secure.universalstudios.com

- Universal City Studios LLC -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 0a:0e:c9:ca:a6:03:ab:ce:a1:94:ca:78:7e:38:7c:ac was issued on by DigiCert Inc.

With 59 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Universal City Studios LLC

Organization: Universal City Studios LLC
Organization unit: Universal City Studios
State / Province: California
Locality: Universal City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:0e:c9:ca:a6:03:ab:ce:a1:94:ca:78:7e:38:7c:ac
Serial Number (int): 13369064933666757927132033589658025132
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ee:df:c7:72:b6:fd:1c:1f:00:9a:c4:63:13:80:32:b5:67:03:32:41
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): 1a:61:de:60:b5:b6:69:4d:2e:7d:9a:0e:c3:13:2c:5b:ad:87:8b:a7
Fingerprint (sha256): 03:1e:95:85:62:36:3b:25:ff:64:f2:86:42:e9:cd:7c:30:a9:bf:12:b3:8a:cf:d2:93:ea:2d:87:82:a2:17:91

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate secure.universalstudios.com

59

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.universalstudios.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.universalstudios.com
spheresvc.ucdp.net
giftcards.universalorlando.com
usj.universalplay.games
theuniversalsphere.com
rtutickets.universalorlando.com
www.letyourselfwhoa.com
harrypotternews.universalorlando.com
www.universalorlando.com
www.universalorlandoresort.com
hhnap.universalorlando.com
prod.universaltravelagents.com
portuguese.universalorlando.com
tmid.universalparks.com
espanol.universalorlando.com
etds.universalparks.com
www.universalorlando.co.uk
tmidsvc.universalparks.com
services.universalorlando.com
www.universalorlandoyouth.com
www.theuniversalsphere.com
www.letyourselfwoah.com
www.universalparks.com
www.letyourselfwoah.net
services2.universalorlando.com
etdsuat-api.ucdp.net
letyourselfwoah.com
letyourselfwhoa.net
www.uomeetingsandevents.com
purchase.universalorlando.com
tickets-services.universalorlando.com
orlando-uat.halloweenhorrornights.com
www.universaltravelagents.com
www.letyourselfwhoa.net
orlando.halloweenhorrornights.com
app.tickets2.universalorlando.com
letyourselfwoah.net
hhntickets.universalorlando.com
etds-api.ucdp.net
media.universalorlando.com
site.universalorlando.com
tickets2.universalorlando.com
secure.universalorlando.com
www.universalevents.com
tickets.universalorlando.com
universalparks.com
spheresvcqa.ucdp.net
sphereqa.ucdp.net
rtuap.universalorlando.com
bluemanorlando.com
letyourselfwhoa.com
etdsuat.universalparks.com
apps.universalparks.com
sphere.ucdp.net
b2b.universalorlando.com
www.bluemanorlando.com
ww2.universalorlando.com
universalorlando.com
shop.universalorlando.com

Other certificates including the domain name universalstudios.com

(limited to 100 certificates)
www.universalorlando.com
secure.universalstudios.com
secure.universalstudios.com
secure.universalstudios.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
secure.universalstudios.com
www.universalorlando.com
propsstg.universalstudios.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.seeso.com
secure.universalstudios.com
web2.sourceaudio.com
www.universalorlando.com
www.universalpictures.com
www.seeso.com
www.seeso.com
www.universalpictures.com
secure.universalstudios.com
studio.florida.universalstudios.com
www.universalpictures.com
www.universalorlando.com
oltsuat.secure.universalstudios.com
secure.universalstudios.com
www.universalorlando.com
www.universalpictures.com
props.universalstudios.com
www.universalpictures.com
twuat.secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.seeso.com
www.seeso.com
propsstg.universalstudios.com
san-3-s6.tlsprovisioning.exacttarget.com
secure.universalstudios.com
www.universalpictures.com
secure.universalstudios.com
www.universalpictures.com
www.seeso.com
secure.universalstudios.com
www.universalorlando.com
www.universalorlando.com
www.universalpictures.com
www.seeso.com
studioopsportal.universalstudios.com
studio.florida.universalstudios.com
san-3-s6.tlsprovisioning.exacttarget.com
etds.universalstudios.com
web2.sourceaudio.com
etdsuat.universalstudios.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
studioopsportal.universalstudios.com
www.seeso.com
san-3-s6.tlsprovisioning.exacttarget.com
www.seeso.com
www.universalpictures.com
www.universalpictures.com
secure.universalstudios.com
studio.florida.universalstudios.com
web2.sourceaudio.com
www.universalpictures.com
www.universalorlando.com
signup.universalstudios.com
nbcuat.secure.universalstudios.com
www.universalpictures.com
secure.universalstudios.com
www.universalorlando.com
www.universalpictures.com
www.universalorlando.com
secure.universalstudios.com
www.universalorlando.com
props.universalstudios.com
secure.universalstudios.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
www.universalpictures.com
www.universalpictures.com
www.universalpictures.com
web2.sourceaudio.com
www.universalpictures.com
etdsuat-o.ucdp.net
www.universalpictures.com
www.universalpictures.com
www.universalorlando.com
propsstg.universalstudios.com

