opscpos01069.appl.kp.org
- Kaiser Foundation Health Plan, Inc. -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 37:5d:d6:80:9f:44:d6:b9:89:fe:a4:c1:ae:32:57:7a was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Kaiser Foundation Health Plan, Inc.
Organization:
Kaiser Foundation Health Plan, Inc.
State / Province:
California
Country: US
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 37:5d:d6:80:9f:44:d6:b9:89:fe:a4:c1:ae:32:57:7aSerial Number (int): 73594774002165432788814875789939070842
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: bb:eb:4e:6c:40:4a:a0:56:e5:fd:29:ac:61:c6:02:90:86:ff:6f:c9
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 67:a3:41:59:1f:8c:33:9a:2a:b0:1b:d6:4e:b8:44:48:1a:21:b7:81
Fingerprint (sha256): 03:08:cd:29:07:8e:5b:96:7b:1d:af:22:92:dd:de:60:ba:eb:41:cd:95:de:0b:52:ad:68:97:dd:6f:04:a7:a3
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate opscpos01069.appl.kp.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for opscpos01069.appl.kp.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
opscpos01069.appl.kp.org
www.opscpos01069.appl.kp.org
www.opscpos01069.appl.kp.org
Other certificates including the domain name kp.org
(limited to 100 certificates)
idm-uat.kp.org
nplms.kp.org
national-implantregistries.kaiserpermanente.org
cl.kp.org
paultestcertone.venafi-qa.kp.org
kplocator.kp.org
cnndcsqlp040.nndc.kp.org
ive-crdc.kp.org
opscpos01102.appl.kp.org
prod-cryptoservicev2-biz-live.pmt.aksp.azure.kp.org
physiciancareers-ncal.kp.org
kpfaxwebdev.appl.kp.org
epiclink-oh.kp.org
cnndcappgrp080.ccst.kp.org
opncpos02447.appl.kp.org
kpwapdcdrvpn.appl.kp.org
opscpos01152.appl.kp.org
cnndcsmrp216.nndc.kp.org
finesse-amcimc2.appl.kp.org
digiphobcs.appl.kp.org
lzpoc.kp.org
opncpos02447.appl.kp.org
tpmghr.kp.org
digitalproductroadmaptool.kp.org
cnqmsiarc.appl.kp.org
cscdcimppm01.crdc.kp.org
onelinkinfo.kp.org
fs010.kaiserpermanente.org
test1.uat.kp.org
venafipatchninecsorp.venafi-qa.kp.org
essearch.tro-splunk.kp.org
radiator-dev.appl.kp.org
nps-dev.appl.kp.org
dev-personalcondtest-biz-live.cd.aksnp.azure.kp.org
residency.kp.org
ivvpexip.appl.kp.org
csbdc-vmax0247-emgmt1.bcdc.kp.org
myit-ws-xm.kp.org
kpgadatamart.ga.kp.org
finesse-amcimc1.appl.kp.org
tpmghcm-rpt.appl.kp.org
copdf-temp.ssdc.kp.org
afl-wa.appl.kp.org
czapwb8.crdc.kp.org
opscpos01147.appl.kp.org
onelinktax.appl.kp.org
csc2cwn00000309.cloud.kp.org
staffprovider-qa-appl.wa.kp.org
kphccaboodlesdscprodsdmdr.appl.kp.org
czapwb7.crdc.kp.org
ncalethics.kp.org
opcopos03023.appl.kp.org
myit-xm-uat.kp.org
ncalethics.kp.org
webforms-qa.appl.kp.org
nw-inventrix-prod.appl.kp.org
kpschedule.kp.org
appsdev.kp.org
hits-dev.appl.kp.org
test1csr.md.uat.kp.org
coats-uat.kp.org
api-services-pp.kp.org
scpmghcmrpt.kp.org
singledomain5.demo.kp.org
vcoltme21.ntwk.kp.org
downey-physicianpeersurvey.appl.kp.org
apps.kp.org
ndc1ctxnsa.nndc.kp.org
