a858-aaf.nyc.gov
- Office of Technology and Innovation, New York City -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 09:c4:1d:f3:6e:36:08:75:71:3a:d5:bc:57:c2:f3:f4 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Office of Technology and Innovation, New York City
Company registration number:
Government Entity
Organization: Office of Technology and Innovation, New York City
Organization: Office of Technology and Innovation, New York City
State / Province:
New York
Locality: New York City
Country: US
Locality: New York City
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:c4:1d:f3:6e:36:08:75:71:3a:d5:bc:57:c2:f3:f4Serial Number (int): 12981349622767738955969706320694801396
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 4f:9a:ed:48:e8:58:ee:07:29:e9:0d:c0:97:c5:fe:96:8d:b0:f6:70
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 9a:7b:cd:a4:03:87:61:39:b4:a3:3b:da:0e:ec:37:7c:f4:0c:39:94
Fingerprint (sha256): 04:6a:5b:5a:35:fc:ae:10:dc:4c:eb:e8:4a:2f:e2:b3:7a:ae:9a:0a:5d:56:e8:ca:d4:d7:5e:88:93:35:b7:9d
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g3.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g3.crl
Check the revocation status for certificate a858-aaf.nyc.gov
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for a858-aaf.nyc.gov
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
a858-aaf.nyc.gov
a858-aaf-2mtc.nyc.gov
a858-aaf-psc.nyc.gov
a858-aaf-2mtc.nyc.gov
a858-aaf-psc.nyc.gov
Other certificates including the domain name nyc.gov
(limited to 100 certificates)
a806-housingconnectAPI.nyc.gov
a858-anltw.nyc.gov
a069-ra1.nyc.gov
webapps.nyc.gov
a127-jobs.nyc.gov
a827-mwbe.nyc.gov
legistar.council.nyc.gov
mspava-vcsxcl01.nyc.gov
*.nyc.gov
foodhelp-stg.nyc.gov
fisa.ctxns.nyc.gov
zap.planning.nyc.gov
5685570869133312-fe1.pantheonsite.io
a858-nycnotify.nyc.gov
psc-esa1.nyc.gov
a860-openrecords.nyc.gov
manhattanbp.nyc.gov
a127-HRFTS.NYC.GOV
a826-depvpn.nyc.gov
enterpriseenrollment.dhs.nyc.gov
A127-uag.nyc.gov
a806-housingconnect.nyc.gov
regional-viz.planninglabs.nyc
zoningresolution.planning.nyc.gov
migration.planning.nyc.gov
a073-ils-web.nyc.gov
Apply.council.nyc.gov
a827-bladerunner.nyc.gov
www.nycbers.org
laws.council.nyc.gov
a816-certifytrn.nyc.gov
enterpriseenrollment.tlc.nyc.gov
a002-oomwap01.nyc.gov
a002-oom03.nyc.gov
a858-nycnotify.nyc.gov
a860-gpp.nyc.gov
Portal.dss.nyc.gov
a810-lmpaca.nyc.gov
a816-evitaltrn.nyc.gov
a858-aaf.nyc.gov
skypeaccess.dep.nyc.gov
enterpriseenrollment.cto.nyc.gov
5685570869133312-fe1.pantheonsite.io
laws.council.nyc.gov
nyc-factfinder.planninglabs.nyc
law.ctxns.nyc.gov
laws.council.nyc.gov
a0333-passportpublic.nyc.gov
gis.nyc.gov
a069-cmg.nyc.gov
on.nyc.gov
a826-web01.nyc.gov
a127-essdr.nyc.gov
transit-survey.council.nyc.gov
iwomm.council.nyc.gov
nycpss.nyc.gov
transit-survey.council.nyc.gov
lotselector.planninglabs.nyc
comptroller.nyc.gov
enterpriseenrollment.dcas.nyc.gov
a856-ptdb.nyc.gov
comptroller.nyc.gov
otcmail.nyc.gov
mentalhealthforall-stg.nyc.gov
a801-sbscssp.nyc.gov
a827-bladerunner.nyc.gov
a858-anltw.nyc.gov
membertimesheet.council.nyc.gov
a127-pip.nyc.gov
depwebmail.nyc.gov
comptroller.nyc.gov
streets.planning.nyc.gov
www2.nyc.gov
