omk-uat.allegion.com
Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1
About this certificate
This digital certificate with serial number 07:4c:e2:2a:78:81:be:9a:64:05:f2:16:0f:3c:4f:cb was issued on by DigiCert, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=omk-uat.allegion.com
DigiCert, Inc.
Organization:
DigiCert, Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:4c:e2:2a:78:81:be:9a:64:05:f2:16:0f:3c:4f:cbSerial Number (int): 9703797721191361593642419100227227595
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: b0:89:a2:bf:4c:a7:14:77:7f:c2:9c:91:65:1f:b1:6c:50:3e:41:db
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23
Fingerprint (sha1): 0d:19:1d:fa:f6:f9:a2:de:cf:43:21:76:c3:bd:2f:54:5a:22:63:02
Fingerprint (sha256): 07:29:e8:ab:15:0e:82:87:e0:cb:ab:09:24:b4:41:5f:d7:02:94:ef:58:9d:c7:4e:75:60:5e:7e:85:24:12:cd
Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
Check the revocation status for certificate omk-uat.allegion.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for omk-uat.allegion.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
omk-uat.allegion.com
Other certificates including the domain name allegion.com
(limited to 100 certificates)
status.pipeimob.com.br
ordermanagement-api-uat.allegion.com
support.overtur.allegion.com
el-api-svc-prd.allegion.com
hrassignment-api-dev.allegion.com
el-api-svc-prd.allegion.com
overturkeying-api-uat.allegion.com
smetrics.allegion.com
status.markiiieb.com
discover-overtur.allegion.com
alm-uat.allegion.com
ind-av-veeam1.allegion.com
procom.allegion.com
cisasmartaccess.allegion.com
ivroderstatus-api-dev.allegion.com
ordermanagement-el-qa.allegion.com
overtur-uat.allegion.com
status.ngxnetworks.com
shw.rmt.status.descartes.com
shw.rmt.status.descartes.com
merlin-test.allegion.com
afdverify.beta-reporting.allegion.com
iq.syncd.tech
ind-av-ignition.allegion.com
as2test.allegion.com
ordermanagement-qa.allegion.com
startsmart.allegion.com
overtur-reports-api-qa.allegion.com
algchi-gm-ib-am.allegion.com
kc-test.allegion.com
status.us.premium.salusconnect.io
disponibilidade.activecorp.com.br
www.allegion.com
shw.rmt.status.descartes.com
overtur.allegion.com
alle-despatch-lane-manager-printer-prod.anz.allegion.com
status.quarklink.io
omk-uat.allegion.com
orderentryapi.allegion.com
startsmart.allegion.com
status.5starcoms.net
alm-dev.allegion.com
beta-planviewer.allegion.com
prn-av-opct1.allegion.com
m3uid01.allegion.com
overtur-sandbox-el.allegion.com
soca.allegion.com
shw.rmt.status.descartes.com
feedback.allegion.com
status.anywhere.asolvi.app
overturstatus.allegion.com
cmg.allegion.com
dev-cisasmartaccess.allegion.com
chicago2.allegion.com
www.allegion.com
www.allegion.com
support.overtur.allegion.com
apollo-fw-docs.allegion.com
emeia.allegion.com
www.fshlocking.com.au
accessmgmt-test.allegion.com
overturkeying-api-qa.allegion.com
c360.allegion.com
level4.allegion.com
discover-overtur.allegion.com
status.mapworks.io
americas.allegion.com
www.allegion.com
notifications-dev.allegion.com
accessmgmt-dev.allegion.com
