*.arlis.idm.oclc.org
Issued by OCLC TLS Issuing RSA SubCA R1
About this certificate
This digital certificate with serial number 64:0e:6a:d2:08:35:41:ca:62:6d:76:ad:56:03:f8:3d was issued on by OCLC, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.arlis.idm.oclc.org
OCLC, Inc.
Organization:
OCLC, Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 64:0e:6a:d2:08:35:41:ca:62:6d:76:ad:56:03:f8:3dSerial Number (int): 132997658310383453783922446816858339389
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 20:98:fb:a1:f9:f3:06:85:f2:97:36:22:b4:80:f6:f5:a8:56:8a:30
Fingerprint (sha1): de:f0:c3:c6:53:82:c0:42:36:55:ed:f4:63:96:37:97:6d:18:39:be
Fingerprint (sha256): 02:85:12:da:0a:f0:e2:fa:20:b5:da:9d:7c:9c:a2:4b:73:83:b5:63:ac:81:b2:f7:d6:c4:08:85:9a:42:55:a0
Issuing Certificate URL: http://cert.ssl.com/OCLC-TLS-I-RSA-R1.cer
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/OCLC-TLS-I-RSA-R1.crl
Check the revocation status for certificate *.arlis.idm.oclc.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.arlis.idm.oclc.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.arlis.idm.oclc.org
arlis.idm.oclc.org
arlis.idm.oclc.org
Other certificates including the domain name oclc.org
(limited to 100 certificates)
*.cfra-msa.idm.oclc.org
*.nwcc.idm.oclc.org
*.southseattle.idm.oclc.org
*.iuhu.idm.oclc.org
*.liuc.idm.oclc.org
*.cfra-msa.idm.oclc.org
deweyess.oclc.org
*.greatlibrary.idm.oclc.org
*.apll.idm.oclc.org
*.muhlenberg.idm.oclc.org
*.abington.idm.oclc.org
*.nccu.idm.oclc.org
secure06.stage.lithium.com
*.trevecca.idm.oclc.org
*.twu.idm.oclc.org
*.udlap.idm.oclc.org
*.aic.idm.oclc.org
*.weston.idm.oclc.org
*.cide.idm.oclc.org
*.bchs.idm.oclc.org
*.neomed.idm.oclc.org
*.uiwtx.idm.oclc.org
*.bpcc.idm.oclc.org
*.dartmouth.idm.oclc.org
*.tjportal.idm.oclc.org
*.wcc.idm.oclc.org
*.limcollege.idm.oclc.org
OWA.OCLC.ORG
*.victimresearch.idm.oclc.org
*.greenville.idm.oclc.org
*.dsc.idm.oclc.org
*.fmarion.idm.oclc.org
*.ubu-es.idm.oclc.org
exeter.idm.oclc.org
*.springerpub.idm.oclc.org
*.sanlib.idm.oclc.org
*.tjc.idm.oclc.org
*.zhejianglibr.idm.oclc.org
*.zulib.idm.oclc.org
*.burmanu.idm.oclc.org
*.ccl.idm.oclc.org
*.chifedkc.idm.oclc.org
workday.oclc.org
*.nscad.idm.oclc.org
*.confederation.idm.oclc.org
*.yccc.idm.oclc.org
*.aspenuniversity.idm.oclc.org
*.nu.idm.oclc.org
*.ala.idm.oclc.org
*.mmc.idm.oclc.org
*.akkon-onlinelibrary.idm.oclc.org
*.mclarenmacomb.idm.oclc.org
ftp-bibliotheca.de.oclc.org
*.jjhs.idm.oclc.org
*.gold.idm.oclc.org
*.qvcc.idm.oclc.org
*.omahalibrary.idm.oclc.org
*.nishogakusha-u.idm.oclc.org
