NYHQ-TEL-EXPWYC.lga2.nyt.net
Issued by Sectigo RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number ac:c7:9e:67:72:a7:57:65:1e:66:2d:ab:33:50:b3:3e was issued on by Sectigo Limited.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=NYHQ-TEL-EXPWYC.lga2.nyt.net
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): ac:c7:9e:67:72:a7:57:65:1e:66:2d:ab:33:50:b3:3eSerial Number (int): 229663695166555671213390769431149327166
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: dc:c4:3c:c5:25:93:22:ff:8a:df:6b:3e:a6:9c:ae:55:c7:f9:ef:ef
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1
Fingerprint (sha1): 72:be:a3:c0:4c:02:e7:e0:9d:6d:c1:93:32:f4:42:c5:76:ea:bb:e9
Fingerprint (sha256): 04:91:19:11:d8:9f:46:69:b3:45:29:69:2d:8c:c4:55:07:8e:23:a4:34:00:ac:52:0d:6b:0f:ac:67:89:96:e8
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate NYHQ-TEL-EXPWYC.lga2.nyt.net
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for NYHQ-TEL-EXPWYC.lga2.nyt.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
NYHQ-TEL-EXPWYC.lga2.nyt.net
8851TLSEncryptedLSC.nyt.net
8851TLSEncryptedMIC.nyt.net
JabberTLSEncryptedMRA.nyt.net
UniveralTLSEncryptedLSC.nyt.net
UniveralTLSEncryptedMIC.nyt.net
8851TLSEncryptedLSC.nyt.net
8851TLSEncryptedMIC.nyt.net
JabberTLSEncryptedMRA.nyt.net
UniveralTLSEncryptedLSC.nyt.net
UniveralTLSEncryptedMIC.nyt.net
Other certificates including the domain name nyt.net
(limited to 100 certificates)
*.mx.us-west-2.dv-shared-stg.awsma.nyt.net
gai.rd.nyt.net
k0dvb.dv-dns.nyti.snd.nyt.net
sharedui.tech.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.twistlock.us-east1-01.prd.dvsp-gcp.nyt.net
*.dv-prd.us-east-1-01.dev.dvsp.nyt.net
*.kube-system.us-west1-01.stg.dvsp-gcp.nyt.net
*.b2b.us-east-1-01.stg.dvsp.nyt.net
*.content-tagging.us-west-2-01.stg.dvsp.nyt.net
misp.infosec-prd.awsma.nyt.net
ic-slackbot-prd.dv-prd.awsma.nyt.net
midmirror.stg.nyt.net
tech.nyt.net
jks-messaging-sub.messaging-dev.awsma.nyt.net
newsdev.nyt.net
nn-audience-api.messaging-dev.awsma.nyt.net
appcatalog.dev.nyt.net
commerce.commerce-dev.awsma.nyt.net
ckraken.auth.prd.nyt.net
*.dv-engagements-lab.us-east1-01.stg.dvsp-gcp.nyt.net
gmax.tech.nyt.net
*.payflow.us-east-1-01.stg.dvsp.nyt.net
*.twistlock.us-east1-01.sbx.dvsp-gcp.nyt.net
identity.tech.nyt.net
news.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
assets.nyt.net
ad-docs.nyt.net
slackapp.dev.nyt.net
*.account.us-east-1.dv-shared-prd.awsma.nyt.net
autoreplyslackbot.dv-demo-lab.awsma.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.account.us-west-2.dv-shared-stg.awsma.nyt.net
httpbin-us-east1.news.stg.nyt.net
account-fe.account.nyti.stg.nyt.net
hyphen.dev.nyt.net
zuo-grandcentral-stg-lb.spg-dev.awsma.nyt.net