*.clm1-ezp.kp.org
*.sts.ext-svc-bmxp.appl.kp.org
dev-tasktracker-bff-live.memb.aksnp.azure.kp.org
qa-claimsapi-biz-1.qcp.aksnp.azure.kp.org
*.kpvv.int-svc.bmxnp.appl.kp.org
mobileiron50.kp.org
mobileiron13.kp.org
wdcvnx5400-mgm3.wpoc.kp.org
econsult-dev.kp.org
opnwpos04079.appl.kp.org
ccsp.appl.kp.org
aaccesp.kp.org
prod-npl.eglb.kp.org
izadap8.ivdc.kp.org
securemail.kp.org
opncpos02125.appl.kp.org
aperturepatchsixninegfgnj.venafi-qa.kp.org
velocity-preprod-intranet.crdc.kp.org
bookingservice-p1.kpaths.appl.kp.org
cnlenam3900303.len.ca.kp.org
riverside-isite.appl.kp.org
pdasweb-uat-tmp.appl.kp.org
prod-kpdfeaturestoreui-biz-live.daml.aksp.azure.kp.org
kpa-prod.kaiserpermanente.org
violenceprevention.kp.org
csc2cwn00000330.cloud.kp.org
hp-mbr-admn-crdc.kp.org
scpmghcmint.kp.org
onelinkppt-uat.appl.kp.org
downey-isitepics.appl.kp.org
opscpos01069.appl.kp.org
csidcwvzp537.ccst.kp.org
nplms.kp.org
national-implantregistries.kaiserpermanente.org
cl.kp.org
paultestcertone.venafi-qa.kp.org
kplocator.kp.org
cnndcsqlp040.nndc.kp.org
ive-crdc.kp.org
opscpos01102.appl.kp.org
prod-cryptoservicev2-biz-live.pmt.aksp.azure.kp.org
physiciancareers-ncal.kp.org
kpfaxwebdev.appl.kp.org
epiclink-oh.kp.org
cnndcappgrp080.ccst.kp.org
opncpos02447.appl.kp.org
kpwapdcdrvpn.appl.kp.org
opscpos01152.appl.kp.org
cnndcsmrp216.nndc.kp.org
finesse-amcimc2.appl.kp.org
digiphobcs.appl.kp.org
lzpoc.kp.org
opncpos02447.appl.kp.org
tpmghr.kp.org
digitalproductroadmaptool.kp.org
cnqmsiarc.appl.kp.org
cscdcimppm01.crdc.kp.org
onelinkinfo.kp.org
fs010.kaiserpermanente.org
test1.uat.kp.org
venafipatchninecsorp.venafi-qa.kp.org
essearch.tro-splunk.kp.org
radiator-dev.appl.kp.org
nps-dev.appl.kp.org
dev-personalcondtest-biz-live.cd.aksnp.azure.kp.org
residency.kp.org
ivvpexip.appl.kp.org
csbdc-vmax0247-emgmt1.bcdc.kp.org
myit-ws-xm.kp.org
kpgadatamart.ga.kp.org
finesse-amcimc1.appl.kp.org
tpmghcm-rpt.appl.kp.org
copdf-temp.ssdc.kp.org
afl-wa.appl.kp.org
czapwb8.crdc.kp.org
opscpos01147.appl.kp.org
onelinktax.appl.kp.org
csc2cwn00000309.cloud.kp.org
staffprovider-qa-appl.wa.kp.org
kphccaboodlesdscprodsdmdr.appl.kp.org
czapwb7.crdc.kp.org
ncalethics.kp.org
opcopos03023.appl.kp.org
myit-xm-uat.kp.org
ncalethics.kp.org
webforms-qa.appl.kp.org
nw-inventrix-prod.appl.kp.org
kpschedule.kp.org
appsdev.kp.org
hits-dev.appl.kp.org
test1csr.md.uat.kp.org
coats-uat.kp.org
api-services-pp.kp.org
scpmghcmrpt.kp.org
singledomain5.demo.kp.org
vcoltme21.ntwk.kp.org
downey-physicianpeersurvey.appl.kp.org
apps.kp.org
ndc1ctxnsa.nndc.kp.org
*.clm1-ezp.kp.org
*.sts.ext-svc-bmxp.appl.kp.org
dev-tasktracker-bff-live.memb.aksnp.azure.kp.org
qa-claimsapi-biz-1.qcp.aksnp.azure.kp.org
*.kpvv.int-svc.bmxnp.appl.kp.org
mobileiron50.kp.org
mobileiron13.kp.org
wdcvnx5400-mgm3.wpoc.kp.org
econsult-dev.kp.org
opnwpos04079.appl.kp.org
ccsp.appl.kp.org
aaccesp.kp.org
prod-npl.eglb.kp.org
izadap8.ivdc.kp.org