*.usu29.idm.oclc.org
*.bakeru.idm.oclc.org
*.cdkc.idm.oclc.org
*.southeast.idm.oclc.org
*.lourdes.idm.oclc.org
*.mvcc.idm.oclc.org
*.fid-avl.idm.oclc.org
*.wcsu.idm.oclc.org
*.hchs.idm.oclc.org
*.aus.idm.oclc.org
*.kuyper.idm.oclc.org
*.testemea.idm.oclc.org
*.uea.idm.oclc.org
*.nnu.idm.oclc.org
*.sanfrancisco.idm.oclc.org
*.szrof.idm.oclc.org
*.fls.idm.oclc.org
*.sri.idm.oclc.org
*.sierranev.idm.oclc.org
*.ozarks.idm.oclc.org
deweyess.oclc.org
*.hodges.idm.oclc.org
*.ncat.idm.oclc.org
*.antioch.idm.oclc.org
*.trevecca.idm.oclc.org
*.wvclibrary.idm.oclc.org
Cmsauthor-ext.oclc.org
*.bucm.idm.oclc.org
*.drexel.idm.oclc.org
*.hshs.idm.oclc.org
*.arlis.idm.oclc.org
*.aaas.idm.oclc.org
*.esf.idm.oclc.org
*.uhsp.idm.oclc.org
*.essec.idm.oclc.org
*.scclosrios.idm.oclc.org
*.salusdental.idm.oclc.org
*.stmarys.idm.oclc.org
*.kl.idm.oclc.org
*.barker.idm.oclc.org
lbs-avans.oclc.org
*.nutn.idm.oclc.org
*.nwcc.idm.oclc.org
*.southseattle.idm.oclc.org
*.iuhu.idm.oclc.org
*.liuc.idm.oclc.org
*.cfra-msa.idm.oclc.org
deweyess.oclc.org
*.greatlibrary.idm.oclc.org
*.apll.idm.oclc.org
*.muhlenberg.idm.oclc.org
*.abington.idm.oclc.org
*.nccu.idm.oclc.org
secure06.stage.lithium.com
*.trevecca.idm.oclc.org
*.twu.idm.oclc.org
*.udlap.idm.oclc.org
*.aic.idm.oclc.org
*.weston.idm.oclc.org
*.cide.idm.oclc.org
*.bchs.idm.oclc.org
*.neomed.idm.oclc.org
*.uiwtx.idm.oclc.org
*.bpcc.idm.oclc.org
*.dartmouth.idm.oclc.org
*.tjportal.idm.oclc.org
*.wcc.idm.oclc.org
*.limcollege.idm.oclc.org
OWA.OCLC.ORG
*.victimresearch.idm.oclc.org
*.greenville.idm.oclc.org
*.dsc.idm.oclc.org
*.fmarion.idm.oclc.org
*.ubu-es.idm.oclc.org
exeter.idm.oclc.org
*.springerpub.idm.oclc.org
*.sanlib.idm.oclc.org
*.tjc.idm.oclc.org
*.zhejianglibr.idm.oclc.org
*.zulib.idm.oclc.org
*.burmanu.idm.oclc.org
*.ccl.idm.oclc.org
*.chifedkc.idm.oclc.org
workday.oclc.org
*.nscad.idm.oclc.org
*.confederation.idm.oclc.org
*.yccc.idm.oclc.org
*.aspenuniversity.idm.oclc.org
*.nu.idm.oclc.org
*.ala.idm.oclc.org
*.mmc.idm.oclc.org
*.akkon-onlinelibrary.idm.oclc.org
*.mclarenmacomb.idm.oclc.org
ftp-bibliotheca.de.oclc.org
*.jjhs.idm.oclc.org
*.gold.idm.oclc.org
*.qvcc.idm.oclc.org
*.omahalibrary.idm.oclc.org
*.nishogakusha-u.idm.oclc.org
*.usu29.idm.oclc.org
*.bakeru.idm.oclc.org
*.cdkc.idm.oclc.org
*.southeast.idm.oclc.org
*.lourdes.idm.oclc.org
*.mvcc.idm.oclc.org
*.fid-avl.idm.oclc.org
*.wcsu.idm.oclc.org
*.hchs.idm.oclc.org
*.aus.idm.oclc.org
*.kuyper.idm.oclc.org
*.testemea.idm.oclc.org
*.uea.idm.oclc.org
*.nnu.idm.oclc.org
*.sanfrancisco.idm.oclc.org
*.szrof.idm.oclc.org
*.fls.idm.oclc.org
*.sri.idm.oclc.org
