app-eu2.datorama.com

- salesforce.com, inc. -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 06:58:64:a3:3b:f6:be:b0:b8:dc:73:ae:46:a2:42:5a was issued on by DigiCert Inc.

With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

salesforce.com, inc.

Organization: salesforce.com, inc.
State / Province: California
Locality: San Francisco
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:58:64:a3:3b:f6:be:b0:b8:dc:73:ae:46:a2:42:5a
Serial Number (int): 8434331271969326901526857538859057754
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 3e:4a:78:c2:7d:21:48:41:d2:3f:db:4a:b0:a4:35:70:9c:6c:59:bf
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 82:fe:b1:76:88:c9:e4:ea:2a:65:c9:0f:a4:79:6f:39:fa:02:f4:a4
Fingerprint (sha256): 03:7a:02:62:3f:fe:6b:1d:bf:40:1d:a4:56:9f:70:ac:8e:5d:e3:8e:b1:6e:86:02:6c:8a:3f:71:38:7d:64:66

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crl

Check the revocation status for certificate app-eu2.datorama.com

16

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for app-eu2.datorama.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

app-eu2.datorama.com
api-eu2.datorama.com
eu2.datorama-res.com
platform-eu2.datorama.com
eu2-new.datorama-res.com
app1-eu2.datorama.com
app2-eu2.datorama.com
web-prod-eu2.datorama.com
web-prod-eu2-origin.datorama.com
new-platform-prod-eu2.datorama.com
integrate-prod-eu2.datorama.com
prod-eu2-server.dlite.co
prod-eu2-server-origin.dlite.co
integrate-prod-eu2.azure.datorama.com
new-platform-prod-eu2.azure.datorama.com
web-prod-eu2.azure.datorama.com

Other certificates including the domain name datorama.com

(limited to 100 certificates)
mindadmedia.datorama.com
incapsula.com
ivgeny-test-eu2.azure.datorama.com
incapsula.com
white-label-eu.datorama.com
app.datorama.com
*.datorama.com
app-eu2.datorama.com
white-label.datorama.com
white-label-us2.datorama.com
incapsula.com
white-label.datorama.com
arkiv.status.geoikt.no
app.datorama.com
support.wunderbar.com
datorama.com
*.datorama.com
white-label.datorama.com
app-eu2.datorama.com
app-eu2.datorama.com
mindadmedia.datorama.com
white-label-us2.datorama.com
app.datorama.com
white-label-us2.datorama.com
app-eu2.datorama.com
app.datorama.com
datapitt.datorama.com
white-label-us-origin.datorama.com
*.datorama.com
app-eu.datorama.com
custom-app.datorama.com
api-eu2.datorama.com
arkiv.status.geoikt.no
app-eu2.datorama.com
*.databricks.datorama.com
incapsula.com
incapsula.com
white-label-us2.datorama.com
incapsula.com
*.datorama.com
incapsula.com
dev.datorama.com
incapsula.com
info.datorama.com
ps-jenkins.datorama.com
stg.datorama.com
white-label.datorama.com
white-label.datorama.com
idp.datorama.com
app-eu2.datorama.com
incapsula.com
alb-stg-sftp.datorama.com
dev.datorama.com
custom-app.datorama.com
mindadmedia.datorama.com
support.datorama.com
incapsula.com
incapsula.com
mindadmedia.datorama.com
app-eu.datorama.com
mindadmedia.datorama.com
white-label-eu.datorama.com
dev.datorama.com
blog-jp.datorama.com
app-us2.datorama.com
*.datorama.com
app-eu2.datorama.com
blog-jp.datorama.com
*.datorama.com
white-label-eu.datorama.com
white-label-eu.datorama.com
*.datorama.com
white-label.datorama.com
white-label-eu.datorama.com
white-label-eu.datorama.com
white-label-eu-origin.datorama.com
app-us2.datorama.com
incapsula.com
trust.datorama.com
pulse.datorama.com
arkiv.status.geoikt.no
fdus-3.freshdesk.com
stg.datorama.com
*.datorama.com
incapsula.com
app.datorama.com
white-label.datorama.com
stg.datorama.com
dev.datorama.com
imperva.com
azure-eu-ftp.datorama.com
white-label-us2.datorama.com
blog-jp.datorama.com
www.datorama.com
blog-jp.datorama.com
white-label-eu-origin.datorama.com
integration-service-prod-us2.datorama.com
pulse.datorama.com
stg.datorama.com
datapitt.datorama.com

