stage.nba.com

- NBA Media Ventures, LLC -

Issued by GeoTrust SSL CA - G3

About this certificate

This digital certificate with serial number 1a:cd:44:fc:bf:a6:c8:22:7c:78:4f:dd:a2:17:02:fc was issued on by GeoTrust Inc..

With 72 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

NBA Media Ventures, LLC

Organization: NBA Media Ventures, LLC
State / Province: New York
Locality: New York
Country: US

GeoTrust Inc.

Organization: GeoTrust Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 1a:cd:44:fc:bf:a6:c8:22:7c:78:4f:dd:a2:17:02:fc
Serial Number (int): 35625747975070717938937452776778040060
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c

Fingerprint (sha1): bc:ea:ec:80:9e:8d:06:3c:04:aa:a1:99:6d:df:bf:6f:82:17:ce:0b
Fingerprint (sha256): 06:8d:77:5d:33:3e:29:df:96:e5:ed:c8:b2:00:83:47:07:ac:0a:56:ad:08:aa:43:d4:97:ad:68:01:db:2f:d5

Issuing Certificate URL: http://gn.symcb.com/gn.crt

Revocation information

OCSP Server: http://gn.symcd.com
CRL Distribution Point: http://gn.symcb.com/gn.crl

Check the revocation status for certificate stage.nba.com

72

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for stage.nba.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.cms3.qa.nba.com
cdn3.stage.nba.net
publish.int.beta.nba.com
audience.qa.nba.com
www.stage.nba.com
cdn1.qa.nba.net
ref.nba.com
qa.nba.com
secure.int.nba.com
cdn1.int.nba.net
secure.cms3.stage.nba.com
www.stage.beta.nba.com
purchase.qa.nba.com
publish.qa.nba.com
cdn2.qa.nba.net
stage.beta.nba.com
cdn.qa.nba.net
www.qa.beta.nba.com
data.nba.net
publish.int.nba.com
blackout.lp.int.nba.com
www.int.beta.nba.com
images.int.nba.net
cdn1.ref.nba.net
ref.beta.nba.com
secure.qa.nba.com
publish.stage.beta.nba.com
ping.lp.int.nba.com
data.int.nba.net
int.nba.com
www.int.nba.com
www.ref.beta.nba.com
cdn.ref.nba.net
stream.lp.int.nba.com
purchase.int.nba.com
qa.beta.nba.com
secure.cms3.int.nba.com
int.beta.nba.com
purchase.stage.nba.com
secure.ref.nba.com
data.stage.nba.net
publish.ref.nba.com
dynimg.stage.nba.net
cdn3.int.nba.net
www.ref.nba.com
cdn3.ref.nba.net
publish.stage.nba.com
api.qa.nba.net
data.qa.nba.net
data.sim.nba.net
cdn3.qa.nba.net
www.qa.nba.com
dynimg.int.nba.net
api.stage.nba.net
secure.qa.beta.nba.com
api.int.nba.net
cdn1.stage.nba.net
publish.qa.beta.nba.com
cdn2.stage.nba.net
images.qa.nba.net
cdn4.ref.nba.net
cdn.stage.nba.net
images.stage.nba.net
purchase.lab.nba.com
cdn.int.nba.net
secure.stage.beta.nba.com
secure.lab.nba.com
cdn2.ref.nba.net
secure.int.beta.nba.com
cdn2.int.nba.net
secure.stage.nba.com
stage.nba.com

