commissionsandappointments.sos.state.mn.us

- State of Minnesota -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number 83:7c:d1:60:6b:61:95:8f:9e:f0:1d:68:3f:95:19:23 was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

State of Minnesota

Company registration number: 05-11-1858
Organization: State of Minnesota
State / Province: Minnesota
Country: US

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): 83:7c:d1:60:6b:61:95:8f:9e:f0:1d:68:3f:95:19:23
Serial Number (int): 174776958921025930682161098084370946339
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: d9:68:49:d3:9c:61:96:f3:cc:e7:6a:7f:7d:04:c8:d2:9c:9f:e3:7c
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 3a:af:7c:27:b4:80:ae:a0:fb:e7:49:6d:ff:6b:3a:0e:a7:b5:82:a1
Fingerprint (sha256): 03:0c:8f:e7:a4:5c:3a:e9:aa:81:77:2e:26:d1:07:da:8f:ed:4a:2f:0b:65:34:e0:9e:03:7a:b1:3f:7b:5a:f1

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate commissionsandappointments.sos.state.mn.us

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for commissionsandappointments.sos.state.mn.us

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

commissionsandappointments.sos.state.mn.us
commissionsandappointments.sos.mn.gov

Other certificates including the domain name state.mn.us

(limited to 100 certificates)
fyidocs.web.health.state.mn.us
maps1.dnr.state.mn.us
edocs.dhs.state.mn.us
www.brewermiddleschool.wsisd.com
mndatarest.web.health.state.mn.us
drainage.pca.state.mn.us
ww2.commissions.leg.state.mn.us
support.mdor.state.mn.us
autodiscover.state.mn.us
mnhumanservices-test.dhs.state.mn.us
www.westkm.pubdef.state.mn.us
svn.nonprod.health.state.mn.us
guestvdi.dps.state.mn.us
arclookup.dhs.int.state.mn.us
education.mn.gov
printprint.x.state.mn.us
mnwellindex.web.health.state.mn.us
nslp.web.health.state.mn.us
podprecheck.health.state.mn.us
ccbhcreporting.dhs.state.mn.us
evve.health.state.mn.us
archerdev.int.state.mn.us
merc.health.state.mn.us
www.dlan.dps.state.mn.us
trng.mec2.dhs.state.mn.us
mhis.dhs.mn.gov
lic-dev.dnr.state.mn.us
mnchoices-train.dhs.state.mn.us
tmon.dhs.int.state.mn.us
mnch-supplan-train.dhs.state.mn.us
webportal3.dot.state.mn.us
elm.systems.state.mn.us
www2.mainserver.state.mn.us
cannabis.web.health.state.mn.us
support.elm.swift.state.mn.us
dutchelm.dps.state.mn.us
www.cty.dhs.state.mn.us
mnlars-iam-prod-app-v201.dps.int.state.mn.us
mars.doc.state.mn.us
www.msrs.state.mn.us
aurora.msrs.state.mn.us
ftp.sos.state.mn.us
www.cfbreport.state.mn.us
coms.stage.doc.state.mn.us
swa.web.health.state.mn.us
rpo.dev.dhs.int.state.mn.us
passwordreset.mnit.state.mn.us
leadrenovator.web.health.state.mn.us
files.dnr.state.mn.us
www.ecmportal.pubdef.state.mn.us
revvpnsdp.mdor.state.mn.us
wm.courts.state.mn.us
www.gideon2test.pubdef.state.mn.us
www.dashboardtest.pubdef.state.mn.us
www.yorkprepsc.org
webportal2.dot.state.mn.us
pfas400.dhs.int.state.mn.us
www.ble.mn.gov
arsdev.itg.state.mn.us
www.lawyerregulation.mn.gov
mnsurebda2node09.hix.int.state.mn.us
www.mcla.state.mn.us
mnchoices-train.dhs.state.mn.us
g45ppwcsldww001.admin.state.mn.us
neien.pca.state.mn.us
ddi.itg.state.mn.us
g46pilvcmseo104.voice.state.mn.us
asthmahealthyhomes.web.health.state.mn.us
commissionsandappointments.sos.state.mn.us
samtest.dhs.state.mn.us
dps.mn.gov
dev.sema4.systems.state.mn.us
www.selfloan.state.mn.us
analytics.education.state.mn.us
caseworks.x.state.mn.us
*.devapi.hlb.state.mn.us
g46pilvcmsco104.voice.state.mn.us
image.enx.web.health.state.mn.us
www.ag.state.mn.us
www.fafsaweb.state.mn.us
services.swift.state.mn.us
admin.bakerschools.org
*.sos.state.mn.us
forums.doc.state.mn.us
registrationportal.dot.state.mn.us
fimpwreset.ead.state.mn.us
bcacrimestats.x.state.mn.us
iibvhn.mneiam.int.state.mn.us
remote.oah.state.mn.us
www.ohe.state.mn.us
survey.dnr.state.mn.us
edocs.dhs.state.mn.us
west.commerce.state.mn.us
mdaonbaseapp.mda.state.mn.us
mdatwa2.state.mn.us
licensinglookup.dhs.state.mn.us
ocm.web.health.state.mn.us
support.mdor.state.mn.us
mcla.es.state.mn.us
hchhomes.web.health.state.mn.us

