secure.novica.com
- Novica United Inc. -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 01:eb:93:20:d3:bb:2b:fb:d4:b9:71:0a:a1:a4:13:a8 was issued on by DigiCert Inc.
With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Novica United Inc.
Organization:
Novica United Inc.
Organization unit: IT
Organization unit: IT
State / Province:
California
Locality: Santa Monica
Country: US
Locality: Santa Monica
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:eb:93:20:d3:bb:2b:fb:d4:b9:71:0a:a1:a4:13:a8Serial Number (int): 2552401872581151525411275086640714664
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 99:4d:a4:51:20:9c:c7:20:a6:2d:c1:69:45:e5:8e:8e:bd:13:b0:dd
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): a2:23:09:05:f3:9b:a7:bf:d3:b5:98:d1:c1:0f:46:6d:fc:e0:88:58
Fingerprint (sha256): 02:00:54:27:a5:f0:16:b0:16:3f:31:e7:e8:6f:c1:e4:ba:6d:f3:12:3e:77:b0:92:b2:4e:39:08:d8:08:c3:2c
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g1.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g1.crl
Check the revocation status for certificate secure.novica.com
17
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for secure.novica.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
secure.novica.com
market.unicefusa.org
secure.greatergood.com
www.novica.com
novica.com
extranet.novica.com
webserver1.novica.com
api.novica.com
secure.shop.unicef.org.uk
secure.market.unicef.org.uk
market.unicef.org.uk
www.artisan-gifts.com
artisan-gifts.com
store.kiva.org
secure.store.kiva.org
portal.novica.com
www.market.unicefusa.org
market.unicefusa.org
secure.greatergood.com
www.novica.com
novica.com
extranet.novica.com
webserver1.novica.com
api.novica.com
secure.shop.unicef.org.uk
secure.market.unicef.org.uk
market.unicef.org.uk
www.artisan-gifts.com
artisan-gifts.com
store.kiva.org
secure.store.kiva.org
portal.novica.com
www.market.unicefusa.org
Other certificates including the domain name novica.com
(limited to 100 certificates)
secure.novica.com
secure.novica.com
secure.novica.com
partners.novica.com
secure.novica.com
login.novica.com
origin.news.novica.com
*.novica.com
extranet.novica.com
login.novica.com
m.novica.com
go.novica.com
secure.novica.com
partners.novica.com
secure.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
webserver1.novica.com
mj.novica.com
novica.com
go.novica.com
novica.com
secure.novica.com
secure.novica.com
partners.novica.com
extranet.novica.com
origin.news.novica.com
extranet.novica.com
partners.novica.com
secure.novica.com
dev.blog.novica.com
secure.novica.com
partners.novica.com
go.novica.com
novica.com
novica.ca
novica.com
novica.com
partners.novica.com
secure.novica.com
dev.blog.novica.com
yspxar.novica.com
novica.com
secure.novica.com
secure.novica.com
secure.novica.com
go.novica.com
origin.news.novica.com
go.novica.com
rs.novica.com
novica.com
go.novica.com
origin.news.novica.com
secure.novica.com
secure.novica.com
origin.news.novica.com
secure.novica.com
*.novica.com
secure.novica.com
secure.novica.com
origin-blog.novica.com
dev.blog.novica.com
support.novica.com
dev.blog.novica.com
partners.novica.com
secure.novica.com
secure.novica.com
secure.novica.com
novica.com
rs.novica.com
secure.novica.com
yspxar.novica.com
secure.novica.com
secure.novica.com
origin.news.novica.com
origin-blog.novica.com
extranet.novica.com
data.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
undiscovered.novica.com
secure.novica.com
secure.novica.com
secure.novica.com
pics.novica.com
novica.ca
secure.novica.com
support.novica.com
yspxar.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
go.novica.com
secure.novica.com
pics.novica.com
extranet.novica.com
extranet.novica.com
webserver1.novica.com
secure.novica.com
secure.novica.com
partners.novica.com
secure.novica.com
login.novica.com
origin.news.novica.com
*.novica.com
extranet.novica.com
login.novica.com
m.novica.com
go.novica.com
secure.novica.com
partners.novica.com
secure.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
webserver1.novica.com
mj.novica.com
novica.com
go.novica.com
novica.com