*.nyc.gov
a127-ess.nyc.gov
schools.nyc.gov
on.nyc.gov
a826-ocsedge01.nyc.gov
mtpralpwvcse2.nyc.gov
migration.planning.nyc.gov
a841-dotwebpcard01.nyc.gov
mail.council.nyc.gov
psacmeetingadmin.nyc.gov
a127-jobs.nyc.gov
a127-hrp.nyc.gov
maps5.nyc.gov
a826-umax-accssrs.dep.nyc.gov
dotwebmail.nyc.gov
doitt.ctxns.nyc.gov
a827-dsnyftp.nyc.gov
A127-uag.nyc.gov
webapps.nyc.gov
a127-rbp.nyc.gov
a858-eds-tstxf-fa01.nyc.gov
bronxdawebapp.nyc.gov
council.nyc.gov
a032-secure.nyc.gov
securetransport.nyc.gov
mail.nycboe.net
fisa.ctxns.nyc.gov
a858-anltw.nyc.gov
a069-ra1.nyc.gov
webapps.nyc.gov
a127-jobs.nyc.gov
a827-mwbe.nyc.gov
legistar.council.nyc.gov
mspava-vcsxcl01.nyc.gov
*.nyc.gov
foodhelp-stg.nyc.gov
fisa.ctxns.nyc.gov
zap.planning.nyc.gov
5685570869133312-fe1.pantheonsite.io
a858-nycnotify.nyc.gov
psc-esa1.nyc.gov
a860-openrecords.nyc.gov
manhattanbp.nyc.gov
a127-HRFTS.NYC.GOV
a826-depvpn.nyc.gov
enterpriseenrollment.dhs.nyc.gov
A127-uag.nyc.gov
a806-housingconnect.nyc.gov
regional-viz.planninglabs.nyc
zoningresolution.planning.nyc.gov
migration.planning.nyc.gov
a073-ils-web.nyc.gov
Apply.council.nyc.gov
a827-bladerunner.nyc.gov
www.nycbers.org
laws.council.nyc.gov
a816-certifytrn.nyc.gov
enterpriseenrollment.tlc.nyc.gov
a002-oomwap01.nyc.gov
a002-oom03.nyc.gov
a858-nycnotify.nyc.gov
a860-gpp.nyc.gov
Portal.dss.nyc.gov
a810-lmpaca.nyc.gov
a816-evitaltrn.nyc.gov
a858-aaf.nyc.gov
skypeaccess.dep.nyc.gov
enterpriseenrollment.cto.nyc.gov
5685570869133312-fe1.pantheonsite.io
laws.council.nyc.gov
nyc-factfinder.planninglabs.nyc
law.ctxns.nyc.gov
laws.council.nyc.gov
a0333-passportpublic.nyc.gov
gis.nyc.gov
a069-cmg.nyc.gov
on.nyc.gov
a826-web01.nyc.gov
a127-essdr.nyc.gov
transit-survey.council.nyc.gov
iwomm.council.nyc.gov
nycpss.nyc.gov
transit-survey.council.nyc.gov
lotselector.planninglabs.nyc
comptroller.nyc.gov
enterpriseenrollment.dcas.nyc.gov
a856-ptdb.nyc.gov
comptroller.nyc.gov
otcmail.nyc.gov
mentalhealthforall-stg.nyc.gov
a801-sbscssp.nyc.gov
a827-bladerunner.nyc.gov
a858-anltw.nyc.gov
membertimesheet.council.nyc.gov
a127-pip.nyc.gov
depwebmail.nyc.gov
comptroller.nyc.gov
streets.planning.nyc.gov
www2.nyc.gov
*.nyc.gov
a127-ess.nyc.gov
schools.nyc.gov
on.nyc.gov
a826-ocsedge01.nyc.gov
mtpralpwvcse2.nyc.gov
migration.planning.nyc.gov
a841-dotwebpcard01.nyc.gov
mail.council.nyc.gov
psacmeetingadmin.nyc.gov
a127-jobs.nyc.gov
a127-hrp.nyc.gov
maps5.nyc.gov
a826-umax-accssrs.dep.nyc.gov
dotwebmail.nyc.gov
doitt.ctxns.nyc.gov
a827-dsnyftp.nyc.gov
A127-uag.nyc.gov
webapps.nyc.gov
a127-rbp.nyc.gov
a858-eds-tstxf-fa01.nyc.gov
bronxdawebapp.nyc.gov
council.nyc.gov
a032-secure.nyc.gov
securetransport.nyc.gov
mail.nycboe.net
fisa.ctxns.nyc.gov
Certificate
The complete raw certificate details for a858-aaf.nyc.