twitch.map.fastly.net

- Fastly, Inc. -

Issued by GlobalSign CloudSSL CA - SHA256 - G3

About this certificate

This digital certificate with serial number 18:6f:6f:6c:b1:98:0d:5a:df:d9:57:53 was issued on by GlobalSign nv-sa.

With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Fastly, Inc.

Organization: Fastly, Inc.
State / Province: California
Locality: San Francisco
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 18:6f:6f:6c:b1:98:0d:5a:df:d9:57:53
Serial Number (int): 7562357189414457004164470611
Serial Number lenght: 93 bits, 12 octets

SubjectKeyId: 81:82:e2:2f:1d:92:f5:dd:63:a3:c7:1c:a3:ed:24:53:e1:6a:56:ce
AuthorityKeyId: a9:2b:87:e1:ce:24:47:3b:1b:bf:cf:85:37:02:55:9d:0d:94:58:e6

Fingerprint (sha1): 5d:48:55:b1:44:84:3d:9e:7b:83:99:1f:a3:6b:ec:d2:80:f7:0f:eb
Fingerprint (sha256): 02:59:1d:44:e6:cb:fd:23:fc:61:69:71:c7:e7:55:98:47:3b:2c:0c:8a:66:2a:33:47:87:ea:de:f5:b3:7b:11

Issuing Certificate URL: http://secure.globalsign.com/cacert/cloudsslsha2g3.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/cloudsslsha2g3

Check the revocation status for certificate twitch.map.fastly.net

16

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for twitch.map.fastly.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

twitch.map.fastly.net
*.fastly.live.hls.ttvnw.net
*.jtvnw.net
*.justin.tv
*.ttvnw.net
*.twitch-shadow.net
*.twitch.tv
*.twitchcdn-shadow.net
*.twitchcdn-staging.tech
*.twitchcdn.net
*.twitchcon.com
*.twitchsvc-shadow.net
*.twitchsvc-staging.tech
*.twitchsvc.net
fastly.vod.hls.ttvnw.net
twitch.tv

Other certificates including the domain name twitch.map.fastly.net

(limited to 100 certificates)
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net
twitch.map.fastly.net

