carddesigner.visa.com
- Visa Inc. -
Issued by SSL.com RSA SSL subCA
About this certificate
This digital certificate with serial number 4f:28:52:cb:45:21:a7:67:eb:68:7f:75:96:9c:85:0f was issued on by SSL Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Visa Inc.
Organization:
Visa Inc.
State / Province:
California
Locality: Foster City
Country: US
Locality: Foster City
Country: US
SSL Corporation
Organization:
SSL Corporation
State / Province:
Texas
Locality: Houston
Country: US
Locality: Houston
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 4f:28:52:cb:45:21:a7:67:eb:68:7f:75:96:9c:85:0fSerial Number (int): 105218382803649387679077592246458811663
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 26:14:7e:e0:dc:d7:a6:f7:e2:d4:04:27:df:61:f1:c2:ec:e7:32:ca
Fingerprint (sha1): 73:58:71:ec:e3:0a:dd:30:41:24:bf:26:3c:4e:77:ee:15:b6:4d:e8
Fingerprint (sha256): 02:1f:86:f3:27:1a:3f:df:75:9a:9d:5d:03:3a:83:92:0e:e0:a0:d7:28:d8:9b:b4:a2:b0:d8:60:89:77:7f:ee
Issuing Certificate URL: http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl
Check the revocation status for certificate carddesigner.visa.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for carddesigner.visa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
carddesigner.visa.com
www.carddesigner.visa.com
www.carddesigner.visa.com
Other certificates including the domain name visa.com
(limited to 100 certificates)
origin.icl.visa.com
myvisacard.stage.visa.com
reward.qa.paris.visa.com
SW730CPAPRODWEB00.visa.com
card.visa.com
intellilink.spendmanagement.visa.com
cert.tgs-credential-collection.visa.com
qa-mas.vpl.visa.com
www.bd.visa.com
baas.vbs.visa.com
sandbox.alias.visa.com
epm.lacbenefits.visa.com
pit.3dsecure.net
multinationalpremiumsolutions.visa.com
cte.mobileapp.apcemea.visa.com
GlobalCustomerAssistanceService.trusted.visa.com
ocsp.visa.com
qa.promotions.visa.com
hn.review.visa.com
qa.vis.informationmanagement.visa.com
resource.message.card.visa.com
international.visa.com
vis.tdp.visa.com
ag.review.visa.com
sni.cloudflaressl.com
gimt.cte.visaonline.com
sbx.purchasealerts.visa.com
global.review.visa.com
intellilink.spendmanagement.visa.com
qa02.rtm.visa.com
privacy.visa.com
mte.rtm.visa.com
viva.visa.com
o365auth.visa.com
globalpage.visa.com
sandbox.checkout.visa.com
api.intellilink.spendmanagement.visa.com
portal1i.visa.com
mssip.visa.com
xpollens.prod.paris.visa.com
impactlabtest.visa.com
smailexp.trusted.visa.com
merchantsignageap.visa.com
carddesigner.visa.com
bb.review.visa.com
sandbox.cloudpos.digital.visa.com
publicsearch.visa.com
mtf-mastercard-visatokenservicesout.visa.com
adfs.trusted.visa.com
cert.conferma.visa.com
merchantsignageglobal.visa.com
ai.review.visa.com
admin.dev.paris.visa.com
conferma.visa.com
africa.visa.com
ipservicescert.visa.com
alertsadm.visa.com
servicesgateway.visa.com
jm.review.visa.com
sni.cloudflaressl.com
design.visa.com
isa.sandbox.consumerapi.digital.visa.com
drp.visaonline.com
cemea.review.visa.com
vdnagateway.cte.visa.com
staging.mobileapp.apcemea.visa.com
travel.visa.com
*.corpdev.visa.com
qa.informationmanagement.visa.com
v3dstestsuite.3dsecure.net