Other certificates including the domain name nba.com

(limited to 100 certificates)
sp.gosanangelo.com
www-all.nba.com
secure.nba.com
global.nba.com
classroom.nba.com
allball.blogs.nba.com
takrun.org
stage.nba.com
hk.nba.com
cmp.channelpartner.de
store.nba.com
google-videos-qa.nba.com
nbaevents.nba.com
ct-sand.nba.com
r2.shared.global.fastly.net
audience.nba.com
webmail.hk.nba.com
google-videos-dev.nba.com
sdc.turner.com
www-all.nba.com
fidelity.nba.com
on.nba.com
ca.nba.com
nbafantasy.nba.com
fantasy.india.nba.com
nba.com
mvpvote.nba.com
sni330fgl.wpc.edgecastcdn.net
a.data.nba.com
techtips.nba.com
audience.nba.com
madants.gleague.nba.com
r2.shared.global.fastly.net
esinniobiwaquareeb.live
nba.com
store.nba.com
account-staging.nba.com
account.nba.com
play.nba.com
sdc.turner.com
www-all.nba.com
hk.nba.com
store.nba.com
*.nba.com
nba.com
nbae-support.nba.com
*.global.nba.com
*.nba.com
sni330fgl.wpc.edgecastcdn.net
google-videos-qa.nba.com
polls.turner.com
hk.nba.com
aspera.nba.com
exec.nba.com
webmail.sh.nba.com
returns.store.nba.com
www.turner.com
teamvideo.nba.com
ik.imagekit.io
dleaguestore.nba.com
akamai-san88.exacttarget.com
www-all.nba.com
dev.turner.com
vpnsh.nba.com
lrmedia.nba.com
vegasexpo.nba.com
www.sidekick.management
ik.imagekit.io
assets.nba.com
r2.shared.global.fastly.net
nbafantasy.nba.com
www.vegasexpo.nba.com
checkin.nba.com
*.internal.nba.com
sa1gl.wpc.edgecastcdn.net
www.turner.com
picks.nba.com
ct.nba.com
ik.imagekit.io
centercourtlive.nba.com
sdc.turner.com
audience.lab.nba.com
*.nba.com
*.nba.com
stage.nba.com
vpnhk.nba.com
consent.planetradio.co.uk
emediate.com.br
google-videos-qa.nba.com
global.nba.com
content.nba.com
gr.leaguepass.nba.com
stage.nba.com
smetrics.global.nba.com
nbaevents.nba.com
www.docsupport.nba.com
mydepartment.nba.com
audience.lab.nba.com
exec.nba.com
photostore.nba.com

