federation.checkout.visa.com
Issued by SSL.com RSA SSL subCA
About this certificate
This digital certificate with serial number 53:ad:63:87:6d:0c:7c:33:c5:37:30:d1:15:34:17:e1 was issued on by SSL Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=federation.checkout.visa.com
SSL Corporation
Organization:
SSL Corporation
State / Province:
Texas
Locality: Houston
Country: US
Locality: Houston
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 53:ad:63:87:6d:0c:7c:33:c5:37:30:d1:15:34:17:e1Serial Number (int): 111226209694776203280610000234578450401
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 26:14:7e:e0:dc:d7:a6:f7:e2:d4:04:27:df:61:f1:c2:ec:e7:32:ca
Fingerprint (sha1): 53:05:28:d9:25:2f:a2:2a:79:d1:b4:ed:f0:21:d4:8d:8a:00:30:fd
Fingerprint (sha256): 03:ee:6f:8b:c8:b0:48:46:1a:0a:0f:77:02:90:01:19:4d:7d:5d:d2:38:4b:cb:e3:24:1a:88:73:fd:91:7f:12
Issuing Certificate URL: http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl
Check the revocation status for certificate federation.checkout.visa.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for federation.checkout.visa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
federation.checkout.visa.com
www.federation.checkout.visa.com
www.federation.checkout.visa.com
Other certificates including the domain name visa.com
(limited to 100 certificates)
origin.icl.visa.com
myvisacard.stage.visa.com
reward.qa.paris.visa.com
SW730CPAPRODWEB00.visa.com
card.visa.com
intellilink.spendmanagement.visa.com
cert.tgs-credential-collection.visa.com
qa-mas.vpl.visa.com
www.bd.visa.com
baas.vbs.visa.com
sandbox.alias.visa.com
epm.lacbenefits.visa.com
pit.3dsecure.net
multinationalpremiumsolutions.visa.com
cte.mobileapp.apcemea.visa.com
GlobalCustomerAssistanceService.trusted.visa.com
ocsp.visa.com
qa.promotions.visa.com
hn.review.visa.com
qa.vis.informationmanagement.visa.com
resource.message.card.visa.com
international.visa.com
vis.tdp.visa.com
ag.review.visa.com
sni.cloudflaressl.com
gimt.cte.visaonline.com
sbx.purchasealerts.visa.com
global.review.visa.com
intellilink.spendmanagement.visa.com
qa02.rtm.visa.com
privacy.visa.com
mte.rtm.visa.com
viva.visa.com
o365auth.visa.com
globalpage.visa.com
sandbox.checkout.visa.com
api.intellilink.spendmanagement.visa.com
portal1i.visa.com
mssip.visa.com
xpollens.prod.paris.visa.com
impactlabtest.visa.com
smailexp.trusted.visa.com
merchantsignageap.visa.com
carddesigner.visa.com
bb.review.visa.com
sandbox.cloudpos.digital.visa.com
publicsearch.visa.com
mtf-mastercard-visatokenservicesout.visa.com
adfs.trusted.visa.com
cert.conferma.visa.com
merchantsignageglobal.visa.com
ai.review.visa.com
admin.dev.paris.visa.com
conferma.visa.com
africa.visa.com
ipservicescert.visa.com
alertsadm.visa.com
servicesgateway.visa.com
jm.review.visa.com
sni.cloudflaressl.com
design.visa.com
isa.sandbox.consumerapi.digital.visa.com
drp.visaonline.com
cemea.review.visa.com
vdnagateway.cte.visa.com
staging.mobileapp.apcemea.visa.com
travel.visa.com
*.corpdev.visa.com
qa.informationmanagement.visa.com
v3dstestsuite.3dsecure.net
www.africa.visa.com
barclays.qa.intellilink.visa.com
azuressomerrillProd.trusted.visa.com
www.myanmar.visa.com
ar.review.visa.com
sbx.notification-services.visa.com
globalclient.visa.com
members.visa.com
aacert.alias.visa.com
visa.com.br
www.bm.visa.com
hn.review.visa.com
canary.visa.com
federation.checkout.visa.com
assets.secure.checkout.visa.com
sw720mtgplc6.trusted.visa.com
verifiapitest.visa.com
ics2wstesta.ic3.com
myanmar.visa.com
staging.mepa.visa.com
merchantsignageglobal.visa.com
filexchange.visa.com
do.review.visa.com
loyalty.visa.com
qa02.rtm.visa.com
ics2wsa.ic3.com
cert.alias.visa.com