www.africa.visa.com
barclays.qa.intellilink.visa.com
azuressomerrillProd.trusted.visa.com
www.myanmar.visa.com
ar.review.visa.com
sbx.notification-services.visa.com
globalclient.visa.com
members.visa.com
aacert.alias.visa.com
visa.com.br
www.bm.visa.com
hn.review.visa.com
canary.visa.com
federation.checkout.visa.com
assets.secure.checkout.visa.com
sw720mtgplc6.trusted.visa.com
verifiapitest.visa.com
ics2wstesta.ic3.com
myanmar.visa.com
staging.mepa.visa.com
merchantsignageglobal.visa.com
filexchange.visa.com
do.review.visa.com
loyalty.visa.com
qa02.rtm.visa.com
ics2wsa.ic3.com
cert.alias.visa.com
barclays.qa.intellilink.visa.com
www.visa.com
*.myvisacard.stage.visa.com
myvisacard.stage.visa.com
reward.qa.paris.visa.com
SW730CPAPRODWEB00.visa.com
card.visa.com
intellilink.spendmanagement.visa.com
cert.tgs-credential-collection.visa.com
qa-mas.vpl.visa.com
www.bd.visa.com
baas.vbs.visa.com
sandbox.alias.visa.com
epm.lacbenefits.visa.com
pit.3dsecure.net
multinationalpremiumsolutions.visa.com
cte.mobileapp.apcemea.visa.com
GlobalCustomerAssistanceService.trusted.visa.com
ocsp.visa.com
qa.promotions.visa.com
hn.review.visa.com
qa.vis.informationmanagement.visa.com
resource.message.card.visa.com
international.visa.com
vis.tdp.visa.com
ag.review.visa.com
sni.cloudflaressl.com
gimt.cte.visaonline.com
sbx.purchasealerts.visa.com
global.review.visa.com
intellilink.spendmanagement.visa.com
qa02.rtm.visa.com
privacy.visa.com
mte.rtm.visa.com
viva.visa.com
o365auth.visa.com
globalpage.visa.com
sandbox.checkout.visa.com
api.intellilink.spendmanagement.visa.com
portal1i.visa.com
mssip.visa.com
xpollens.prod.paris.visa.com
impactlabtest.visa.com
smailexp.trusted.visa.com
merchantsignageap.visa.com
carddesigner.visa.com
bb.review.visa.com
sandbox.cloudpos.digital.visa.com
publicsearch.visa.com
mtf-mastercard-visatokenservicesout.visa.com
adfs.trusted.visa.com
cert.conferma.visa.com
merchantsignageglobal.visa.com
ai.review.visa.com
admin.dev.paris.visa.com
conferma.visa.com
africa.visa.com
ipservicescert.visa.com
alertsadm.visa.com
servicesgateway.visa.com
jm.review.visa.com
sni.cloudflaressl.com
design.visa.com
isa.sandbox.consumerapi.digital.visa.com
drp.visaonline.com
cemea.review.visa.com
vdnagateway.cte.visa.com
staging.mobileapp.apcemea.visa.com
travel.visa.com
*.corpdev.visa.com
qa.informationmanagement.visa.com
v3dstestsuite.3dsecure.net
www.africa.visa.com
barclays.qa.intellilink.visa.com
azuressomerrillProd.trusted.visa.com
www.myanmar.visa.com
ar.review.visa.com
sbx.notification-services.visa.com
globalclient.visa.com
members.visa.com
aacert.alias.visa.com
visa.com.br
www.bm.visa.com
hn.review.visa.com
canary.visa.com
federation.checkout.visa.com
assets.secure.checkout.visa.com
sw720mtgplc6.trusted.visa.com
verifiapitest.visa.com
ics2wstesta.ic3.com
myanmar.visa.com
staging.mepa.visa.com
merchantsignageglobal.visa.com
filexchange.visa.com
do.review.visa.com
loyalty.visa.com
qa02.rtm.visa.com
ics2wsa.ic3.com
cert.alias.visa.com
barclays.qa.intellilink.visa.com
www.visa.com
*.myvisacard.stage.visa.com
Certificate
