cards-eu.klarna.com

- Klarna Bank AB -

Issued by DigiCert SHA2 Extended Validation Server CA

About this certificate

This digital certificate with serial number 0c:c6:53:cd:3e:df:bc:be:5e:cc:4d:33:9b:ba:ce:a8 was issued on by DigiCert Inc.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Klarna Bank AB

Company registration number: 5567370431
Organization: Klarna Bank AB
Locality: Stockholm
Country: SE

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:c6:53:cd:3e:df:bc:be:5e:cc:4d:33:9b:ba:ce:a8
Serial Number (int): 16980510428637857241437646978792738472
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 90:e6:da:0e:01:c9:d2:2d:8a:5e:60:64:c3:b2:60:73:7d:59:8b:54
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f

Fingerprint (sha1): 85:79:92:34:57:70:56:c5:c0:d0:d9:b7:50:fb:ee:74:8f:3c:cf:07
Fingerprint (sha256): 05:e0:e9:98:b7:d8:41:29:00:93:b7:17:aa:f0:7d:05:06:b5:74:61:58:b3:93:70:83:c5:33:54:cb:b1:55:15

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl

Check the revocation status for certificate cards-eu.klarna.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cards-eu.klarna.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cards-eu.klarna.com
pgw.production.eu1.pgw-pci.klarna.net

Other certificates including the domain name klarna.com

(limited to 100 certificates)
checkout.klarna.com
guidelines.klarna.com
online.playground.eu1.kred.klarna.net
adltrust.kinnser.com
*.production.us1.core-banking.klarna.net
adltrust.kinnser.com
twentythree4.map.fastly.net
www.klarna.com
brand.klarna.com
klarna-payments-oc.klarna.com
*.playground.ap1.meta.klarna.net
api.klarna.com
connected-card-transaction-listener-us.klarna.com
*.production.eu1.on-demand.klarna.net
*.nonprod.us1.klapp.klarna.net
*.production.c2c.klarna.net
adltrust.kinnser.com
vs-alldoors-frontend-env2.nonprod.eu1.vs-qa.klarna.net
integration-static-legal.production.us1.cdn.klarna.net
*.msat.production.klarna.com
shop.klarna.com
orders.playground.portal.klarna.com
*.production.us1.scheme.klarna.net
savings.klarna.com
skv-api.playground.klarna.com
adltrust.kinnser.com
seniorshopping.klarna.com
acmatic-dns-validation.sandbox.eu1.core-platform.klarna.net
checkout-eu.klarna.com
il-na.klarna.com
restapi.klarna.com
statuspage.io
statuspage.io
*.msat.production.klarna.com
statuspage.io
*.playground.eu1.pgw.klarna.net
*.playground.us1.custom-solutions.klarna.net
adltrust.kinnser.com
*.playground.eu1.file-transfer.klarna.net
cards-oc.klarna.com
api-oc.klarna.com
*.playground.eu1.kred.klarna.net
credit-eu.klarna.com
twentythree4.map.fastly.net
merchantdesignlab.klarna.com
adltrust.kinnser.com
klarna-payments-eu.klarna.com
download.virtual-shopping.klarna.com
csg.status.forcepoint.com
outages.discovery.wisc.edu
dc-api-eu.playground.klarna.com
outages.discovery.wisc.edu
outages.discovery.wisc.edu
csg.status.forcepoint.com
ablink.staging-e.klarna.com
partnerportal.klarna.com
signicat.klarna.com
login.klarna.com
download.virtual-shopping.klarna.com
login.playground.klarna.com
www.klarna.com
cards-eu.klarna.com
*.production.c2c.klarna.net
*.production.c2c.klarna.net
www.klarna.com
system.production.us1.direct-debit.klarna.net
eu.portal.klarna.com
cards-eu.klarna.com
www.klarna.com
cards.playground.klarna.com
*.production.ap1.cobrowse.klarna.net
*.playground.c2c.klarna.net
topup.klarna.com
cms.nonprod.us1.klarna-web.klarna.net
api.staging.us.portal.klarna.com
tripsfe.production.us1.trips-platform-fe.klarna.net
www.gsuite.klarna.com
*.production.eu1.pgw.klarna.net
payment.sofort.klarna.com
*.production.eu1.meta.klarna.net
go.klarna.com
api-na-2.playground.klarna.com
l.klarna.com
salesloft-us.klarna.com
adltrust.kinnser.com
app-api.playground.klarna.com
salesloft-us.klarna.com
credit-na.klarna.com

facetoface.playground.klarna.com
*.nonprod.us1.klapp.klarna.net
klarna.com
*.production.us1.js.klarna.net
*.production.ap1.cobrowse.klarna.net
api.ident.playground.klarna.com
articles.klarna.com
*.playground.eu1.buybutton.klarna.net
settlements.playground.portal.klarna.com
insights.klarna.com
hytalestatus.io

