*.aaas.idm.oclc.org
- OCLC Inc. -
Issued by OCLC TLS Issuing RSA SubCA R1
About this certificate
This digital certificate with serial number 38:98:f3:0e:e0:8a:d0:54:a1:16:c5:fb:68:72:61:b2 was issued on by OCLC, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
OCLC Inc.
Organization:
OCLC Inc.
State / Province:
Ohio
Locality: Dublin
Country: US
Locality: Dublin
Country: US
OCLC, Inc.
Organization:
OCLC, Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 38:98:f3:0e:e0:8a:d0:54:a1:16:c5:fb:68:72:61:b2Serial Number (int): 75230926690673003014214312380859572658
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 20:98:fb:a1:f9:f3:06:85:f2:97:36:22:b4:80:f6:f5:a8:56:8a:30
Fingerprint (sha1): 04:b1:e2:76:2c:11:36:20:ed:ad:ea:b2:a9:b1:b6:07:c2:11:fa:fc
Fingerprint (sha256): 02:8b:99:e5:42:e0:9f:60:0d:6a:50:81:38:e9:13:f2:54:75:05:46:ff:4b:7c:f9:19:15:1e:77:57:44:76:5b
Issuing Certificate URL: http://cert.ssl.com/OCLC-TLS-I-RSA-R1.cer
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/OCLC-TLS-I-RSA-R1.crl
Check the revocation status for certificate *.aaas.idm.oclc.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.aaas.idm.oclc.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.aaas.idm.oclc.org
aaas.idm.oclc.org
aaas.idm.oclc.org
Other certificates including the domain name oclc.org
(limited to 100 certificates)
*.cfra-msa.idm.oclc.org
*.nwcc.idm.oclc.org
*.southseattle.idm.oclc.org
*.iuhu.idm.oclc.org
*.liuc.idm.oclc.org
*.cfra-msa.idm.oclc.org
deweyess.oclc.org
*.greatlibrary.idm.oclc.org
*.apll.idm.oclc.org
*.muhlenberg.idm.oclc.org
*.abington.idm.oclc.org
*.nccu.idm.oclc.org
secure06.stage.lithium.com
*.trevecca.idm.oclc.org
*.twu.idm.oclc.org
*.udlap.idm.oclc.org
*.aic.idm.oclc.org
*.weston.idm.oclc.org
*.cide.idm.oclc.org
*.bchs.idm.oclc.org
*.neomed.idm.oclc.org
*.uiwtx.idm.oclc.org
*.bpcc.idm.oclc.org
*.dartmouth.idm.oclc.org
*.tjportal.idm.oclc.org
*.wcc.idm.oclc.org
*.limcollege.idm.oclc.org
OWA.OCLC.ORG
*.victimresearch.idm.oclc.org
*.greenville.idm.oclc.org
*.dsc.idm.oclc.org
*.fmarion.idm.oclc.org
*.ubu-es.idm.oclc.org
exeter.idm.oclc.org
*.springerpub.idm.oclc.org
*.sanlib.idm.oclc.org
*.tjc.idm.oclc.org
*.zhejianglibr.idm.oclc.org
*.zulib.idm.oclc.org
*.burmanu.idm.oclc.org
*.ccl.idm.oclc.org
*.chifedkc.idm.oclc.org
workday.oclc.org
*.nscad.idm.oclc.org
*.confederation.idm.oclc.org
*.yccc.idm.oclc.org
*.aspenuniversity.idm.oclc.org
*.nu.idm.oclc.org
*.ala.idm.oclc.org
*.mmc.idm.oclc.org
*.akkon-onlinelibrary.idm.oclc.org
*.mclarenmacomb.idm.oclc.org
ftp-bibliotheca.de.oclc.org
*.jjhs.idm.oclc.org
*.gold.idm.oclc.org
*.qvcc.idm.oclc.org
*.omahalibrary.idm.oclc.org
*.nishogakusha-u.idm.oclc.org
*.usu29.idm.oclc.org
*.bakeru.idm.oclc.org
*.cdkc.idm.oclc.org
*.southeast.idm.oclc.org
*.lourdes.idm.oclc.org
*.mvcc.idm.oclc.org
*.fid-avl.idm.oclc.org
*.wcsu.idm.oclc.org
*.hchs.idm.oclc.org
*.aus.idm.oclc.org
*.kuyper.idm.oclc.org
*.testemea.idm.oclc.org
*.uea.idm.oclc.org