Certificate

The complete raw certificate details for secure.universalstudios.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMcjCCC1qgAwIBAgIQCg7JyqYDq86hlMp4fjh8rDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0yMDAzMDYwMDAwMDBaFw0yMTAyMDkxMjAwMDBaMIGnMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxMOVW5pdmVyc2FsIENpdHkxIzAh
BgNVBAoTGlVuaXZlcnNhbCBDaXR5IFN0dWRpb3MgTExDMR8wHQYDVQQLExZVbml2
ZXJzYWwgQ2l0eSBTdHVkaW9zMSQwIgYDVQQDExtzZWN1cmUudW5pdmVyc2Fsc3R1
ZGlvcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF5eCXt/h2
gahJT9f6nHcp3lKkmu1fFj6ikBmhhwqhK6NKXBzI1oST3k2I5GdwkmArKpyhGAzb
vNfLqjsSQNAuiGBdTiUve+tE0aq5RFQK96Lcu0HgZXr6NNL95MwWGngn5U9zPzLw
sZBU03MMqRAvlcv9VAtgR60fedu3/bU3PI6/DFhSVrfWwin0rfJlhBQXbRhkAJeF
2nXbdZDqEaULmePl9K3+SilcUyFkmYlaAbheRO3AYL+2W45ovncSfAfd0u83aXb4
DtPX7hx5ghIy8IXXi8wM4J+0pVo1uEWYBbMiN2+xI/zXEhpIChDHYWyLppWys5bu
9inpmS0QBV7rAgMBAAGjggjgMIII3DAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3se3y
o0MWOJ5sxTAdBgNVHQ4EFgQU7t/Hcrb9HB8AmsRjE4AytWcDMkEwggZSBgNVHREE
ggZJMIIGRYIbc2VjdXJlLnVuaXZlcnNhbHN0dWRpb3MuY29tghJzcGhlcmVzdmMu
dWNkcC5uZXSCHmdpZnRjYXJkcy51bml2ZXJzYWxvcmxhbmRvLmNvbYIXdXNqLnVu
aXZlcnNhbHBsYXkuZ2FtZXOCFnRoZXVuaXZlcnNhbHNwaGVyZS5jb22CH3J0dXRp
Y2tldHMudW5pdmVyc2Fsb3JsYW5kby5jb22CF3d3dy5sZXR5b3Vyc2VsZndob2Eu
Y29tgiRoYXJyeXBvdHRlcm5ld3MudW5pdmVyc2Fsb3JsYW5kby5jb22CGHd3dy51
bml2ZXJzYWxvcmxhbmRvLmNvbYIed3d3LnVuaXZlcnNhbG9ybGFuZG9yZXNvcnQu
Y29tghpoaG5hcC51bml2ZXJzYWxvcmxhbmRvLmNvbYIecHJvZC51bml2ZXJzYWx0
cmF2ZWxhZ2VudHMuY29tgh9wb3J0dWd1ZXNlLnVuaXZlcnNhbG9ybGFuZG8uY29t
ghd0bWlkLnVuaXZlcnNhbHBhcmtzLmNvbYIcZXNwYW5vbC51bml2ZXJzYWxvcmxh
bmRvLmNvbYIXZXRkcy51bml2ZXJzYWxwYXJrcy5jb22CGnd3dy51bml2ZXJzYWxv
cmxhbmRvLmNvLnVrghp0bWlkc3ZjLnVuaXZlcnNhbHBhcmtzLmNvbYIdc2Vydmlj
ZXMudW5pdmVyc2Fsb3JsYW5kby5jb22CHXd3dy51bml2ZXJzYWxvcmxhbmRveW91
dGguY29tghp3d3cudGhldW5pdmVyc2Fsc3BoZXJlLmNvbYIXd3d3LmxldHlvdXJz
ZWxmd29haC5jb22CFnd3dy51bml2ZXJzYWxwYXJrcy5jb22CF3d3dy5sZXR5b3Vy
c2VsZndvYWgubmV0gh5zZXJ2aWNlczIudW5pdmVyc2Fsb3JsYW5kby5jb22CFGV0
ZHN1YXQtYXBpLnVjZHAubmV0ghNsZXR5b3Vyc2VsZndvYWguY29tghNsZXR5b3Vy
c2VsZndob2EubmV0ght3d3cudW9tZWV0aW5nc2FuZGV2ZW50cy5jb22CHXB1cmNo
YXNlLnVuaXZlcnNhbG9ybGFuZG8uY29tgiV0aWNrZXRzLXNlcnZpY2VzLnVuaXZl
cnNhbG9ybGFuZG8uY29tgiVvcmxhbmRvLXVhdC5oYWxsb3dlZW5ob3Jyb3JuaWdo
dHMuY29tgh13d3cudW5pdmVyc2FsdHJhdmVsYWdlbnRzLmNvbYIXd3d3LmxldHlv
dXJzZWxmd2hvYS5uZXSCIW9ybGFuZG8uaGFsbG93ZWVuaG9ycm9ybmlnaHRzLmNv
bYIhYXBwLnRpY2tldHMyLnVuaXZlcnNhbG9ybGFuZG8uY29tghNsZXR5b3Vyc2Vs
ZndvYWgubmV0gh9oaG50aWNrZXRzLnVuaXZlcnNhbG9ybGFuZG8uY29tghFldGRz
LWFwaS51Y2RwLm5ldIIabWVkaWEudW5pdmVyc2Fsb3JsYW5kby5jb22CGXNpdGUu
dW5pdmVyc2Fsb3JsYW5kby5jb22CHXRpY2tldHMyLnVuaXZlcnNhbG9ybGFuZG8u
Y29tghtzZWN1cmUudW5pdmVyc2Fsb3JsYW5kby5jb22CF3d3dy51bml2ZXJzYWxl
dmVudHMuY29tghx0aWNrZXRzLnVuaXZlcnNhbG9ybGFuZG8uY29tghJ1bml2ZXJz
YWxwYXJrcy5jb22CFHNwaGVyZXN2Y3FhLnVjZHAubmV0ghFzcGhlcmVxYS51Y2Rw
Lm5ldIIacnR1YXAudW5pdmVyc2Fsb3JsYW5kby5jb22CEmJsdWVtYW5vcmxhbmRv
LmNvbYITbGV0eW91cnNlbGZ3aG9hLmNvbYIaZXRkc3VhdC51bml2ZXJzYWxwYXJr
cy5jb22CF2FwcHMudW5pdmVyc2FscGFya3MuY29tgg9zcGhlcmUudWNkcC5uZXSC
GGIyYi51bml2ZXJzYWxvcmxhbmRvLmNvbYIWd3d3LmJsdWVtYW5vcmxhbmRvLmNv
bYIYd3cyLnVuaXZlcnNhbG9ybGFuZG8uY29tghR1bml2ZXJzYWxvcmxhbmRvLmNv
bYIZc2hvcC51bml2ZXJzYWxvcmxhbmRvLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6AxoC+GLWh0
dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0UlNBQ0EyMDE4LmNybDBMBgNV
HSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
aWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB1BggrBgEFBQcBAQRpMGcwJgYIKwYB
BQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD0GCCsGAQUFBzAChjFo
dHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3J0
MAkGA1UdEwQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQD2XJQv0XcwIhRU
GAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXCxA6f5AAAEAwBGMEQCIDDKjOMTom3l
2TkSV86HNMTFm7N7XvTanLuvOYYzc4OYAiB+ojgr6Xhm5cKB5ITh5NjM6KsoaeDy
ewyjzSX06f05NAB2AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2xw7KAAAB
cLEDqA0AAAQDAEcwRQIhALtSAkJk6sS//9PKCKjhkEkP4rp0x7Xx52iZHy1rtGTr
AiBVgfCNWm5JqLnIV4J4nc9GrG9xkodn43DD1H2mtnum8TANBgkqhkiG9w0BAQsF
AAOCAQEAsdgJtmdTCuNJqb59U0ZOkZ6zsvWKWvz8SE0m501bNoMD9l2/Alf2SCxO
5mK/KwKdOZ7tlEEJMVYWY1kjdKwSyp8fplDgyjPR/rKmIZXHk83mM+oGOYR03t9J
WsVQEyBVGMKaBovQxOvWpohJbJq4BmuPgcqO1bbRmIZUF74qqZmyv3IMPtYPif4J
1S6YK9YFXGYyX8JBWzANnCzPa0Pnhl346Z6PJSZuaZj9UCFCUvkca75pWifCXw8w
f8eo86hOHE2KfB17CyNRFXva1BXWg2jvEAVyntgVa3ZCZk52vl4eHTF4aTLQ18g3
CW9zWu5eWXKxgSbyolNIcy/cUFHIhA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeXgl7f4doGoSU/X+px3
Kd5SpJrtXxY+opAZoYcKoSujSlwcyNaEk95NiORncJJgKyqcoRgM27zXy6o7EkDQ
LohgXU4lL3vrRNGquURUCvei3LtB4GV6+jTS/eTMFhp4J+VPcz8y8LGQVNNzDKkQ
L5XL/VQLYEetH3nbt/21NzyOvwxYUla31sIp9K3yZYQUF20YZACXhdp123WQ6hGl
C5nj5fSt/kopXFMhZJmJWgG4XkTtwGC/tluOaL53EnwH3dLvN2l2+A7T1+4ceYIS
MvCF14vMDOCftKVaNbhFmAWzIjdvsSP81xIaSAoQx2Fsi6aVsrOW7vYp6ZktEAVe
6wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13369064933666757927132033589658025132
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-09 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City Studios LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Universal City Studios'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.universalstudios.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24982302807224222650224092641528652955675956437080956642991390692090251034474117428574985589365295079698082142976947941523139267165111467794030948882038453650918976554861063972687747619032363310470135265783614241711989192043478255776774215057233305781373426291765560476904478339564448568336282515082159667383539314140961129852642162621038485368131665872542896038960802537098986718872477962207978103218430862811702594096896119036034586589270265695982103009568012820111160510206063649950538355419943954272968958458720014740640168213591054658130878241847167652746955400959542756733244325679698598350998088514395737251563
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							eedfc772b6fd1c1f009ac463138032b567033241
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1609 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.universalstudios.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spheresvc.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftcards.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usj.universalplay.games'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theuniversalsphere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtutickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.letyourselfwhoa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'harrypotternews.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlandoresort.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhnap.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portuguese.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmid.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'espanol.