Certificate

The complete raw certificate details for app-eu2.datorama.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHITCCBgmgAwIBAgIQBlhkozv2vrC43HOuRqJCWjANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMTA4MTYwMDAwMDBa
Fw0yMjA4MDIyMzU5NTlaMHgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMR0wGwYDVQQKExRzYWxlc2ZvcmNl
LmNvbSwgaW5jLjEdMBsGA1UEAxMUYXBwLWV1Mi5kYXRvcmFtYS5jb20wggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJzTTQju7Tt50YTHvXXReldmCVWtwZ
sPi7T9A3eKTL9+BWcWr1zoxeVDVSATi8oMakEPANCx8p8epRigq1er9f1k4/Zfiz
Q3HK0AYG00GUJ0Oy+KbZxvD6ldha5xBXqV8AqCPUl8/pbAxcJ0YKuIWjJu2jnMPO
T2l7sGjgOz8kerrHrPQYKP9ut+3t/XgJ5OLw+lzgcrLwbYresedNnbGneWQMsJsE
uGzatLw0Bwsu9GwvWfG5nOOS6fmPxVJwe8QyPnVwsM5iZzAthsVvEBE8TtbngO5X
Rb1mXjgiXSo5PRIjSuH61+6nLGdxQp2KYSyveXFtJrX7AfNBCehcq7jZAgMBAAGj
ggPOMIIDyjAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNVHQ4E
FgQUPkp4wn0hSEHSP9tKsKQ1cJxsWb8wggHhBgNVHREEggHYMIIB1IIUYXBwLWV1
Mi5kYXRvcmFtYS5jb22CFGFwaS1ldTIuZGF0b3JhbWEuY29tghRldTIuZGF0b3Jh
bWEtcmVzLmNvbYIZcGxhdGZvcm0tZXUyLmRhdG9yYW1hLmNvbYIYZXUyLW5ldy5k
YXRvcmFtYS1yZXMuY29tghVhcHAxLWV1Mi5kYXRvcmFtYS5jb22CFWFwcDItZXUy
LmRhdG9yYW1hLmNvbYIZd2ViLXByb2QtZXUyLmRhdG9yYW1hLmNvbYIgd2ViLXBy
b2QtZXUyLW9yaWdpbi5kYXRvcmFtYS5jb22CIm5ldy1wbGF0Zm9ybS1wcm9kLWV1
Mi5kYXRvcmFtYS5jb22CH2ludGVncmF0ZS1wcm9kLWV1Mi5kYXRvcmFtYS5jb22C
GHByb2QtZXUyLXNlcnZlci5kbGl0ZS5jb4IfcHJvZC1ldTItc2VydmVyLW9yaWdp
bi5kbGl0ZS5jb4IlaW50ZWdyYXRlLXByb2QtZXUyLmF6dXJlLmRhdG9yYW1hLmNv
bYIobmV3LXBsYXRmb3JtLXByb2QtZXUyLmF6dXJlLmRhdG9yYW1hLmNvbYIfd2Vi
LXByb2QtZXUyLmF6dXJlLmRhdG9yYW1hLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyG
Omh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIw
MjBDQTEtMS5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp
Q2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwB
AgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH8G
CCsGAQUFBwEBBHMwcTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
Y29tMEkGCCsGAQUFBzAChj1odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
aUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3J0MAwGA1UdEwEB/wQCMAAwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJYzuylIdZNO8wrt
64qgc2LmfR9WuPt2yveESi72uWFLxm89sE6RaYRjp+J5NFB+xiwKE3P4FhPAoPCr
sssy/ETywN7C2cAhKWibL2jDxKHCeRJjQmbguBYJOYfK9uMPYKQRXlfsEOgJMh4x
dt0OgVpfU8X1VtuUR6lcqtW4o6HsGdmusXIan/9MuzJSj/UmChANF76Xk97gJ/nf
UhoJEalHaohX3VR8HJRadDrdE2Jr9ZePDoOQglmxRqjOhkHtBtJm8jEifCLDA2Ac
mnOwEM9gjd7S7O2PXaBRJV5uD1Cnix6KkCLenmffsMNYnatR/McNHoeNa5hZm4HO
/8EIA6s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc000I7u07edGEx7110X
pXZglVrcGbD4u0/QN3iky/fgVnFq9c6MXlQ1UgE4vKDGpBDwDQsfKfHqUYoKtXq/
X9ZOP2X4s0NxytAGBtNBlCdDsvim2cbw+pXYWucQV6lfAKgj1JfP6WwMXCdGCriF
oybto5zDzk9pe7Bo4Ds/JHq6x6z0GCj/brft7f14CeTi8Ppc4HKy8G2K3rHnTZ2x
p3lkDLCbBLhs2rS8NAcLLvRsL1nxuZzjkun5j8VScHvEMj51cLDOYmcwLYbFbxAR
PE7W54DuV0W9Zl44Il0qOT0SI0rh+tfupyxncUKdimEsr3lxbSa1+wHzQQnoXKu4
2QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8434331271969326901526857538859057754
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'salesforce.com, inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'app-eu2.datorama.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25475090299771157781104908198184798431259337913306741208969933034910573748497871740305152058040015965925625068830201566760996356970543241177345623817197671607781391304713116694101735698991283023777019126962330211229325750287107764828605449541638237990413335841741058754232517030551771691520804405312411323940721347519197261520869211809672703346434775246173077160245167823122004481967687142227945781478330805115815610811437155104739734817300709151082231766581056862867916698292986679962178878782437840339996341028087742160849072583189874326210963136329274260191245890357673225080289998758376694682758555985126783432921
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3e4a78c27d214841d23fdb4ab0a435709c6c59bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (472 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eu2.datorama-res.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'platform-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eu2-new.datorama-res.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app1-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app2-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web-prod-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web-prod-eu2-origin.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'new-platform-prod-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'integrate-prod-eu2.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-eu2-server.dlite.co'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-eu2-server-origin.dlite.co'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'integrate-prod-eu2.azure.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'new-platform-prod-eu2.azure.datorama.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web-prod-eu2.azure.datorama.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009633bb294875934ef30aedeb8aa07362e67d1f56b8fb76caf7844a2ef6b9614bc66f3db04e91698463a7e27934507ec62c0a1373f81613c0a0f0abb2cb32fc44f2c0dec2d9c02129689b2f68c3c4a1c27912634266e0b816093987caf6e30f60a4115e57ec10e809321e3176dd0e815a5f53c5f556db9447a95caad5b8a3a1ec19d9aeb1721a9fff4cbb32528ff5260a100d17be9793dee027f9df521a0911a9476a8857dd547c1c945a743add13626bf5978f0e83908259b146a8ce8641ed06d266f231227c22c303601c9a73b010cf608dded2eced8f5da051255e6e0f50a78b1e8a9022de9e67dfb0c3589dab51fcc70d1e878d6b98599b81ceffc10803ab