Certificate

The complete raw certificate details for cards-eu.klarna.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIQDMZTzT7fvL5ezE0zm7rOqDANBgkqhkiG9w0BAQ0FADB1
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDMxMzAwMDAwMFoXDTIxMDMxODEy
MDAwMFowgaExHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
BAGCNzwCAQMTAlNFMRMwEQYDVQQFEwo1NTY3MzcwNDMxMQswCQYDVQQGEwJTRTES
MBAGA1UEBxMJU3RvY2tob2xtMRcwFQYDVQQKEw5LbGFybmEgQmFuayBBQjEcMBoG
A1UEAxMTY2FyZHMtZXUua2xhcm5hLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANYjJFYYg+pGgUmybqOlVrqEY+Ea+JqXZR2icytgNh6KB6pyey5D
aktxl5l9Q2Rn7nYNtht74MQ2o1JqQX1loIdAG0Gg4fuRvw25fRK9NQ4+RdYDqPTP
OeZ7BkVJZgObGEFnZJHtImBKExxU+C8V7POddcOiQ5f5ZVbPpUfoiuffZdyr4zJN
ZODSzkJttCOWTD6+4GWuZvozBTHrVp+W1huPhVpATM2s3DDEjhEN1sbBzxoBud4K
K6kBntS2IRgJiPWWEWpHAUBGj66sTbEKol54cLpB3A+jTlx9SHLyxM/YwalFRIgu
59jjMjid9QJC2MCtcfLHqZxTlPaNvtOqfnUCAwEAAaOCAiwwggIoMB8GA1UdIwQY
MBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBSQ5toOAcnSLYpeYGTD
smBzfVmLVDBFBgNVHREEPjA8ghNjYXJkcy1ldS5rbGFybmEuY29tgiVwZ3cucHJv
ZHVjdGlvbi5ldTEucGd3LXBjaS5rbGFybmEubmV0MA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYu
aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDA0
oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcy
LmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRw
czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcBAQR8
MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEF
BQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4
dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMBMGCisG
AQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBDQUAA4IBAQAl1u9sdM58qD0YKbae
WWD3kRfV8/JVidmLqfKVMSAz6m2a+c7bUPy0FahMm8i9tDy8d5gorMj0klAc+U6k
k28pJgxiNWdcCVnR+m/5oWo/csDNAAeCj8CZMdFO3JXYEXb37UVUIMpYAZbqfLZT
gCKHJQOJVMjS5nLkvIaDRZFJOnFVCaLIEOQGQwaoriLuigOX2m3WNDMakgTlFZma
lC4PwsCMQ7hqjmWbwPs9idfBmXy8Wxpvb/q/fi9KgXDKt1ESkGcLNLgfaZiXT0Cb
9H1ly3GMsAT2j7i2xb2eEtVW0B6pRoLYCY1HV1zFyxjk7Bc8pNiTxaaJPwqlJp02
10EG
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iMkVhiD6kaBSbJuo6VW
uoRj4Rr4mpdlHaJzK2A2HooHqnJ7LkNqS3GXmX1DZGfudg22G3vgxDajUmpBfWWg
h0AbQaDh+5G/Dbl9Er01Dj5F1gOo9M855nsGRUlmA5sYQWdkke0iYEoTHFT4LxXs
8511w6JDl/llVs+lR+iK599l3KvjMk1k4NLOQm20I5ZMPr7gZa5m+jMFMetWn5bW
G4+FWkBMzazcMMSOEQ3WxsHPGgG53gorqQGe1LYhGAmI9ZYRakcBQEaPrqxNsQqi
XnhwukHcD6NOXH1IcvLEz9jBqUVEiC7n2OMyOJ31AkLYwK1x8sepnFOU9o2+06p+
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16980510428637857241437646978792738472
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-18 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '5567370431'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stockholm'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Klarna Bank AB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cards-eu.klarna.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27032326398583677531924012408783226682439455912305743933125027900445310188383577274159317788169116482313933015675086147722735997832965718382345372259015261992273659380272704824553899330318435946612387813668544569750021308904499753299191740077917399879350440174326568222587920278835689044926313707188089991990602124312660229782316160434488490060316148710239268495687746238625436479689037399390495517758798870755943580658605191228263670900182419734815379764887361291298522640245486203331631776995355253881911670303898671737505968717105957463828206219964350747928666099390122077137526792416382444085814475111963359346293
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							90e6da0e01c9d22d8a5e6064c3b260737d598b54
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cards-eu.klarna.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pgw.production.eu1.pgw-pci.klarna.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0025d6ef6c74ce7ca83d1829b69e5960f79117d5f3f25589d98ba9f295312033ea6d9af9cedb50fcb415a84c9bc8bdb43cbc779828acc8f492501cf94ea4936f29260c6235675c0959d1fa6ff9a16a3f72c0cd0007828fc09931d14edc95d81176f7ed455420ca580196ea7cb65380228725038954c8d2e672e4bc86834591493a715509a2c810e4064306a8ae22ee8a0397da6dd634331a9204e515999a942e0fc2c08c43b86a8e659bc0fb3d89d7c1997cbc5b1a6f6ffabf7e2f4a8170cab7511290670b34b81f6998974f409bf47d65cb718cb004f68fb8b6c5bd9e12d556d01ea94682d8098d47575cc5cb18e4ec173ca4d893c5a6893f0aa5269d36d74106