*.nnu.idm.oclc.org
*.sanfrancisco.idm.oclc.org
*.szrof.idm.oclc.org
*.fls.idm.oclc.org
*.sri.idm.oclc.org
*.sierranev.idm.oclc.org
*.ozarks.idm.oclc.org
deweyess.oclc.org
*.hodges.idm.oclc.org
*.ncat.idm.oclc.org
*.antioch.idm.oclc.org
*.trevecca.idm.oclc.org
*.wvclibrary.idm.oclc.org
Cmsauthor-ext.oclc.org
*.bucm.idm.oclc.org
*.drexel.idm.oclc.org
*.hshs.idm.oclc.org
*.arlis.idm.oclc.org
*.aaas.idm.oclc.org
*.esf.idm.oclc.org
*.uhsp.idm.oclc.org
*.essec.idm.oclc.org
*.scclosrios.idm.oclc.org
*.salusdental.idm.oclc.org
*.stmarys.idm.oclc.org
*.kl.idm.oclc.org
*.barker.idm.oclc.org
lbs-avans.oclc.org
*.nutn.idm.oclc.org
*.nwcc.idm.oclc.org
*.southseattle.idm.oclc.org
*.iuhu.idm.oclc.org
*.liuc.idm.oclc.org
*.cfra-msa.idm.oclc.org
deweyess.oclc.org
*.greatlibrary.idm.oclc.org
*.apll.idm.oclc.org
*.muhlenberg.idm.oclc.org
*.abington.idm.oclc.org
*.nccu.idm.oclc.org
secure06.stage.lithium.com
*.trevecca.idm.oclc.org
*.twu.idm.oclc.org
*.udlap.idm.oclc.org
*.aic.idm.oclc.org
*.weston.idm.oclc.org
*.cide.idm.oclc.org
*.bchs.idm.oclc.org
*.neomed.idm.oclc.org
*.uiwtx.idm.oclc.org
*.bpcc.idm.oclc.org
*.dartmouth.idm.oclc.org
*.tjportal.idm.oclc.org
*.wcc.idm.oclc.org
*.limcollege.idm.oclc.org
OWA.OCLC.ORG
*.victimresearch.idm.oclc.org
*.greenville.idm.oclc.org
*.dsc.idm.oclc.org
*.fmarion.idm.oclc.org
*.ubu-es.idm.oclc.org
exeter.idm.oclc.org
*.springerpub.idm.oclc.org
*.sanlib.idm.oclc.org
*.tjc.idm.oclc.org
*.zhejianglibr.idm.oclc.org
*.zulib.idm.oclc.org
*.burmanu.idm.oclc.org
*.ccl.idm.oclc.org
*.chifedkc.idm.oclc.org
workday.oclc.org
*.nscad.idm.oclc.org
*.confederation.idm.oclc.org
*.yccc.idm.oclc.org
*.aspenuniversity.idm.oclc.org
*.nu.idm.oclc.org
*.ala.idm.oclc.org
*.mmc.idm.oclc.org
*.akkon-onlinelibrary.idm.oclc.org
*.mclarenmacomb.idm.oclc.org
ftp-bibliotheca.de.oclc.org
*.jjhs.idm.oclc.org
*.gold.idm.oclc.org
*.qvcc.idm.oclc.org
*.omahalibrary.idm.oclc.org
*.nishogakusha-u.idm.oclc.org
*.usu29.idm.oclc.org
*.bakeru.idm.oclc.org
*.cdkc.idm.oclc.org
*.southeast.idm.oclc.org
*.lourdes.idm.oclc.org
*.mvcc.idm.oclc.org
*.fid-avl.idm.oclc.org
*.wcsu.idm.oclc.org
*.hchs.idm.oclc.org
*.aus.idm.oclc.org
*.kuyper.idm.oclc.org
*.testemea.idm.oclc.org
*.uea.idm.oclc.org
*.nnu.idm.oclc.org
*.sanfrancisco.idm.oclc.org
*.szrof.idm.oclc.org
*.fls.idm.oclc.org
*.sri.idm.oclc.org
*.sierranev.idm.oclc.org
*.ozarks.idm.oclc.org
deweyess.oclc.org
*.hodges.idm.oclc.org
*.ncat.idm.oclc.org
*.antioch.idm.oclc.org
*.trevecca.idm.oclc.org
*.wvclibrary.idm.oclc.org
Cmsauthor-ext.oclc.org
*.bucm.idm.oclc.org
*.drexel.idm.oclc.org
*.hshs.idm.oclc.org
*.arlis.idm.oclc.org
*.aaas.idm.oclc.org
*.esf.idm.oclc.org
*.uhsp.idm.oclc.org
*.essec.idm.oclc.org
*.scclosrios.idm.oclc.org
*.salusdental.idm.oclc.org
*.stmarys.idm.oclc.org
*.kl.idm.oclc.org
*.barker.idm.oclc.org
lbs-avans.oclc.org
*.nutn.idm.oclc.org
Certificate
