*.clientaccess.kpmg.com
- KPMG AB -
Issued by GlobalSign RSA OV SSL CA 2018
About this certificate
This digital certificate with serial number 35:f3:12:63:7b:5e:6f:f1:02:75:06:3d was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
KPMG AB
Organization:
KPMG AB
State / Province:
Stockholm
Locality: Stockholm
Country: SE
Locality: Stockholm
Country: SE
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate will expire on
Certificate Details
Serial Number (hex): 35:f3:12:63:7b:5e:6f:f1:02:75:06:3dSerial Number (int): 16696561332411664278121416253
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: de:83:54:66:af:bf:e9:0a:8f:1f:22:d1:b2:db:14:fe:56:9d:ba:9c
AuthorityKeyId: f8:ef:7f:f2:cd:78:67:a8:de:6f:8f:24:8d:88:f1:87:03:02:b3:eb
Fingerprint (sha1): 0a:17:4b:5f:60:a2:a5:2e:e5:17:5f:68:22:f6:7a:65:ba:33:d5:5a
Fingerprint (sha256): 02:90:95:86:5e:a6:7f:70:0a:6f:a7:8e:62:01:ce:0e:df:3a:84:f8:87:6a:74:8e:4c:c3:65:ee:db:d4:12:f9
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/gsrsaovsslca2018CRL Distribution Point: http://crl.globalsign.com/gsrsaovsslca2018.crl
Check the revocation status for certificate *.clientaccess.kpmg.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.clientaccess.kpmg.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.clientaccess.kpmg.com
clientaccess.kpmg.com
clientaccess.kpmg.com
Other certificates including the domain name kpmg.com
(limited to 100 certificates)
accounts.amr.kpmg.com
mdm.cee.kpmg.com
cds4.cvent.com
tess10.us.kworld.kpmg.com
wp.linkes.kpmg.com
Maillab.kpmg.ca
kpmgclaraonazure.ema.kpmg.com
www.highq.com
auditchatbot2.kpmg.com
ngsclient.ext.dev.kpmg.com
www.highq.com
lbvpn.us.kpmg.com
akamaisecure3.qualtrics.com
staging.kpmg.com
vhstg.aspac.kpmg.com
origin-azureapps.ema.kworld.kpmg.com
portals.ema.kpmg.com
btp.ema.kpmg.com
portalqa.kpmg.com
sslras1dr.us.kpmg.com
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
www.highq.com
www.highq.com
origin-azureapps.stg.amr.kpmg.com
portaluat.us.kpmg.com
kriterionmobile-qa.us.kworld.kpmg.com
solutions-analyticsuat.us.kpmg.com
cert00068-azurecdn.akamaized.net
cert00100-azurecdn.akamaized.net
lmscontent.us.kpmg.com
www.ptlinke.kpmg.com
selfserviceqa.kpmg.com
workspacesstg.ema.kpmg.com
www.highq.com
devkpmglinkworkforce.us.kworld.kpmg.com
cds4.cvent.com
lakehouseapi.us.kpmg.com
artifactory.us.kworld.kpmg.com
cds4.cvent.com
lab-uat-*.unify.us.kpmg.com
www.highq.com
WebSealIntSAMLFed.us.kworld.kpmg.com
accreditationdev01.kpmgdevcloud.kpmg.com
origin-azureapps.ema.kpmg.com
gfs-stg-2fa-ema.kworld.kpmg.com
mdm.ema.kpmg.com
workplace.us.kpmg.com
*.us.kpmg.com
oos.qa.us.kpmg.com
www.highq.com
apps.ng.kpmg.com
simp.us.kworld.kpmg.com
drmsmanager.us.kworld.kpmg.com
cert00031-azurecdn.akamaized.net
lab-eailogin-stg.us.kpmg.com
cert00088-azurecdn.akamaized.net
cert00031-azurecdn.akamaized.net
cqs.globalriskstg.kpmg.com
ngsclient.ext.dev.kpmg.com
godzilla.kpmg.com
kcentralintuat.us.kpmg.com
www.highq.com
www.highq.com
cert00059-azurecdn.akamaized.net
www.highq.com
cert00077-azurecdn.akamaized.net
www.highq.com
cert00092-azurecdn.akamaized.net
apps.ema.kpmg.com
kdox-service-uat.us.kpmg.com
www.highq.com
eccsandn1.godevazure1.kpmg.com
emersslvpn.us.kpmg.com
discovery.webpubsub.stg.kpmg.com
cert00077-azurecdn.akamaized.net
imi-uatreporting.kdev.services
cert00068-azurecdn.akamaized.net
www.mslinkeu.kpmg.com
cert00077-azurecdn.akamaized.net
kcentralint.us.kpmg.com
UPExchanges.us.kworld.kpmg.com
*.clientaccess.kpmg.com
origin-azureapps.stg.ema.kpmg.com
*.bio.kpmg.com
pivot.kpmg.com
www.highq.com
cert00068-azurecdn.akamaized.net
Kcfcapi.stg.ema.kpmg.com
www.highq.com
goazr1app266d.godevazure1.kpmg.com
cert00077-azurecdn.akamaized.net