securemail.kp.org
opncpos02125.appl.kp.org
aperturepatchsixninegfgnj.venafi-qa.kp.org
velocity-preprod-intranet.crdc.kp.org
bookingservice-p1.kpaths.appl.kp.org
cnlenam3900303.len.ca.kp.org
riverside-isite.appl.kp.org
pdasweb-uat-tmp.appl.kp.org
prod-kpdfeaturestoreui-biz-live.daml.aksp.azure.kp.org
kpa-prod.kaiserpermanente.org
violenceprevention.kp.org
csc2cwn00000330.cloud.kp.org
hp-mbr-admn-crdc.kp.org
scpmghcmint.kp.org
onelinkppt-uat.appl.kp.org
downey-isitepics.appl.kp.org
opscpos01069.appl.kp.org
csidcwvzp537.ccst.kp.org
Certificate
The complete raw certificate details for opscpos01069.appl.kp.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIQN13WgJ9E1rmJ/qTBrjJXejANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIzMTIxMzAwMDAwMFoXDTI1MDExMTIzNTk1OVowczELMAkGA1UE BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExLDAqBgNVBAoTI0thaXNlciBGb3Vu ZGF0aW9uIEhlYWx0aCBQbGFuLCBJbmMuMSEwHwYDVQQDExhvcHNjcG9zMDEwNjku YXBwbC5rcC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpvm7g Cm2snGp4X1wfT3v5Q14aD2vh6qTqbsThgPYg88Nq86l2/FsL7PufDBdEWzSaRbUL F4zwMJGNmlKFETWYZoW3ZN64ZB5GmWDZIsqNbc3Z1ghZWAUMJAmwQYADC807+z8z wXWRKqNPRJLQNBdkMouRJBbLFTsv8F1bRHh+o7RpO/Y77APGgvAe5eU7vxa2/luB aNInkIWdm2xholMIKTgHBjlSkZEMNmpkj/4o8Elx4yYzGNOQqCAEnmc3JUK+C59i 0f0sR7XM7VgnCSs21px8nNlDzHH/L5dS+Fp3I0ZQQU6Q58+s2Zwv6wZ2rtpbEOGc M85ChybuaBzdTirBAgMBAAGjggN5MIIDdTAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJ Q9kwNkSMbKlP6zAdBgNVHQ4EFgQUu+tObEBKoFbl/SmsYcYCkIb/b8kwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMEoGA1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEW F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g TaBLhklodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRp b25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHww VQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9y Z2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUH MAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMEEGA1UdEQQ6MDiCGG9wc2Nwb3Mw MTA2OS5hcHBsLmtwLm9yZ4Icd3d3Lm9wc2Nwb3MwMTA2OS5hcHBsLmtwLm9yZzCC AXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qw F+ysAdJbd87MOwgAAAGMYgmBGQAABAMARzBFAiB6UGTFCDjInKfvDmrkjd7Z169N svyvoNBcBupdWoBPkQIhAJpyZUYx6aTE7HsDl+qGU5jgqoIxUe7xbPHBB5SZ2D1r AHUAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGMYgmA7QAABAMA RjBEAiB3p0+41itqLR6l07qiLpFVRs9pvwAS5/013ws54QJDeQIgeDj34m1qN6M2 Qyb6732CbBUsYWYnKkjdoh/nL8WZzioAdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuN acCx+mSxYpo53wAAAYxiCYD1AAAEAwBGMEQCIEbjyYDKV7H97j0XOoc9hoXlKh4M dbrxQqimBT/xC21DAiAs80U+6wNKVEA2oqV7thubxuEDOBczALg/jPahRns9gjAN BgkqhkiG9w0BAQsFAAOCAQEANzA9WOHmxYRvbzpBzuJpW4aZ6HuarCWBZ8QlrwwZ ka/G7nWKaWn0jJs8q4zhwiiPoUy5+D/XkKP3taFfmh4FBYygKb47lWaYDEdK7q77 j9RWuVFfTmu3a8xNvZSOyQOMRkYEFdsM8IM3yEgax59he0MtwFx+O9v50cMmyfVi QbreG22Rz3pp8CUobe/jXJ+6TpBou9WBRzhWrI+BotC59CBkidbY0bTv/KD1oV/z