Certificate

The complete raw certificate details for stage.nba.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILcDCCCligAwIBAgIQGs1E/L+myCJ8eE/dohcC/DANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcwNTExMDAwMDAwWhcNMTcwOTIxMjM1
OTU5WjBtMQswCQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxETAPBgNVBAcM
CE5ldyBZb3JrMSAwHgYDVQQKDBdOQkEgTWVkaWEgVmVudHVyZXMsIExMQzEWMBQG
A1UEAwwNc3RhZ2UubmJhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2dQ9XY0RbMyzo1DkL7lzNO7+OAGPiaHGYA3/uoVud0wRDTJcYWlDtedJG/
aN6Ubwida6FeHJoKCsJtp/5cL2IWQyP9WSUykhOvq0ivtOboqaFetkQPvh2E7Av2
UtaUHuDrEHSNRNW8DaGm5vMRMPxj+sPfYHAM6q2Kfbm6z0Y9Fw+wstEdjOJhgp75
Mr2HHhydTD6O/CMxSZCYt9OvbXEPTfG5sO/AgvAv4OB8YHy34Ey2PKBUKh7YgntR
Usu7SAEUYvCuP36i0XA9sYbfx9FNmKa5FioH5oz2hJBKEHQctGHRJfCJyaXklnuM
BSrKANM9RnPm1KKEhl9XADJ30LkCAwEAAaOCCDMwgggvMIIFoQYDVR0RBIIFmDCC
BZSCFnNlY3VyZS5jbXMzLnFhLm5iYS5jb22CEmNkbjMuc3RhZ2UubmJhLm5ldIIY
cHVibGlzaC5pbnQuYmV0YS5uYmEuY29tghNhdWRpZW5jZS5xYS5uYmEuY29tghF3
d3cuc3RhZ2UubmJhLmNvbYIPY2RuMS5xYS5uYmEubmV0ggtyZWYubmJhLmNvbYIK
cWEubmJhLmNvbYISc2VjdXJlLmludC5uYmEuY29tghBjZG4xLmludC5uYmEubmV0
ghlzZWN1cmUuY21zMy5zdGFnZS5uYmEuY29tghZ3d3cuc3RhZ2UuYmV0YS5uYmEu
Y29tghNwdXJjaGFzZS5xYS5uYmEuY29tghJwdWJsaXNoLnFhLm5iYS5jb22CD2Nk
bjIucWEubmJhLm5ldIISc3RhZ2UuYmV0YS5uYmEuY29tgg5jZG4ucWEubmJhLm5l
dIITd3d3LnFhLmJldGEubmJhLmNvbYIMZGF0YS5uYmEubmV0ghNwdWJsaXNoLmlu
dC5uYmEuY29tghdibGFja291dC5scC5pbnQubmJhLmNvbYIUd3d3LmludC5iZXRh
Lm5iYS5jb22CEmltYWdlcy5pbnQubmJhLm5ldIIQY2RuMS5yZWYubmJhLm5ldIIQ
cmVmLmJldGEubmJhLmNvbYIRc2VjdXJlLnFhLm5iYS5jb22CGnB1Ymxpc2guc3Rh
Z2UuYmV0YS5uYmEuY29tghNwaW5nLmxwLmludC5uYmEuY29tghBkYXRhLmludC5u
YmEubmV0ggtpbnQubmJhLmNvbYIPd3d3LmludC5uYmEuY29tghR3d3cucmVmLmJl
dGEubmJhLmNvbYIPY2RuLnJlZi5uYmEubmV0ghVzdHJlYW0ubHAuaW50Lm5iYS5j
b22CFHB1cmNoYXNlLmludC5uYmEuY29tgg9xYS5iZXRhLm5iYS5jb22CF3NlY3Vy
ZS5jbXMzLmludC5uYmEuY29tghBpbnQuYmV0YS5uYmEuY29tghZwdXJjaGFzZS5z
dGFnZS5uYmEuY29tghJzZWN1cmUucmVmLm5iYS5jb22CEmRhdGEuc3RhZ2UubmJh
Lm5ldIITcHVibGlzaC5yZWYubmJhLmNvbYIUZHluaW1nLnN0YWdlLm5iYS5uZXSC
EGNkbjMuaW50Lm5iYS5uZXSCD3d3dy5yZWYubmJhLmNvbYIQY2RuMy5yZWYubmJh
Lm5ldIIVcHVibGlzaC5zdGFnZS5uYmEuY29tgg5hcGkucWEubmJhLm5ldIIPZGF0
YS5xYS5uYmEubmV0ghBkYXRhLnNpbS5uYmEubmV0gg9jZG4zLnFhLm5iYS5uZXSC
Dnd3dy5xYS5uYmEuY29tghJkeW5pbWcuaW50Lm5iYS5uZXSCEWFwaS5zdGFnZS5u
YmEubmV0ghZzZWN1cmUucWEuYmV0YS5uYmEuY29tgg9hcGkuaW50Lm5iYS5uZXSC
EmNkbjEuc3RhZ2UubmJhLm5ldIIXcHVibGlzaC5xYS5iZXRhLm5iYS5jb22CEmNk
bjIuc3RhZ2UubmJhLm5ldIIRaW1hZ2VzLnFhLm5iYS5uZXSCEGNkbjQucmVmLm5i
YS5uZXSCEWNkbi5zdGFnZS5uYmEubmV0ghRpbWFnZXMuc3RhZ2UubmJhLm5ldIIU
cHVyY2hhc2UubGFiLm5iYS5jb22CD2Nkbi5pbnQubmJhLm5ldIIZc2VjdXJlLnN0
YWdlLmJldGEubmJhLmNvbYISc2VjdXJlLmxhYi5uYmEuY29tghBjZG4yLnJlZi5u
YmEubmV0ghdzZWN1cmUuaW50LmJldGEubmJhLmNvbYIQY2RuMi5pbnQubmJhLm5l
dIIUc2VjdXJlLnN0YWdlLm5iYS5jb22CDXN0YWdlLm5iYS5jb20wCQYDVR0TBAIw
ADAOBgNVHQ8BAf8EBAMCBaAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2duLnN5
bWNiLmNvbS9nbi5jcmwwgZ0GA1UdIASBlTCBkjCBjwYGZ4EMAQICMIGEMD8GCCsG
AQUFBwIBFjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9z
aXRvcnkvbGVnYWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3Qu
Y29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTSb/eW9IU/cjwwfSPahXibo3xafDBX
BggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nbi5zeW1jZC5jb20w
JgYIKwYBBQUHMAKGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3J0MIIBBQYKKwYB
BAHWeQIEAgSB9gSB8wDxAHcA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbs
vswAAAFb+RQ0yAAABAMASDBGAiEA4rihiLJEpu1k6ZsjlfPmyL/k6asUqU3tOHgd
194u7WICIQDZAY1pi74/8H2CCvhDfo0TMnfkimbxE/zzA4T7VXxnMAB2AKS5CZC0
GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABW/kUNQAAAAQDAEcwRQIhAISk
w2S8b3YmdFwmwX38OXzaDoOVu9clsvR/fn0oCD2NAiAOckyH8rDDL6qRb9YG0wBb
n9MAV19KhU+PgzhVNu44NTANBgkqhkiG9w0BAQsFAAOCAQEAHZm43lwI1bV/dggv
gRKCjej/K+Zoy4bBmBEu7rCjadnuXtZwkhB+r5fAIWMm840tawxB2M/vjBzFZEuS
KPzqhz6ORwW6YouwbR7Jw+VDqUGm1DUQjyEXQlQ2qIQSkhL8/I8+s0FQI4OBmLMH
k0sSHol/PZL9aZSUpBEg7xAUMrXNQrlyFnpBQcMtMONtK7q6lMBrOjrsi6hLdzvK
4pWm3kpMcqt8hcxqS0fvijzPgf/QdrKbTsYoTkOXodP9rwESi1w/FpkDQhUIeOPo
EJDwQhLOdV+UfoP78gdE1zoDNyVx03dWxQPXEUwUbVoADd7hSUnLqzyuq39CcXdg
KcuPdA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ1D1djRFszLOjUOQvuX
M07v44AY+JocZgDf+6hW53TBENMlxhaUO150kb9o3pRvCJ1roV4cmgoKwm2n/lwv
YhZDI/1ZJTKSE6+rSK+05uipoV62RA++HYTsC/ZS1pQe4OsQdI1E1bwNoabm8xEw
/GP6w99gcAzqrYp9ubrPRj0XD7Cy0R2M4mGCnvkyvYceHJ1MPo78IzFJkJi3069t
cQ9N8bmw78CC8C/g4HxgfLfgTLY8oFQqHtiCe1FSy7tIARRi8K4/fqLRcD2xht/H
0U2YprkWKgfmjPaEkEoQdBy0YdEl8InJpeSWe4wFKsoA0z1Gc+bUooSGX1cAMnfQ
uQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 35625747975070717938937452776778040060