The complete raw certificate details for *.aaas.idm.oclc.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGKTCCBJGgAwIBAgIQOJjzDuCK0FShFsX7aHJhsjANBgkqhkiG9w0BAQsFADBK MQswCQYDVQQGEwJVUzETMBEGA1UECgwKT0NMQywgSW5jLjEmMCQGA1UEAwwdT0NM QyBUTFMgSXNzdWluZyBSU0EgU3ViQ0EgUjEwHhcNMjQwMjE2MTYwMjAxWhcNMjUw MjE1MTYwMjAxWjBfMQswCQYDVQQGEwJVUzENMAsGA1UECAwET2hpbzEPMA0GA1UE BwwGRHVibGluMRIwEAYDVQQKDAlPQ0xDIEluYy4xHDAaBgNVBAMMEyouYWFhcy5p ZG0ub2NsYy5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC342FH +zsoJsiboeYqLaYg2b/oqCrTZAqtdIE4gA7r6a8JeWtECk+2QjSGbzUmEXqTs4cN E+TDucKLeW51KiJ0bxUQWOnIlX1s6IgykphleMRqp/dwDFWhkp1KAgDXU/3dactn dv7DjcaJ5Vc2DqS2v9b/eQ0yPZhc7WHoE8n4/ncfrZ1pe95O/2y4olbB+SIkee4T x/262owgCm92h/sSCE5D78N4HG/+melLj5KLwP97PdaUHB84Mv0JnWew/t/N5AK8 DwQV7TzPCKJQWX/SQ7MG0QIAb/pfzITRKAItil+DhbxwbF70ZBUwNXKw8kkXQ8S8 hvd4q8zjZ1UlisXpu/QpCBkaNWaSzTkbMtk5u9A23gtfTE6BBFkBVGxlYxo+ju3R fPBX4Cgs2tbTTvM/2eHtlcxSoaXvFwQxSYpunaXpz68IA0cC1XrzFQ68pAzv4dDl 6BxFeIvAdPW26qK4QoBg0VUgy/zl4W1/yrHTY/boA2zvuHTgxW+qt3lknF2N6dIn /ygaBDMB/yEgYWLNVEfMp6yVC1vzDfqm5d/GpTHeg2KrBYQIgFlvtKR2yASFXHZN gjnQUeXs3z8u/ErcbVqei5tIvNPiHyQGkiNl+bY1fKxfIdDZYcOfpLQ4EUdlVSDk flVCqM6x1YVI8PPzhxbahRHVq/r4Iky5aYiCXQIDAQABo4IBdDCCAXAwDAYDVR0T AQH/BAIwADAfBgNVHSMEGDAWgBQgmPuh+fMGhfKXNiK0gPb1qFaKMDBnBggrBgEF BQcBAQRbMFkwNQYIKwYBBQUHMAKGKWh0dHA6Ly9jZXJ0LnNzbC5jb20vT0NMQy1U TFMtSS1SU0EtUjEuY2VyMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNv bTAxBgNVHREEKjAoghMqLmFhYXMuaWRtLm9jbGMub3JnghFhYWFzLmlkbS5vY2xj Lm9yZzAjBgNVHSAEHDAaMAgGBmeBDAECAjAOBgwrBgEEAYKpMAEDAQIwHQYDVR0l BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6 Ly9jcmxzLnNzbC5jb20vT0NMQy1UTFMtSS1SU0EtUjEuY3JsMA4GA1UdDwEB/wQE AwIFoDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAYEAVkZX ymSYBPibGM79v+JK9FANRRndHKKMtnOMUaT3CGNrxV3r19XASdwTLf+4sgpoP1N4 i/vAWUH6QqEyCwroZ3qT9/2sth2KeZ+L3wcdZQo4g1rcPVywKVkFtANVZWF/ADNJ hJL0fBb0PAy6eKptQfFQI3VNMSZngo1CaoUHqzALnh/8lkdsCPC69qL8ZhZPk1WU NB86L60FbXmAKGJ7thKLdSgPHBBJYzCgN37rYd81QqoLmZ62O8rM8mzkTCVc4+r+ /bayK57PZZFlGLgIfYj4cn3QxRyQVCxlvg0a28XN/INz15WHccWmmLpJy/FEZGA1 qXm2VJgTQVeOHr2BTuyHxnIAVHmPCo/dNatLWoz8u1EHW6+GYnqYCh2Gy1Pa/sXW 630kVqP+CzX5P7r8nCkkUzDimqCeWBzFzNFisRqNa9acAEdgmq/EP6AFMNWgzje2 z1p8YlXbGtIlnbFTvMsrGD4rJTtCI9UvdyQ1UT5V3gEe8OmxlyzioAMx56sH -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt+NhR/s7KCbIm6HmKi2m INm/6Kgq02QKrXSBOIAO6+mvCXlrRApPtkI0hm81JhF6k7OHDRPkw7nCi3ludSoi dG8VEFjpyJV9bOiIMpKYZXjEaqf3cAxVoZKdSgIA11P93WnLZ3b+w43GieVXNg6k tr/W/3kNMj2YXO1h6BPJ+P53H62daXveTv9suKJWwfkiJHnuE8f9utqMIApvdof7 EghOQ+/DeBxv/pnpS4+Si8D/ez3WlBwfODL9CZ1nsP7fzeQCvA8EFe08zwiiUFl/ 0kOzBtECAG/6X8yE0SgCLYpfg4W8cGxe9GQVMDVysPJJF0PEvIb3eKvM42dVJYrF 6bv0KQgZGjVmks05GzLZObvQNt4LX0xOgQRZAVRsZWMaPo7t0XzwV+AoLNrW007z P9nh7ZXMUqGl7xcEMUmKbp2l6c+vCANHAtV68xUOvKQM7+HQ5egcRXiLwHT1tuqi uEKAYNFVIMv85eFtf8qx02P26ANs77h04MVvqrd5ZJxdjenSJ/8oGgQzAf8hIGFi zVRHzKeslQtb8w36puXfxqUx3oNiqwWECIBZb7SkdsgEhVx2TYI50FHl7N8/LvxK 3G1anoubSLzT4h8kBpIjZfm2NXysXyHQ2WHDn6S0OBFHZVUg5H5VQqjOsdWFSPDz 84cW2oUR1av6+CJMuWmIgl0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 