towa.tlehman.cuny.edu

- City University of New York -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 0d:18:37:3c:d9:a0:b9:33:c4:de:ae:60:33:06:12:21 was issued on by DigiCert Inc.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

City University of New York

Organization: City University of New York
Organization unit: IT
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:18:37:3c:d9:a0:b9:33:c4:de:ae:60:33:06:12:21
Serial Number (int): 17405699423379243763707263236245426721
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 29:ac:66:28:03:41:5f:8a:0f:3f:de:e5:1b:fe:ad:6d:e0:ef:2a:ba
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): 5b:cd:c5:66:74:1c:90:ac:92:e1:7f:a9:5c:79:79:82:91:53:53:2a
Fingerprint (sha256): 04:ef:1c:d2:fa:20:7f:5c:b0:e4:6c:6a:11:8d:3e:a4:9f:6f:6b:9a:32:bc:9e:a2:9c:cc:0b:09:8f:c9:b9:44

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl

Check the revocation status for certificate towa.tlehman.cuny.edu

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for towa.tlehman.cuny.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

towa.tlehman.cuny.edu
autodiscover.tlehman.cuny.edu
tmail.lehman.edu
autodiscover.tmail.lehman.edu

Other certificates including the domain name cuny.edu

(limited to 100 certificates)
www.math.csi.cuny.edu
5684453372329984-fe2.pantheonsite.io
us.prod.campusgroups.com
*.gc.cuny.edu
*.csi.cuny.edu
ucdc.edu
csicampusnet.csi.cuny.edu
us.prod.campusgroups.com
guides.newman.baruch.cuny.edu
*.mhc.cuny.edu
mail.journalism.cuny.edu
eportfolios.macaulay.cuny.edu
libpapercut-vs.librarygp.citytech.cuny.edu
test.eis.uw.edu
qwifi.qc.cuny.edu
www.design-engineering.princeton.edu
5684453372329984-fe2.pantheonsite.io
nxterra.ucop.edu
ssa.ccny.cuny.edu
csi2-pps2.csi.cuny.edu
cslive.csi.cuny.edu
*.citytech.cuny.edu
mail.qc.cuny.edu
*.kbcc.cuny.edu
*.bmcc.cuny.edu
www.hcii.cs.cmu.edu
208.lsnc.net
5684453372329984-fe2.pantheonsite.io
*.citytech.cuny.edu
cunyba.us.reclaim.cloud
www.blogs.earthjustice.org
us.prod.campusgroups.com
qccommunity.qc.cuny.edu
*.citytech.cuny.edu
libcal.library.hunter.cuny.edu
5684453372329984-fe2.pantheonsite.io
library.citytech.cuny.edu
webdev.colorado.edu
virtual2.unlv.edu
5769928858664960-fe3.pantheonsite.io
5756915711737856-fe1.pantheonsite.io
mysite.qc.cuny.edu
*.york.ezproxy.cuny.edu
*.york.cuny.edu
5635703144710144-fe4.pantheonsite.io
upenn-it.asc.upenn.edu
*.qcc.cuny.edu
www.math.csi.cuny.edu
onesearch.cuny.edu
Collegiatelink4.Campuslabs.com
*.cuny.edu
csomlcms.cuny.edu
athletics.baruch.cuny.edu
senate.qc.cuny.edu
hub.meed.com
208.lsnc.net
webmail.exchtest.cuny.edu
*.cuny.edu
vision.cs.qc.cuny.edu
newmedialab.cuny.edu
dev.wellness.yale.edu
nml-jail.newmedialab.cuny.edu
qc.cuny.edu
*.gc.cuny.edu
go.journalism.cuny.edu
cunyba.cuny.edu
lib01.bcc.cuny.edu
hr.hunter.cuny.edu
live.ucdavis.edu
info-dev.calperformances.org
websql.brooklyn.cuny.edu
ldapmaint.ccny.cuny.edu
*.gc.cuny.edu
towa.tlehman.cuny.edu
ww2.hunter.cuny.edu
us.prod.campusgroups.com
libcal.library.hunter.cuny.edu
libcal.library.hunter.cuny.edu
good.gsm.cornell.edu
archivesspace.library.csi.cuny.edu
gold.cs.qc.cuny.edu
newlaborforum.cuny.edu
www.lgcr.com
cetls.bmcc.cuny.edu
pwdregister.bcc.cuny.edu
www.nai.arizona.edu
upenn-it.asc.upenn.edu
library.hunter.cuny.edu
mymail.baruch.cuny.edu
nistmep.blogs.govdelivery.com
spstime.sps.cuny.edu
*.cuny.edu
dev.embody.yale.edu
scalefunder.net
scalefunder.net
club.kjzz.org
cunyba.us.reclaim.cloud
help.brooklyn.cuny.edu
us.prod.campusgroups.com
asianamericanyc.hunter.cuny.edu

