hz.coop.ch
- Coop Genossenschaft -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0d:58:f6:00:e9:44:7b:eb:80:25:0d:71:21:79:36:eb was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Coop Genossenschaft
Organization:
Coop Genossenschaft
State / Province:
Basel-Stadt
Locality: Basel
Country: CH
Locality: Basel
Country: CH
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:58:f6:00:e9:44:7b:eb:80:25:0d:71:21:79:36:ebSerial Number (int): 17741875613710268929387713959829255915
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 5e:67:18:27:c6:10:ab:d4:d0:41:1f:e1:15:ed:fc:3f:09:91:17:e1
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): 38:95:a8:c5:4d:a5:83:38:84:b4:83:fb:71:29:19:bf:cc:4b:c0:d0
Fingerprint (sha256): 04:22:30:4f:b7:24:4d:b7:b9:df:2b:0e:84:39:bd:d7:61:40:f2:a4:3b:dd:b7:b6:29:3b:f6:f5:12:05:96:34
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate hz.coop.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hz.coop.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hz.coop.ch
*.hz.coop.ch
*.hz.coop.ch
Other certificates including the domain name coop.ch
(limited to 100 certificates)
www.bauundhobby.ch
contentimages-test.coop.ch
tracking.coop.ch
www.photo.coop.ch
coopcontent-test.coop.ch
www.marche-restaurants.ch
mymail.coop.ch
kampagnenarchiv.coop.ch
svrchr02.hs.coop.ch
photo.coop.ch
tracking.coop.ch
mdm-t.coop.ch
bpm.coop.ch
view.politik.coop.ch
webedi.coop.ch
werbemittel.coop.ch
click.news.coop.ch
collab01.coop.ch
callback.coop.ch
mtonline.coop.ch
collabcluster01.coop.ch
hz.coop.ch
labelscms.coop.ch
sfe.coop.ch
neu-test.coop.ch
www.bauundhobby.ch
author-coopilot.coop.ch
www.photo.coop.ch
portal-test.coop.ch
cemeasy.coop.ch
recruiting-test.coop.ch
pypi.hs.coop.ch
san-14-s50.tlsprovisioning.exacttarget.com
mdmdevice.coop.ch
neu.coop.ch
coopcontent.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
streaming.coop.ch
ziegenpatenschaft.ch
partnerweb.coop.ch
asa.coop.ch
fooby.ch
geschenkkarte.coop.ch
cmscontent.coop.ch
www.photo.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
mdm.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
www.coop.ch
thm.coop.ch
coopcontent-test.coop.ch
gefahrengutdb.coop.ch
svrcuc02.hs.coop.ch
pcs.coop.ch
contentimages.coop.ch
servicetrace.coop.ch
www.photo.coop.ch
pcs3.coop.ch
myiscan.coop.ch
fooby.ch
*.hz.coop.ch
mdmext-t.sz.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
ral.coop.ch
mymail.coop.ch
xmasapi.coop.ch
srm.coop.ch
multiterm.coop.ch
www.coop.ch
webadmin-prod.coop.ch
epaper-test.coop.ch
datascout.coop.ch
mlogfust.coop.ch
coopcontent.coop.ch
secureeastest.coop.ch
sachmittelshop.coop.ch
www.coopathome.ch
ccb.coop.ch
test-coopcontent.coop.ch
svrcxc02.hz.coop.ch
app.railcare.coop.ch
akamai-san166.exacttarget.com
gefahrengutdb.coop.ch
jobs.coop.ch
trophy.coop.ch
lumimart.ch
password.coop.ch
pages.nl.coop.ch
mymail.coop.ch
grill.coop.ch
adventskalender2016.cooparchive.cust.adfinis-sygroup.ch
mobile2003.coop.ch
gz.coop.ch
privacy.onetrust-test.coop.ch
pcs6.coop.ch
