sf-webtocase.societegenerale.com

- Societe Generale -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 05:0a:c7:51:6d:eb:8c:b4:d0:27:ac:c0:2e:dc:d5:bd was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Societe Generale

Organization: Societe Generale
Organization unit: IT
Locality: PARIS
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:0a:c7:51:6d:eb:8c:b4:d0:27:ac:c0:2e:dc:d5:bd
Serial Number (int): 6702105598520846083486783235266762173
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 05:7e:a7:fc:31:72:0a:b5:6a:55:d5:24:88:35:8b:33:2e:a7:d5:25
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 14:b5:83:b4:58:9d:96:fe:53:7c:d0:44:5b:0d:e0:cc:5d:24:75:ea
Fingerprint (sha256): 07:a0:e2:b1:08:42:06:1d:9f:08:95:69:ce:85:de:14:b8:69:0f:06:6f:ad:32:e5:86:01:47:8a:89:9e:19:ef

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate sf-webtocase.societegenerale.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sf-webtocase.societegenerale.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sf-webtocase.societegenerale.com

Other certificates including the domain name societegenerale.com

(limited to 100 certificates)
h2-imap.societegenerale.com
partners-api.bsc.societegenerale.com
ceros3.map.fastly.net
warrantspushserver.societegenerale.com
parlons-auto.societegenerale.com
cash2business.factoring.societegenerale.com
infact.factoring.societegenerale.fr
jazz-ou-sobrio.societegenerale.com
demo-sgw.societegenerale.com
ceros3.map.fastly.net
ceros3.map.fastly.net
hsharinbox.societegenerale.com
itsat.societegenerale.com
taleo.exit.societegenerale.com
document-de-reference.societegenerale.com
pre1.ebanking.privatebanking.societegenerale.com
privatebanking.societegenerale.com
h-report.vip.equipmentfinance.societegenerale.com
sso-sogecashweb.societegenerale.com
chatbotrcf.assurances.societegenerale.com
gesop-subscribe.societegenerale.com
webclear.societegenerale.com
filetransfer.hpr.tomf.societegenerale.com
careers.socgen.com
sni.cloudflaressl.com
suite3.securitiesservices.societegenerale.com
homowebclear.societegenerale.com
hsharinbox.societegenerale.com
careers.societegenerale.com
unified-access.societegenerale.com
sgnews.societegenerale.com
san-004.ceros.com
sni.cloudflaressl.com
h-esign.societegenerale.com
coxetnel-oeuffactory.societegenerale.com
seasonsgreetings.societegenerale.com
linstantprive.privatebanking.societegenerale.com
assurances.societegenerale.com
www.equipmentfinance.societegenerale.com
factoring.societegenerale.com
h-taleo.exit.societegenerale.com
www.blackbird.societegenerale.com
ambassadorsday.societegenerale.com
assurances.societegenerale.com
homo.webadmin.societegenerale.com
h-partners-api.bsc.societegenerale.com
homowebsight.societegenerale.com
sni.cloudflaressl.com
*.pinterestceros.com
ceros3.map.fastly.net
sourcing-hub-reporting.societegenerale.com
h-lamatinale.societegenerale.com
san-004.ceros.com
monsieurmadame.societegenerale.com
san-004.ceros.com
hob-isis.societegenerale.com
netkin.eu
Nouveauxmodeles.societegenerale.com
sf-webtocase.societegenerale.com
sogecash-ebics.societegenerale.com
appliactionnaire.societegenerale.com
login.securitiesservices.societegenerale.com
ambassadorsday.societegenerale.com
portail-pca.factoring.societegenerale.com
infact.factoring.societegenerale.fr
san-004.ceros.com
swordphish.cert.societegenerale.com
apps.bsc.aws.societegenerale.com
www.scf-servicing-hom.societegenerale.com
h2-imap.societegenerale.com
immsituadmin.societegenerale.com
careers.socgen.com
getready.societegenerale.com
www.soactif.societegenerale.com
carte-bancaire-gratuite.societegenerale.com
cert.societegenerale.com
innovshare.societegenerale.com
ceros3.map.fastly.net
projects.societegenerale.com
www.scf-servicing.societegenerale.com
suite3.securitiesservices.societegenerale.com
sso-sogecashweb.societegenerale.com
live.societegenerale.com
homo-login.securitiesservices.societegenerale.com
h-unified-access.societegenerale.com
san-004.ceros.com
www.equipmentfinance.societegenerale.com
reglement.societegenerale.com
h-report.vip.equipmentfinance.societegenerale.com
h-report.vip.equipmentfinance.societegenerale.com
activation.caff.societegenerale.com
jazz-ou-sobrio.societegenerale.com
sni.cloudflaressl.com
dublinportal.societegenerale.com
boxallinclusive.societegenerale.com
ceros3.map.fastly.net
hfilegtw.societegenerale.com
ceros3.map.fastly.net
ceros3.map.fastly.net
seasonsgreetings.societegenerale.com

