zenith-cb.ad.medallia.com
Issued by SSL.com RSA SSL subCA
About this certificate
This digital certificate with serial number 74:97:82:25:88:3b:48:2f:ec:ed:4c:96:62:66:6a:41 was issued on by SSL Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=zenith-cb.ad.medallia.com
SSL Corporation
Organization:
SSL Corporation
State / Province:
Texas
Locality: Houston
Country: US
Locality: Houston
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 74:97:82:25:88:3b:48:2f:ec:ed:4c:96:62:66:6a:41Serial Number (int): 154977124023541116827201644559918852673
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 71:70:8f:e5:64:31:ac:0e:79:58:e8:ed:27:64:30:ad:c4:24:7b:9c
AuthorityKeyId: 26:14:7e:e0:dc:d7:a6:f7:e2:d4:04:27:df:61:f1:c2:ec:e7:32:ca
Fingerprint (sha1): 89:05:cb:36:3c:5f:dc:27:42:7e:e2:0f:f7:2e:b9:0a:02:8e:34:30
Fingerprint (sha256): 07:c1:d0:96:2e:6e:e5:4b:dd:d5:21:32:b7:13:9a:5c:98:c5:fa:5b:cf:a9:27:01:a9:b9:0d:54:d7:a7:34:7b
Issuing Certificate URL: http://www.ssl.com/repository/SSLcom-SubCA-SSL-RSA-4096-R1.crt
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/SSLcomRSASSLsubCA.crl
Check the revocation status for certificate zenith-cb.ad.medallia.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for zenith-cb.ad.medallia.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
zenith-cb.ad.medallia.com
www.zenith-cb.ad.medallia.com
www.zenith-cb.ad.medallia.com
Other certificates including the domain name medallia.com
(limited to 100 certificates)
*.aws-stg.medallia.com
1e291ab3status.snowflake.com
e2.shared.global.fastly.net
*.medallia.com
dns-vetting1c.map.fastly.net
es.medallia.com
*.sbx.usps.medallia.com
blog.medallia.com
*.jiveon.com
pt.medallia.com
1e291ab3status.snowflake.com
jobs.medallia.com
medallia.com
*.usps.medallia.com
*.digital-qa2.medallia.com
e2.shared.global.fastly.net
www.medallia.com
bp1054598.saagie.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
e2.shared.global.fastly.net
sales.medallia.com
medallia.com
*.md-apis.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
*.sbx.den.medallia.com
e2.shared.global.fastly.net
ocem-assessment-b2b.medallia.com
g2.shared.global.fastly.net
*.digital-cloud-syd1.medallia.com
*.digital-cloud-bofa.medallia.com
e2.shared.global.fastly.net
*.crowdicity-us1.medallia.com
*.sbx.sc4.medallia.com
*.eng.medallia.com
radius.medallia.com
e2.shared.global.fastly.net
*.iad1.medallia.com
bunnings-surveyauth-qa.customapps.medallia.com
blog.medallia.com
cvs-surveyauth-qa.customapps.medallia.com
bankofamerica.medallia.com
e2.shared.global.fastly.net
e2.shared.global.fastly.net
statuspage.io
statuspage.io
g2.shared.global.fastly.net
medallia.com
*.appsol.medallia.com
*.aws-stg.medallia.com
metrics.medallia.com
bp1054598.saagie.com
statuspage.io
*.apis.crt-qa1.den.medallia.com
zulu.tau.medallia.com
g2.shared.global.fastly.net
product-descriptions.medallia.com
cs-sm.medallia.com
*.sbx.fedw1.medallia.com
*.jed1.medallia.com
*.jed1.medallia.com
bp1054598.saagie.com
go.medallia.com
dns-vetting1c.map.fastly.net
dns-vetting1c.map.fastly.net
eola-test-survey.medallia.com
medallia.com
g2.shared.global.fastly.net
*.aws-lhr1.medallia.com
*.monkeylearn-1.sea1.medallia.com
*.eng.medallia.com
*.digital-cloud-gov-stg.medallia.com
*.apis.eng.sin1.medallia.com
e2.shared.global.fastly.net
1e291ab3status.snowflake.com
walmart-surveyauth-prod.customapps.medallia.com
*.digital-cloud-gov.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
*.agileresearch.medallia.com
*.fra2.medallia.com
*.sbx.voice.medallia.com
sea1.cdn.survey.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
g2.shared.global.fastly.net
api.medallia.com
*.hnd1.medallia.com
*.stella-legacy-devops.medallia.com
sales.medallia.com
dns-vetting1c.map.fastly.net
medallia.com
ix1.gc.medallia.com