spielwaren.coop.ch
neu.coop.ch
www.halalgo.jp
sponsoring.coop.ch
contentimages-test.coop.ch
tracking.coop.ch
www.photo.coop.ch
coopcontent-test.coop.ch
www.marche-restaurants.ch
mymail.coop.ch
kampagnenarchiv.coop.ch
svrchr02.hs.coop.ch
photo.coop.ch
tracking.coop.ch
mdm-t.coop.ch
bpm.coop.ch
view.politik.coop.ch
webedi.coop.ch
werbemittel.coop.ch
click.news.coop.ch
collab01.coop.ch
callback.coop.ch
mtonline.coop.ch
collabcluster01.coop.ch
hz.coop.ch
labelscms.coop.ch
sfe.coop.ch
neu-test.coop.ch
www.bauundhobby.ch
author-coopilot.coop.ch
www.photo.coop.ch
portal-test.coop.ch
cemeasy.coop.ch
recruiting-test.coop.ch
pypi.hs.coop.ch
san-14-s50.tlsprovisioning.exacttarget.com
mdmdevice.coop.ch
neu.coop.ch
coopcontent.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
streaming.coop.ch
ziegenpatenschaft.ch
partnerweb.coop.ch
asa.coop.ch
fooby.ch
geschenkkarte.coop.ch
cmscontent.coop.ch
www.photo.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
mdm.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
www.coop.ch
thm.coop.ch
coopcontent-test.coop.ch
gefahrengutdb.coop.ch
svrcuc02.hs.coop.ch
pcs.coop.ch
contentimages.coop.ch
servicetrace.coop.ch
www.photo.coop.ch
pcs3.coop.ch
myiscan.coop.ch
fooby.ch
*.hz.coop.ch
mdmext-t.sz.coop.ch
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
ral.coop.ch
mymail.coop.ch
xmasapi.coop.ch
srm.coop.ch
multiterm.coop.ch
www.coop.ch
webadmin-prod.coop.ch
epaper-test.coop.ch
datascout.coop.ch
mlogfust.coop.ch
coopcontent.coop.ch
secureeastest.coop.ch
sachmittelshop.coop.ch
www.coopathome.ch
ccb.coop.ch
test-coopcontent.coop.ch
svrcxc02.hz.coop.ch
app.railcare.coop.ch
akamai-san166.exacttarget.com
gefahrengutdb.coop.ch
jobs.coop.ch
trophy.coop.ch
lumimart.ch
password.coop.ch
pages.nl.coop.ch
mymail.coop.ch
grill.coop.ch
adventskalender2016.cooparchive.cust.adfinis-sygroup.ch
mobile2003.coop.ch
gz.coop.ch
privacy.onetrust-test.coop.ch
pcs6.coop.ch
spielwaren.coop.ch
neu.coop.ch
www.halalgo.jp
sponsoring.coop.ch
Certificate
The complete raw certificate details for hz.coop.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIQDVj2AOlEe+uAJQ1xIXk26zANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw MTIyMDAwMDAwWhcNMjUwMTIxMjM1OTU5WjBmMQswCQYDVQQGEwJDSDEUMBIGA1UE CBMLQmFzZWwtU3RhZHQxDjAMBgNVBAcTBUJhc2VsMRwwGgYDVQQKExNDb29wIEdl bm9zc2Vuc2NoYWZ0MRMwEQYDVQQDEwpoei5jb29wLmNoMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAsFb6Pe3B2e6XQKbB8jzmuxdrLf4fVQbKqqX9mN3H 9CdTm2Atbq0HbVoM6h73UHLxWD4r9o3NPqoEIheANa+WKyiG2NSRoG7XHc2uQ09C 8bA02Bw2HKbLMEfhi8Z3osxYSoi+9c+Psn8jrcV/gvZRVi04FtOcFxwZ9L+jpbyr m/kI3LEciZOUvgIYglr3gFFRfe8Hrwadg+hsAhSH4pJkwQVQR78DHFt6Iphy9pSY pervu2NZxMbTct8L4Y8io9dx+cOXnREfw9jroNjidxo8xC23PBn64yT+mLfS4GoF r4Env6kd21WI7PAznqSVjmwwYoNe8Dxle7RkuyiAKsPakwIDAQABo4ICJzCCAiMw HwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcwHQYDVR0OBBYEFF5nGCfG EKvU0EEf4RXt/D8JkRfhMCMGA1UdEQQcMBqCCmh6LmNvb3AuY2iCDCouaHouY29v cC5jaDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8v