startsmart.allegion.com
shw.rmt.status.descartes.com
notifications-qa.allegion.com
hrassignment-dev.allegion.com
status.pipeimob.com.br
status.doccle.be
mcprod.macle.bricard.com
status.lenderdock.com
shw.rmt.status.descartes.com
m3bed01.allegion.com
vip.allegion.com
www.allegion.com
alle-identity-api.allegion.com
chicago2.allegion.com
soca.allegion.com
ivroderstatus-api-dev.allegion.com
beta-reporting.allegion.com
cisasmartaccess.allegion.com
tooling.allegion.com
beta-history.allegion.com
shw.rmt.status.descartes.com
colwvwcappt1.allegion.com
iq.syncd.tech
alle-operation-reporting-portal-production.anz.allegion.com
ordermanagement.allegion.com
sni22ce5gl.wpc.edgecastcdn.net
ivroderstatus-api-dev.allegion.com
level4.allegion.com
soca-dev.allegion.com
support.overtur.allegion.com
ordermanagement-api-uat.allegion.com
support.overtur.allegion.com
el-api-svc-prd.allegion.com
hrassignment-api-dev.allegion.com
el-api-svc-prd.allegion.com
overturkeying-api-uat.allegion.com
smetrics.allegion.com
status.markiiieb.com
discover-overtur.allegion.com
alm-uat.allegion.com
ind-av-veeam1.allegion.com
procom.allegion.com
cisasmartaccess.allegion.com
ivroderstatus-api-dev.allegion.com
ordermanagement-el-qa.allegion.com
overtur-uat.allegion.com
status.ngxnetworks.com
shw.rmt.status.descartes.com
shw.rmt.status.descartes.com
merlin-test.allegion.com
afdverify.beta-reporting.allegion.com
iq.syncd.tech
ind-av-ignition.allegion.com
as2test.allegion.com
ordermanagement-qa.allegion.com
startsmart.allegion.com
overtur-reports-api-qa.allegion.com
algchi-gm-ib-am.allegion.com
kc-test.allegion.com
status.us.premium.salusconnect.io
disponibilidade.activecorp.com.br
www.allegion.com
shw.rmt.status.descartes.com
overtur.allegion.com
alle-despatch-lane-manager-printer-prod.anz.allegion.com
status.quarklink.io
omk-uat.allegion.com
orderentryapi.allegion.com
startsmart.allegion.com
status.5starcoms.net
alm-dev.allegion.com
beta-planviewer.allegion.com
prn-av-opct1.allegion.com
m3uid01.allegion.com
overtur-sandbox-el.allegion.com
soca.allegion.com
shw.rmt.status.descartes.com
feedback.allegion.com
status.anywhere.asolvi.app
overturstatus.allegion.com
cmg.allegion.com
dev-cisasmartaccess.allegion.com
chicago2.allegion.com
www.allegion.com
www.allegion.com
support.overtur.allegion.com
apollo-fw-docs.allegion.com
emeia.allegion.com
www.fshlocking.com.au
accessmgmt-test.allegion.com
overturkeying-api-qa.allegion.com
c360.allegion.com
level4.allegion.com
discover-overtur.allegion.com
status.mapworks.io
americas.allegion.com
www.allegion.com
notifications-dev.allegion.com
accessmgmt-dev.allegion.com
startsmart.allegion.com
shw.rmt.status.descartes.com
notifications-qa.allegion.com
hrassignment-dev.allegion.com
status.pipeimob.com.br
status.doccle.be
mcprod.macle.bricard.com
status.lenderdock.com
shw.rmt.status.descartes.com
m3bed01.allegion.com
vip.allegion.com
www.allegion.com
alle-identity-api.allegion.com
chicago2.allegion.com
soca.allegion.com
ivroderstatus-api-dev.allegion.com
beta-reporting.allegion.com
cisasmartaccess.allegion.com
