ldap-k12.dc.gov

- Government of the District of Columbia -

Issued by DC Government SHA2 EV Intermediate CA

About this certificate

This digital certificate with serial number 0c:82:0c:64:83:12:77:4b:b2:3d:cf:48:d5:2b:74:70 was issued on by Government of the District of Columbia.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Government of the District of Columbia

Company registration number: Government Entity
Organization: Government of the District of Columbia
Organization unit: Office of the Chief Technology Officer
State / Province: District of Columbia
Locality: Washington
Country: US

Government of the District of Columbia

Organization: Government of the District of Columbia
Organization unit: Office of the Chief Technology Officer
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:82:0c:64:83:12:77:4b:b2:3d:cf:48:d5:2b:74:70
Serial Number (int): 16625985893324873622343679935712556144
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 00:59:89:91:39:fd:f2:e2:7a:8c:22:e1:13:b4:4e:55:11:9d:4e:e0
AuthorityKeyId: 50:ae:28:b3:cf:fc:ed:4b:0b:46:d1:80:7e:13:09:f6:df:4b:e6:90

Fingerprint (sha1): dd:b9:4a:9c:a2:d6:4c:9a:b7:e2:ae:a1:9b:96:1d:74:37:67:40:ec
Fingerprint (sha256): 05:18:5f:90:57:d8:33:ce:ee:58:26:e8:6a:10:bf:b3:ee:1a:59:b9:54:ee:46:a4:32:63:01:03:04:7b:f0:22

Issuing Certificate URL: http://cacerts.digicert.com/DCGovernmentSHA2EVIntermediateCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DCGovernmentSHA2EVIntermediateCA.crl
CRL Distribution Point: http://crl4.digicert.com/DCGovernmentSHA2EVIntermediateCA.crl

Check the revocation status for certificate ldap-k12.dc.gov

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ldap-k12.dc.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ldap-k12.dc.gov
www.ldap-k12.dc.gov

Other certificates including the domain name dc.gov

(limited to 100 certificates)
010-DCPS-8540-01.in.dc.gov
propertyquest.dc.gov
aclprodcfmx.in.dc.gov
smarterocfo.dc.gov
seats.osse.dc.gov
thelab.dc.gov
idmswebqa.dc.gov
youthspeakout.cfsa.dc.gov
ccsea.osse.dc.gov
mpduccawarpt147.mpdc.dc.gov
enode.dc.gov
sso.dc.gov
dcraonline-rms.dcra.dc.gov
justisportal.dc.gov
tipline.oag.dc.gov
leaf.dpw.dc.gov
smtp5.dc.gov
erap.dhs.dc.gov
leaddc.dcps.dc.gov
dashboard.in.dc.gov
mail.dc.gov
selfserve.cfo.dc.gov
fpp.dc.gov
casesearch.oea.dc.gov
bwc.thelab.dc.gov
textalert.ema.dc.gov
pshcm.dc.gov
sboe.dc.gov
dc.gov
mdm.dc.gov
aspentraining.dcps.dc.gov
visitation.doc.dc.gov
os19.in.dc.gov
TA.DCSTARS.K12.DC.GOV
admin.sportswagering-stg.lottery.dc.gov
github.in.dc.gov
streetlights.dc.gov
services.dcnet.dc.gov
openbudget.dc.gov
secure.cfsa.dc.gov
ldap-k12.dc.gov
servusmdm.in.dc.gov
tunnel.mdm.dc.gov
acaprod2.dcra.dc.gov
ecourtlts.oah.dc.gov
theforum.dc.gov
aclqc.in.dc.gov
efiling.ocf.dc.gov
cson.oag.dc.gov
webapi.dcnet.dc.gov
OSPI.DCRA.DC.GOV
secure.cfsa.dc.gov
cpms.dcra.dc.gov
doh.immunization.doh.dc.gov
eplan.dcra.dc.gov
apply-myschooldctest.in.dc.gov
dc.gov
trainingtrack.hsema.dc.gov
docs.cfsa.dc.gov
mail.tdl.dc.gov
maps2.legacy.dcgis.dc.gov
intime.doc.dc.gov
locus.dmh.dc.gov
EXP-E.UC.DC.GOV
eServices.dcra.dc.gov
events.dcgis.dc.gov
ACCESSCSED.oag.dc.gov
upstream.dc.gov
grid.sccrc.dc.gov
events.dcgis.dc.gov
statehood.dc.gov
ess.dc.gov
OCTOProcessEng.dc.gov
dashboard.in.dc.gov
HEALTHCHECK.DOH.DC.GOV
microstrategy.dc.gov
handbook.dcoz.dc.gov
dc.gov
amprdweb.dc.gov
disb.dc.gov
ESNA01.in.dc.gov
*.dlcp.dc.gov
opendata.dc.gov
qap.osse.dc.gov
studyabroad.dcps.dc.gov
itremote.dc.gov
app.cab.dc.gov
rivacarss.in.dc.gov
mealapps.dcps.dc.gov
vpndc.dc.gov
api.qa.311.dc.gov
signon.dev.dc.gov
dda.dc.gov
data.osse.dc.gov
forms.joinmpd.dc.gov
orchard.osse.dc.gov
app.dcoz.dc.gov
dcpaidfamilyleave.dc.gov
sauth.dc.gov
*.dcas.dc.gov

