credithub-test.azusnc-test.jewels.com

- Signet Group Services US Inc -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 25:d3:5c:7f:10:1b:0b:6f:08:be:ae:ab:76:39:cc:7e was issued on by Sectigo Limited.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Signet Group Services US Inc

Organization: Signet Group Services US Inc
State / Province: Ohio
Country: US

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): 25:d3:5c:7f:10:1b:0b:6f:08:be:ae:ab:76:39:cc:7e
Serial Number (int): 50278886529837366340831826367533927550
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 57:1f:00:2b:61:01:31:2a:4f:8c:83:14:9f:55:5b:ea:d5:34:9f:a0
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 05:45:fe:64:47:d9:d7:c9:43:6e:32:13:fd:eb:a0:44:44:2a:90:b5
Fingerprint (sha256): 04:96:89:30:71:4a:2a:eb:98:7b:51:9f:19:a4:05:ee:0b:09:64:39:b5:53:cc:43:61:74:59:2e:08:dc:ef:53

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate credithub-test.azusnc-test.jewels.com

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for credithub-test.azusnc-test.jewels.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

credithub-test.azusnc-test.jewels.com
test-credit.banter.com
test-credit.gordonsjewelers.com
test-credit.jared.com
test-credit.kay.com
test-credit.sterlingjewelers.com
test-credit.zales.com
test-creditamq.jewels.com
test-creditapis.jewels.com

Other certificates including the domain name jewels.com

(limited to 100 certificates)
qlqw10app00.jewels.com
srsprod.jewels.com
imperva.com
skuserviceapi.dev.cloud.jewels.com
rmm.test.cloud.jewels.com
signet-identity-provider-test.jewels.com
plcosatadm01.jewels.com
skuserviceapi.dev.cloud.jewels.com
credithub-test.azusnc-test.jewels.com
workordersapi-dev.jewels.com
skuserviceapi.dev.cloud.jewels.com
sapbpcuxp.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
gp-akr.jewels.com
uluf20app00.jewels.com
skuserviceapi.dev.cloud.jewels.com
sigctbanner.jewels.com
signet-cltin-prod-informatica-alb.cltin.cloud.jewels.com
sapfinance.jewels.com
*.jewels.com
jira.jewels.com
dldf10app00.jewels.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
web01-sigcapdev.jewels.com
archiva.jewels.com
vpn.jewels.com
skuserviceapi.dev.cloud.jewels.com
plpb20app00.jewels.com
guest.jewels.com
PWAKSEPAPP01.jewels.com
credpmtcalc-dev.jewels.com
srsprod.jewels.com
credpmtcalc-dev.jewels.com
cc.stage.cloud.jewels.com
signethierarchyprovider.jewels.com
skuserviceapi.dev.cloud.jewels.com
worswebdev.jewels.com
vhsigdi1ci.sap.jewels.com
dldw10app00.jewels.com
worswebuat.jewels.com
srsvendorportal.jewels.com
perf-creditapis.jewels.com
vhsigdi1ci.sap.jewels.com
signet-identity-provider-prod.jewels.com
data.jewels.com
mypc.jewels.com
*.jewels.com
dev1digitalapi.jewels.com
PWAKSEPAPP01.jewels.com
api4.jewels.com
vhsigdi1ci.sap.jewels.com
xconnect.jewels.com
dwakivrweb01.jewels.com
skuserviceapi.dev.cloud.jewels.com
workordersapi.jewels.com
vpn.jewels.com
ukecomapigreen.jewels.com
vhsigdj1ci.sap.jewels.com
rmm.stage.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
worsweb.jewels.com
uluw20app01.jewels.com
sappouxp.jewels.com
cc.dev.cloud.jewels.com
kay.ercol.test.cloud.jewels.com
uk-alt.ecesb.test.cloud.jewels.com
test.sslvpn.jewels.com
skuserviceapi.dev.cloud.jewels.com
credpmtcalc-prod.jewels.com
sjim-asa-vpn.jewels.com
ecomapigreen.jewels.com
signet-cltin-dev-inform-int-alb.cltin.dev.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
skuserviceapi.dev.cloud.jewels.com
fed01.jewels.com
skuserviceapi.dev.cloud.jewels.com
creditapis.jewels.com
CAR-C1-ISE-1.jewels.com
sigctbanner.jewels.com
pacoclearpass01.jewels.com
credithub-test.azusnc-test.jewels.com
api4dev.zalecorp.com
xconnect.jewels.com
dlde10app00.jewels.com
www.kay.com
posapigateway-perf.jewels.com
dlde10app00.jewels.com
edu-sams-interface.store-ops.cloud.jewels.com
saps4huxp.jewels.com
plpf20app00.jewels.com
sjim-asa-vpn.jewels.com
stage-repair.jewels.com
nexus.dev.cloud.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
credithub-dev.azusnc-test.jewels.com
vpn.jewels.com
sma.jewels.com
autosys-ui.caf.dev.cloud.jewels.com
PWAKRPAAPP01.jewels.com