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIsjCCB5qgAwIBAgIQCcQd8242CHVxOtW8V8Lz9DANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMDgyNDAwMDAwMFoXDTIzMDkyNDIz NTk1OVowggEYMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT CE5ldyBZb3JrMR4wHAYLKwYBBAGCNzwCAQETDU5ldyBZb3JrIENpdHkxGjAYBgNV BA8MEUdvdmVybm1lbnQgRW50aXR5MRowGAYDVQQFExFHb3Zlcm5tZW50IEVudGl0 eTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMRYwFAYDVQQHEw1OZXcg WW9yayBDaXR5MTswOQYDVQQKEzJPZmZpY2Ugb2YgVGVjaG5vbG9neSBhbmQgSW5u b3ZhdGlvbiwgTmV3IFlvcmsgQ2l0eTEZMBcGA1UEAxMQYTg1OC1hYWYubnljLmdv djCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOQ5dPvSI3OKuE20rEfE CRzhkfBlxpTTcuRPSvvKFTBZ6jN0BlrqYM7BKgExmSKI82ixBWy2X3vuug77fpTl RMGLrRarKunWB9s0yQTBky139qGtLDkMESg3tsMMYqKVuPK+iK6zOXlxczEckoOa R4Eh3GsRYAw/wdnbbTYmKOjgPc0rHPk+tK5F/Fky6Io51pb2c2P2TzZ5IaaTYVvv KVQWo62Btxj2KrS+kQTbwKLci4woM0kw+sOMOM3F/a42umPvDUx+OIrAY51G63Ca tu9YOoG8T0IOatcEcgDy2rho+BXgGn5NhKNvkJFuQSfM/pVs76n9BTbGQXN40xid ifIGH+olDWQKKK/BQaF/wXBgTNqPDqxhuKh0vipuJMkYSDqqpea5IwcwyRik+uUR AvA0bM3QIb+IYynlw9ZNsMnmE+ZWlPc0zwM0jw4F3RZyJTOQSuEGWQPmLluhlXHi 1VYi4C9hqPXL3a2/QnIfVhE0HsgXXQJ9xR6yLZFBwXNEnEFAoMXYDRJjYXPhtLSU BDS78NcCMSiA9Ivo2ryJ88wNh7qSQpQUxKTCHBzpx8y23TrIa5agzqCCoSRuw2i7 AC+Z5Yk4nktccxgoaE5Uu68dnokZwiMvo9s4xiPnlndCZHRXzyv3hgMvuPf5FmUY 9tkaRUgZ2mZX9L4W7laQ7wX3AgMBAAGjggOXMIIDkzAfBgNVHSMEGDAWgBQ901Cl 1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQUT5rtSOhY7gcp6Q3Al8X+lo2w9nAw SAYDVR0RBEEwP4IQYTg1OC1hYWYubnljLmdvdoIVYTg1OC1hYWYtMm10Yy5ueWMu Z292ghRhODU4LWFhZi1wc2MubnljLmdvdjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6 Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmwwNKAyoDCG Lmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMy5jcmww SgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYb aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGIBggrBgEFBQcBAQR8MHowJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZG aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVk VmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIE AgSCAW0EggFpAWcAdQDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAA AYLQsmb3AAAEAwBGMEQCICpS7eoLO2l2WhkoV7BuLisOtZSEKiCone5/zlfuewYm AiBAcWwbSaqDK9siV6ZMpy0QIV1eGVpHXTgqKiuMcKFtdAB3ADXPGRu/sWxXvw+t TG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABgtCyZxIAAAQDAEgwRgIhAPFPNoGOtFNM 9htMtuAacjg5laXJMHainCAwunlTfZAGAiEA+QEggn6tWG7n6fzF0tj60G6NBX2I uRvb9qVEi3YYEiUAdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAA AYLQsmc/AAAEAwBGMEQCIDDGXFQKnA932I2R7IHJRlcbB8cwRv3JX1n8dKx/+vnO AiBjcWsIrkbK9XE/L4iH6SVnYMQHUYbB1jYDIMGlO7TQnTANBgkqhkiG9w0BAQsF AAOCAQEAxB7oJ6B01ceYBIHLeAsoMFi97cL+Gx96I+DXNvC7PuP3CmKTLEXIbEl+ gLNvz5gC9ZHL9LBytuRwwVk7YweHcIPqEyS2a7yxOiOMFrWPf/zAGwC3RknM0YeC l976RRGZbRAQZgKbQgK1t2Cfz4Oeu3CZaFY4N8IXMZeKlWuQ2Jha/G+p4hJzSACo ZRJMeXe9ieZ6X1W7yD3/1KzTiXdYW1Dm7qZHvGU/LD2etMDW7HwkVF1acLy4vJpw dFdHEVAN+LrqIKI1s2Q+xqo35nyALnPNfxfCLElKFGcu8sNvGVswDJ7bPOoghV1m w1G6e730qd5vG7KC/Gw0xhKVCzC98w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5Dl0+9Ijc4q4TbSsR8QJ HOGR8GXGlNNy5E9K+8oVMFnqM3QGWupgzsEqATGZIojzaLEFbLZfe+66Dvt+lOVE wYutFqsq6dYH2zTJBMGTLXf2oa0sOQwRKDe2wwxiopW48r6IrrM5eXFzMRySg5pH gSHcaxFgDD/B2dttNiYo6OA9zSsc+T60rkX8WTLoijnWlvZzY/ZPNnkhppNhW+8p VBajrYG3GPYqtL6RBNvAotyLjCgzSTD6w4w4zcX9rja6Y+8NTH44isBjnUbrcJq2 71g6gbxPQg5q1wRyAPLauGj4FeAafk2Eo2+QkW5BJ8z+lWzvqf0FNsZBc3jTGJ2J 8gYf6iUNZAoor8FBoX/BcGBM2o8OrGG4qHS+Km4kyRhIOqql5rkjBzDJGKT65REC 8DRszdAhv4hjKeXD1k2wyeYT5laU9zTPAzSPDgXdFnIlM5BK4QZZA+YuW6GVceLV ViLgL2Go9cvdrb9Cch9WETQeyBddAn3FHrItkUHBc0ScQUCgxdgNEmNhc+G0tJQE NLvw1wIxKID0i+javInzzA2HupJClBTEpMIcHOnHzLbdOshrlqDOoIKhJG7DaLsA L5nliTieS1xzGChoTlS7rx2eiRnCIy+j2zjGI+eWd0JkdFfPK/eGAy+49/kWZRj2 2RpFSBnaZlf0vhbuVpDvBfcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12981349622767738955969706320694801396 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Office of Technology and Innovation, New York City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'a858-aaf.nyc.