portfoliopremier.wf.com

- Wells Fargo & Company -

Issued by Wells Fargo Public Trust Certification Authority 01 G2

About this certificate

This digital certificate with serial number 06:51:cd:23:d8:d1:bb:23:a3:ef:7c:78:58:0d:40:c4 was issued on by Wells Fargo & Company.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Wells Fargo & Company

Organization: Wells Fargo & Company
State / Province: California
Locality: San Francisco
Country: US

Wells Fargo & Company

Organization: Wells Fargo & Company
Organization unit: Organization Validated TLS
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 06:51:cd:23:d8:d1:bb:23:a3:ef:7c:78:58:0d:40:c4
Serial Number (int): 8400104754307564224713666274387640516
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b1:4a:bd:1f:d4:35:38:52:63:c7:72:b6:03:c5:b4:ce:d0:ff:9f:f6
AuthorityKeyId: 39:13:9e:e1:41:d2:3a:45:0b:38:80:60:af:b5:21:41:7c:01:89:7d

Fingerprint (sha1): 87:17:f4:eb:45:15:d0:7c:49:39:dc:2e:9c:40:e4:d1:df:ed:b7:0d
Fingerprint (sha256): 05:dc:7d:b0:d7:1a:ae:ea:b1:7c:76:95:01:1f:d2:c1:09:23:7a:ca:00:a4:cd:c8:a1:0b:04:34:3f:b9:3c:f2

Issuing Certificate URL: http://cacerts.digitalcertvalidation.com/WellsFargoPublicTrustCertificationAuthority01G2.crt

Revocation information

OCSP Server: http://statush.digitalcertvalidation.com
CRL Distribution Point: http://cdph.digitalcertvalidation.com/WellsFargoPublicTrustCertificationAuthority01G2.crl

Check the revocation status for certificate portfoliopremier.wf.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for portfoliopremier.wf.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

portfoliopremier.wf.com
privatebank.wf.com
communications.wellsfargoadvisors.com
investmentinstitute.wf.com
assetmanagementreport.wfam.com
retirement.wf.com
tx.comm.wellsfargoadvisors.com

Other certificates including the domain name wf.com

(limited to 100 certificates)
ceomediauat.wellsfargo.com
view.mail1.wf.com
wellscontentfix.wellsfargo.com
mortgageprocess.wf.com
www.wealthmanagementinsights.wf.com
global.wf.com
remediation.wf.com
www.welcome.wf.com
hmc-ecard.wf.com
proxy-ewpcs.wellsfargo.com
wimcapabilities.wf.com
emea.wf.com
newsroom.wf.com
ceo-wellscontent.wellsfargo.com
identity.demo.wellsoneexpensemanager.wf.com
edam-test.wf.com
wellscontentfix.wellsfargo.com
wellscontent.wellsfargo.com
ORE.WF.COM
akamai-san15.exacttarget.com
tls.automattic.com
retirementresearch.wf.com
hmc-ecard.wf.com
ceomobileuata.wellsfargo.com
accelerator.wf.com
wimcapabilities.wf.com
treasuryinsights.wf.com
www.wf.com
apac.wf.com
now-test.wf.com
ceomobileuat.wellsfargo.com
wimcapabilities.wf.com
ceomobilesit2.wf.com
storiesdev.wf.com
san-5-s7.tlsprovisioning.exacttarget.com
wellscontent.wellsfargo.com
wellsoneexpensemanager.wf.com
digital.wf.com
hmc-ecard.wf.com
feedback.wf.com
welcome.wf.com
now-rehearsal.wf.com
api.wellsoneexpensemanager.wf.com
hmc-ecard.wf.com
tls.automattic.com
ceo-wellscontent.wellsfargo.com
portfoliopremier.wf.com
wimcapabilities.wf.com
experience.wf.com
wfod.wf.com
retirementresearch.wf.com
claimspayments.wf.com
smallbusinessresources.wf.com
gbxreport-uat.wf.com
storiesnewsletter.wf.com
storiesemail.wf.com
cloud.mail18.wf.com
hmc-ecard.wf.com
homecentral.wf.com
bonusoffer.wf.com
qa.onestop.wf.com
ceomobileuata.wf.com
autodealer.wf.com
hmc-ecard.wf.com
view.mail1.wf.com
stories.wf.com
digital.wf.com
advisors.wf.com
marketing.wf.com
moneystrategies.wf.com
now-breakfix.wf.com
hmc-ecard.wf.com
storiesdev.wf.com
hmc-ecard.wf.com
hmc-ecard.wf.com
hmc-ecard.wf.com
tls.automattic.com
merchantvideos.wf.com
now-breakfix.wf.com
hmc-ecard.wf.com
wf.com
edam.wf.com
proxy-ewpcs.wellsfargo.com
static.wf.com
ceomobilefix.wf.com
api-insights.wellsoneexpensemanager.wf.com
hmc-ecard.wf.com
ceomedia.wf.com
integratedreceivables.wf.com
ilwkeval.wf.com
ceomediafix.wf.com
stories.wf.com
stories-staging.wf.com
entertainment.wf.com
wimcapabilities.wf.com
hmc-ecard.wf.com
ceomobilesit.wellsfargo.com
cloudpages.wf.com
wimcapabilities.wf.com
san-5-s7.tlsprovisioning.exacttarget.com