The complete raw certificate details for carddesigner.visa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHYjCCBUqgAwIBAgIQTyhSy0Uhp2fraH91lpyFDzANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg U1NMIHN1YkNBMB4XDTIzMTIyNzE3NTg1MFoXDTI0MTIyNjE3NTg1MFowbDELMAkG A1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAcMC0Zvc3RlciBD aXR5MRIwEAYDVQQKDAlWaXNhIEluYy4xHjAcBgNVBAMMFWNhcmRkZXNpZ25lci52 aXNhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANXgTXsosdt8 lWTFJc5kBJjHSUdW6dxBChJFF7Cz4J0T4S7BLLFavFZ2qgcBct/EvnKu9wrfZIn1 g/ZrYLL7Ur/9+z+4egoCH5RQ5j2PDaqa9KxBhEYoYPLWqvKPtmcF65zYrqMpzUoG Fydeo0iartJL6DYa7WsOHhXufK6EHJv0nQYotTRfa27A5j1PLOCQEWYlx96sZWHw 06gGjjhHJXWmvytyjIEePb9YlwmKN7LsOf4rIic15J7aR7UTkePPNDbl8oPw2PBb 8R6BC5xGM/NhXNsUXsugLNTozlbQ+QG5kel60+MhWHegtRPev60LCUsXQAn+Wqnk nseIvQcTxFMCAwEAAaOCAwEwggL9MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU JhR+4NzXpvfi1AQn32HxwuznMsowcgYIKwYBBQUHAQEEZjBkMEAGCCsGAQUFBzAC hjRodHRwOi8vY2VydC5zc2wuY29tL1NTTGNvbS1TdWJDQS1TU0wtUlNBLTQwOTYt UjEuY2VyMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTA7BgNVHREE NDAyghVjYXJkZGVzaWduZXIudmlzYS5jb22CGXd3dy5jYXJkZGVzaWduZXIudmlz YS5jb20wIwYDVR0gBBwwGjAIBgZngQwBAgIwDgYMKwYBBAGCqTABAwECMB0GA1Ud JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBFBgNVHR8EPjA8MDqgOKA2hjRodHRw Oi8vY3Jscy5zc2wuY29tL1NTTGNvbS1TdWJDQS1TU0wtUlNBLTQwOTYtUjEuY3Js MA4GA1UdDwEB/wQEAwIFoDCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHcA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMrHcVigAABAMASDBGAiEA 6dfwqvBisaBDylhBJIT5ClYJhedz7y+e3fHaJLJcxkcCIQCTAheir4siujXp/Qfl RCFuPRTSoEjedI8YKEB7EJTuJwB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k PTBI1/urAAABjKx3FbYAAAQDAEcwRQIhAI+2gsa4WOvZ3i54NKh5E1nnIXXO7sqY EEk5cntEjs9cAiAJFvshRTYTtpn8bLwBugbJk/MmMH4zfF59RLQEGv+jGgB1AHb/ iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjKx3FbIAAAQDAEYwRAIg e9gexDBDIhMu5/ZAof2btG1vjCg5/DvbFQW3HK7w+S0CIFUOlPkLrK3PxPe4uU0O F1zt3QziehlGdJurM7yMf2nqMA0GCSqGSIb3DQEBCwUAA4ICAQByPli9v79uIe2d 57V51WksbkRyNJGFBwuGrcLbSh3b2NP1g5EO1CaT+vyCxgJpyBsxfXDX6f3qqfqC b2v7bbgyUVagRgf8fck0RYj9kv4p9cRckqdbDmkfj2Ye/f4cbk4nuVjTO5OGDfs9 0rsulx70Yz+QL2y3nPBqJ6MGanqzruqiyzOEjoBrGWp3xFn3MzqVEKnaJegu2ph3 xk1FlxP6Tr3MmNJHZbI/AtfbLMsg+Ix+3heo6Uz+HLVef0GFcGRgMGAlUp040Kj1 5iNpU8doMQ7y9ZaxzaTcmQjwsO7PkwvMqEKhso+prBjMfn9SusLfxo+wmDJ3IE02 os7tGYdd9s6thgyK1ZqrTVFBDa+Uf+qB/Pb4hQ6ZvzziD3MAG/oWnZ2ODo/sZINx CYjIz3lHd6qY9Kfnqqf43BZ8Kl/lkyCpNabip/DTuy2unZ88Zvh7Es+92nOdGMGN JYPjziATzACIjsmjeNQGH1y5gySAgBTiP4CSPQ2MTIg84fzvsaH4Mo1Lhm4yL039 G4j1sGhSydWTVzwSlM7oTk1M7fxMFWLadN9g5ZqiFB5ZdrL/W6Ph3jO8i2x7qy6K 5x5t0sklwImC7YKsis61biWmJT1eHHYJ0NOLdZvqewg7uQqAU4JEz2AoAgryimG2 LS9PuUCMqBtxFRTU4lvvpRzF9hTZbA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eBNeyix23yVZMUlzmQE mMdJR1bp3EEKEkUXsLPgnRPhLsEssVq8VnaqBwFy38S+cq73Ct9kifWD9mtgsvtS v/37P7h6CgIflFDmPY8Nqpr0rEGERihg8taq8o+2ZwXrnNiuoynNSgYXJ16jSJqu 0kvoNhrtaw4eFe58roQcm/SdBii1NF9rbsDmPU8s4JARZiXH3qxlYfDTqAaOOEcl daa/K3KMgR49v1iXCYo3suw5/isiJzXkntpHtROR4880NuXyg/DY8FvxHoELnEYz 82Fc2xRey6As1OjOVtD5AbmR6XrT4yFYd6C1E96/rQsJSxdACf5aqeSex4i9BxPE UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 