*.yext.com

- Yext, Inc. -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 02:c4:f5:2e:46:61:b7:ce:4c:47:4f:15:48:7f:bf:3f was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Yext, Inc.

Organization: Yext, Inc.
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:c4:f5:2e:46:61:b7:ce:4c:47:4f:15:48:7f:bf:3f
Serial Number (int): 3681119032473112767001854773655748415
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 12:a4:e3:bb:82:5e:56:a9:29:de:9f:e0:6e:92:4c:11:bc:29:02:b4
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): fe:ce:69:68:52:b9:64:ec:26:22:2a:dd:04:23:a9:0d:0f:84:1a:55
Fingerprint (sha256): 04:77:f4:20:58:7d:d5:ed:dd:7d:39:f3:5c:4f:0f:ea:b5:44:ee:a1:ea:da:39:82:95:80:3a:b2:cb:bc:f0:db

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate *.yext.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.yext.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.yext.com
yext.com

Other certificates including the domain name yext.com

(limited to 100 certificates)
agent-qa.travelers.com
dev2.streamflow.finance
sni.cloudflaressl.com
covid19.yext.com
faqs.yext.com
sni.cloudflaressl.com
grow.yext.com
*.tx1.yext.com
*.yext.com
covid19-gov.yext.com
*.yext.com
techops.yext.com
blog.catalog.fi
sni.cloudflaressl.com
app-qa.eu.yext.com
answers-texaneyecare.pagescdn.com
sni.cloudflaressl.com
news.yext.com
*.yext.com
onward.yext.com
start.yext.com
*.yext.com
events.biggestfantour.com
wiki.yext.com
sni.cloudflaressl.com
offers.yext.com
*.yext.com
covid19.yext.com
covid19-healthcare.yext.com
*.yext.com
for.yext.com
san1.yext-cdn.com
embed-answers.cority.com.pagescdn.com
yext.com
store.yext.com
start.yext.com
locations.yext.com
*.hitchhikers.dev
*.thefrabric.com
design-system.yext.com
cac-documentation.hitchhikers.yext.com
docker.jfrog-poc.office.yext.com
news.yext.com
answers-autozone.pagescdn.com
news.yext.com
sni.cloudflaressl.com
livepreviewwebsockets-qa.yext.com
events.biggestfantour.com
ssl910335.cloudflaressl.com
answers.romeospizza.com
grow.yext.com
help.yext.com
sni.cloudflaressl.com
*.interview.yext.com
*.interview.yext.com
help.yext.com
sustainability.yext.com
api.eu.yext.com
bvas.yext.com
publishers.yext.com
start.yext.com
mulesoft.farmers.yext.com
sni.cloudflaressl.com
design-system.yext.com
sni.cloudflaressl.com
*.youst.in
hitchhiker-answers.yext.com
cube.yext.com
sni.cloudflaressl.com
*.office.yext.com
physicians.florida-allergy.com
*.yext.com
plfeeds.eu.yext.com
app.eu.yext.com
*.yext.com
sni.cloudflaressl.com
help.yext.com
*.hitchhikers.dev
blog-hitchhikers.yext.com
answers-embed.reseau-stan.com.pagescdn.com
sni.cloudflaressl.com
san1.yext-cdn.com
design-system.yext.com
www.yext.com
*.hitchhikers.dev
search.yext.com
wiki.yext.com
sni.cloudflaressl.com
sni.cloudflaressl.com
amp.locations.yext.com
yext.com
ssl468786.cloudflaressl.com
*.office.yext.com
*.office.yext.com
*.yext.com
www.start.yext.com
wiki.yext.com
sni.cloudflaressl.com
app.eu.yext.com
sni.cloudflaressl.com