mobileeas.ema.kpmg.com
akamaisecure4.qualtrics.com
lmclinkes.us.kworld.kpmg.com
author-kpmg-dev.us.kworld.kpmg.com
test_poc-ext.qa.kpmg.com
kpmglinkqa.amr.kpmg.com
sslraa3.us.kpmg.com
vhstg.amr.kpmg.com
mdm.cee.kpmg.com
cds4.cvent.com
tess10.us.kworld.kpmg.com
wp.linkes.kpmg.com
Maillab.kpmg.ca
kpmgclaraonazure.ema.kpmg.com
www.highq.com
auditchatbot2.kpmg.com
ngsclient.ext.dev.kpmg.com
www.highq.com
lbvpn.us.kpmg.com
akamaisecure3.qualtrics.com
staging.kpmg.com
vhstg.aspac.kpmg.com
origin-azureapps.ema.kworld.kpmg.com
portals.ema.kpmg.com
btp.ema.kpmg.com
portalqa.kpmg.com
sslras1dr.us.kpmg.com
cert00092-azurecdn.akamaized.net
cert00088-azurecdn.akamaized.net
www.highq.com
www.highq.com
origin-azureapps.stg.amr.kpmg.com
portaluat.us.kpmg.com
kriterionmobile-qa.us.kworld.kpmg.com
solutions-analyticsuat.us.kpmg.com
cert00068-azurecdn.akamaized.net
cert00100-azurecdn.akamaized.net
lmscontent.us.kpmg.com
www.ptlinke.kpmg.com
selfserviceqa.kpmg.com
workspacesstg.ema.kpmg.com
www.highq.com
devkpmglinkworkforce.us.kworld.kpmg.com
cds4.cvent.com
lakehouseapi.us.kpmg.com
artifactory.us.kworld.kpmg.com
cds4.cvent.com
lab-uat-*.unify.us.kpmg.com
www.highq.com
WebSealIntSAMLFed.us.kworld.kpmg.com
accreditationdev01.kpmgdevcloud.kpmg.com
origin-azureapps.ema.kpmg.com
gfs-stg-2fa-ema.kworld.kpmg.com
mdm.ema.kpmg.com
workplace.us.kpmg.com
*.us.kpmg.com
oos.qa.us.kpmg.com
www.highq.com
apps.ng.kpmg.com
simp.us.kworld.kpmg.com
drmsmanager.us.kworld.kpmg.com
cert00031-azurecdn.akamaized.net
lab-eailogin-stg.us.kpmg.com
cert00088-azurecdn.akamaized.net
cert00031-azurecdn.akamaized.net
cqs.globalriskstg.kpmg.com
ngsclient.ext.dev.kpmg.com
godzilla.kpmg.com
kcentralintuat.us.kpmg.com
www.highq.com
www.highq.com
cert00059-azurecdn.akamaized.net
www.highq.com
cert00077-azurecdn.akamaized.net
www.highq.com
cert00092-azurecdn.akamaized.net
apps.ema.kpmg.com
kdox-service-uat.us.kpmg.com
www.highq.com
eccsandn1.godevazure1.kpmg.com
emersslvpn.us.kpmg.com
discovery.webpubsub.stg.kpmg.com
cert00077-azurecdn.akamaized.net
imi-uatreporting.kdev.services
cert00068-azurecdn.akamaized.net
www.mslinkeu.kpmg.com
cert00077-azurecdn.akamaized.net
kcentralint.us.kpmg.com
UPExchanges.us.kworld.kpmg.com
*.clientaccess.kpmg.com
origin-azureapps.stg.ema.kpmg.com
*.bio.kpmg.com
pivot.kpmg.com
www.highq.com
cert00068-azurecdn.akamaized.net
Kcfcapi.stg.ema.kpmg.com
www.highq.com
goazr1app266d.godevazure1.kpmg.com
cert00077-azurecdn.akamaized.net
mobileeas.ema.kpmg.com
akamaisecure4.qualtrics.com
lmclinkes.us.kworld.kpmg.com
author-kpmg-dev.us.kworld.kpmg.com
test_poc-ext.qa.kpmg.com
kpmglinkqa.amr.kpmg.com
sslraa3.us.kpmg.com
vhstg.amr.kpmg.com
Certificate
The complete raw certificate details for *.clientaccess.kpmg.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIMNfMSY3teb/ECdQY9MA0GCSqGSIb3DQEBCwUAMFAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSYwJAYDVQQDEx1H bG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODAeFw0yMzEyMjkxODE5NTRaFw0y NTAxMjkxODE5NTNaMGkxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0x EjAQBgNVBAcTCVN0b2NraG9sbTEQMA4GA1UEChMHS1BNRyBBQjEgMB4GA1UEAwwX Ki5jbGllbnRhY2Nlc3Mua3BtZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDFeJ6CvyAltnOpjb2bpV37oqjm+U2DALnJ0q5ckdAczxwfD5QF7vgR ONFJpm0ZJCbs1Y4gwxjYhOAHFw0o4gdhn8bA6UDHjA14jp/o82xbVp6EnMr4NbzV jcudcPUcDnavXl/QhDBCsbWdwjr9ZYSkZ6ntwHE0BwAdV0m8JjjTwlcUNxDytvrU /T7dbbagG31grUNHxc4PLMRKFaqCf+wV7SrgCbpFn/x0b6DLC5ThaQAoa/nVoZT+ /QCi5/iECCPPL0w3szwGJpicjXl8UoNxR6Asu74GCc4VoXwSpdzlnMsfcgKHLthO xmBrB6MlGnhsbma/uQVJatoQ3UiPDPW5AgMBAAGjggH7MIIB9zAOBgNVHQ8BAf8E BAMCBaAwDAYDVR0TAQH/BAIwADCBjgYIKwYBBQUHAQEEgYEwfzBEBggrBgEFBQcw