Certificate

The complete raw certificate details for sf-webtocase.societegenerale.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGsDCCBZigAwIBAgIQBQrHUW3rjLTQJ6zALtzVvTANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwMjA1MDAwMDAwWhcN
MjAwMjA2MTIwMDAwWjBwMQswCQYDVQQGEwJGUjEOMAwGA1UEBxMFUEFSSVMxGTAX
BgNVBAoTEFNvY2lldGUgR2VuZXJhbGUxCzAJBgNVBAsTAklUMSkwJwYDVQQDEyBz
Zi13ZWJ0b2Nhc2Uuc29jaWV0ZWdlbmVyYWxlLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANjCRmKcskLoUnB2l5c99VmJaqeG3+ZnIzZY+CZv7ixZ
RhHjNJ1L6XWkjObiKRlQsWBrDZduAz5IgjwHSg0uVSjfL3AsA7/se95lyQ1bNjYX
EH6QrwLcXrOuJ27cxw2hjB2vVvSh7KJEQi5ykNAPW3pqEpiFy50H/iVgRxo973o4
NucUhifAzmYJBhiCNpJZ0itWCsPuwvmoeljlkmwRKqUz4MNIvO+H+QZmBP6ActK+
+P5fDJJSU5sQhM5NT+b/BEkYdcVT2OP/2y+noBgtu3O0cvtPLP3t0k36ZXOJgOsE
i34JA50WmbNzfG/11rGY2iA2uCbvv//P+PFdurMEf28CAwEAAaOCA2cwggNjMB8G
A1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQFfqf8MXIK
tWpV1SSINYszLqfVJTArBgNVHREEJDAigiBzZi13ZWJ0b2Nhc2Uuc29jaWV0ZWdl
bmVyYWxlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2Vy
dC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAq
MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeB
DAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
Z2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIB
fwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb
37jjd80OyA3cEAAAAWFmef/MAAAEAwBGMEQCIAjP2sB1Tr8y+j6woBRHUCRrtbma
ZtdqPkcHWHTVOcFFAiBgvu388n/X/5rs5K/p5oyLEJmvFDlJuAUIniNwFr4/zQB3
AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYWZ6AL8AAAQDAEgw
RgIhAIpxrWiKdo98ZrlQI09rzW0z+QXIdLNoMnMAMMEHGwuPAiEA76TdBGIsSmZH
aSqxWbvqrgT4btSZuyptcpuX9Esqm+0AdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS
6BqQlmQ2jh7RhQAAAWFmegCjAAAEAwBIMEYCIQCQDACcQ8iyo135A+2oMTpugXtl
gfs4LNjUKuSMU1uMdwIhAN5ixLGq1z6Zis4M5j6efel2bhul8ryxu0+kv1yo8RBU
MA0GCSqGSIb3DQEBCwUAA4IBAQDPcJG3WUXlmpSYOPuCAwswrYdXu/gtk2xODpx1
/7rAP5UPMeAHKRqIQStnGzkv9KndGpisn2LSaV0IAUsynrY9qwvSEhDRbXbS8xdT
LecqbU9PriGQbnhNSTWkJEUBM2IYg56IsH0CJdUFq50eBotYjfxA8FNfcBTR0Cz/
ppEOfdhJGS9Q0kjrUcr7Jv5whU7nnh+lPQAr3ufxJPjGQfEFpxjdkA7j3JVpWSXT
6WE5S6oetEd4yTXQTEBOTCyljJAc1mTjU4JGdkP/lUvYxa9WwyrVb71VkZeVlrEe
IgWhDOSpO9afS+XRCnw6aEqkbEPhZom9kcl1wVcWl9NkGDNw
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MJGYpyyQuhScHaXlz31
WYlqp4bf5mcjNlj4Jm/uLFlGEeM0nUvpdaSM5uIpGVCxYGsNl24DPkiCPAdKDS5V
KN8vcCwDv+x73mXJDVs2NhcQfpCvAtxes64nbtzHDaGMHa9W9KHsokRCLnKQ0A9b
emoSmIXLnQf+JWBHGj3vejg25xSGJ8DOZgkGGII2klnSK1YKw+7C+ah6WOWSbBEq
pTPgw0i874f5BmYE/oBy0r74/l8MklJTmxCEzk1P5v8ESRh1xVPY4//bL6egGC27