d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8v Y3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIw MjBDQTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp Q2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYBBQUH AQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYI KwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEds b2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMBMG CisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ9eEHrMf1Jxhw vvOHVso3gdSi/IIAoF7J3G6j219qectCo7rdZDK3yb+WFYsvPjbqL65I4bPk7P8R /aW7MjIcSA8+ZXqThHMUs1ZxvVBPOD1cD7JuHQMMnqykSPv4MYxbH8JmECI/s50m CriHb/lc4MfxJZSDdSI1GYa1y3jnLd6uGk9rD65ZueF+LZ86MkYKQue4pWX+3BlR NFQIJSht5RlWd1Ka3ciQ48T0/pkTs3vmLlyJ81dylQGfO9fVih/arMFIabh7667g iJsjCjYJiEYG9WrQOWgvSrurJUeUODoEpfk9hEwAcfzprs08nXEollLM6XaPL3Q3 NFITFzck -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFb6Pe3B2e6XQKbB8jzm uxdrLf4fVQbKqqX9mN3H9CdTm2Atbq0HbVoM6h73UHLxWD4r9o3NPqoEIheANa+W KyiG2NSRoG7XHc2uQ09C8bA02Bw2HKbLMEfhi8Z3osxYSoi+9c+Psn8jrcV/gvZR Vi04FtOcFxwZ9L+jpbyrm/kI3LEciZOUvgIYglr3gFFRfe8Hrwadg+hsAhSH4pJk wQVQR78DHFt6Iphy9pSYpervu2NZxMbTct8L4Y8io9dx+cOXnREfw9jroNjidxo8 xC23PBn64yT+mLfS4GoFr4Env6kd21WI7PAznqSVjmwwYoNe8Dxle7RkuyiAKsPa kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17741875613710268929387713959829255915 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Basel-Stadt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Basel' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Coop Genossenschaft' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hz.coop.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22260831881493568010647195186142071671108457608623564393018737880100185781540645233328630150215167318334556671630439271906731230927232374210386175649311613005446863547880878254174701933978153213954915408845200518552402237664987377419740453209627129441524702027280899745845600100300537138070395660191921979229546489115886281256579179608099989709208931428698317802983957010661431809238356407367149058656923417162380926600096038667094116128959017215530493920365939892148013241257618441965362725310931059829853742084054662107683032339513679364472874812958857650874239221443271085501399174347137806792905295323028726733459 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5e671827c610abd4d0411fe115edfc3f099117e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hz.coop.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hz.coop.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0009f5e107acc7f5271870bef38756ca3781d4a2fc8200a05ec9dc6ea3db5f6a79cb42a3badd6432b7c9bf96158b2f3e36ea2fae48e1b3e4ecff11fda5bb32321c480f3e657a93847314b35671bd504f383d5c0fb26e1d030c9eaca448fbf8318c5b1fc26610223fb39d260ab8876ff95ce0c7f12594837522351986b5cb78e72ddeae1a4f6b0fae59b9e17e2d9f3a32460a42e7b8a565fedc195134540825286de5195677529addc890e3c4f4fe9913b37be62e5c89f3577295019f3bd7d58a1fdaacc14869b87bebaee0889b230a3609884606f56ad039682f4abbab254794383a04a5f93d844c0071fce9aecd3c9d71289652cce9768f2f7437345213173724