send-tst.roche.com
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 06:98:a3:3d:e2:d4:6e:08:3e:a4:70:77:f0:9a:56:29 was issued on by DigiCert, Inc..
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=send-tst.roche.com
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:98:a3:3d:e2:d4:6e:08:3e:a4:70:77:f0:9a:56:29Serial Number (int): 8767908033090521735146385966324405801
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: f4:17:1d:d8:5f:3b:2b:8a:b2:d0:ab:99:35:8a:7f:b6:eb:af:31:cb
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 9c:a3:d7:44:82:5e:a2:b9:c7:37:ca:46:1e:fb:74:b8:7e:9f:96:49
Fingerprint (sha256): 04:96:5c:5a:4c:ea:d7:68:17:24:83:76:60:e5:31:6e:65:96:dd:4d:69:d0:37:31:5d:a6:b5:1a:9e:28:70:57
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate send-tst.roche.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for send-tst.roche.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
send-tst.roche.com
send-apac-tst.roche.com
send-emea-tst.roche.com
send-nala-tst.roche.com
send-apac-tst.roche.com
send-emea-tst.roche.com
send-nala-tst.roche.com
Other certificates including the domain name roche.com
(limited to 100 certificates)
involve.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
www.hpv16and18.com
easydrive-uat.roche.com
advancedanalytics.roche.com
main.rhelp.roche.com
sni.cloudflaressl.com
magentocloud28.map.fastly.net
rbalvprexd0.bas.roche.com
cieas01.roche.com
harmonytest.de
sequencing.roche.com
esource.roche.com
e-medical.roche.com
esource.roche.com
coaguchek.com
rsmsourcing.roche.com
deimos.roche.com
cert2.roche.com
sni.cloudflaressl.com
cdn.appstore.gene.com
shpivee1-01.roche.com
eews-dev.roche.com
myaccess.roche.com
ican.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
cert3.roche.com
sni.cloudflaressl.com
sni.cloudflaressl.com
mrdivee2-02.netlab.roche.com
rodip.roche.com
nsrdcongresses.roche.com
rbavxsentry11.bas.roche.com
mobilesolution-dev.roche.com
wamua.roche.com
dialog-62-test.roche.com
rocheggcpac.roche.com
san-003.ceros.com
video.hive.roche.com
sni.cloudflaressl.com
rssg.roche.com
mftemeaext.roche.com
anadisuat01.sc1.roche.com
careers.roche.com
flow.roche.com
cert3.roche.com
sni.cloudflaressl.com
misp.roche.com
cert2.roche.com
careers.roche.com
api.rockwizz.roche.com
bitbucket-nala-qa.roche.com
careers.roche.com
wamdev.roche.com
sonar-dev-old.roche.com
diauxhub.roche.com
careers.roche.com
globalfms.roche.com
san-003.ceros.com
sc1lvflexq2.sc1.roche.com
easydrive-dev.roche.com
send-tst.roche.com
indigrow.roche.com
careers.roche.com
careers.roche.com
env5-remotedashboard.roche.com
mrd25.me
cert2.roche.com
*.esrv-hub-uat.roche.com
sb.eu.phcaa.science.roche.com
san-003.ceros.com
extaccess-nala.roche.com
magentocloud28.map.fastly.net
go.roche.com
magentocloud32.map.fastly.net
sni.cloudflaressl.com
ssl882748.cloudflaressl.com
sni.cloudflaressl.com
esrv-marketplace-dev.roche.com
careers.roche.com
imcore.roche.com
booster.roche.com
sni.cloudflaressl.com
akamai-san195.exacttarget.com
raumbuch.roche.com
pitas01.roche.com
sni.cloudflaressl.com
c1edb.roche.com
magentocloud45.map.fastly.net
shpivee1-01.roche.com
hpv16and18.com
hivemind.roche.com
searchsquad.roche.com
cferondanetrochedia-qa.roche.com
esign.roche.com
diaitsupport.roche.com
sni.cloudflaressl.com
magentocloud32.map.fastly.net
r32web.sap.roche.com
apis.cwp.roche.com
Certificate