tooling.allegion.com
beta-history.allegion.com
shw.rmt.status.descartes.com
colwvwcappt1.allegion.com
iq.syncd.tech
alle-operation-reporting-portal-production.anz.allegion.com
ordermanagement.allegion.com
sni22ce5gl.wpc.edgecastcdn.net
ivroderstatus-api-dev.allegion.com
level4.allegion.com
soca-dev.allegion.com
support.overtur.allegion.com
Certificate
The complete raw certificate details for omk-uat.allegion.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHmDCCBYCgAwIBAgIQB0ziKniBvppkBfIWDzxPyzANBgkqhkiG9w0BAQsFADBc MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN MjQwMTMwMDAwMDAwWhcNMjQwNzMwMjM1OTU5WjAfMR0wGwYDVQQDExRvbWstdWF0 LmFsbGVnaW9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAODh Jk6xOZ181LyTFdiJJj8idS4wO5N2hCbH45XyhZCC6Qul9E1fFnqQLL2TwGejgDgg 0SR05EL3xGoE5ZgqJHPXCKsNsse8n4zL4S4Z3Vfim/mM2dRGtbYaG12RTPSIf/8S gy8TPF4sdJTcNatmOaPM0SkTy/L2r2DU5CK1zegdytOCdAv4MBiWu/lkoofgojtz 2n15/9kJuywRvQnIWfKggbNvirWUvSQg/ftKkJMYr9pdZyY/2yZGpNjGRjPxuaXS yx82dkLTmdJnBKs6Mb9AV332A03GBFjOkzkINS/3olk7zliyUq5w+MEO89FidUvC Q+/DcvCBb3bWtOhERf0CAwEAAaOCA5EwggONMB8GA1UdIwQYMBaAFKW01us2xOdr pt/EZAsBKiAEuGYjMB0GA1UdDgQWBBSwiaK/TKcUd3/CnJFlH7FsUD5B2zAfBgNV HREEGDAWghRvbWstdWF0LmFsbGVnaW9uLmNvbTA+BgNVHSAENzA1MDMGBmeBDAEC ATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYD VR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vR2VvVHJ1 c3RHbG9iYWxUTFNSU0E0MDk2U0hBMjU2MjAyMkNBMS5jcmwwSKBGoESGQmh0dHA6 Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEy NTYyMDIyQ0ExLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRw Oi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRz LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIy Q0ExLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkA dgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAY1cXHM+AAAEAwBH MEUCIQC77u9lK1aTPmPY25x322iOG+qPTTLdX70WUsOEnxGqgwIgf6SZp1j2kghC VNfyILuoAolKkB/W/L9DBnwlJDG5zQwAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bd LIHZu7+rOdiEcwAAAY1cXHNjAAAEAwBHMEUCIHdfA8jQeK/FkMma1C+v8awqj7in kSASWy95YEEH1GieAiEAq+rniC180JC6jsRTV+TGm1ZVFIkNBaslv6jHi4KzDBsA dwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAY1cXHNdAAAEAwBI MEYCIQCU448xk1CqmRSgPJ6UnnphNDwXscWVzdf6WCe5ub8e7QIhALl23J/py4Fx fC2kD7NoErLye5eOJgBEcnaHdje+hNeaMA0GCSqGSIb3DQEBCwUAA4ICAQALV2BV 72tKFW0zZUGGhMI+APCRd28byUhGN6e2MWna73Mi3/aR6OOWI2PmjbBlkumwjR/E 4z3nPmiuAaHn4VTCwYcC3h1pU2UnYFFHw8cxEqGQitoFhIxsBDBW9PPil4WHcx6u FhfirqcT3nFGTMZMBWKlTRWPnv04nmSetR2n1Ki7p+ifyxelH3wQCwyoYNhRe+B7 j5cWT671LaBN217LSrLovxrNxaP9dd6LFZcTb7qz8UumVp/DNNeceVuQThFZdjGT /fmsxnMBAU0nv1gNABYQ7pmAH458jSufYtbd8cgcUmi0u3muUr9Knx25yUv3TQko qh7Ka6DgGuYCTsmdrLDyvaW8O+IJ5OmfpkJrpV+h9XJh6XZ/I/z8PhipodBdgU9J pfZQCrgVIB3HzWlg3Jav/6fSRJ0WouX2Gt5V5lYoGPUJIkZQeNVHKNRVkMsTfLBL gBIFa268Cf9kaeCccsSQznd1safe7ZAizehMEvib9+BRjtLnxOm69Fw0bToDZRb5 RVb4p9bIQgF1POs5BbbN6pn9CePTK8KyHWaY3VAZGSmVlZVsdR2e52xBlg6V3kW+ S8mZJNGxUJ52W6cONdx4ReDPJ4p//Ex7H9o0e26Tl7DD7DbR3NCH4DMr5e+WIRTT fMH7SW8K3Bu8OHwwUPvXVHkmLW7WXJvG9M7xxw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OEmTrE5nXzUvJMV2Ikm