features.tech.nyt.net
twistlock-dev.devsecops.dv.nyt.net
*.kube-public.us-east1-01.dev.dvsp-gcp.nyt.net
*.dv-dev.us-east-1.dv-shared-dev.awsma.nyt.net
app-platforms.tech.nyt.net
nss-console-prd.nyt.net
*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
*.dv-dns.us-east-1-01.sbx.dvsp.nyt.net
amp-docs.tech.nyt.net
*.kube-node-lease.us-west1-01.dev.dvsp-gcp.nyt.net
hyphen.tech.nyt.net
platform-stela.nyt.net
photo.nyt.net
pdf-invoices-bff.account.nyti.nyt.net
video-thumbnails.prd.nyt.net
nyt.net
*.auth-dev.us-west-2.dv-shared-dev.awsma.nyt.net
webgl.rd.nyt.net
edge.games.nyti.nyt.net
puzzles.dev.nyt.net
targeting.tech.nyt.net
activate-access-bff.account.nyti.stg.nyt.net
esx03-c01.prd.orf1.nyt.net
*.audio.us-east1-01.dev.dvsp-gcp.nyt.net
reader-revenue.tech.nyt.net
triage.dev.care-dev.awsma.nyt.net
mwcm-pub-lab-dev.growth-mc.nyti.stg.nyt.net
dossier.stg.nyt.net
*.games.us-east-1.dv-shared-dev.awsma.nyt.net
graphql-android.samizdat.nyti.nyt.net
lt0959-audience-api-rpc.messaging-dev.awsma.nyt.net
js1-messaging-sub-rpc.messaging-dev.awsma.nyt.net
p1-dev.dv.nyt.net
weddings-api.stg.nyt.net
*.tarplat.us-east1-01.dev.dvsp-gcp.nyt.net
meter.nyt.net
reactivation-dp.account.nyti.nyt.net
NYHQ-TEL-EXPWYC.lga2.nyt.net
user-attribute.auth.nyti.dev.nyt.net
leaderboards.games.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
wit.nyt.net
cookies.games.dev.nyt.net
*.messaging.dv-shared-dev.awsma.nyt.net
*.web-platforms-vi-pr-7138.us-east-1-01.dev.dvsp.nyt.net
lire-ui.auth.nyti.stg.nyt.net
hybrid-renderer.news.sbx.nyt.net
du-bot-newsroom.dev.nyt.net
esx01-c01.stg.lga1.nyt.net
puzzles.dev.nyt.net
static.auth.stg.nyt.net
annotations.rd.nyt.net
srlt3-push-send-service.messaging-dev.awsma.nyt.net
weddings-api-internal.stg.nyt.net
activate-access-bff-dev.nyt.net
jobs-dev.dv.nyt.net
climate.rd.nyt.net
workdayuserguides.nyt.net
grc.nyt.net
me12-audience-api-rpc.messaging-dev.awsma.nyt.net
frm01.nyt.net
*.wirecutter.us-east-1.dv-shared-stg.awsma.nyt.net
gai.rd.nyt.net
k0dvb.dv-dns.nyti.snd.nyt.net
sharedui.tech.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.twistlock.us-east1-01.prd.dvsp-gcp.nyt.net
*.dv-prd.us-east-1-01.dev.dvsp.nyt.net
*.kube-system.us-west1-01.stg.dvsp-gcp.nyt.net
*.b2b.us-east-1-01.stg.dvsp.nyt.net
*.content-tagging.us-west-2-01.stg.dvsp.nyt.net
misp.infosec-prd.awsma.nyt.net
ic-slackbot-prd.dv-prd.awsma.nyt.net
midmirror.stg.nyt.net
tech.nyt.net
jks-messaging-sub.messaging-dev.awsma.nyt.net
newsdev.nyt.net
nn-audience-api.messaging-dev.awsma.nyt.net
appcatalog.dev.nyt.net
commerce.commerce-dev.awsma.nyt.net
ckraken.auth.prd.nyt.net
*.dv-engagements-lab.us-east1-01.stg.dvsp-gcp.nyt.net
gmax.tech.nyt.net
*.payflow.us-east-1-01.stg.dvsp.nyt.net