Certificate

The complete raw certificate details for commissionsandappointments.sos.state.mn.us in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIaDCCB1CgAwIBAgIRAIN80WBrYZWPnvAdaD+VGSMwDQYJKoZIhvcNAQELBQAw
gZExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UE
AxMwU2VjdGlnbyBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy
IENBMB4XDTIzMTAyMzAwMDAwMFoXDTI0MTAyMjIzNTk1OVowgbkxEzARBgNVBAUT
CjA1LTExLTE4NTgxEzARBgsrBgEEAYI3PAIBAxMCVVMxGjAYBgNVBA8TEUdvdmVy
bm1lbnQgRW50aXR5MQswCQYDVQQGEwJVUzESMBAGA1UECBMJTWlubmVzb3RhMRsw
GQYDVQQKExJTdGF0ZSBvZiBNaW5uZXNvdGExMzAxBgNVBAMTKmNvbW1pc3Npb25z
YW5kYXBwb2ludG1lbnRzLnNvcy5zdGF0ZS5tbi51czCCAiIwDQYJKoZIhvcNAQEB
BQADggIPADCCAgoCggIBALGVkMAJg8cVr4M13m51MTVk8EoQB8cICWwrnVPC0Dxw
zEDab28gvPU7jAuQGQOKu5eex6s8Dj8ieb7bjZhsXSIVu1q1s/Uoo0C5AyE9/VlJ
DZOELfroXXan8byagXzdj0pPVE/q/MNnjrRx8Rdb/5G1ps2CgBvbZKxC4J+0yNT9
Cd+CaXX4NVvQW/CxWCyaHsg0CksN8hDHDQan9txkksmHS7BfDgj1cdmef/KdqVKw
afvsF116ejmJ1eBGdoOwbfBMUYUW2x/Iq17AuG04DpMmaubexoDHYeWlp8LQiZy2
ph7945OrIX9idlI92GhyhKWK+YALHcl1W/j5ex1oExC8eAAqIxALuWZ1k0t+3hPD
2+4MEmpNqjTXzTyMwSpmn6pbHOISAL3njDXPAmzZ+Fndct+tTGhb/UzDeixknFx1
t+nqjEsWlr9kQsM8USydodIPMct8LnIixM9hm/2ArOw8WXvblsZujC/VP4MDIFn2
IvjkI+ck8g3wF13Rz9CGpwScqclLxV6NOjCVWpDHZzI+18i2eaUGaKlq6zgsxbLg
Sir1/dp7LmOALyyybJqjCuxiys7MPeNpfLhPuYJ65zdzgSU3inHksxp8GU9jM+qf
qwFZBAdXFpFvUkcTz1k2t/4qW7Pe/cQGMOn6ivHNLjAej9ltmMyynby/QEuqecDd
AgMBAAGjggOPMIIDizAfBgNVHSMEGDAWgBQsaf+AyYeQrjThtOdMk4WZQOmnsjAd
BgNVHQ4EFgQU2WhJ05xhlvPM52p/fQTI0pyf43wwDgYDVR0PAQH/BAQDAgWgMAwG
A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1Ud
IARCMEAwNQYMKwYBBAGyMQECAQUBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj
dGlnby5jb20vQ1BTMAcGBWeBDAEBMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9j
cmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQUV4dGVuZGVkVmFsaWRhdGlvblNlY3Vy
ZVNlcnZlckNBLmNybDCBhgYIKwYBBQUHAQEEejB4MFEGCCsGAQUFBzAChkVodHRw
Oi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FFeHRlbmRlZFZhbGlkYXRpb25T
ZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3Rp
Z28uY29tMIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwB2/4g/Crb7lVHCYcz1
h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYteXTMaAAAEAwBIMEYCIQDFf03kB9WL0g91
ijrVpO7lINgTJjfeT8yQuOQR+GzlPwIhAO8vG/YgOS13m4nemlDrefrfMBfroYxU
8pjElt51M6MhAHcA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGL
