www.ssl.city.hiroshima.lg.jp

- The City of Hiroshima -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 03:21:48:12:3d:1a:7c:29:2d:56:02:23:93:d3:65:a8 was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The City of Hiroshima

Organization: The City of Hiroshima
Organization unit: koho
State / Province: HIROSHIMA
Locality: HIROSHIMA-SHI
Country: JP

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:21:48:12:3d:1a:7c:29:2d:56:02:23:93:d3:65:a8
Serial Number (int): 4160491562195389110920741785972204968
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: ae:f6:68:9e:77:18:79:c8:1e:a6:ef:9a:17:eb:cd:7b:d2:f4:63:0f
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): ea:b7:2f:af:a4:84:46:57:aa:d1:6b:b4:50:6e:01:16:08:f5:9f:6c
Fingerprint (sha256): 06:05:39:70:6b:f0:60:66:d8:ac:ec:ca:66:fa:b0:e0:65:19:e0:1d:51:95:c4:0e:50:a8:f4:3f:13:fb:a9:8f

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate www.ssl.city.hiroshima.lg.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.ssl.city.hiroshima.lg.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.ssl.city.hiroshima.lg.jp

Other certificates including the domain name hiroshima.lg.jp

(limited to 100 certificates)
ebid.keiyaku.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
www.sabo-map.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
sts.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
www.iju-cms.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
*.saiyou.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
lw-dcn12athsv00.pref.hiroshima.lg.jp
*.sabo-map.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
nourin.pref.hiroshima.lg.jp
*.dogis.pref.hiroshima.lg.jp
lw-dcn12vpnsv00.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
eas.city.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
hirodsv007.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
prefalb.dogis.pref.hiroshima.lg.jp
yo-ke.pref.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
gyosei.bousai.city.hiroshima.lg.jp
www.sabo-map.pref.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
*.city.hiroshima.lg.jp
map.bousai.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
www.sabo.pref.hiroshima.lg.jp
vm.pref.hiroshima.lg.jp
www.manabi.pref.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
gc-dcn14exesv02.pref.hiroshima.lg.jp
dennyu.pref.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
*.pref.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
extgw.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
www.sabo.pref.hiroshima.lg.jp
hozen.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
yo-ke.pref.hiroshima.lg.jp
www.city.hiroshima.lg.jp
www.iju.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
chotatsu2.pref.hiroshima.lg.jp
lw-dcn12athsv00.pref.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
chotatsu.pref.hiroshima.lg.jp
hiroshima-brand.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
gc-dcn14exesv01.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
saiyou.pref.hiroshima.lg.jp
www.pref.hiroshima.lg.jp
*.city.hiroshima.lg.jp
www.ssl.city.hiroshima.lg.jp
touroku.keiyaku.city.hiroshima.lg.jp
ppi.keiyaku.city.hiroshima.lg.jp
lw-dcn12vpnsv00.pref.hiroshima.lg.jp
shokuin.bousai.city.hiroshima.lg.jp
ebid.keiyaku.city.hiroshima.lg.jp
extgw.pref.hiroshima.lg.jp