*.twistlock.us-east1-01.sbx.dvsp-gcp.nyt.net
identity.tech.nyt.net
news.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
assets.nyt.net
ad-docs.nyt.net
slackapp.dev.nyt.net
*.account.us-east-1.dv-shared-prd.awsma.nyt.net
autoreplyslackbot.dv-demo-lab.awsma.nyt.net
hybrid-renderer.news.sbx.nyt.net
*.account.us-west-2.dv-shared-stg.awsma.nyt.net
httpbin-us-east1.news.stg.nyt.net
account-fe.account.nyti.stg.nyt.net
hyphen.dev.nyt.net
zuo-grandcentral-stg-lb.spg-dev.awsma.nyt.net
features.tech.nyt.net
twistlock-dev.devsecops.dv.nyt.net
*.kube-public.us-east1-01.dev.dvsp-gcp.nyt.net
*.dv-dev.us-east-1.dv-shared-dev.awsma.nyt.net
app-platforms.tech.nyt.net
nss-console-prd.nyt.net
*.data-collections.us-east-1.dv-shared-prd.awsma.nyt.net
*.dv-dns.us-east-1-01.sbx.dvsp.nyt.net
amp-docs.tech.nyt.net
*.kube-node-lease.us-west1-01.dev.dvsp-gcp.nyt.net
hyphen.tech.nyt.net
platform-stela.nyt.net
photo.nyt.net
pdf-invoices-bff.account.nyti.nyt.net
video-thumbnails.prd.nyt.net
nyt.net
*.auth-dev.us-west-2.dv-shared-dev.awsma.nyt.net
webgl.rd.nyt.net
edge.games.nyti.nyt.net
puzzles.dev.nyt.net
targeting.tech.nyt.net
activate-access-bff.account.nyti.stg.nyt.net
esx03-c01.prd.orf1.nyt.net
*.audio.us-east1-01.dev.dvsp-gcp.nyt.net
reader-revenue.tech.nyt.net
triage.dev.care-dev.awsma.nyt.net
mwcm-pub-lab-dev.growth-mc.nyti.stg.nyt.net
dossier.stg.nyt.net
*.games.us-east-1.dv-shared-dev.awsma.nyt.net
graphql-android.samizdat.nyti.nyt.net
lt0959-audience-api-rpc.messaging-dev.awsma.nyt.net
js1-messaging-sub-rpc.messaging-dev.awsma.nyt.net
p1-dev.dv.nyt.net
weddings-api.stg.nyt.net
*.tarplat.us-east1-01.dev.dvsp-gcp.nyt.net
meter.nyt.net
reactivation-dp.account.nyti.nyt.net
NYHQ-TEL-EXPWYC.lga2.nyt.net
user-attribute.auth.nyti.dev.nyt.net
leaderboards.games.sbx.nyt.net
hybrid-renderer.news.sbx.nyt.net
wit.nyt.net
cookies.games.dev.nyt.net
*.messaging.dv-shared-dev.awsma.nyt.net
*.web-platforms-vi-pr-7138.us-east-1-01.dev.dvsp.nyt.net
lire-ui.auth.nyti.stg.nyt.net
hybrid-renderer.news.sbx.nyt.net
du-bot-newsroom.dev.nyt.net
esx01-c01.stg.lga1.nyt.net
puzzles.dev.nyt.net
static.auth.stg.nyt.net
annotations.rd.nyt.net
srlt3-push-send-service.messaging-dev.awsma.nyt.net
weddings-api-internal.stg.nyt.net
activate-access-bff-dev.nyt.net
jobs-dev.dv.nyt.net
climate.rd.nyt.net
workdayuserguides.nyt.net
grc.nyt.net
me12-audience-api-rpc.messaging-dev.awsma.nyt.net
frm01.nyt.net
*.wirecutter.us-east-1.dv-shared-stg.awsma.nyt.net
Certificate