Certificate

The complete raw certificate details for credithub-test.azusnc-test.jewels.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH2TCCBsGgAwIBAgIQJdNcfxAbC28Ivq6rdjnMfjANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTI0MDQyOTAwMDAwMFoXDTI1MDUyOTIzNTk1OVowczELMAkGA1UE
BhMCVVMxDTALBgNVBAgTBE9oaW8xJTAjBgNVBAoTHFNpZ25ldCBHcm91cCBTZXJ2
aWNlcyBVUyBJbmMxLjAsBgNVBAMTJWNyZWRpdGh1Yi10ZXN0LmF6dXNuYy10ZXN0
Lmpld2Vscy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5WOi8
A9hflXXsM9lLxVA1WBc2bypVBV+nTLb+ry7toVaU3EcKHnWEWTe2Ng/KXll0042F
wcrQh1XWeBLfWqjaMTU75W6/rhK12UCO+3OTWRjN/KvUsyACmPD+S1OcQuBmqlue
bOHGmiUMEwoq477aj9u0knEzBAGMzEPngiRC0tu6iG/bAN+gxs69BkHMUYdUD5gf
tJUSN1x8G3XSymzDW7ShoCma8s7vXjamfZwhA3k+AFQM+Rz6CLji+5OY2o5wl+BT
jxXiu9V6hDYSy87F5FzJxGPqGmDkMkuu7EeEwgzHmAPziEgZj9DRepGAInBc2RNS
TPD+7hFIuXk4R/dFAgMBAAGjggREMIIEQDAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJ
Q9kwNkSMbKlP6zAdBgNVHQ4EFgQUVx8AK2EBMSpPjIMUn1Vb6tU0n6AwDgYDVR0P
AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMEoGA1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEW
F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+g
TaBLhklodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRp
b25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHww
VQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9y
Z2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUH
MAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfwYKKwYBBAHWeQIEAgSCAW8E
ggFrAWkAdgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY8r2SkT
AAAEAwBHMEUCIQClpPr+ziGFnrpkJYTphUPMK5KOP4n2/awFq/pOcI4vwQIgK4FB
a01tfnuqRUSk3AWvxjGp6HKmkoqBB/o/gRoKG5sAdwCi4wrkRe+9rZt+OO1HZ3dT
14JbhJTXK14bLMS5UKRH5wAAAY8r2SjGAAAEAwBIMEYCIQC5OmzOtZ8xukUIRQ0h
zBIlpBd/LS91C4R3vYgAMRkZZAIhAPOR3mWKbQ7nnpFLDF7UFwsHuG6j0G8cmXuz
U+ZSssVVAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPK9ko
qgAABAMARzBFAiEA+ggT0nCj3b/04XSnJRyh+LOlVDmYltLatGRLh74KgWgCIGBs
OERh2GpvQBdVHzCpVs5PkVNMPJgqPPyGvqjjYrYlMIIBBwYDVR0RBIH/MIH8giVj
cmVkaXRodWItdGVzdC5henVzbmMtdGVzdC5qZXdlbHMuY29tghZ0ZXN0LWNyZWRp
dC5iYW50ZXIuY29tgh90ZXN0LWNyZWRpdC5nb3Jkb25zamV3ZWxlcnMuY29tghV0
ZXN0LWNyZWRpdC5qYXJlZC5jb22CE3Rlc3QtY3JlZGl0LmtheS5jb22CIHRlc3Qt
Y3JlZGl0LnN0ZXJsaW5namV3ZWxlcnMuY29tghV0ZXN0LWNyZWRpdC56YWxlcy5j
b22CGXRlc3QtY3JlZGl0YW1xLmpld2Vscy5jb22CGnRlc3QtY3JlZGl0YXBpcy5q
ZXdlbHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBCRSF4iS/KRpVvHP/FvDs8RNFY
rnnBhZbhiQFDKLrKFZRXONDlvAMQXFMxowHX/2qVKCPBq4vBezxTvax5RML4QBIP
jauJS2L42Ez0qYc1Xc8egA1WGzPVn8Jt0KAjkAWZcH7XHVk4xL+LLxiscTXTStuH
jLIMUOePgM7YLWc4vnIoEbLHrpalcoKp27i+HAHHODej15RWqDJDFBCh9S5O98ce
MHjWDnRaBCe3XXlHUOLyGGamskBz7u/KOd1tl7hlfgtIPFx/WiuQq/RmRk5g7fdP
YM1zXk4mjcSnw9T7WgKwGZy/y96EffYRncY/OJF/soGEw5otHPPtMgsxZy5W
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVjovAPYX5V17DPZS8VQ
NVgXNm8qVQVfp0y2/q8u7aFWlNxHCh51hFk3tjYPyl5ZdNONhcHK0IdV1ngS31qo
2jE1O+Vuv64StdlAjvtzk1kYzfyr1LMgApjw/ktTnELgZqpbnmzhxpolDBMKKuO+
2o/btJJxMwQBjMxD54IkQtLbuohv2wDfoMbOvQZBzFGHVA+YH7SVEjdcfBt10sps
w1u0oaApmvLO7142pn2cIQN5PgBUDPkc+gi44vuTmNqOcJfgU48V4rvVeoQ2EsvO