secure.novica.com
secure.novica.com
partners.novica.com
extranet.novica.com
origin.news.novica.com
extranet.novica.com
partners.novica.com
secure.novica.com
dev.blog.novica.com
secure.novica.com
partners.novica.com
go.novica.com
novica.com
novica.ca
novica.com
novica.com
partners.novica.com
secure.novica.com
dev.blog.novica.com
yspxar.novica.com
novica.com
secure.novica.com
secure.novica.com
secure.novica.com
go.novica.com
origin.news.novica.com
go.novica.com
rs.novica.com
novica.com
go.novica.com
origin.news.novica.com
secure.novica.com
secure.novica.com
origin.news.novica.com
secure.novica.com
*.novica.com
secure.novica.com
secure.novica.com
origin-blog.novica.com
dev.blog.novica.com
support.novica.com
dev.blog.novica.com
partners.novica.com
secure.novica.com
secure.novica.com
secure.novica.com
novica.com
rs.novica.com
secure.novica.com
yspxar.novica.com
secure.novica.com
secure.novica.com
origin.news.novica.com
origin-blog.novica.com
extranet.novica.com
data.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
undiscovered.novica.com
secure.novica.com
secure.novica.com
secure.novica.com
pics.novica.com
novica.ca
secure.novica.com
support.novica.com
yspxar.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
go.novica.com
secure.novica.com
pics.novica.com
extranet.novica.com
extranet.novica.com
webserver1.novica.com
Certificate
The complete raw certificate details for secure.novica.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIgjCCB2qgAwIBAgIQAeuTINO7K/vUuXEKoaQTqDANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMDA5MDAwMDAwWhcN MTgxMTA3MTIwMDAwWjB/MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p YTEVMBMGA1UEBxMMU2FudGEgTW9uaWNhMRswGQYDVQQKExJOb3ZpY2EgVW5pdGVk IEluYy4xCzAJBgNVBAsTAklUMRowGAYDVQQDExFzZWN1cmUubm92aWNhLmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKOuMSVN22y5R00DYblbR/i2 S0Sz8GiWm+F9Phveoz7NXjtIni3XL7lL+go075eUfGplU0jrSRs96+zPzW5z3fFe EX9oedCeOY8oZJnH/4UCx3GSXi0ixinsYFdzb8uaW+mAzHlbExISAuqzwl+y+5LD NAmwzYLg6U9Y3z9ZysPSVaEjdVFZFzjAuCSez/x6N3IJbrnuvgbOrYBCvVm3qc1S cezZ4XRy9N7Q67mmBda53KkbrurDD+JP1ilOx74YrQsVylj2Z6F6tsJILRgCOB2M U7queB/gMzCm6JoiT7pTMDGBX1lw0b7/IyQ/sB35yZY84WdVEg7FI7Tj0S72wKMC AwEAAaOCBSowggUmMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0G A1UdDgQWBBSZTaRRIJzHIKYtwWlF5Y6OvROw3TCCAXIGA1UdEQSCAWkwggFlghFz ZWN1cmUubm92aWNhLmNvbYIUbWFya2V0LnVuaWNlZnVzYS5vcmeCFnNlY3VyZS5n cmVhdGVyZ29vZC5jb22CDnd3dy5ub3ZpY2EuY29tggpub3ZpY2EuY29tghNleHRy YW5ldC5ub3ZpY2EuY29tghV3ZWJzZXJ2ZXIxLm5vdmljYS5jb22CDmFwaS5ub3Zp Y2EuY29tghlzZWN1cmUuc2hvcC51bmljZWYub3JnLnVrghtzZWN1cmUubWFya2V0 LnVuaWNlZi5vcmcudWuCFG1hcmtldC51bmljZWYub3JnLnVrghV3d3cuYXJ0aXNh bi1naWZ0cy5jb22CEWFydGlzYW4tZ2lmdHMuY29tgg5zdG9yZS5raXZhLm9yZ4IV c2VjdXJlLnN0b3JlLmtpdmEub3JnghFwb3J0YWwubm92aWNhLmNvbYIYd3d3Lm1h cmtldC51bmljZWZ1c2Eub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMu ZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nMS5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0 LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzEuY3JsMEwGA1UdIARFMEMwNwYJYIZI AYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D UFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5k aWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1Ud EwEB/wQCMAAwggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB2AKS5CZC0GFgUh7sT osxncAo8NZgE+RvfuON3zQ7IDdwQAAABXwHZ0tMAAAQDAEcwRQIhAJmjlFasO2En wiV1uWCukQP97dvTcnskfaNhcU1X9e5uAiAGX6TVdnrnpHbGYrXGh17+Yeab6O8K 1+4jFfJDQpXNOAB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAAB XwHZ07EAAAQDAEYwRAIgd2DoCcezGlwwKAegdVzxZGzGo3cRIahajKsbX+SmkmIC IDHuTzqlngIB5wTxIQgqpI0eKMkM960FGlxebrfm5241AHYA7ku9t3XOYLrhQmkf q+GeZqMPfl+wctiDAMR7iXqo/csAAAFfAdnVzQAABAMARzBFAiEA+Uyj5sgDdmE5 PGJ75gdy2r5PRuvdlbMHa7YJEuqQchUCIEdo2Xi0JFmrPHzJLFjIte3la/351n3/ ZPB1BlCf7z75AHcAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFf AdnTigAABAMASDBGAiEAuF29AFRLinVBl899yE1mT2s2UDjKUd2UFm3Aw8EdorMC IQC795CYlU7JVz/rkhWlVHyKvkeVOYbVKPERL5JfGtPXBjANBgkqhkiG9w0BAQsF AAOCAQEAzUk4LYtywY8qkcqxrgtk8EzMIx4UG86ddhzKGf9ujYEyxXokxUA2svZl CuX8sfPg1fi7RAQFtuy/NfamPvem2IsNNYjHX2wfNZoXZANAIrUFAjAWTH8+S3+K