The complete raw certificate details for NYHQ-TEL-EXPWYC.lga2.nyt.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGczCCBVugAwIBAgIRAKzHnmdyp1dlHmYtqzNQsz4wDQYJKoZIhvcNAQELBQAw gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD QTAeFw0yMTAxMjgwMDAwMDBaFw0yMjAxMjgyMzU5NTlaMCcxJTAjBgNVBAMTHE5Z SFEtVEVMLUVYUFdZQy5sZ2EyLm55dC5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQDSXEJQVKEU0CRvC+w748CVIrK0B9aGfeqEkIfpthw8bPhAumQB JDH21aSP+VayHh60ZKe+bzlhRkE+YgtxmjeD30edrlwgOVQ0STY1a9Znjv4VToZf oEmtcpID6fvuOcIndT+LeWfWigiD2yssr6LZHXYl8wfoSXA0VMeDCq5swMd0J3mM EV35/xLk3chCdob79DGbySrJpsLqPEQztxm6JHRDM5wbgHY7z1iesv7+z6x7NWRq 3LBgmKbRiclYbCwAMGnr7GyKLV6heVAQIrBotfNnnDVTDQGVLwFwdmD9eYHQ/bdF e+NhxSfhKoI7YFz16JgiaEug4Hp2b5w3rN2/jpWwaveYWUjsGPq1qf0yT15FxJMp QoBinh07/q8PAf1vN3BVAcPDUOXPlmYygVBWAHFca1Oadf4l1hX2pJGdH3QklxbI sjmF52WFJW6Kz3D4NVTJ94KiKcWM5MgcLJNtqbkH6dTQzUxERuvMDoW9B4cGiR3X ZRUpzqhEwxjhEsku5hodEjqRmg0fs+mPBGt1BCeW2m/hkYPoIBFSGqaoA+H0Niwv Kqmjd/+hSnoGzdNjJ+DvkoXTqg14IQ502dJPsraJ7G0+gNMj5sqoR2pGnWE6hajm RT7XTBQxLmaSvpYWeM3RIja+JrjHIvq7zGrng4CNdNrg4Mbdh1NPjwGeUwIDAQAB o4ICLzCCAiswHwYDVR0jBBgwFoAUjYxexFStiuF36Zv5mwXhuAGNYeEwHQYDVR0O BBYEFNzEPMUlkyL/it9rPqacrlXH+e/vMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBA MDQGCysGAQQBsjEBAgIHMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5j b20vQ1BTMAgGBmeBDAECATCBhAYIKwYBBQUHAQEEeDB2ME8GCCsGAQUFBzAChkNo dHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FEb21haW5WYWxpZGF0aW9u U2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0 aWdvLmNvbTATBgorBgEEAdZ5AgQDAQH/BAIFADCBxAYDVR0RBIG8MIG5ghxOWUhR LVRFTC1FWFBXWUMubGdhMi5ueXQubmV0ghs4ODUxVExTRW5jcnlwdGVkTFNDLm55 dC5uZXSCGzg4NTFUTFNFbmNyeXB0ZWRNSUMubnl0Lm5ldIIdSmFiYmVyVExTRW5j cnlwdGVkTVJBLm55dC5uZXSCH1VuaXZlcmFsVExTRW5jcnlwdGVkTFNDLm55dC5u ZXSCH1VuaXZlcmFsVExTRW5jcnlwdGVkTUlDLm55dC5uZXQwDQYJKoZIhvcNAQEL BQADggEBADH8tFXYf+J8uXRqrF2xefa3YmrZBJrotxj7xN/3m7srTGEAkalNwWB2 uGeEHeQ+NbetPNNPgS9LpAiOh17EPOy23w3KG9mnTbZOWqOCeTLVPN1p1aIUvyM4 hhYRHytARzp7dp3CThiZBdsz7oMc92kay93GXXX2HUzAL1qw/sOvIFDbJXxrucLu TBRUAXMpTBJ5bS1PIzpamK/7djl855ARB6P7YAfwKoS5Rr9EBQCWm4spZkikX19H uytqliDlaI7H3y9vIrSpYCTjWO6CQ/7Jf5+9XjdloMJITKSTwBEK1sIJT8sjvknC U/aDrUI1hBxhl4B77jtc2rvfjYPXIgw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0lxCUFShFNAkbwvsO+PA lSKytAfWhn3qhJCH6bYcPGz4QLpkASQx9tWkj/lWsh4etGSnvm85YUZBPmILcZo3 g99Hna5cIDlUNEk2NWvWZ47+FU6GX6BJrXKSA+n77jnCJ3U/i3ln1ooIg9srLK+i 2R12JfMH6ElwNFTHgwqubMDHdCd5jBFd+f8S5N3IQnaG+/Qxm8kqyabC6jxEM7cZ uiR0QzOcG4B2O89YnrL+/s+sezVkatywYJim0YnJWGwsADBp6+xsii1eoXlQECKw aLXzZ5w1Uw0BlS8BcHZg/XmB0P23RXvjYcUn4SqCO2Bc9eiYImhLoOB6dm+cN6zd v46VsGr3mFlI7Bj6tan9Mk9eRcSTKUKAYp4dO/6vDwH9bzdwVQHDw1Dlz5ZmMoFQ VgBxXGtTmnX+JdYV9qSRnR90JJcWyLI5hedlhSVuis9w+DVUyfeCoinFjOTIHCyT bam5B+nU0M1MREbrzA6FvQeHBokd12UVKc6oRMMY4RLJLuYaHRI6kZoNH7PpjwRr dQQnltpv4ZGD6CARUhqmqAPh9DYsLyqpo3f/oUp6Bs3TYyfg75KF06oNeCEOdNnS T7K2iextPoDTI+bKqEdqRp1hOoWo5kU+10wUMS5mkr6WFnjN0SI2via4xyL6u8xq 54OAjXTa4ODG3YdTT48BnlMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 229663695166555671213390769431149327166 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NYHQ-TEL-EXPWYC.lga2.nyt.