*.sierranev.idm.oclc.org
*.ozarks.idm.oclc.org
deweyess.oclc.org
*.hodges.idm.oclc.org
*.ncat.idm.oclc.org
*.antioch.idm.oclc.org
*.trevecca.idm.oclc.org
*.wvclibrary.idm.oclc.org
Cmsauthor-ext.oclc.org
*.bucm.idm.oclc.org
*.drexel.idm.oclc.org
*.hshs.idm.oclc.org
*.arlis.idm.oclc.org
*.aaas.idm.oclc.org
*.esf.idm.oclc.org
*.uhsp.idm.oclc.org
*.essec.idm.oclc.org
*.scclosrios.idm.oclc.org
*.salusdental.idm.oclc.org
*.stmarys.idm.oclc.org
*.kl.idm.oclc.org
*.barker.idm.oclc.org
lbs-avans.oclc.org
*.nutn.idm.oclc.org
Certificate
The complete raw certificate details for *.arlis.idm.oclc.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6zCCA1OgAwIBAgIQZA5q0gg1QcpibXatVgP4PTANBgkqhkiG9w0BAQsFADBK MQswCQYDVQQGEwJVUzETMBEGA1UECgwKT0NMQywgSW5jLjEmMCQGA1UEAwwdT0NM QyBUTFMgSXNzdWluZyBSU0EgU3ViQ0EgUjEwHhcNMjMxMDMwMDAxNTE2WhcNMjQx MDI5MDAxNTE2WjAfMR0wGwYDVQQDDBQqLmFybGlzLmlkbS5vY2xjLm9yZzCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3tJveNMYj3ljsGgLVOz+vfFNVg MegcPcSDVgyBei2QuRpgTGf3p2m9mjWLR9jujPZH0dLgLaOAe2cE2LY+moItl2L9 YK56jHdNa7NX5AIyUh2nxjZjdHHC66Qj49nmeOprlVcbY5RthjBXuHuXEtmpJqq1 xFg+XGlgv4zy3UxyYeJMYFes/gUmA/N6jTF2mYA9Z2317fJTaeuD1VlhBNGHp8k6 MCG0nc84rmsmQz0vL0CGwiM+45ChTwl2YE3ZGx88tPeLZ/TMR7JBnSOBgYA4TkOv GyEsCmmJlTIufZ3TtKKrJcEt+UiRFpTMqOVU3h5WeFkQqYil5PpKudmTvw8CAwEA AaOCAXYwggFyMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUIJj7ofnzBoXylzYi tID29ahWijAwZwYIKwYBBQUHAQEEWzBZMDUGCCsGAQUFBzAChilodHRwOi8vY2Vy dC5zc2wuY29tL09DTEMtVExTLUktUlNBLVIxLmNlcjAgBggrBgEFBQcwAYYUaHR0 cDovL29jc3BzLnNzbC5jb20wMwYDVR0RBCwwKoIUKi5hcmxpcy5pZG0ub2NsYy5v cmeCEmFybGlzLmlkbS5vY2xjLm9yZzAjBgNVHSAEHDAaMAgGBmeBDAECATAOBgwr BgEEAYKpMAEDAQEwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDoGA1Ud HwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmxzLnNzbC5jb20vT0NMQy1UTFMtSS1SU0Et UjEuY3JsMA4GA1UdDwEB/wQEAwIFoDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq hkiG9w0BAQsFAAOCAYEAfeC9VozvHvMkALWNHOuueFgo0HwCMHRFRUYvsa6FFLU0 tQCg2AkBUxYQqkOaLh8Tf8IMW7dvn+rVvD7r2H2hPX9MFR9VCDleU7hLeaj/teh8 HDv+s6SGl/8FF9h0b/BBwxFsTm+7ROJeNHvi4Td5Kt300zCbHhuNJIiAvjKOiOvm 0iyI1r9QZofrkqtW9M5198QyqUUBYPqhReGdbe8LzDo2DivYMA12VDTmTsUEvN1e /DUTO59Z/e8m7WHst0l9SzcU+75znzT6GA+TNPLB8pTpP6w0NeNyr79byYqN2F1i Gju9IZA5bOU/QfKsMcrdoR9bL45DZyRiwf9vS6AFjQoqHslTU6R1ua604NYNgq4I 47RJNxZQbaK0xv+B6vgFNtJ5YUJu30jU1LGeoOzUkW5F79wlOfThy1CK1RxX6H/H rAweUVdNt4+z6t5R+pUwIP7aycW3d9rIHgR2RRhMpNJyEroF3D3c8SIe2HbAKENx rmiB+jirPIHWIvrgON0p -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve0m940xiPeWOwaAtU7P 698U1WAx6Bw9xINWDIF6LZC5GmBMZ/enab2aNYtH2O6M9kfR0uAto4B7ZwTYtj6a