xeRcycRj6hpg5DJLruxHhMIMx5gD84hIGY/Q0XqRgCJwXNkTUkzw/u4RSLl5OEf3
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 50278886529837366340831826367533927550
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Signet Group Services US Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'credithub-test.azusnc-test.jewels.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23397929139281903350268986016711077879044109230313433597381006851041243272679591781585630584746489863512310585612455032449297267481546844567563536854551649873215236467517170059842148984051220908114657893622096246758340034238372802740738298880346383354480400783474207053779536748890446546470544834711536592274946751847880108247944098587615519509847920093911864243483020769857250690155105481459950024051351155642503298126231936630364010471408111050150216148453056608596618842856374678035122137333696869119558201245593856669265896755461272762866550801287119229779850701080020216673968411061311757598552111042256569890629
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							571f002b6101312a4f8c83149f555bead5349fa0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f2bd929130000040300473045022100a5a4fafece21859eba642584e98543cc2b928e3f89f6fdac05abfa4e708e2fc102202b81416b4d6d7e7baa4544a4dc05afc631a9e872a6928a8107fa3f811a0a1b9b007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018f2bd928c60000040300483046022100b93a6cceb59f31ba4508450d21cc1225a4177f2d2f750b8477bd880031191964022100f391de658a6d0ee79e914b0c5ed4170b07b86ea3d06f1c997bb353e652b2c5550076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f2bd928aa0000040300473045022100fa0813d270a3ddbff4e174a7251ca1f8b3a554399896d2dab4644b87be0a81680220606c384461d86a6f4017551f30a956ce4f91534c3c982a3cfc86bea8e362b625
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (255 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'credithub-test.azusnc-test.jewels.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-credit.banter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-credit.gordonsjewelers.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-credit.jared.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-credit.kay.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-credit.sterlingjewelers.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-credit.zales.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-creditamq.jewels.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-creditapis.jewels.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0042452178892fca46956f1cffc5bc3b3c44d158ae79c18596e189014328baca15945738d0e5bc03105c5331a301d7ff6a952823c1ab8bc17b3c53bdac7944c2f840120f8dab894b62f8d84cf4a987355dcf1e800d561b33d59fc26dd0a023900599707ed71d5938c4bf8b2f18ac7135d34adb878cb20c50e78f80ced82d6738be722811b2c7ae96a57282a9dbb8be1c01c73837a3d79456a832431410a1f52e4ef7c71e3078d60e745a0427b75d794750e2f21866a6b24073eeefca39dd6d97b8657e0b483c5c7f5a2b90abf466464e60edf74f60cd735e4e268dc4a7c3d4fb5a02b0199cbfcbde847df6119dc63f38917fb28184c39a2d1cf3ed320b31672e56