50IEVudGl0eTELMAkGA1UEBhMCVVMxEjAQBgNVBAgTCU1pbm5l
c290YTEbMBkGA1UEChMSU3RhdGUgb2YgTWlubmVzb3RhMSIwIAYDVQQLExlEZXB0
IG9mIE5hdHVyYWwgUmVzb3VyY2VzMR4wHAYDVQQDExVmaWxlcy5kbnIuc3RhdGUu
bW4udXMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCsFQy7wz/pFs1l
6iBD8tHTDAyocEiPFL+e60lYZ3gfCkgDHpbkVvM/XYvxqW2RfBkXhPl/I2CVAsLx
T2JZsaBdvDjWkfcrVfokaMhcOHU+MOfnOPYM7iJ0CyCmU/MdpAkAu+cBwh/Tt0up
4Yq4qzeAvpizgDDnYo9DWVnAW1oyzPAsvb7FJFKAeFpJt8Sp+FqODtHotwViizzH
c7FMuWZeE5KxBxakjQSFYLhTw6o/HpQFdELCRUB7vAPIBS2DpcF7RwDOa/ax2Kid
YuYak39o0bROzOgEtcPSCX8lVt5KpC6zuE7ys2jqlca1R1OsYJi4sVZ6QP1BAuwQ
Q6RyczWQmVLpfksm7eULvvM+wUz4E4RmhJx0hYx/8bz/gdcOruYlhdNHpUTIm4xK
l4Gobj1Imj7mPW0VlYrqQQVRQJYaakS7n5BVWJ4+ZWwhycU6IEYM01Ege+JMNfs6
ctnvthOXBwkMavzNDBUXqd8O0PUKXLV6v90bfmCFI1NYYwMWLzl2+9wAEpuidav9
d8aQ549iKonyoEMzQNGk9kOaDZilgoUb9IsQrw4gG+vnXl8IvDzQnH4uOyMcTbTu
qexD+eCdeK/zazngns6pV1io124OzWt5Zl7Ph9JaYT/4MuQVCzVP0R/U/XDgNDW9
i2xAfUbbXTk/UkJcqHp1G/ACTwNGoQIDAQABo4IDazCCA2cwHwYDVR0jBBgwFoAU
LGn/gMmHkK404bTnTJOFmUDpp7IwHQYDVR0OBBYEFPW+i/fdg6Hqmrzar2VKcL5w
KOI7MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDUGDCsGAQQBsjEBAgEFATAlMCMG
CCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAHBgVngQwBATBWBgNV
HR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FF
eHRlbmRlZFZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYYGCCsGAQUFBwEB
BHoweDBRBggrBgEFBQcwAoZFaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdv
UlNBRXh0ZW5kZWRWYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUF
BzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTA7BgNVHREENDAyghVmaWxlcy5k
bnIuc3RhdGUubW4udXOCGXd3dy5maWxlcy5kbnIuc3RhdGUubW4udXMwggF9Bgor
BgEEAdZ5AgQCBIIBbQSCAWkBZwB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqF
hjTr3IKKAAABgbqWLPQAAAQDAEcwRQIgDT0ez2iEmG0hKsxXKgElS92b6w0ZqFYe
68a3c0/mvqoCIQDnfrV5B7WCCQ2PTQpsRXbhf/ndkH2xCVdPlT534KNYawB2AFWB
1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABgbqWLJIAAAQDAEcwRQIh
AKVSaTMysXA3vz6pHEu0gz4F1uMTUNBLkuYOIPioEs6PAiBJ7eHXfmaJ4SR5gaVE
EdPjjPCeFdNBZsLEKYKinajnqgB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivB
OlejUutSAAABgbqWLMAAAAQDAEYwRAIgaohOZiTPsf7u0LToxaIvYQ+TaZ+uViMu
RIm+06IN5EUCIBAMxS8sMpezkXfSTEjm6cpF/urj0p1ZGIwOXouVPIr6MA0GCSqG
SIb3DQEBCwUAA4IBAQCFxCg7+ieplNB/yVHHmvkcvOfZ1qhGLS1WBEm6cVv6bTKn
Rai4SkdrOL2UwGfrVtC7F55MiKtOiFS+63gwApd4VqZCVY2jsPv90YdvCY5YYaLp
gOr6F708Yx4n6znvbUbURm5TStvP1EPtTO3kkCM8BX4/qGKUrRjOi+TLy64JQ5DY
Zbokzd+2UYQ39YKY20qQA3fGuSJDaZYLi5SrKYL26tAaOwqLYUWR5tPo1y69cpSX
0rsOPSC7Lb4hlglazskOtkOyItv322YL7I3komvZfDqiDQ//orqja/gr64hjkvrh
8SEc8yo+9kdYRw3/bBR1uJbxqUYY8leHYbguCOhY
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArBUMu8M/6RbNZeogQ/LR
0wwMqHBIjxS/nutJWGd4HwpIAx6W5FbzP12L8altkXwZF4T5fyNglQLC8U9iWbGg
Xbw41pH3K1X6JGjIXDh1PjDn5zj2DO4idAsgplPzHaQJALvnAcIf07dLqeGKuKs3
gL6Ys4Aw52KPQ1lZwFtaMszwLL2+xSRSgHhaSbfEqfhajg7R6LcFYos8x3OxTLlm
XhOSsQcWpI0EhWC4U8OqPx6UBXRCwkVAe7wDyAUtg6XBe0cAzmv2sdionWLmGpN/
aNG0TszoBLXD0gl/JVbeSqQus7hO8rNo6pXGtUdTrGCYuLFWekD9QQLsEEOkcnM1
kJlS6X5LJu3lC77zPsFM+BOEZoScdIWMf/G8/4HXDq7mJYXTR6VEyJuMSpeBqG49
SJo+5j1tFZWK6kEFUUCWGmpEu5+QVViePmVsIcnFOiBGDNNRIHviTDX7OnLZ77YT
lwcJDGr8zQwVF6nfDtD1Cly1er/dG35ghSNTWGMDFi85dvvcABKbonWr/XfGkOeP