Xl0zbgAABAMASDBGAiEA7yKzzEp2okPueND5iKh0tj3eRvzKxoPTyuqtne8SpDYC
IQDk9qkcdJtZF7P97tUYITidNfl8WKbFspNCzYEYENwAfwB2AO7N0GTV2xrOxVy3
nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi15dM0gAAAQDAEcwRQIhAIIZ7igdlrSm
MCZvfg5ls5RbRHE1T5k0jy/iRWTr5E2EAiAw4098GAMysKk/hH3KlWPoij+QueTn
RW8R01RmK06H8TBcBgNVHREEVTBTgipjb21taXNzaW9uc2FuZGFwcG9pbnRtZW50
cy5zb3Muc3RhdGUubW4udXOCJWNvbW1pc3Npb25zYW5kYXBwb2ludG1lbnRzLnNv
cy5tbi5nb3YwDQYJKoZIhvcNAQELBQADggEBAJlO30x9jFLnS9sCRPckIpx8+Zjq
A36OkzhAO/2boomyuADH3Qf6LWs520WH80cELSbRmVn2euLe7N5n61cAbFXCUCAW
RCSkQ9QIjIxDpgVZkQRzO8V0Y4nepO8hcd/kmCbQzjfABiPj7VYc+qU9P3goFvjC
tP1lgWxbr/6N2eR13DW3V34rG9Ndq2paZXUQOFJ0XA90/q1of3PTwPJUs6iuMsPy
26HmDbvVeDpfgO8v0yrVbAFjJVu6ZQw2mqGDX3i0cPltvf3zT7k3QsSPrqBg0JDY
8Csi8bpzeyluSP0Xrgav+y+aM5ElpyZ9dAZVFKU9sIL+IVAbdcjmF2vXDEM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsZWQwAmDxxWvgzXebnUx
NWTwShAHxwgJbCudU8LQPHDMQNpvbyC89TuMC5AZA4q7l57HqzwOPyJ5vtuNmGxd
IhW7WrWz9SijQLkDIT39WUkNk4Qt+uhddqfxvJqBfN2PSk9UT+r8w2eOtHHxF1v/
kbWmzYKAG9tkrELgn7TI1P0J34Jpdfg1W9Bb8LFYLJoeyDQKSw3yEMcNBqf23GSS
yYdLsF8OCPVx2Z5/8p2pUrBp++wXXXp6OYnV4EZ2g7Bt8ExRhRbbH8irXsC4bTgO
kyZq5t7GgMdh5aWnwtCJnLamHv3jk6shf2J2Uj3YaHKEpYr5gAsdyXVb+Pl7HWgT
ELx4ACojEAu5ZnWTS37eE8Pb7gwSak2qNNfNPIzBKmafqlsc4hIAveeMNc8CbNn4
Wd1y361MaFv9TMN6LGScXHW36eqMSxaWv2RCwzxRLJ2h0g8xy3wuciLEz2Gb/YCs
7DxZe9uWxm6ML9U/gwMgWfYi+OQj5yTyDfAXXdHP0IanBJypyUvFXo06MJVakMdn
Mj7XyLZ5pQZoqWrrOCzFsuBKKvX92nsuY4AvLLJsmqMK7GLKzsw942l8uE+5gnrn
N3OBJTeKceSzGnwZT2Mz6p+rAVkEB1cWkW9SRxPPWTa3/ipbs979xAYw6fqK8c0u
MB6P2W2YzLKdvL9AS6p5wN0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 174776958921025930682161098084370946339
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '05-11-1858'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'State of Minnesota'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'commissionsandappointments.sos.state.mn.us'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 724480491134559168851100210855281287634940557172052135766637925672641338601056292067155030316191590249253900568038029436139216515591272235481421151595907505845313006525321920341778923098533563403172928812088664294842725759277229274702744286733240126778867941216076791645928988692126692613358810401906940829201593536788777552452792118218915932709113964658507276201786314773263946733274272149636300830682444851930464790639913160047534265460227