75230926690673003014214312380859572658 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OCLC, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OCLC TLS Issuing RSA SubCA R1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-16 16:02:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-15 16:02:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Dublin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OCLC Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.aaas.idm.oclc.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 750198417131069627548447344127446925186147334672795807802421220499416829207149179669399504106214691116680213582671128345687783642610031164708263049421199787285377737165652512160145671625728307080521563409523541411158640780595862727761772410681257815301776645244708448085405702646316441931461982085739537349196484386809142847965594958188048841049435192431255308703108848157927478682763640733645326149942542525473232273949422447513761081734195878940740080231991590477225424134417541463632183797535745992179234950462415243290879427987912251032330192864627894009219006456566577656591858391313302325834714384599946174061790673097780876364188727995928469824572832916843078129628962383571580153862135109410569737899323578688383190130078734890590387447566294538266474096054046379854043848473732761776647835432694549683549173441449300394028568035406037476864530843596332623280308790991486755748292902287210217446533446449815428250820835758070648689067242829271195727062774034249625536021424471444772717493971669200486281007836394561434856066159221883870406175144220515067331135519259214364970114108570990973497826913025797382441386759410290063926317911897273130763042429985790334454394218691510737322279027547373183687061348266638448838345309 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2098fba1f9f30685f2973622b480f6f5a8568a30 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/OCLC-TLS-I-RSA-R1.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aaas.idm.oclc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aaas.idm.oclc.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/OCLC-TLS-I-RSA-R1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00564657ca649804f89b18cefdbfe24af4500d4519dd1ca28cb6738c51a4f708636bc55debd7d5c049dc132dffb8b20a683f53788bfbc05941fa42a1320b0ae8677a93f7fdacb61d8a799f8bdf071d650a38835adc3d5cb0295905b4035565617f0033498492f47c16f43c0cba78aa6d41f15023754d312667828d426a8507ab300b9e1ffc96476c08f0baf6a2fc66164f935594341f3a2fad056d798028627bb6128b75280f1c10496330a0377eeb61df3542aa0b999eb63bcaccf26ce44c255ce3eafefdb6b22b9ecf65916518b8087d88f8727dd0c51c90542c65be0d1adbc5cdfc8373d7958771c5a698ba49cbf144646035a979b654981341578e1ebd814eec87c6720054798f0a8fdd35ab4b5a8cfcbb51075baf86627a980a1d86cb53dafec5d6eb7d2456a3fe0b35f93fbafc9c29245330e29aa09e581cc5ccd162b11a8d6bd69c0047609aafc43fa00530d5a0ce37b6cf5a7c6255db1ad2259db153bccb2b183e2b253b4223d52f772435513e55de011ef0e9b1972ce2a00331e7ab07