Certificate

The complete raw certificate details for www.ssl.city.hiroshima.lg.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgIQAyFIEj0afCktVgIjk9NlqDANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjAwMTE1MDAwMDAwWhcN
MjAwNTA5MTIwMDAwWjCBjzELMAkGA1UEBhMCSlAxEjAQBgNVBAgTCUhJUk9TSElN
QTEWMBQGA1UEBxMNSElST1NISU1BLVNISTEeMBwGA1UEChMVVGhlIENpdHkgb2Yg
SGlyb3NoaW1hMQ0wCwYDVQQLEwRrb2hvMSUwIwYDVQQDExx3d3cuc3NsLmNpdHku
aGlyb3NoaW1hLmxnLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
uAwhRkkhSsnmQIlFs1hGsONFCu5+939zapiD4JBgROaXmTvMF1Epky6D9Sx2qY3T
alPLELhClphxMM39cTZKO9NcrP0xudAAQG4zSYfuLrcYB3OalQe0sUmnkj6oBJte
ikImZg3GK9ah3/PHGhsXjC0D5x63J6qKEm82wBBj4FtyVBMBajk8sOOWHYHWnWPC
EL5zsTb6RMdqwFRNYVySsCW+Q96ga8Cv4PwUqT0qd09pkUc5IHTcsHlePdW2dKrA
3DoA7tJfvbv0uUafFNi7boJorOD0aifr295luQp21xprAEq9vCu+1Zsj564vTDi/
s/wId4OUiTqnr7j7Xqmv2QIDAQABo4IC6DCCAuQwHwYDVR0jBBgwFoAUD4BhHIIx
YdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFK72aJ53GHnIHqbvmhfrzXvS9GMPMCcG
A1UdEQQgMB6CHHd3dy5zc2wuY2l0eS5oaXJvc2hpbWEubGcuanAwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBi
MC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNy
bDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5j
cmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBu
MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUH
MAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1
cmVTZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABb6ec3TUAAAQD
AEcwRQIhANJIKSGUSMgH2Bt0V7qUqKbc+jGM8yqW/DpCpF/F89P8AiBLdtEoV7O6
GFz6I2nX7RnbqyvS83kKRt/X+iYGL5Uf8AB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2
/0q1YMG06v9eoIMPAAABb6ec8bAAAAQDAEcwRQIhALGN4rY0gY17feXA0VBWxquM
v6wsFZVUgGcIanKPSNISAiBhjGXTk4rDvdcGP0kLDhbzEfUZlLkAY0akKIfW46SR
/jANBgkqhkiG9w0BAQsFAAOCAQEAunKYtrwPz7JEe5rh2DcFa3QO1bR+D0XquZz+
X2UUGHxyCdny/pKoEq+Tx0tZKGpFb1AjdmPhXaUrXlYLAwh5j7G+I2QftIvX8KgV
Hzmq7Hp4Nup7tnbbHjVAVc0airNVhzqyGRwkvHJOK6XWALqOBz+8Vxt3MZLXsnXZ
QahrETkXivw0bxc92UtM3W77oQzaRCoMsu1n/gJ+CCF92bUu4DBksiIqFwdrgRit
6U56A9Pj3j/VuS/F7Q3vYNfZXq7GAF0bc5Zj5bWWNxr+DUarvWimjlCR8x2bIVti
aWNjgz1/5IA7dVJSoKyM9gNGD9ca5Lbf4SIOg+Q58ctRNTLB+Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAwhRkkhSsnmQIlFs1hG
sONFCu5+939zapiD4JBgROaXmTvMF1Epky6D9Sx2qY3TalPLELhClphxMM39cTZK
O9NcrP0xudAAQG4zSYfuLrcYB3OalQe0sUmnkj6oBJteikImZg3GK9ah3/PHGhsX
jC0D5x63J6qKEm82wBBj4FtyVBMBajk8sOOWHYHWnWPCEL5zsTb6RMdqwFRNYVyS
sCW+Q96ga8Cv4PwUqT0qd09pkUc5IHTcsHlePdW2dKrA3DoA7tJfvbv0uUafFNi7
boJorOD0aifr295luQp21xprAEq9vCu+1Zsj564vTDi/s/wId4OUiTqnr7j7Xqmv
2QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4160491562195389110920741785972204968
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-09 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HIROSHIMA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HIROSHIMA-SHI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The City of Hiroshima'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'koho'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.ssl.city.hiroshima.lg.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23233829629197786023193992771599534803797787439456982390995987018850355620162134290276207653926699332676763171696186286240902484785671874708681597169595154274653069634875416775438200871148604156427319263253769345341169058740818695603725671505348114525237336571521627066433831352304527901945239676118569580563082130372211554964566801048332985068467487485553832146981698316883641690199425064779002374850310151422248267676114825764825621839449490244239210939152939129022212187060577241991582695678664459328272586502116462650841502515555856485687814146924549514307559176972281158307336343051453984724179913579854664675289
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							aef6689e771879c81ea6ef9a17ebcd7bd2f4630f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ssl.city.hiroshima.lg.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016fa79cdd350000040300473045022100d24829219448c807d81b7457ba94a8a6dcfa318cf32a96fc3a42a45fc5f3d3fc02204b76d12857b3ba185cfa2369d7ed19dbab2bd2f3790a46dfd7fa26062f951ff00076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016fa79cf1b00000040300473045022100b18de2b634818d7b7de5c0d15056c6ab8cbfac2c1595548067086a728f48d2120220618c65d3938ac3bdd7063f490b0e16f311f51994b9006346a42887d6e3a491fe
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ba7298b6bc0fcfb2447b9ae1d837056b740ed5b47e0f45eab99cfe5f6514187c7209d9f2fe92a812af93c74b59286a456f50237663e15da52b5e560b0308798fb1be23641fb48bd7f0a8151f39aaec7a7836ea7bb676db1e354055cd1a8ab355873ab2191c24bc724e2ba5d600ba8e073fbc571b773192d7b275d941a86b1139178afc346f173dd94b4cdd6efba10cda442a0cb2ed67fe027e08217dd9b52ee03064b2222a17076b8118ade94e7a03d3e3de3fd5b92fc5ed0def60d7d95eaec6005d1b739663e5b596371afe0d46abbd68a68e5091f31d9b215b62696363833d7fe4803b755252a0ac8cf603460fd71ae4b6dfe1220e83e439f1cb513532c1f9