640000563513421854939967015397806840200511160989751825771016660108419499529158525442226478586991380715747815930624898081818834246068104891639322211785021753088157227961676054118755389664279437733255083096285810990259659945008827635127991802142471619242987334904125597480031106708511880285108127206383265382784622702073526070948628025357867522152489414513714345270755247847957701920471375702605520156974614347016667113782799846907338381204638386997544068280896461690813699942776905579569649139590561913383098849325993679095057884355971685489279539256857158470563374364904818619909124367917199818068161791514967249061734460821192636920960675815031904026965354920661813590027579361730155437261276224529250350934688016904861592969451954059359436232264577075294035960525571958279664628859915583709
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d96849d39c6196f3cce76a7f7d04c8d29c9fe37c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b5e5d331a0000040300483046022100c57f4de407d58bd20f758a3ad5a4eee520d8132637de4fcc90b8e411f86ce53f022100ef2f1bf620392d779b89de9a50eb79fadf3017eba18c54f298c496de7533a321007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b5e5d336e0000040300483046022100ef22b3cc4a76a243ee78d0f988a874b63dde46fccac683d3caeaad9def12a436022100e4f6a91c749b5917b3fdeed51821389d35f97c58a6c5b29342cd811810dc007f007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b5e5d334800000403004730450221008219ee281d96b4a630266f7e0e65b3945b4471354f99348f2fe24564ebe44d84022030e34f7c180332b0a93f847dca9563e88a3f90b9e4e7456f11d354662b4e87f1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (85 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'commissionsandappointments.sos.state.mn.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'commissionsandappointments.sos.mn.gov'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00994edf4c7d8c52e74bdb0244f724229c7cf998ea037e8e9338403bfd9ba289b2b800c7dd07fa2d6b39db4587f347042d26d19959f67ae2deecde67eb57006c55c25020164424a443d4088c8c43a605599104733bc5746389dea4ef2171dfe49826d0ce37c00623e3ed561cfaa53d3f782816f8c2b4fd65816c5baffe8dd9e475dc35b7577e2b1bd35dab6a5a6575103852745c0f74fead687f73d3c0f254b3a8ae32c3f2dba1e60dbbd5783a5f80ef2fd32ad56c0163255bba650c369aa1835f78b470f96dbdfdf34fb93742c48faea060d090d8f02b22f1ba737b296e48fd17ae06affb2f9a339125a7267d74065514a53db082fe21501b75c8e6176bd70c43