The complete raw certificate details for send-tst.roche.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII3DCCBsSgAwIBAgIQBpijPeLUbgg+pHB38JpWKTANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjIxMjI4MDAwMDAwWhcNMjQwMTEyMjM1OTU5WjAdMRswGQYDVQQDExJzZW5kLXRz dC5yb2NoZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbiWjE rP4iBX7rUDp3VRMTgCgqj6Fp6G4Zx2Ul/CIoSkSA6HZTy1xj7R5JU8wcEpjZzqiN c/gs0VX5/F7Z8y7wj8X4ndncVJGASmzacdx3Dv4qSCLr1Syrx8HY4rG/zX5KkLq+ yS1HyUjubD5DXss7Bvn7tjgzHIGDMrKz+9U6K7g/EByl+S8399VKABuSrZfSKgyM mlImqfRUQNhGpQ5OTcuXLqPd+RA8xycXUftu60cuzTRal+pqWEHoNslzGqY6OJPf uHS0QGxxtaCzx+0AqWlVwPgvlp1CIFXhJSsbGHheyBKj3XFCiQwp77S4LpTujR1c l0grBWfEbW00ocKCNXrC/+fwUChRHr7YN1dwe3rAXk4u2H5ZTuUMjkE55COuB4PV ypYbAhu4PDPeNcVVjbsQgSGnCuoE6hmtaBlE4cpVTe+WarmBz+qPY1SdXeRgtKNj 9DeoeNQ6T8FWAAEUd1shTQO4WEF7oAORDuk7jePXa5EslRDblONLIKIE7Nzjc17j MbvXbQxXAMct13nJucZ1ESpZlDwHGeWfANXdzFEKFGihURjVWtG5uNlqH/Y68lAU fHQrBVlGfE4ubpAOAcNN2saDYxJ5HlvojySrnMwh17A/eZy6W+S3uOl+SPUitCoP Z2YwwbWAWDRo+B3EPUrrUl8hLpXYKFAygsD9lwIDAQABo4ID1zCCA9MwHwYDVR0j BBgwFoAUpbTW6zbE52um38RkCwEqIAS4ZiMwHQYDVR0OBBYEFPQXHdhfOyuKstCr mTWKf7brrzHLMGgGA1UdEQRhMF+CEnNlbmQtdHN0LnJvY2hlLmNvbYIXc2VuZC1h cGFjLXRzdC5yb2NoZS5jb22CF3NlbmQtZW1lYS10c3Qucm9jaGUuY29tghdzZW5k LW5hbGEtdHN0LnJvY2hlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9j cmwzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYy MDIyQ0ExLmNybDBIoEagRIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0dlb1Ry dXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMD4GA1UdIAQ3MDUw MwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k aWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0 LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNydDAJ BgNVHRMEAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwDuzdBk1dsazsVc t520zROiModGfLzs3sNRSFlGcR+1mwAAAYVYHXmlAAAEAwBIMEYCIQCNikDh4gT0 XQKpqLjE7KympKP+5b9/b4lqUebrprFciwIhAJzOg3gMTs2/H3tJyKPd5udSRx+0 GTaGwuAxiGV8VRGSAHcAc9meiRtMlnigIH1HneayxhzQUV5xGSqMa4AQesF3crUA AAGFWB15sAAABAMASDBGAiEA9kZ+oCGjJp5E9deVJFp5FVf2HoPYjDMmtZQgRxH5 Hv8CIQDvT7AtgSfOjhEsZ8UDrXmED4swqaN7r0iABOel2po2YgB1AEiw42vapkc0 D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABhVgdeYEAAAQDAEYwRAIgEMPh2IiD q5G1zePCSHdYA1tdEa/3a9k5S9rODQERC9UCIGTHofMzevR7+a7xop8ccHA48BM6 HO2/Na8k9oHH+VVhMA0GCSqGSIb3DQEBCwUAA4ICAQDBzO3Fxc7tvjlOt+xdVS7N 1drirAADWHkzSr6ZHVrHoJa2ZTF56Owru1/WhwaYIZRbTnxTlBb5Ad7TRlO/I1HC D0n9v1c/PoFzbHaxebhc8nMkraHqGhf3H+QtAKylnPR4CaXWFfhNCkM90XrXVHU8 aOj2lKVYiX4j3cDqEb13+xyT9t5HSK1E4iO0VMMeHf5iorcmTQCEDOcyYbCM09+I ZppzIwjKdeib8fP5n6G4ACnHbHVqAIAY7vuZi51sT5MWoLq1arMRx8gVCr1jpHc4 w/HjlptayRtcwyGtLjnadgOJdLtah8Xs6U40KEY9s8SvVJqBRUgNrMbzvwXiynAX YmA/B6UbM9MutIstb3Q0Di13TudKbBXfnWG587xN4w4xBmQItIGIXiAzxz4yA9ml YuC6E0vE7Sr3fXlIUNWP+03TqOHYP+QlpD5keGBjVywRep4QMceGR2ZustSugshO x1V6ydbWdD/zEyS7RVGbMKSW/F0Rhn0IUXRnHm7y7PHrjv/RO6tKhRtFWAHCFeay PJfKWQDnLcHMlKwEQSZIgZwEQ99TwsoSAoykkASPT+6ZclcTX3SKdLar3PJXSwhy G83xmYNJ47RQR8G/iOCAAQQHxwFtEncSPi/kUhiTfjpluDZ/4i8UHZUYQ3MO+9FT BkcXHWMN0xmYWZhO+qbfLA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA24loxKz+IgV+61A6d1UT E4AoKo+haehuGcdlJfwiKEpEgOh2U8tcY+0eSVPMHBKY2c6ojXP4LNFV+fxe2fMu 8I/F+J3Z3FSRgEps2nHcdw7+Kkgi69Usq8fB2OKxv81+SpC6vsktR8lI7mw+Q17L Owb5+7Y4MxyBgzKys/vVOiu4PxAcpfkvN/fVSgAbkq2X0ioMjJpSJqn0VEDYRqUO Tk3Lly6j3fkQPMcnF1H7butHLs00WpfqalhB6DbJcxqmOjiT37h0tEBscbWgs8ft AKlpVcD4L5adQiBV4SUrGxh4XsgSo91xQokMKe+0uC6U7o0dXJdIKwVnxG1tNKHC gjV6wv/n8FAoUR6+2DdXcHt6wF5OLth+WU7lDI5BOeQjrgeD1cqWGwIbuDwz3jXF VY27EIEhpwrqBOoZrWgZROHKVU3vlmq5gc/qj2NUnV3kYLSjY/Q3qHjUOk/BVgAB FHdbIU0DuFhBe6ADkQ7pO43j12uRLJUQ25TjSyCiBOzc43Ne4zG7120MVwDHLdd5 ybnGdREqWZQ8BxnlnwDV3cxRChRooVEY1VrRubjZah/2OvJQFHx0KwVZRnxOLm6Q DgHDTdrGg2MSeR5b6I8kq5zMIdewP3mculvkt7jpfkj1IrQqD2dmMMG1gFg0aPgd xD1K61JfIS6V2ChQMoLA/ZcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8767908033090521735146385966324405801 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'send-tst.roche.