Certificate

The complete raw certificate details for ldap-k12.dc.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgIQDIIMZIMSd0uyPc9I1St0cDANBgkqhkiG9w0BAQsFADCB
nzELMAkGA1UEBhMCVVMxLzAtBgNVBAoTJkdvdmVybm1lbnQgb2YgdGhlIERpc3Ry
aWN0IG9mIENvbHVtYmlhMS8wLQYDVQQLEyZPZmZpY2Ugb2YgdGhlIENoaWVmIFRl
Y2hub2xvZ3kgT2ZmaWNlcjEuMCwGA1UEAxMlREMgR292ZXJubWVudCBTSEEyIEVW
IEludGVybWVkaWF0ZSBDQTAeFw0xOTA3MzAwMDAwMDBaFw0yMTEwMDYxMjAwMDBa
MIIBCjEaMBgGA1UEDwwRR292ZXJubWVudCBFbnRpdHkxEzARBgsrBgEEAYI3PAIB
AxMCVVMxGjAYBgNVBAUTEUdvdmVybm1lbnQgRW50aXR5MQswCQYDVQQGEwJVUzEd
MBsGA1UECBMURGlzdHJpY3Qgb2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hpbmd0
b24xLzAtBgNVBAoTJkdvdmVybm1lbnQgb2YgdGhlIERpc3RyaWN0IG9mIENvbHVt
YmlhMS8wLQYDVQQLEyZPZmZpY2Ugb2YgdGhlIENoaWVmIFRlY2hub2xvZ3kgT2Zm
aWNlcjEYMBYGA1UEAxMPbGRhcC1rMTIuZGMuZ292MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAr/jthBqWCYRlnM7VaJpCfpQ8soMfbzuc9noHXGqJgGqx
gfA59SavKO8e6Gw3BspSDOtXfFTxkZnA7u/4nW+ZEtlxwK+DxE5W4knzVeTxljID
/q6lQM2ttP10wX7/aZzejVNERtqsNCc6T0m8V9D2ytbjdFC7HttY8VF8m9Hc+tX8
AEAI2lOs6l9zc3ui+MFIySRuVJQWCA7CGrc+5z/JLL6qss507hVkiSyDIsd2SyGG
6qyToXNaHVyMERJtQ9dRwAw5+xH1GgSkbdhi6pIx3Vr7/5i3rFqjMw3qtjl8vaJk
1nXIhDKdWG1I0SCoWKfSnCPWWfROtr+PZ/Yq7J9zuQIDAQABo4ICMTCCAi0wHwYD
VR0jBBgwFoAUUK4os8/87UsLRtGAfhMJ9t9L5pAwHQYDVR0OBBYEFABZiZE5/fLi
eowi4RO0TlURnU7gMC8GA1UdEQQoMCaCD2xkYXAtazEyLmRjLmdvdoITd3d3Lmxk
YXAtazEyLmRjLmdvdjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMIGVBgNVHR8EgY0wgYowQ6BBoD+GPWh0dHA6Ly9jcmwzLmRp
Z2ljZXJ0LmNvbS9EQ0dvdmVybm1lbnRTSEEyRVZJbnRlcm1lZGlhdGVDQS5jcmww
Q6BBoD+GPWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EQ0dvdmVybm1lbnRTSEEy
RVZJbnRlcm1lZGlhdGVDQS5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAo
BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwB
ATCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
bS9EQ0dvdmVybm1lbnRTSEEyRVZJbnRlcm1lZGlhdGVDQS5jcnQwDAYDVR0TAQH/
BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsdUp
rNADW475Rrit5v6FyCqTR/6QF3zvo45+MwiqYHZIOR7dJRjqAKVwFlN9kW6sMNZI
SOorHaTkf780krC3QJBTC7oZIzdDnnMBV+fpjpcMOUf4MszEIZI9wZF3qLoEeIeS
bAcoHo711PRCMtwJXHssaflaiuejEjI/bgEgXJqJe6pEf5qqnzy88lCwK0N+L+4j
N9b9swkM+/bYIUTT7baxEjO9WUOXe2egIyLaWPyxJBvVPNGuFHQdhuusU+ESYQRs
2zGcOgqQVzhWlBphIxeeE19ZolgA3HbjutyCh4Kd2N3VY6avCQmfvLZGLGLsXyeB
H+Vh+e6HFsLb923USQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/jthBqWCYRlnM7VaJpC
fpQ8soMfbzuc9noHXGqJgGqxgfA59SavKO8e6Gw3BspSDOtXfFTxkZnA7u/4nW+Z
EtlxwK+DxE5W4knzVeTxljID/q6lQM2ttP10wX7/aZzejVNERtqsNCc6T0m8V9D2
ytbjdFC7HttY8VF8m9Hc+tX8AEAI2lOs6l9zc3ui+MFIySRuVJQWCA7CGrc+5z/J
LL6qss507hVkiSyDIsd2SyGG6qyToXNaHVyMERJtQ9dRwAw5+xH1GgSkbdhi6pIx