PyJ1LjA7k3aEJsfjlfKFkILpC6X0TV8WepAsvZPAZ6OAOCDRJHTkQvfEagTlmCok c9cIqw2yx7yfjMvhLhndV+Kb+YzZ1Ea1thobXZFM9Ih//xKDLxM8Xix0lNw1q2Y5 o8zRKRPL8vavYNTkIrXN6B3K04J0C/gwGJa7+WSih+CiO3PafXn/2Qm7LBG9CchZ 8qCBs2+KtZS9JCD9+0qQkxiv2l1nJj/bJkak2MZGM/G5pdLLHzZ2QtOZ0mcEqzox v0BXffYDTcYEWM6TOQg1L/eiWTvOWLJSrnD4wQ7z0WJ1S8JD78Ny8IFvdta06ERF /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9703797721191361593642419100227227595 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'omk-uat.allegion.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28388405736991947662858399606875336880226289630784371092230318548110781241249022588607610555538121192383339743023203636450599420283183688371437922367025222071553509612095590622591432599695027996846876717027332161740342503025039885007677501089249885681194825147328236039648356389959166953310745841777647346341005504817645454689447742747820094486491074147268891494654286951941879530886994635417877337003037819967048822574209820418181908370837976565393895381645111271822256907041000910650615700350894230758986297701181420177285086285450809300006327241845021219630774072142536379228487421000935791404469290884314198984189 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b089a2bf4ca714777fc29c91651fb16c503e41db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'omk-uat.allegion.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d5c5c733e0000040300473045022100bbeeef652b56933e63d8db9c77db688e1bea8f4d32dd5fbd1652c3849f11aa8302207fa499a758f692084254d7f220bba802894a901fd6fcbf43067c252431b9cd0c00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d5c5c736300000403004730450220775f03c8d078afc590c99ad42faff1ac2a8fb8a79120125b2f79604107d4689e022100abeae7882d7cd090ba8ec45357e4c69b565514890d05ab25bfa8c78b82b30c1b007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018d5c5c735d000004030048304602210094e38f319350aa9914a03c9e949e7a61343c17b1c595cdd7fa5827b9b9bf1eed022100b976dc9fe9cb81717c2da40fb36812b2f27b978e2600447276877637be84d79a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000b576055ef6b4a156d3365418684c23e00f091776f1bc9484637a7b63169daef7322dff691e8e3962363e68db06592e9b08d1fc4e33de73e68ae01a1e7e154c2c18702de1d69536527605147c3c73112a1908ada05848c6c043056f4f3e2978587731eae1617e2aea713de71464cc64c0562a54d158f9efd389e649eb51da7d4a8bba7e89fcb17a51f7c100b0ca860d8517be07b8f97164faef52da04ddb5ecb4ab2e8bf1acdc5a3fd75de8b1597136fbab3f14ba6569fc334d79c795b904e1159763193fdf9acc67301014d27bf580d001610ee99801f8e7c8d2b9f62d6ddf1c81c5268b4bb79ae52bf4a9f1db9c94bf74d0928aa1eca6ba0e01ae6024ec99dacb0f2bda5bc3be209e4e99fa6426ba55fa1f57261e9767f23fcfc3e18a9a1d05d814f49a5f6500ab815201dc7cd6960dc96afffa7d2449d16a2e5f61ade55e6562818f50922465078d54728d45590cb137cb04b8012056b6ebc09ff6469e09c72c490ce7775b1a7deed9022cde84c12f89bf7e0518ed2e7c4e9baf45c346d3a036516f94556f8a7d6c84201753ceb3905b6cdea99fd09e3d32bc2b21d6698dd501919299595956c751d9ee76c41960e95de45be4bc99924d1b1509e765ba70e35dc7845e0cf278a7ffc4c7b1fda347b6e9397b0c3ec36d1dcd087e0332be5ef962114d37cc1fb496f0adc1bbc387c3050fbd75479262d6ed65c9bc6f4cef1c7