E2/7RVMfdE4C9jANWQuWFiZWsxz0ngHOGCqzFjtIvHJ8f0QNXBAr+qt/MpjuKRlO b33zCPjiMOW6jH2ttUhWpjN4GwYmDjs8oriBT5A5dLoaFd0zch8/G5JGIwQTkKLr oDSkEsHBhQCdJJAK43Kcxhg2//EgcOWth7KsGLWVUfScv05aYG7SFZlfw+F5HrId dRaKGN2SmiqIC+UB4n7lcRojFzdBTQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo64xJU3bbLlHTQNhuVtH +LZLRLPwaJab4X0+G96jPs1eO0ieLdcvuUv6CjTvl5R8amVTSOtJGz3r7M/NbnPd 8V4Rf2h50J45jyhkmcf/hQLHcZJeLSLGKexgV3Nvy5pb6YDMeVsTEhIC6rPCX7L7 ksM0CbDNguDpT1jfP1nKw9JVoSN1UVkXOMC4JJ7P/Ho3cgluue6+Bs6tgEK9Wbep zVJx7NnhdHL03tDruaYF1rncqRuu6sMP4k/WKU7HvhitCxXKWPZnoXq2wkgtGAI4 HYxTuq54H+AzMKbomiJPulMwMYFfWXDRvv8jJD+wHfnJljzhZ1USDsUjtOPRLvbA owIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2552401872581151525411275086640714664 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-07 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Santa Monica' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Novica United Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.novica.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20662740974004653605109269911428209070145834666088220154807383655798052310475103851808431384452542039643425578261477402588900157060846632341558094090749172954384405885736527392204853558096842183128232038741963310964535141756304141338375449422858527032126536859159437616931778212700184825822070290226988665854808113325786539722526165818730263717269002550148794759796100189597754604867055045848835355041481222233924407413632867800769831519509147073270825316931013528633707516331585051796240449134477632229308466545768918992092293753544953721302982846960975778835332419800928047878820088779884344653852079403487058116771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 994da451209cc720a62dc16945e58e8ebd13b0dd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'market.unicefusa.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.greatergood.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webserver1.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.shop.unicef.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.market.unicef.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'market.unicef.org.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.artisan-gifts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisan-gifts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.kiva.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.store.kiva.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.novica.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.market.unicefusa.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes) 01e0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015f01d9d2d3000004030047304502210099a39456ac3b6127c22575b960ae9103fdeddbd3727b247da361714d57f5ee6e0220065fa4d5767ae7a476c662b5c6875efe61e69be8ef0ad7ee2315f2434295cd380075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015f01d9d3b1000004030046304402207760e809c7b31a5c302807a0755cf1646cc6a3771121a85a8cab1b5fe4a69262022031ee4f3aa59e0201e704f121082aa48d1e28c90cf7ad051a5c5e6eb7e6e76e35007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015f01d9d5cd0000040300473045022100f94ca3e6c8037661393c627be60772dabe4f46ebdd95b3076bb60912ea90721502204768d978b42459ab3c7cc92c58c8b5ede56bfdf9d67dff64f07506509fef3ef9007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015f01d9d38a0000040300483046022100b85dbd00544b8a754197cf7dc84d664f6b365038ca51dd94166dc0c3c11da2b3022100bbf79098954ec9573feb9215a5547c8abe47953986d528f1112f925f1ad3d706 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00cd49382d8b72c18f2a91cab1ae0b64f04ccc231e141bce9d761cca19ff6e8d8132c57a24c54036b2f6650ae5fcb1f3e0d5f8bb440405b6ecbf35f6a63ef7a6d88b0d3588c75f6c1f359a1764034022b5050230164c7f3e4b7f8a136ffb45531f744e02f6300d590b96162656b31cf49e01ce182ab3163b48bc727c7f440d5c102bfaab7f3298ee29194e6f7df308f8e230e5ba8c7dadb54856a633781b06260e3b3ca2b8814f903974ba1a15dd33721f3f1b924623041390a2eba034a412c1c185009d24900ae3729cc61836fff12070e5ad87b2ac18b59551f49cbf4e5a606ed215995fc3e1791eb21d75168a18dd929a2a880be501e27ee5711a231737414d