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etds.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlando.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmidsvc.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalorlandoyouth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theuniversalsphere.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.letyourselfwoah.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.letyourselfwoah.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etdsuat-api.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'letyourselfwoah.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'letyourselfwhoa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uomeetingsandevents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets-services.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orlando-uat.halloweenhorrornights.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universaltravelagents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.letyourselfwhoa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orlando.halloweenhorrornights.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.tickets2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'letyourselfwoah.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhntickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etds-api.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'site.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalevents.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tickets.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spheresvcqa.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sphereqa.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtuap.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bluemanorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'letyourselfwhoa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etdsuat.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.universalparks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sphere.ucdp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2b.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bluemanorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ww2.universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalorlando.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.universalorlando.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e300000170b103a7f90000040300463044022030ca8ce313a26de5d9391257ce8734c4c59bb37b5ef4da9cbbaf39863373839802207ea2382be97866e5c281e484e1e4d8cce8ab2869e0f27b0ca3cd25f4e9fd39340076005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca00000170b103a80d0000040300473045022100bb52024264eac4bfffd3ca08a8e190490fe2ba74c7b5f1e768991f2d6bb464eb02205581f08d5a6e49a8b9c85782789dcf46ac6f71928767e370c3d47da6b67ba6f1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b1d809b667530ae349a9be7d53464e919eb3b2f58a5afcfc484d26e74d5b368303f65dbf0257f6482c4ee662bf2b029d399eed94410931561663592374ac12ca9f1fa650e0ca33d1feb2a62195c793cde633ea06398474dedf495ac55013205518c29a068bd0c4ebd6a688496c9ab8066b8f81ca8ed5b6d198865417be2aa999b2bf720c3ed60f89fe09d52e982bd6055c66325fc2415b300d9c2ccf6b43e7865df8e99e8f25266e6998fd50214252f91c6bbe695a27c25f0f307fc7a8f3a84e1c4d8a7c1d7b0b2351157bdad415d68368ef1005729ed8156b7642664e76be5e1e1d31786932d0d7c837096f735aee5e5972b18126f2a25348732fdc5051c884