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 931074488041993039619476072837934004922029277755049767743441267447244832472097306938784008808458132120825745299950358217526648728640097270663768456435393170266436704788009740857957895495726815453032451588723548590332697137993340396431364891338316812482810170545693023576076340042769205516762546173516866458112634391281866271014951128053183310335581854912125879763908997180279991465636243345519103233409313429518490434448931024989695885944651110396802625852761557710611702032333679839556096895741538271663463431791539227480557045453362278358392973351041308004156676340971521510857949311985453979822285607066306988418257517192321321021765477724615123861456425996080184169005319586383878141158443758122361919132176432207716612510063761218656435650395689153760256790953868033712131068789162648383177528039526551155725812570289202018234044276918522087857643063793334137754390585100733082106922481173667648703637011152954256047317857879636991699524521354818914014357275242089034384796190114870953125177458715962293840281647230575792025075085799099596373280564741800216898393792729030115993610487574072457199716861330692141772212490245538911032182318692400173385429399177924263255572466481757498870871185461088905007813473676801748455327223 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4f9aed48e858ee0729e90dc097c5fe968db0f670 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a858-aaf.nyc.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a858-aaf-2mtc.nyc.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a858-aaf-psc.nyc.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000182d0b266f7000004030046304402202a52edea0b3b69765a192857b06e2e2b0eb594842a20a89dee7fce57ee7b0626022040716c1b49aa832bdb2257a64ca72d10215d5e195a475d382a2a2b8c70a16d7400770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000182d0b267120000040300483046022100f14f36818eb4534cf61b4cb6e01a72383995a5c93076a29c2030ba79537d9006022100f90120827ead586ee7e9fcc5d2d8fad06e8d057d88b91bdbf6a5448b76181225007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000182d0b2673f0000040300463044022030c65c540a9c0f77d88d91ec81c946571b07c73046fdc95f59fc74ac7ffaf9ce022063716b08ae46caf5713f2f8887e9256760c4075186c1d6360320c1a53bb4d09d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00c41ee827a074d5c7980481cb780b283058bdedc2fe1b1f7a23e0d736f0bb3ee3f70a62932c45c86c497e80b36fcf9802f591cbf4b072b6e470c1593b6307877083ea1324b66bbcb13a238c16b58f7ffcc01b00b74649ccd1878297defa4511996d101066029b4202b5b7609fcf839ebb709968563837c21731978a956b90d8985afc6fa9e212734800a865124c7977bd89e67a5f55bbc83dffd4acd38977585b50e6eea647bc653f2c3d9eb4c0d6ec7c24545d5a70bcb8bc9a7074574711500df8baea20a235b3643ec6aa37e67c802e73cd7f17c22c494a14672ef2c36f195b300c9edb3cea20855d66c351ba7bbdf4a9de6f1bb282fc6c34c612950b30bdf3