Certificate

The complete raw certificate details for *.yext.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIQAsT1LkZht85MR08VSH+/PzANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNzEyMDAwMDAwWhcN
MjAxMDE0MDAwMDAwWjBdMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsx
ETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpZZXh0LCBJbmMuMRMwEQYDVQQD
DAoqLnlleHQuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArLwK
7gJ4BqGhbMTwgFgY9Z5uhttlpT27rtsr2L/L4FsiL/uaQxPnyvU5sLRvNERG0iUi
irhPF1Acbv7l9DNmH1q5/dRmhiXs4ptRbatN7Ff6vpaMAZX48zFNM0p1luohj2uz
vQM6x3hPQkGv5WaZ6mIBewwcK7JxsXhA6eOPlS+teaTNnE/VQAMTnb3oghRFuE62
zzISPrtv79Huf8AKxFXKVU2Pfy+4/GrtFKS2WHhS2IIcEfdhEXLs8D45wu6Pti6O
leLjKquAuTporBI/QWEtoQpyZE6yW5iCvcqHcmi3LvLjAMegIEaYZXeQfu8x6u0d
FsJFllfxZ/0YV4De7XrBH7FqCZ1k36XtWNEcza/N/Qtt5REZ8KVHtbvdT2Z7lfSy
DEjgNjzlHnkuM2twmodCZNC3fM6S8JhDuaa6VJRLIFfkZxSBFhTwtTxAqDodHV50
6pxsIdteGgt7wrAVud1V4qM77mgc9TjKdFCqYOtjSjEYHlrb8MnjiwVh68SfpYoQ
5OCFz+FUV+mNtbtaHkJDx1d6HCNZkDvbSHBDlfzItAZU6xyJ6YVrosnReARVqOOy
RcECUU3BbtDwCv7A24XVzG5Lec9kVq1uooCdilqtuVBpuNsRhnIZEDY677kcAQZ2
KRR473wwPKECfuRxKtdrv1KMHjTHc851hXOrkucCAwEAAaOCAfAwggHsMB8GA1Ud
IwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQSpOO7gl5WqSne
n+BukkwRvCkCtDAfBgNVHREEGDAWggoqLnlleHQuY29tggh5ZXh0LmNvbTAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1Ud
HwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTIt
ZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEy
LWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxo
dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcB
AQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggr
BgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hB
MlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDU1Ex2wJaQdNos+vhK/OhJbRYBcJp4
CzOQJfcZBHRpfEaV6fXgyguGe4bLcSLrpTGQ0kzbpSrDtg7igzx7yELPvoBXspUl
8dLa5FlGOnGGJN4P4ovd9Pf0NlH2EgkhsdeF5YlGGXVZ8uWTMZ/y+KDGx5HaqK7o
v/BXDsx3hk6utEbfFdTPL40g9vnuxKhrX9+QX8x2f6MVBcU4EPQGvAs+yNufMZmR
D0p6dkK+7iu4Vgr0xxSHbcQq+jwBuJDMInVfhEBMvtCH7P8zhPXhqBkqV8U7bcCP
1DPtmRWzkHnqoo/+3z2PKpzk56ozM5YxhADZTBGblw9XH65yWTTd+Q/C
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArLwK7gJ4BqGhbMTwgFgY
9Z5uhttlpT27rtsr2L/L4FsiL/uaQxPnyvU5sLRvNERG0iUiirhPF1Acbv7l9DNm
H1q5/dRmhiXs4ptRbatN7Ff6vpaMAZX48zFNM0p1luohj2uzvQM6x3hPQkGv5WaZ
6mIBewwcK7JxsXhA6eOPlS+teaTNnE/VQAMTnb3oghRFuE62zzISPrtv79Huf8AK
xFXKVU2Pfy+4/GrtFKS2WHhS2IIcEfdhEXLs8D45wu6Pti6OleLjKquAuTporBI/
QWEtoQpyZE6yW5iCvcqHcmi3LvLjAMegIEaYZXeQfu8x6u0dFsJFllfxZ/0YV4De
7XrBH7FqCZ1k36XtWNEcza/N/Qtt5REZ8KVHtbvdT2Z7lfSyDEjgNjzlHnkuM2tw
modCZNC3fM6S8JhDuaa6VJRLIFfkZxSBFhTwtTxAqDodHV506pxsIdteGgt7wrAV
ud1V4qM77mgc9TjKdFCqYOtjSjEYHlrb8MnjiwVh68SfpYoQ5OCFz+FUV+mNtbta
HkJDx1d6HCNZkDvbSHBDlfzItAZU6xyJ6YVrosnReARVqOOyRcECUU3BbtDwCv7A
24XVzG5Lec9kVq1uooCdilqtuVBpuNsRhnIZEDY677kcAQZ2KRR473wwPKECfuRx
Ktdrv1KMHjTHc851hXOrkucCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3681119032473112767001854773655748415
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-14 00:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Yext, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.yext.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 704695448691987084631048087687005530171986823051861864668773186899294068734541091171716324993498890799173021353300841552662700353752720038346030337190060836445598096619314156111626248041223195957896801013817802108352728534909137836803269622638417557553404630948648811601888768007148605112190389705748814169058625488508779092217795922703137644755735789643003085566946662444539957881817245599019881854609805703576199049318287276010808104681346116466754243010399729264203708110650234669946844831219510873511743377005483009331271700902302209790592080294686949088236563167153627352793283837320918322598646781060176218537275736908021984771125447510628295700777985338958121774275684736485679211714944485075480089980826825087520999315426084735083026445382509323713378945023827453270890415201633301218001903756316482109684588304001998513480726402470173518631826019554288984370701716906425316373318204250266343732131982013038011993529381665276893733353463350885325678156340668356085166074941061263035470145576323981090029332664664160824586430361694236865315283709524717676436274899729632325258566515283889900373145643206833014752689453709664034573032371763607152984779916557070916112899949219763345569124441791347954906504616465980437845218023
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							12a4e3bb825e56a929de9fe06e924c11bc2902b4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yext.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yext.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00d4d44c76c0969074da2cfaf84afce8496d1601709a780b339025f7190474697c4695e9f5e0ca0b867b86cb7122eba53190d24cdba52ac3b60ee2833c7bc842cfbe8057b29525f1d2dae459463a718624de0fe28bddf4f7f43651f6120921b1d785e58946197559f2e593319ff2f8a0c6c791daa8aee8bff0570ecc77864eaeb446df15d4cf2f8d20f6f9eec4a86b5fdf905fcc767fa31505c53810f406bc0b3ec8db9f3199910f4a7a7642beee2bb8560af4c714876dc42afa3c01b890cc22755f84404cbed087ecff3384f5e1a8192a57c53b6dc08fd433ed9915b39079eaa28ffedf3d8f2a9ce4e7aa333396318400d94c119b970f571fae725934ddf90fc2