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 858195504433083416807874110569153153633593481032089278360694006969208159256061095672089769685377127340967902586490336625676571793898258993592170023805726056081950659594268545091598247454682380607833333956457942687368902719135086589562660044248593874186795021785733560956319639650692378544500721280350898047015487470310531180697142831735396978890496754131829737968307722142781386433898759809517210614821483015077229608904481258359963705172015065195333480880756891463244928816502867635893265124472328008995157169076879807647102023222586405584687929565913490822865329893070160401810326178804382370688313348595722556620645324294412545410822137509433461396759001638552561161869696566836539698998181559827181156161120330199925259785145586508933058143599215331263524416056337836123009303629036599192603268387670127958097584660665727084510426810015384542996698621611861558489528731274837892938844301710336827149631088239050467648685133586331669242574571037934152068528790331963015036532640855674635358130602751129309172607373289384255274565048345049347680544402290650671339576200643905482041831528333508099044389358808812927016512352234167028579311909297678089856352155292566487493010436081722441517658723357036394341190758546623490701762131 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dcc43cc5259322ff8adf6b3ea69cae55c7f9efef . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (188 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'NYHQ-TEL-EXPWYC.lga2.nyt.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '8851TLSEncryptedLSC.nyt.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '8851TLSEncryptedMIC.nyt.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'JabberTLSEncryptedMRA.nyt.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'UniveralTLSEncryptedLSC.nyt.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'UniveralTLSEncryptedMIC.nyt.net' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0031fcb455d87fe27cb9746aac5db179f6b7626ad9049ae8b718fbc4dff79bbb2b4c610091a94dc16076b867841de43e35b7ad3cd34f812f4ba4088e875ec43cecb6df0dca1bd9a74db64e5aa3827932d53cdd69d5a214bf23388616111f2b40473a7b769dc24e189905db33ee831cf7691acbddc65d75f61d4cc02f5ab0fec3af2050db257c6bb9c2ee4c14540173294c12796d2d4f233a5a98affb76397ce7901107a3fb6007f02a84b946bf440500969b8b296648a45f5f47bb2b6a9620e5688ec7df2f6f22b4a96024e358ee8243fec97f9fbd5e3765a0c2484ca493c0110ad6c2094fcb23be49c253f683ad4235841c6197807bee3b5cdabbdf8d83d7220c