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 895631819786529812274175887055141531925949711461231688534934383525770757819008405303543328719510151826570751551356865492770566611708912364238763951883029729107897262286479239184429615145307283793813155813867542269882884769929478424437337119551232588108745796451512867574829280272346465479922909004536382674094061505524407764691673525151691741176649834710352830716039496746051516242223174029385492405554622605225495066258721093967653695097588177966494585728688905002913663592634945068275379425457593474722092304371368275642273833332083885762571537701240848041930290883730171591907420336234346736176884240081145983649193782690586011869459999122184844229123840369655005730379388832208452146229432577185206363046487111179371441025329121319307045199075364222407944912239388828672905652917054406117097617877099320421962952909928508559454697786977750588430278656553991773601206639515659263688435961048799684260786501948831208092844819390273289967205785611607554524682817480085367613079874861779815995029863917250639549599201894276543675340103882596000890291360089860250745703619676885665228199870326556548629396329516700142855495881447802035852316411956782822547781056589529917897672598437671461399491545569448743485671192106020550800899479 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4171dd85f3b2b8ab2d0ab99358a7fb6ebaf31cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'send-tst.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'send-apac-tst.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'send-emea-tst.roche.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'send-nala-tst.roche.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000185581d79a500000403004830460221008d8a40e1e204f45d02a9a8b8c4ecaca6a4a3fee5bf7f6f896a51e6eba6b15c8b0221009cce83780c4ecdbf1f7b49c8a3dde6e752471fb4193686c2e03188657c55119200770073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000185581d79b00000040300483046022100f6467ea021a3269e44f5d795245a791557f61e83d88c3326b594204711f91eff022100ef4fb02d8127ce8e112c67c503ad79840f8b30a9a37baf488004e7a5da9a366200750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000185581d79810000040300463044022010c3e1d88883ab91b5cde3c2487758035b5d11aff76bd9394bdace0d01110bd5022064c7a1f3337af47bf9aef1a29f1c707038f0133a1cedbf35af24f681c7f95561 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00c1ccedc5c5ceedbe394eb7ec5d552ecdd5dae2ac00035879334abe991d5ac7a096b6653179e8ec2bbb5fd687069821945b4e7c539416f901ded34653bf2351c20f49fdbf573f3e81736c76b179b85cf27324ada1ea1a17f71fe42d00aca59cf47809a5d615f84d0a433dd17ad754753c68e8f694a558897e23ddc0ea11bd77fb1c93f6de4748ad44e223b454c31e1dfe62a2b7264d00840ce73261b08cd3df88669a732308ca75e89bf1f3f99fa1b80029c76c756a008018eefb998b9d6c4f9316a0bab56ab311c7c8150abd63a47738c3f1e3969b5ac91b5cc321ad2e39da76038974bb5a87c5ece94e3428463db3c4af549a8145480dacc6f3bf05e2ca701762603f07a51b33d32eb48b2d6f74340e2d774ee74a6c15df9d61b9f3bc4de30e31066408b481885e2033c73e3203d9a562e0ba134bc4ed2af77d794850d58ffb4dd3a8e1d83fe425a43e64786063572c117a9e1031c78647666eb2d4ae82c84ec7557ac9d6d6743ff31324bb45519b30a496fc5d11867d085174671e6ef2ecf1eb8effd13bab4a851b455801c215e6b23c97ca5900e72dc1cc94ac04412648819c0443df53c2ca12028ca490048f4fee997257135f748a74b6abdcf2574b08721bcdf1998349e3b45047c1bf88e080010407c7016d1277123e2fe45218937e3a65b8367fe22f141d951843730efbd1530647171d630dd3199859984efaa6df2c