3Vr7/5i3rFqjMw3qtjl8vaJk1nXIhDKdWG1I0SCoWKfSnCPWWfROtr+PZ/Yq7J9z
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16625985893324873622343679935712556144
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government of the District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Office of the Chief Technology Officer'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DC Government SHA2 EV Intermediate CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-06 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government of the District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Office of the Chief Technology Officer'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ldap-k12.dc.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22214454240746040105791485891053896081157547922545733575587557583137265071926194310224600313109008078607981269938498434639187282953270699316834630825895639380736448847607594841477570450418673319173306932231068195590422533318945032431529193476682666452436077261085002436509083852551127941416669287602214715529618219893844068345280942286848464605172568977533623980237405170680845946945197444405606657535070695757398518481570986194102029232279389082029527940067939917384393879827102771975073030422002150877268006255941654661599070983530888075515742882502751903787295418970730400329945647222428621972018945074237206918073
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 50ae28b3cffced4b0b46d1807e1309f6df4be690
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0059899139fdf2e27a8c22e113b44e55119d4ee0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ldap-k12.dc.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ldap-k12.dc.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (141 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DCGovernmentSHA2EVIntermediateCA.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DCGovernmentSHA2EVIntermediateCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DCGovernmentSHA2EVIntermediateCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b1d529acd0035b8ef946b8ade6fe85c82a9347fe90177cefa38e7e3308aa607648391edd2518ea00a57016537d916eac30d64848ea2b1da4e47fbf3492b0b74090530bba192337439e730157e7e98e970c3947f832ccc421923dc19177a8ba047887926c07281e8ef5d4f44232dc095c7b2c69f95a8ae7a312323f6e01205c9a897baa447f9aaa9f3cbcf250b02b437e2fee2337d6fdb3090cfbf6d82144d3edb6b11233bd5943977b67a02322da58fcb1241bd53cd1ae14741d86ebac53e11261046cdb319c3a0a90573856941a6123179e135f59a25800dc76e3badc8287829dd8ddd563a6af09099fbcb6462c62ec5f27811fe561f9ee8716c2dbf76dd449