barclays.qa.intellilink.visa.com
www.visa.com
*.myvisacard.stage.visa.com
myvisacard.stage.visa.com
reward.qa.paris.visa.com
SW730CPAPRODWEB00.visa.com
card.visa.com
intellilink.spendmanagement.visa.com
cert.tgs-credential-collection.visa.com
qa-mas.vpl.visa.com
www.bd.visa.com
baas.vbs.visa.com
sandbox.alias.visa.com
epm.lacbenefits.visa.com
pit.3dsecure.net
multinationalpremiumsolutions.visa.com
cte.mobileapp.apcemea.visa.com
GlobalCustomerAssistanceService.trusted.visa.com
ocsp.visa.com
qa.promotions.visa.com
hn.review.visa.com
qa.vis.informationmanagement.visa.com
resource.message.card.visa.com
international.visa.com
vis.tdp.visa.com
ag.review.visa.com
sni.cloudflaressl.com
gimt.cte.visaonline.com
sbx.purchasealerts.visa.com
global.review.visa.com
intellilink.spendmanagement.visa.com
qa02.rtm.visa.com
privacy.visa.com
mte.rtm.visa.com
viva.visa.com
o365auth.visa.com
globalpage.visa.com
sandbox.checkout.visa.com
api.intellilink.spendmanagement.visa.com
portal1i.visa.com
mssip.visa.com
xpollens.prod.paris.visa.com
impactlabtest.visa.com
smailexp.trusted.visa.com
merchantsignageap.visa.com
carddesigner.visa.com
bb.review.visa.com
sandbox.cloudpos.digital.visa.com
publicsearch.visa.com
mtf-mastercard-visatokenservicesout.visa.com
adfs.trusted.visa.com
cert.conferma.visa.com
merchantsignageglobal.visa.com
ai.review.visa.com
admin.dev.paris.visa.com
conferma.visa.com
africa.visa.com
ipservicescert.visa.com
alertsadm.visa.com
servicesgateway.visa.com
jm.review.visa.com
sni.cloudflaressl.com
design.visa.com
isa.sandbox.consumerapi.digital.visa.com
drp.visaonline.com
cemea.review.visa.com
vdnagateway.cte.visa.com
staging.mobileapp.apcemea.visa.com
travel.visa.com
*.corpdev.visa.com
qa.informationmanagement.visa.com
v3dstestsuite.3dsecure.net
www.africa.visa.com
barclays.qa.intellilink.visa.com
azuressomerrillProd.trusted.visa.com
www.myanmar.visa.com
ar.review.visa.com
sbx.notification-services.visa.com
globalclient.visa.com
members.visa.com
aacert.alias.visa.com
visa.com.br
www.bm.visa.com
hn.review.visa.com
canary.visa.com
federation.checkout.visa.com
assets.secure.checkout.visa.com
sw720mtgplc6.trusted.visa.com
verifiapitest.visa.com
ics2wstesta.ic3.com
myanmar.visa.com
staging.mepa.visa.com
merchantsignageglobal.visa.com
filexchange.visa.com
do.review.visa.com
loyalty.visa.com
qa02.rtm.visa.com
ics2wsa.ic3.com
cert.alias.visa.com
barclays.qa.intellilink.visa.com
www.visa.com
*.myvisacard.stage.visa.com
Certificate
The complete raw certificate details for federation.checkout.visa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFvjCCA6agAwIBAgIQU61jh20MfDPFNzDRFTQX4TANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg U1NMIHN1YkNBMB4XDTIzMTIwNjE3MTYyM1oXDTI0MTIwNTE3MTYyM1owJzElMCMG A1UEAwwcZmVkZXJhdGlvbi5jaGVja291dC52aXNhLmNvbTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAOMW+WVhjULo0rRmaknX4ts8G7o6bA0rjkJLl7r+ pjQxEEzOnNcRDSZyHAcFvqjp9KxLDetcUXG+5AvHAhyRxphgwxCPE4O45NiGy1D4 7yB8GSsaW0MTEkCOtlp+SoO5xH4Zg6m364z5B9gibD/tC8hytYSv6+K3v4c5zjQm fb/eoirRst79nSWYJr5i6hx20JBBSRy233PFYf0648sJBaKBbznP73duf35DVUe3 ZuttH8eLYLb1I6dtXs4kYbpwbBYJDY4NVPjSkI4GNzCPib6d0f5HmxZ0WBiNH5nX CDkFnPGpupyy5ti7xEBEWNVlJaoez+qKPvU1gcRHBu2BpNMCAwEAAaOCAaIwggGe MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUJhR+4NzXpvfi1AQn32HxwuznMsow cgYIKwYBBQUHAQEEZjBkMEAGCCsGAQUFBzAChjRodHRwOi8vY2VydC5zc2wuY29t L1NTTGNvbS1TdWJDQS1TU0wtUlNBLTQwOTYtUjEuY2VyMCAGCCsGAQUFBzABhhRo dHRwOi8vb2NzcHMuc3NsLmNvbTBJBgNVHREEQjBAghxmZWRlcmF0aW9uLmNoZWNr b3V0LnZpc2EuY29tgiB3d3cuZmVkZXJhdGlvbi5jaGVja291dC52aXNhLmNvbTAj BgNVHSAEHDAaMAgGBmeBDAECATAOBgwrBgEEAYKpMAEDAQEwHQYDVR0lBBYwFAYI KwYBBQUHAwIGCCsGAQUFBwMBMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmxz LnNzbC5jb20vU1NMY29tLVN1YkNBLVNTTC1SU0EtNDA5Ni1SMS5jcmwwDgYDVR0P AQH/BAQDAgWgMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IC AQAkk8y0Z9X9SBx1lrq0vgGXfHTCJ1nOYwJy5HLal1VmQmSByisEIBuy+KrqJ7tF xW1riSJ2CoSuZr2TFOJioqWkAvJPCPF0K0qZi2RCHMtpP38/4MDNBOZyFoiWquYV Y8zqhGHA3ycqv9ublqbPaY+2F1efdZY/XetZC9rddkr9te5oQtFgQfW39YHXEsF/ IxC6+1CQkxku/O3ehTn5MQ+2qVSFqCg3re7ZBcfS/4gcQ9l5snSdAFy5x67dxBHx qR31appyGwC3uXZYn6U8K2L7LMVpKc0QEA6Y7fihBKGNJPxKOO2sasCaH5n4ZkLI FUP+a/IldGOJOjzC2E9/Fx0HuNRV8bnkwNyByV6X1QfaJEVDLLf9sn0WklCRT+IA 2s+Ky5oepKjY+ouCeSwKaBmgDV6uZuZN2o8Lsi8aZtCmh71xPNz409OU/vcr4IHo imgqMM4AdrO7ro+1Y/t9Om3icDh40uTGhc+ryECTuLmS/aIWyU+2GKIQc1k4BS15 /xjrRPCnar4sWhnGSoIVvFC2P/97DxJfTIQZ1RU1UiJtXS2GdAhokVEDAHdigSIH YczE7CjyuxWmJdKnSO0W0oJuFk5KvUMJN8unX9OcVVYE5YrQPFILyGF/kDBiOtmV x8m4U6+Xti9Uw6HWyQcg0GZ4SHExMbrNGwOlnZxn7H6e7g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xb5ZWGNQujStGZqSdfi 2zwbujpsDSuOQkuXuv6mNDEQTM6c1xENJnIcBwW+qOn0rEsN61xRcb7kC8cCHJHG mGDDEI8Tg7jk2IbLUPjvIHwZKxpbQxMSQI62Wn5Kg7nEfhmDqbfrjPkH2CJsP+0L yHK1hK/r4re/hznONCZ9v96iKtGy3v2dJZgmvmLqHHbQkEFJHLbfc8Vh/TrjywkF ooFvOc/vd25/fkNVR7dm620fx4tgtvUjp21eziRhunBsFgkNjg1U+NKQjgY3MI+J vp3R/kebFnRYGI0fmdcIOQWc8am6nLLm2LvEQERY1WUlqh7P6oo+9TWBxEcG7YGk 0wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 111226209694776203280610000234578450401 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Houston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL.com RSA SSL subCA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-06 17:16:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-05 17:16:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'federation.checkout.visa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28667424229132010564754391923691616982050471309561127930822392215280778364628999658165523549351185354285871025473440790720862443749061980612942714374932874778092548825455359241779023006504376702345252499525515145737655683837465984774490999223387929757852318531515160884269225853254851847018058706320437459882156407041186813043061942429063311997272810771181684670080604496647159849969626286769939907817141693673556990268980313335420301153649262379508924172558814874212910360302741701246504465907314807184740518554533708034569010247041063703584036631722163950357972272081322237575185004929644747491427305770842499163347 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26147ee0dcd7a6f7e2d40427df61f1c2ece732ca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'federation.checkout.visa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.federation.checkout.visa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 002493ccb467d5fd481c7596bab4be01977c74c22759ce630272e472da975566426481ca2b04201bb2f8aaea27bb45c56d6b8922760a84ae66bd9314e262a2a5a402f24f08f1742b4a998b64421ccb693f7f3fe0c0cd04e672168896aae61563ccea8461c0df272abfdb9b96a6cf698fb617579f75963f5deb590bdadd764afdb5ee6842d16041f5b7f581d712c17f2310bafb509093192efcedde8539f9310fb6a95485a82837adeed905c7d2ff881c43d979b2749d005cb9c7aeddc411f1a91df56a9a721b00b7b976589fa53c2b62fb2cc56929cd10100e98edf8a104a18d24fc4a38edac6ac09a1f99f86642c81543fe6bf2257463893a3cc2d84f7f171d07b8d455f1b9e4c0dc81c95e97d507da2445432cb7fdb27d169250914fe200dacf8acb9a1ea4a8d8fa8b82792c0a6819a00d5eae66e64dda8f0bb22f1a66d0a687bd713cdcf8d3d394fef72be081e88a682a30ce0076b3bbae8fb563fb7d3a6de2703878d2e4c685cfabc84093b8b992fda216c94fb618a210735938052d79ff18eb44f0a76abe2c5a19c64a8215bc50b63fff7b0f125f4c8419d5153552226d5d2d8674086891510300776281220761ccc4ec28f2bb15a625d2a748ed16d2826e164e4abd430937cba75fd39c555604e58ad03c520bc8617f9030623ad995c7c9b853af97b62f54c3a1d6c90720d0667848713131bacd1b03a59d9c67ec7e9eee