gi2XYv1grnqMd01rs1fkAjJSHafGNmN0ccLrpCPj2eZ46muVVxtjlG2GMFe4e5cS 2akmqrXEWD5caWC/jPLdTHJh4kxgV6z+BSYD83qNMXaZgD1nbfXt8lNp64PVWWEE 0YenyTowIbSdzziuayZDPS8vQIbCIz7jkKFPCXZgTdkbHzy094tn9MxHskGdI4GB gDhOQ68bISwKaYmVMi59ndO0oqslwS35SJEWlMyo5VTeHlZ4WRCpiKXk+kq52ZO/ DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 132997658310383453783922446816858339389 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OCLC, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OCLC TLS Issuing RSA SubCA R1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-30 00:15:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-29 00:15:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.arlis.idm.oclc.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23975983754287930773699920583732120494025080116791977192477048773429180941263422073786089320220286108174070657132509169312561255251880436430592123213369990743378868079521492310247337853396984595169397100392636394325217300760261328095255536984273314527247642200457136006614991028519414811858927525712342944781453772854274653012013543441103355433894574840323691127635372869734610692290526453725709971493518632045275543679332112457777912336888462712067510177978442979965713354238935681038859741087868889007024923440068588235712151724265558863557678787080872446166914781452003612995573558596583085446402150607595240668943 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2098fba1f9f30685f2973622b480f6f5a8568a30 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/OCLC-TLS-I-RSA-R1.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.arlis.idm.oclc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arlis.idm.oclc.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/OCLC-TLS-I-RSA-R1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 007de0bd568cef1ef32400b58d1cebae785828d07c0230744545462fb1ae8514b534b500a0d80901531610aa439a2e1f137fc20c5bb76f9fead5bc3eebd87da13d7f4c151f5508395e53b84b79a8ffb5e87c1c3bfeb3a48697ff0517d8746ff041c3116c4e6fbb44e25e347be2e137792addf4d3309b1e1b8d248880be328e88ebe6d22c88d6bf506687eb92ab56f4ce75f7c432a9450160faa145e19d6def0bcc3a360e2bd8300d765434e64ec504bcdd5efc35133b9f59fdef26ed61ecb7497d4b3714fbbe739f34fa180f9334f2c1f294e93fac3435e372afbf5bc98a8dd85d621a3bbd2190396ce53f41f2ac31cadda11f5b2f8e43672462c1ff6f4ba0058d0a2a1ec95353a475b9aeb4e0d60d82ae08e3b4493716506da2b4c6ff81eaf80536d27961426edf48d4d4b19ea0ecd4916e45efdc2539f4e1cb508ad51c57e87fc7ac0c1e51574db78fb3eade51fa953020fedac9c5b777dac81e047645184ca4d27212ba05dc3ddcf1221ed876c0284371ae6881fa38ab3c81d622fae038dd29