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NBA Media Ventures, LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'stage.nba.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25956402770902813653651654637159315781125564270455989747034992751595278301665774698417188517459853707263821543206277605093821412935752171438080887880132064662871313771992711613161217212215473849542519456607597585705909241730968926066842677423431111176385282741273806442699176240228782229207660182917508521417679251305647356059342280531248248813510548579631587465610713152377986881728906458279837136745398360824543804473738059599654213983359048807544702822988993588489829273109553948215774038655331054843223617423583320350170668299794342988446444954201071031699330406689875863384067818787635751803298430981897098612921
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1432 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.cms3.qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn3.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.int.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'audience.qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stage.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn1.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ref.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn1.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.cms3.stage.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stage.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn2.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qa.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blackout.lp.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.int.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn1.ref.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ref.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.stage.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ping.lp.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ref.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.ref.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stream.lp.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.cms3.int.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'int.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.stage.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.ref.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.ref.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dynimg.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn3.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ref.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn3.ref.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.stage.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.sim.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn3.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qa.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dynimg.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.qa.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn1.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publish.qa.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn2.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.qa.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn4.ref.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.stage.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'purchase.lab.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.stage.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.lab.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn2.ref.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.int.beta.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn2.int.nba.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.stage.nba.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.nba.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015bf91434c80000040300483046022100e2b8a188b244a6ed64e99b2395f3e6c8bfe4e9ab14a94ded38781dd7de2eed62022100d9018d698bbe3ff07d820af8437e8d133277e48a66f113fcf30384fb557c6730007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015bf9143500000004030047304502210084a4c364bc6f7626745c26c17dfc397cda0e8395bbd725b2f47f7e7d28083d8d02200e724c87f2b0c32faa916fd606d3005b9fd300575f4a854f8f83385536ee3835
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001d99b8de5c08d5b57f76082f8112828de8ff2be668cb86c198112eeeb0a369d9ee5ed67092107eaf97c0216326f38d2d6b0c41d8cfef8c1cc5644b9228fcea873e8e4705ba628bb06d1ec9c3e543a941a6d435108f2117425436a884129212fcfc8f3eb3415023838198b307934b121e897f3d92fd699494a41120ef101432b5cd42b972167a4141c32d30e36d2bbaba94c06b3a3aec8ba84b773bcae295a6de4a4c72ab7c85cc6a4b47ef8a3ccf81ffd076b29b4ec6284e4397a1d3fdaf01128b5c3f16990342150878e3e81090f04212ce755f947e83fbf20744d73a03372571d37756c503d7114c146d5a000ddee14949cbab3caeab7f4271776029cb8f74