c7Ry+08s/e3STfplc4mA6wSLfgkDnRaZs3N8b/XWsZjaIDa4Ju+//8/48V26swR/
bwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6702105598520846083486783235266762173
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-06 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PARIS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Societe Generale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sf-webtocase.societegenerale.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27363274417203244918208990335165116087073295259455179663639910604726035595977239358916932441392597223447756502579995613783293804101776093262946091798831171188864817236832990971444150864186825937882058857012220337910283708156913037631907576463033569860300709379396552297853481431725578938265914500090431991638330863108236152665831855388850991189383491509611788203236056573542981882210242330330396132494142449006777820908902711518187656227208437547598937278358794831520910093583042390589368524802410675663082308367411604691578714882502411881755798228028249975537467015267556767717299319443003244017096370613489135550319
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							057ea7fc31720ab56a55d52488358b332ea7d525
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sf-webtocase.societegenerale.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001616679ffcc0000040300463044022008cfdac0754ebf32fa3eb0a0144750246bb5b99a66d76a3e47075874d539c145022060beedfcf27fd7ff9aece4afe9e68c8b1099af143949b805089e237016be3fcd0077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000161667a00bf00000403004830460221008a71ad688a768f7c66b950234f6bcd6d33f905c874b36832730030c1071b0b8f022100efa4dd04622c4a6647692ab159bbeaae04f86ed499bb2a6d729b97f44b2a9bed007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000161667a00a30000040300483046022100900c009c43c8b2a35df903eda8313a6e817b6581fb382cd8d42ae48c535b8c77022100de62c4b1aad73e998ace0ce63e9e7de9766e1ba5f2bcb1bb4fa4bf5ca8f11054
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00cf7091b75945e59a949838fb82030b30ad8757bbf82d936c4e0e9c75ffbac03f950f31e007291a88412b671b392ff4a9dd1a98ac9f62d2695d08014b329eb63dab0bd21210d16d76d2f317532de72a6d4f4fae21906e784d4935a4244501336218839e88b07d0225d505ab9d1e068b588dfc40f0535f7014d1d02cffa6910e7dd849192f50d248eb51cafb26fe70854ee79e1fa53d002bdee7f124f8c641f105a718dd900ee3dc95695925d3e961394baa1eb44778c935d04c404e4c2ca58c901cd664e35382467643ff954bd8c5af56c32ad56fbd5591979596b11e2205a10ce4a93bd69f4be5d10a7c3a684aa46c43e16689bd91c975c1571697d364183370