jcqXvqmhocpjXmvPr7RFBC/Zii4WuIBCqv2PgbcJj9Jn9MesmAyRnhAhKZAM8Fo3 ykqZ91aEZidGq8XloROY0bJMhTAQ9TLgJCszakN1tmh2Ag== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6b5u4AptrJxqeF9cH097 +UNeGg9r4eqk6m7E4YD2IPPDavOpdvxbC+z7nwwXRFs0mkW1CxeM8DCRjZpShRE1 mGaFt2TeuGQeRplg2SLKjW3N2dYIWVgFDCQJsEGAAwvNO/s/M8F1kSqjT0SS0DQX ZDKLkSQWyxU7L/BdW0R4fqO0aTv2O+wDxoLwHuXlO78Wtv5bgWjSJ5CFnZtsYaJT CCk4BwY5UpGRDDZqZI/+KPBJceMmMxjTkKggBJ5nNyVCvgufYtH9LEe1zO1YJwkr NtacfJzZQ8xx/y+XUvhadyNGUEFOkOfPrNmcL+sGdq7aWxDhnDPOQocm7mgc3U4q wQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 73594774002165432788814875789939070842 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kaiser Foundation Health Plan, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'opscpos01069.appl.kp.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29507431121631757127758941271724005382677214677235752431451764197168040787139757075541931068052449549304212400780681445362568739742465911449085660897725823745422107556523698248744504930422247937777026981655206814026051423577348067106326180156804107471236247717565721176275251507288369106428555487922492561361241671924504314817885014012697352372584179766697436612204276109721108020724871489876752986886976022619447820692633555557026342165806669239430974910076802817296263479218243752225373238899208985364980671302654861009939003544225112292303946633136578479551082909211739352918336166893949642861201529153429779131073 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bbeb4e6c404aa056e5fd29ac61c6029086ff6fc9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opscpos01069.appl.kp.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.opscpos01069.appl.kp.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018c62098119000004030047304502207a5064c50838c89ca7ef0e6ae48dded9d7af4db2fcafa0d05c06ea5d5a804f910221009a72654631e9a4c4ec7b0397ea865398e0aa823151eef16cf1c1079499d83d6b007500a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018c620980ed0000040300463044022077a74fb8d62b6a2d1ea5d3baa22e915546cf69bf0012e7fd35df0b39e102437902207838f7e26d6a37a3364326faef7d826c152c6166272a48dda21fe72fc599ce2a0075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c620980f50000040300463044022046e3c980ca57b1fdee3d173a873d8685e52a1e0c75baf142a8a6053ff10b6d4302202cf3453eeb034a544036a2a57bb61b9bc6e10338173300b83f8cf6a1467b3d82 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0037303d58e1e6c5846f6f3a41cee2695b8699e87b9aac258167c425af0c1991afc6ee758a6969f48c9b3cab8ce1c2288fa14cb9f83fd790a3f7b5a15f9a1e05058ca029be3b9566980c474aeeaefb8fd456b9515f4e6bb76bcc4dbd948ec9038c46460415db0cf08337c8481ac79f617b432dc05c7e3bdbf9d1c326c9f56241bade1b6d91cf7a69f025286defe35c9fba4e9068bbd581473856ac8f81a2d0b9f4206489d6d8d1b4effca0f5a15ff38dca97bea9a1a1ca635e6bcfafb445042fd98a2e16b88042aafd8f81b7098fd267f4c7ac980c919e102129900cf05a37ca4a99f75684662746abc5e5a11398d1b24c853010f532e0242b336a4375b6687602