Certificate

The complete raw certificate details for twitch.map.fastly.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHBTCCBe2gAwIBAgIMGG9vbLGYDVrf2VdTMA0GCSqGSIb3DQEBCwUAMFcxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRH
bG9iYWxTaWduIENsb3VkU1NMIENBIC0gU0hBMjU2IC0gRzMwHhcNMTgwNjEyMjMx
MjA2WhcNMTgwODEyMTgyNDU0WjBxMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs
aWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMRmFzdGx5
LCBJbmMuMR4wHAYDVQQDDBV0d2l0Y2gubWFwLmZhc3RseS5uZXQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi7RxiLCFI7DqXF3V2wE3eM7UgwhQNKKTN
tvRGrB7j3ZOugr4I5NXVw61SWVsnyuRyDl2/EJnW/a6APGiPs/09baGRiT+hQCf9
5v5WnI0Qm7mtIkQxxwX6O4S+VXjCH7ccl4rGf7GV2tHOD4Bi6Iz95CTdStlJgPbc
N3JEMFxrtq7rIDbNfK+hvr2nve3yEQeswLlHT2p0h4B9b44FCYj2Xyo7/WrWJbVD
nUBJor9JFJsX3R1NMFpBhyuXNKFAz0dv/A/+KqXYNu+gCBSWhavpMub8yZRt/ij2
o6eh0BMnI99sAwlrwSPuLi0oujYU0PfEI2fjIB22ZNNlz1r8O1nXAgMBAAGjggO1
MIIDsTAOBgNVHQ8BAf8EBAMCBaAwgYoGCCsGAQUFBwEBBH4wfDBCBggrBgEFBQcw
AoY2aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvY2xvdWRzc2xz
aGEyZzMuY3J0MDYGCCsGAQUFBzABhipodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5j
b20vY2xvdWRzc2xzaGEyZzMwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggr
BgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8w
CAYGZ4EMAQICMAkGA1UdEwQCMAAwggFGBgNVHREEggE9MIIBOYIVdHdpdGNoLm1h
cC5mYXN0bHkubmV0ghsqLmZhc3RseS5saXZlLmhscy50dHZudy5uZXSCCyouanR2
bncubmV0ggsqLmp1c3Rpbi50doILKi50dHZudy5uZXSCEyoudHdpdGNoLXNoYWRv
dy5uZXSCCyoudHdpdGNoLnR2ghYqLnR3aXRjaGNkbi1zaGFkb3cubmV0ghgqLnR3
aXRjaGNkbi1zdGFnaW5nLnRlY2iCDyoudHdpdGNoY2RuLm5ldIIPKi50d2l0Y2hj
b24uY29tghYqLnR3aXRjaHN2Yy1zaGFkb3cubmV0ghgqLnR3aXRjaHN2Yy1zdGFn
aW5nLnRlY2iCDyoudHdpdGNoc3ZjLm5ldIIYZmFzdGx5LnZvZC5obHMudHR2bncu
bmV0ggl0d2l0Y2gudHYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G
A1UdDgQWBBSBguIvHZL13WOjxxyj7SRT4WpWzjAfBgNVHSMEGDAWgBSpK4fhziRH
Oxu/z4U3AlWdDZRY5jCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3ALvZ37wfinG1
k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABY/ZFUjEAAAQDAEgwRgIhAI7Vvzmw
lFT/AjM53RMN4IfcuxMDvfXv3uV1G/X/XblfAiEAhfA2LO/7wgIrRtbwQ9W1E6oq
XkF+d9iecbnii0EjB9YAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZ
EwAAAWP2RU4dAAAEAwBGMEQCIE0tGTZuUTUBd5FPwvDFjPZzmCNSuN+XqUymLBuv
l4LpAiBEIptCZrEhU3LViCtV7IHCDjV7KLO8RjUQWKwrHmHTlTANBgkqhkiG9w0B
AQsFAAOCAQEAGr3bA0Yg6sn4zTv8r+t9x0NVGaRjZf9MixTBAXcQkH8aPggUCpmK
B1CcnBH3jMGr/O1/XobQOUcRffgqLB/PIsqFV+LQrx3EdamhWyQUBoaQyt83DOAi
QEfEiQRkMtqOmaYEv/kYY/BeTNk0X2zPB3GsF0YpKpS4ja2jdctFnlVkjYdpdeIE
iO0qSMZK3bDHH1UgXfcU1X9piO+e1zL26tmBTv+f0hgFIFAInD4Ye9KkhOVM2Kte
GQHUIuN5WKqHEgt0Da2PW8MI5/6QJSNZhr8eNBYiOPq9lvPcIj9MeQR2B3cof7xB
Y0Ijt40pO2YlhIr533ZeuiA1zlkg8UHBLg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou0cYiwhSOw6lxd1dsBN
3jO1IMIUDSikzbb0Rqwe492TroK+COTV1cOtUllbJ8rkcg5dvxCZ1v2ugDxoj7P9
PW2hkYk/oUAn/eb+VpyNEJu5rSJEMccF+juEvlV4wh+3HJeKxn+xldrRzg+AYuiM
/eQk3UrZSYD23DdyRDBca7au6yA2zXyvob69p73t8hEHrMC5R09qdIeAfW+OBQmI
9l8qO/1q1iW1Q51ASaK/SRSbF90dTTBaQYcrlzShQM9Hb/wP/iql2DbvoAgUloWr
6TLm/MmUbf4o9qOnodATJyPfbAMJa8Ej7i4tKLo2FND3xCNn4yAdtmTTZc9a/DtZ
1wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7562357189414457004164470611
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign CloudSSL CA - SHA256 - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-12 23:12:06 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-12 18:24:54 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Fastly, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'twitch.map.fastly.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20567529133780763893468470376568447705808189176880562721889542689074882844187552328371148635035532377752469282402369527820174358592338066164074325767476135253262606857223834434723107176513956268719008818279563898173157646323641354751581977522194852140578557506226785967241274831588850713027733123582071272690176912696329240000999162091953138105766479345752162186100551386799042323456221712072784888809324379820589257202867128545292602908726428853548559971928347634959438256970765426993604267037556703177991701364340747519826606809424571930634790089291610419353005257786442719301850533226795496503293595022884005960151
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/cloudsslsha2g3.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/cloudsslsha2g3'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (317 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twitch.map.fastly.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fastly.live.hls.ttvnw.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jtvnw.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.justin.tv'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ttvnw.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitch-shadow.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitch.tv'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchcdn-shadow.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchcdn-staging.tech'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchcdn.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchcon.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchsvc-shadow.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchsvc-staging.tech'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.twitchsvc.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fastly.vod.hls.ttvnw.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twitch.tv'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8182e22f1d92f5dd63a3c71ca3ed2453e16a56ce
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a92b87e1ce24473b1bbfcf853702559d0d9458e6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000163f645523100000403004830460221008ed5bf39b09454ff023339dd130de087dcbb1303bdf5efdee5751bf5ff5db95f02210085f0362ceffbc2022b46d6f043d5b513aa2a5e417e77d89e71b9e28b412307d60075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000163f6454e1d000004030046304402204d2d19366e51350177914fc2f0c58cf673982352b8df97a94ca62c1baf9782e9022044229b4266b1215372d5882b55ec81c20e357b28b3bc46351058ac2b1e61d395
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001abddb034620eac9f8cd3bfcafeb7dc7435519a46365ff4c8b14c1017710907f1a3e08140a998a07509c9c11f78cc1abfced7f5e86d03947117df82a2c1fcf22ca8557e2d0af1dc475a9a15b2414068690cadf370ce0224047c489046432da8e99a604bff91863f05e4cd9345f6ccf0771ac1746292a94b88dada375cb459e55648d876975e20488ed2a48c64addb0c71f55205df714d57f6988ef9ed732f6ead9814eff9fd218052050089c3e187bd2a484e54cd8ab5e1901d422e37958aa87120b740dad8f5bc308e7fe9025235986bf1e34162238fabd96f3dc223f4c7904760777287fbc41634223b78d293b6625848af9df765eba2035ce5920f141c12e