Certificate

The complete raw certificate details for portfoliopremier.wf.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgIQBlHNI9jRuyOj73x4WA1AxDANBgkqhkiG9w0BAQsFADCB
kzELMAkGA1UEBhMCVVMxHjAcBgNVBAoMFVdlbGxzIEZhcmdvICYgQ29tcGFueTEj
MCEGA1UECxMaT3JnYW5pemF0aW9uIFZhbGlkYXRlZCBUTFMxPzA9BgNVBAMTNldl
bGxzIEZhcmdvIFB1YmxpYyBUcnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAw
MSBHMjAeFw0yMzA5MjcwMDAwMDBaFw0yNDEwMTcyMzU5NTlaMHwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2Nv
MR4wHAYDVQQKDBVXZWxscyBGYXJnbyAmIENvbXBhbnkxIDAeBgNVBAMTF3BvcnRm
b2xpb3ByZW1pZXIud2YuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0iFGwT0Sp74DHpt8rIebIu20RM4/A5i1yjsWu0O/dVZZZ6Y5LJRteDz0RKQi
39BCC/N2XepSbxVb0NdTWDGtWKT0aU/yAeRNlo3mLNvjofAbOW6ScTXnziAw3DoT
tqlZZ101F9LtmYgS4krLTtc74dQT7sfrvzhBM+XX++i2K+wBd8ViUueJUL+DPvOH
WVClL4Ktdk7M4kR5dc5BLp1eaFEy9e+WJFiPOcfTV4V12MS+x1BD260JaWbK7R0z
x807O6esPLCXLRgiCKR+Ig/eN1KJdqoq50nDZjVWVc6CIJCK93AYXM6MSHtNzic6
GPcHPwo+7CLMHam4LA22T5vDuQIDAQABo4ICxjCCAsIwHwYDVR0jBBgwFoAUOROe
4UHSOkULOIBgr7UhQXwBiX0wHQYDVR0OBBYEFLFKvR/UNThSY8dytgPFtM7Q/5/2
MIHOBgNVHREEgcYwgcOCF3BvcnRmb2xpb3ByZW1pZXIud2YuY29tghJwcml2YXRl
YmFuay53Zi5jb22CJWNvbW11bmljYXRpb25zLndlbGxzZmFyZ29hZHZpc29ycy5j
b22CGmludmVzdG1lbnRpbnN0aXR1dGUud2YuY29tgh5hc3NldG1hbmFnZW1lbnRy
ZXBvcnQud2ZhbS5jb22CEXJldGlyZW1lbnQud2YuY29tgh50eC5jb21tLndlbGxz
ZmFyZ29hZHZpc29ycy5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEF
BQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwagYDVR0fBGMwYTBfoF2g
W4ZZaHR0cDovL2NkcGguZGlnaXRhbGNlcnR2YWxpZGF0aW9uLmNvbS9XZWxsc0Zh
cmdvUHVibGljVHJ1c3RDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MDFHMi5jcmwwgbAG
CCsGAQUFBwEBBIGjMIGgMDQGCCsGAQUFBzABhihodHRwOi8vc3RhdHVzaC5kaWdp
dGFsY2VydHZhbGlkYXRpb24uY29tMGgGCCsGAQUFBzAChlxodHRwOi8vY2FjZXJ0
cy5kaWdpdGFsY2VydHZhbGlkYXRpb24uY29tL1dlbGxzRmFyZ29QdWJsaWNUcnVz
dENlcnRpZmljYXRpb25BdXRob3JpdHkwMUcyLmNydDAMBgNVHRMBAf8EAjAAMBMG
CisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAX2b1OGGwradjE
dyI2PT3AknfSsS2aFVNNuQgz40Ooxm4AbXpyt8LR2ic5OcepsEoLFAvh8tx6cYLG
1xFjLGOcNljP8NFupSXRCrIdayj4i0Q8KRrCbYFaL6mWU+7rlyUkFySg9LMxR2nB
NMFJQXRiXcs+ffmiRUrwKocZ1M4S7NGLsyc/y9BVUOQFfdt9YOFsCMn1Ro5YJkDC
t1E09fXbU9/soYhqdyUe8kmsRKO1agB8V2hNWmO4pq/ffcj48n+F665sRT1jFSyx
CfsPXGD56q9Ir+2Rple32mI9xr+4w8kHd9UhYamTDwufA1AuKMXP5JuJk4CHzNJX
TXbPUSij
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iFGwT0Sp74DHpt8rIeb
Iu20RM4/A5i1yjsWu0O/dVZZZ6Y5LJRteDz0RKQi39BCC/N2XepSbxVb0NdTWDGt
WKT0aU/yAeRNlo3mLNvjofAbOW6ScTXnziAw3DoTtqlZZ101F9LtmYgS4krLTtc7
4dQT7sfrvzhBM+XX++i2K+wBd8ViUueJUL+DPvOHWVClL4Ktdk7M4kR5dc5BLp1e
aFEy9e+WJFiPOcfTV4V12MS+x1BD260JaWbK7R0zx807O6esPLCXLRgiCKR+Ig/e
N1KJdqoq50nDZjVWVc6CIJCK93AYXM6MSHtNzic6GPcHPwo+7CLMHam4LA22T5vD
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8400104754307564224713666274387640516