Certificate

The complete raw certificate details for towa.tlehman.cuny.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgIQDRg3PNmguTPE3q5gMwYSITANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xMzEwMjIxMjAwMDFaFw0xNjEwMjAxMjAwMDBa
MIGGMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5l
dyBZb3JrMSQwIgYDVQQKExtDaXR5IFVuaXZlcnNpdHkgb2YgTmV3IFlvcmsxCzAJ
BgNVBAsTAklUMR4wHAYDVQQDExV0b3dhLnRsZWhtYW4uY3VueS5lZHUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJNCqnMpIvSjpeLavF+YXqL2Eg4NGy
7luAjilQpneFE3VEyZ25H3bB5MiWuxCp2nT5YCJ9GRzeHQjsEFIPDEdbnbx5WGeK
VJ7yV/a+7/Skij+viNTrlakTyaOMDCkCTl2C1d6dDq7ijabkMAxcBxRvzNRjZQfu
PX73lLo6J08jCLOlcwl6GCTh3jo4J66/otXDO6mFj3yC3t/0WedFNA2PNenLJoFk
wvqKgVNFry8VWrvXisX+kco6yhFp0lGk8dH6rQgfc5Dfc6X6SHCdDpcUCgmKSvJr
WRfFgejZM9V4O9qgN4EeRQ7wGvwoOVzgDXHwDORhyjlJfHEjI/ZhPvxhAgMBAAGj
ggI+MIICOjAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4E
FgQUKaxmKANBX4oPP97lG/6tbeDvKrowcAYDVR0RBGkwZ4IVdG93YS50bGVobWFu
LmN1bnkuZWR1gh1hdXRvZGlzY292ZXIudGxlaG1hbi5jdW55LmVkdYIQdG1haWwu
bGVobWFuLmVkdYIdYXV0b2Rpc2NvdmVyLnRtYWlsLmxlaG1hbi5lZHUwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8E
bjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2
ZXItZzUuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1o
YS1zZXJ2ZXItZzUuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYB
BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGD
BggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
Z2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIw
ADANBgkqhkiG9w0BAQsFAAOCAQEAhuAIvOhF+o3u4muHXCanNL9+u5+wiSKzOHqg
2kutyrwvJ51GRW9adh+YfAmnwwA4JbAFcDE6/UC9uoabHR0wisBxGI7n3xNgtZlP
CQUsd5aUMr61Xln4y0hV5+MbRJHRtfYPmlQzibyuyQ+ay6/2AgDsXsoeA/yd5sHL
5SZjdqNn3cmHqAGuGqHy3msWzJJly7Rhv8NuJndchSmU0CsZNc7QUvSsorVbLouV
ySCIVcpW5Fvsa7qqYpq+PHvG40g81nCyo+z28kB86zNEGgVVNr/IBJE1pbyjMR0r
tCTa5/qrnak3spvbU1DFbHY/1e3ybh0vGpPR7OkVvR/KNBKWxw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTQqpzKSL0o6Xi2rxfmF
6i9hIODRsu5bgI4pUKZ3hRN1RMmduR92weTIlrsQqdp0+WAifRkc3h0I7BBSDwxH
W528eVhnilSe8lf2vu/0pIo/r4jU65WpE8mjjAwpAk5dgtXenQ6u4o2m5DAMXAcU
b8zUY2UH7j1+95S6OidPIwizpXMJehgk4d46OCeuv6LVwzuphY98gt7f9FnnRTQN
jzXpyyaBZML6ioFTRa8vFVq714rF/pHKOsoRadJRpPHR+q0IH3OQ33Ol+khwnQ6X
FAoJikrya1kXxYHo2TPVeDvaoDeBHkUO8Br8KDlc4A1x8AzkYco5SXxxIyP2YT78
YQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17405699423379243763707263236245426721
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-10-22 12:00:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-20 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'City University of New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'towa.tlehman.cuny.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25399623614167439695106116976160032465011539216473359266806113460674291087209062745316363570219316027219778445453076994569692951238478585280616983295738477803947993722074815059195846379785070832253604049370181734210742620211259540489979703448927573236939238166231875894479081514357439302820062638879019636006350047231876105860957827010713906472643190836870758333143912696942704610486359160056650742104750710982454633462686965651916781527179873650758970935786749559380648682738150929738153454233275599190437271666042407142409361612744974508653202462882164810452923010904968696040099026517889224997313174720080995351649
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							29ac662803415f8a0f3fdee51bfead6de0ef2aba
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'towa.tlehman.cuny.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.tlehman.cuny.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmail.lehman.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.tmail.lehman.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0086e008bce845fa8deee26b875c26a734bf7ebb9fb08922b3387aa0da4badcabc2f279d46456f5a761f987c09a7c3003825b00570313afd40bdba869b1d1d308ac071188ee7df1360b5994f09052c77969432beb55e59f8cb4855e7e31b4491d1b5f60f9a543389bcaec90f9acbaff60200ec5eca1e03fc9de6c1cbe5266376a367ddc987a801ae1aa1f2de6b16cc9265cbb461bfc36e26775c852994d02b1935ced052f4aca2b55b2e8b95c9208855ca56e45bec6bbaaa629abe3c7bc6e3483cd670b2a3ecf6f2407ceb33441a055536bfc8049135a5bca3311d2bb424dae7faab9da937b29bdb5350c56c763fd5edf26e1d2f1a93d1ece915bd1fca341296c7