YiqJ8qBDM0DRpPZDmg2YpYKFG/SLEK8OIBvr515fCLw80Jx+LjsjHE207qnsQ/ng
nXiv82s54J7OqVdYqNduDs1reWZez4fSWmE/+DLkFQs1T9Ef1P1w4DQ1vYtsQH1G
2105P1JCXKh6dRvwAk8DRqECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 238218587833585492877323516701025104012
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'State of Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Dept of Natural Resources'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'files.dnr.state.mn.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 702034230664509594582030478089432368984243441646270968481504223066746435749685327716576692054553447271859841701196108946276116727257758235575036859788367124389161099477586862050106092853802894481191164690652609912238896230463293336674623411994383388623069395545178803992521543873689862973422851818762508054226619698274050105596355926620139905169818241009350580507783800314388748899481191744205682436142441615639625265761780478713043631264257742769685554750888421746883507091011964381851937222103473037006708892221442196545430507002100089602944606799535953269772920103042579503617296359309640766416877070279596588571557603511828537365629590342601611781747633798560895571826061493134912528773837559526312387365857520072397555275538938842765273738362091403698459697041895375239041005158750363637853887331765846980261513493146811012410102929675528405677822082142617255962188604928589742597363878434491376490292647340341797879528689794468726547232327034734471710144454495023225173382523469678739188970818509885631311680810317810807112880092000397659097658483667854453198365623806592607222621323871273022013899298201529657453377136338260184337508256244933372083122194981876385777995426426434887866027282917115658179408108896225105813915297
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f5be8bf7dd83a1ea9abcdaaf654a70be7028e23b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'files.dnr.state.mn.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.files.dnr.state.mn.us'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000181ba962cf4000004030047304502200d3d1ecf6884986d212acc572a01254bdd9beb0d19a8561eebc6b7734fe6beaa022100e77eb57907b582090d8f4d0a6c4576e17ff9dd907db109574f953e77e0a3586b0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000181ba962c920000040300473045022100a552693332b17037bf3ea91c4bb4833e05d6e31350d04b92e60e20f8a812ce8f022049ede1d77e6689e1247981a54411d3e38cf09e15d34166c2c42982a29da8e7aa0075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000181ba962cc0000004030046304402206a884e6624cfb1feeed0b4e8c5a22f610f93699fae56232e4489bed3a20de4450220100cc52f2c3297b39177d24c48e6e9ca45feeae3d29d59188c0e5e8b953c8afa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0085c4283bfa27a994d07fc951c79af91cbce7d9d6a8462d2d560449ba715bfa6d32a745a8b84a476b38bd94c067eb56d0bb179e4c88ab4e8854beeb783002977856a642558da3b0fbfdd1876f098e5861a2e980eafa17bd3c631e27eb39ef6d46d4466e534adbcfd443ed4cede490233c057e3fa86294ad18ce8be4cbcbae094390d865ba24cddfb6518437f58298db4a900377c6b9224369960b8b94ab2982f6ead01a3b0a8b614591e6d3e8d72ebd729497d2bb0e3d20bb2dbe2196095acec90eb643b222dbf7db660bec8de4a26bd97c3aa20d0fffa2baa36bf82beb886392fae1f1211cf32a3ef64758470dff6c1475b896f1a94618f2578761b82e08e858