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Wells Fargo & Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Organization Validated TLS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wells Fargo Public Trust Certification Authority 01 G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Wells Fargo & Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'portfoliopremier.wf.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26526453240430739992565653787712067200422336640809411195470783428873298887291756886433750666267283207480540303871251973584942433458507903301536620358709084084192257785135269557853392704736447027870594660416164251664049024610657542214958921163462732626685173870960220391318420245083483511616037537352370139576221467776482103488460699860197629344392724167094732573387999841653096098779540736486147453231149538437936911574026189696406485070983924466623459250542681930292462593196485153866398613374919455608624679050893468576670869166621831665881063551316224450336730791852977676010409868386192113497067309800929112081337
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 39139ee141d23a450b388060afb521417c01897d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b14abd1fd435385263c772b603c5b4ced0ff9ff6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (198 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portfoliopremier.wf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatebank.wf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'communications.wellsfargoadvisors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'investmentinstitute.wf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assetmanagementreport.wfam.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retirement.wf.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tx.comm.wellsfargoadvisors.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdph.digitalcertvalidation.com/WellsFargoPublicTrustCertificationAuthority01G2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (163 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://statush.digitalcertvalidation.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digitalcertvalidation.com/WellsFargoPublicTrustCertificationAuthority01G2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0017d9bd4e186c2b69d8c47722363d3dc09277d2b12d9a15534db90833e343a8c66e006d7a72b7c2d1da273939c7a9b04a0b140be1f2dc7a7182c6d711632c639c3658cff0d16ea525d10ab21d6b28f88b443c291ac26d815a2fa99653eeeb9725241724a0f4b3314769c134c1494174625dcb3e7df9a2454af02a8719d4ce12ecd18bb3273fcbd05550e4057ddb7d60e16c08c9f5468e582640c2b75134f5f5db53dfeca1886a77251ef249ac44a3b56a007c57684d5a63b8a6afdf7dc8f8f27f85ebae6c453d63152cb109fb0f5c60f9eaaf48afed91a657b7da623dc6bfb8c3c90777d52161a9930f0b9f03502e28c5cfe49b89938087ccd2574d76cf5128a3