AoY4aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nyc2FvdnNz bGNhMjAxOC5jcnQwNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwLmdsb2JhbHNpZ24u Y29tL2dzcnNhb3Zzc2xjYTIwMTgwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAy BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y eS8wCAYGZ4EMAQICMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jcmwuZ2xvYmFs c2lnbi5jb20vZ3Nyc2FvdnNzbGNhMjAxOC5jcmwwOQYDVR0RBDIwMIIXKi5jbGll bnRhY2Nlc3Mua3BtZy5jb22CFWNsaWVudGFjY2Vzcy5rcG1nLmNvbTAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU+O9/8s14Z6jeb48k jYjxhwMCs+swHQYDVR0OBBYEFN6DVGavv+kKjx8i0bLbFP5WnbqcMBMGCisGAQQB 1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAvqFFeALuqVpsRt9qBPwFd 2xTNCWRBjsPs3DA09rz78nBGhG1MpsGImNB9y8ddHEGQ98s2nVjRP/7G67dkGpBK wYaTRB9XssgMj+lQt6ULggIO+m5GQvQGoqkm64se78aEe2X46O1hw9ko+Px+7s5g i1g42iprOgARcRywfx9j6m7+m3Bd9a9GPSHs1ShNimxU4auOn40oPxB7KJErcrFc qro7+zpyq83YJEWLE1NWKFKCqlrsw0OlKjisVHW/XhVtvTz9Y2OM9BIrgLO4Km1Y wCpzcKvy+FzDY78OvBOKFaPn7yDKY/leuqZJytGk6WoB3HfkZ0rv45fb4Pll6zxe -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXiegr8gJbZzqY29m6Vd +6Ko5vlNgwC5ydKuXJHQHM8cHw+UBe74ETjRSaZtGSQm7NWOIMMY2ITgBxcNKOIH YZ/GwOlAx4wNeI6f6PNsW1aehJzK+DW81Y3LnXD1HA52r15f0IQwQrG1ncI6/WWE pGep7cBxNAcAHVdJvCY408JXFDcQ8rb61P0+3W22oBt9YK1DR8XODyzEShWqgn/s Fe0q4Am6RZ/8dG+gywuU4WkAKGv51aGU/v0Aouf4hAgjzy9MN7M8BiaYnI15fFKD cUegLLu+BgnOFaF8EqXc5ZzLH3IChy7YTsZgawejJRp4bG5mv7kFSWraEN1Ijwz1 uQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16696561332411664278121416253 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign RSA OV SSL CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-29 18:19:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-29 18:19:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stockholm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stockholm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KPMG AB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.clientaccess.kpmg.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24928425614053990909324619070278377915770000901818661365832741083758231130533287403174617784101614998842501759897606786463761343417356192459897156729496745755480938018090224090320185018874875686845140364924529570029672921601458660552316061539663565229252100342902067859659806325022952930354942281071169596313776130987631888858203720243681966510372121584782624153100080804407096383606215017728272099441557972111875626969470723721695818723401377936148087945132830336552113762945844103381495174001484065197916643364731754423831473853775845308403676822760655997087486118372321119801838464835787435552082848994502017611193 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/gsrsaovsslca2018' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsrsaovsslca2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.clientaccess.kpmg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clientaccess.kpmg.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f8ef7ff2cd7867a8de6f8f248d88f1870302b3eb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) de835466afbfe90a8f1f22d1b2db14fe569dba9c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002fa8515e00bbaa569b11b7da813f015ddb14cd0964418ec3ecdc3034f6bcfbf27046846d4ca6c18898d07dcbc75d1c4190f7cb369d58d13ffec6ebb7641a904ac18693441f57b2c80c8fe950b7a50b82020efa6e4642f406a2a926eb8b1eefc6847b65f8e8ed61c3d928f8fc7eeece608b5838da2a6b3a0011711cb07f1f63ea6efe9b705df5af463d21ecd5284d8a6c54e1ab8e9f8d283f107b28912b72b15caaba3bfb3a72abcdd824458b135356285282aa5aecc343a52a38ac5475bf5e156dbd3cfd63638cf4122b80b3b82a6d58c02a7370abf2f85cc363bf0ebc138a15a3e7ef20ca63f95ebaa649cad1a4e96a01dc77e4674aefe397dbe0f965eb3c5e