105218382803649387679077592246458811663 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Houston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL.com RSA SSL subCA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-27 17:58:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-26 17:58:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Foster City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Visa Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'carddesigner.visa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26999366722074146456622571278283945116657350708023969368116882147687925347444801645181767316845699592535328210640367273543152171707289782121388141961321656908349164802708908545361824889221407833787659449355613702475246408330226541098798400155055740132879969392867931175406592257071201177611625493814854504795350137345052844247379001183482624643196415439134374241737938511998261845238189353851376891669789609173589347835588145773121712282813099425851997308543869234763343093526839951361406786174392772428496992743544426945660134591173905973502464884690199853011128812758306122351023093321066718844690595931661297501267 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26147ee0dcd7a6f7e2d40427df61f1c2ece732ca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carddesigner.visa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.carddesigner.visa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cac77158a0000040300483046022100e9d7f0aaf062b1a043ca58412484f90a560985e773ef2f9eddf1da24b25cc647022100930217a2af8b22ba35e9fd07e544216e3d14d2a048de748f1828407b1094ee27007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018cac7715b600000403004730450221008fb682c6b858ebd9de2e7834a8791359e72175ceeeca98104939727b448ecf5c02200916fb21453613b699fc6cbc01ba06c993f326307e337c5e7d44b4041affa31a00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cac7715b2000004030046304402207bd81ec4304322132ee7f640a1fd9bb46d6f8c2839fc3bdb1505b71caef0f92d0220550e94f90bacadcfc4f7b8b94d0e175ceddd0ce27a1946749bab33bc8c7f69ea . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00723e58bdbfbf6e21ed9de7b579d5692c6e4472349185070b86adc2db4a1ddbd8d3f583910ed42693fafc82c60269c81b317d70d7e9fdeaa9fa826f6bfb6db8325156a04607fc7dc9344588fd92fe29f5c45c92a75b0e691f8f661efdfe1c6e4e27b958d33b93860dfb3dd2bb2e971ef4633f902f6cb79cf06a27a3066a7ab3aeeaa2cb33848e806b196a77c459f7333a9510a9da25e82eda9877c64d459713fa4ebdcc98d24765b23f02d7db2ccb20f88c7ede17a8e94cfe1cb55e7f4185706460306025529d38d0a8f5e6236953c768310ef2f596b1cda4dc9908f0b0eecf930bcca842a1b28fa9ac18cc7e7f52bac2dfc68fb0983277204d36a2ceed19875df6cead860c8ad59aab4d51410daf947fea81fcf6f8850e99bf3ce20f73001bfa169d9d8e0e8fec6483710988c8cf794777aa98f4a7e7aaa7f8dc167c2a5fe59320a935a6e2a7f0d3bb2dae9d9f3c66f87b12cfbdda739d18c18d2583e3ce2013cc00888ec9a378d4061f5cb98324808014e23f80923d0d8c4c883ce1fcefb1a1f8328d4b866e322f4dfd1b88f5b06852c9d593573c1294cee84e4d4cedfc4c1562da74df60e59aa2141e5976b2ff5ba3e1de33bc8b6c7bab2e8ae71e6dd2c925c08982ed82ac8aceb56e25a6253d5e1c7609d0d38b759bea7b083bb90a80538244cf6028020af28a61b62d2f4fb9408ca81b711514d4e25befa51cc5f614d96c