medallia.com
*.sbx.ibm.medallia.com
*.stella-legacy-devops.medallia.com
1e291ab3status.snowflake.com
*.aws-pdx1.medallia.com
zenith-cb.ad.medallia.com
1e291ab3status.snowflake.com
e2.shared.global.fastly.net
*.medallia.com
dns-vetting1c.map.fastly.net
es.medallia.com
*.sbx.usps.medallia.com
blog.medallia.com
*.jiveon.com
pt.medallia.com
1e291ab3status.snowflake.com
jobs.medallia.com
medallia.com
*.usps.medallia.com
*.digital-qa2.medallia.com
e2.shared.global.fastly.net
www.medallia.com
bp1054598.saagie.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
e2.shared.global.fastly.net
sales.medallia.com
medallia.com
*.md-apis.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
*.sbx.den.medallia.com
e2.shared.global.fastly.net
ocem-assessment-b2b.medallia.com
g2.shared.global.fastly.net
*.digital-cloud-syd1.medallia.com
*.digital-cloud-bofa.medallia.com
e2.shared.global.fastly.net
*.crowdicity-us1.medallia.com
*.sbx.sc4.medallia.com
*.eng.medallia.com
radius.medallia.com
e2.shared.global.fastly.net
*.iad1.medallia.com
bunnings-surveyauth-qa.customapps.medallia.com
blog.medallia.com
cvs-surveyauth-qa.customapps.medallia.com
bankofamerica.medallia.com
e2.shared.global.fastly.net
e2.shared.global.fastly.net
statuspage.io
statuspage.io
g2.shared.global.fastly.net
medallia.com
*.appsol.medallia.com
*.aws-stg.medallia.com
metrics.medallia.com
bp1054598.saagie.com
statuspage.io
*.apis.crt-qa1.den.medallia.com
zulu.tau.medallia.com
g2.shared.global.fastly.net
product-descriptions.medallia.com
cs-sm.medallia.com
*.sbx.fedw1.medallia.com
*.jed1.medallia.com
*.jed1.medallia.com
bp1054598.saagie.com
go.medallia.com
dns-vetting1c.map.fastly.net
dns-vetting1c.map.fastly.net
eola-test-survey.medallia.com
medallia.com
g2.shared.global.fastly.net
*.aws-lhr1.medallia.com
*.monkeylearn-1.sea1.medallia.com
*.eng.medallia.com
*.digital-cloud-gov-stg.medallia.com
*.apis.eng.sin1.medallia.com
e2.shared.global.fastly.net
1e291ab3status.snowflake.com
walmart-surveyauth-prod.customapps.medallia.com
*.digital-cloud-gov.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
*.agileresearch.medallia.com
*.fra2.medallia.com
*.sbx.voice.medallia.com
sea1.cdn.survey.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
g2.shared.global.fastly.net
api.medallia.com
*.hnd1.medallia.com
*.stella-legacy-devops.medallia.com
sales.medallia.com
dns-vetting1c.map.fastly.net
medallia.com
ix1.gc.medallia.com
medallia.com
*.sbx.ibm.medallia.com
*.stella-legacy-devops.medallia.com
1e291ab3status.snowflake.com
*.aws-pdx1.medallia.com
zenith-cb.ad.medallia.com
Certificate
The complete raw certificate details for zenith-cb.ad.medallia.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8zCCA9ugAwIBAgIQdJeCJYg7SC/s7UyWYmZqQTANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg U1NMIHN1YkNBMB4XDTE5MTIyMDE5MzA0MFoXDTIwMTIxOTE5MzA0MFowJDEiMCAG A1UEAwwZemVuaXRoLWNiLmFkLm1lZGFsbGlhLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAMIjde9arJQu2SujHeq4NltDqizPjr5d6JXwUWmzpiO7 rXiMeh9s6cKdMrgGUHe0bb1wu8TKXs3/2zQUPos+bFXUsjXN3qKTFcDJ9td9pOlH LMOlrTN83t3/ltr9TO0+q1cLORXwvPSQLdkeqG6xG3P6bBXtuak5aFnAIRnuIfFW HI0CEKQ7cSoveqa9XULE6jth87ajEapkKTB+R47YZLJQlwQ9CINMgbPu12QjPzr3 dmeciA8607MpGd0cdhoWpxq176AeoqJ/uSX4dDvlIuGbEcJbTaDn7iIsUSQ2pg3Q WCsCy7URyF6V/ZYtFBPz/mlmHKoPkS3iPqG6FlSDZj0CAwEAAaOCAdowggHWMB8G A1UdIwQYMBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHwGCCsGAQUFBwEBBHAwbjBK BggrBgEFBQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29t LVN1YkNBLVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9v Y3Nwcy5zc2wuY29tMEMGA1UdEQQ8MDqCGXplbml0aC1jYi5hZC5tZWRhbGxpYS5j b22CHXd3dy56ZW5pdGgtY2IuYWQubWVkYWxsaWEuY29tMFEGA1UdIARKMEgwCAYG Z4EMAQIBMDwGDCsGAQQBgqkwAQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3 dy5zc2wuY29tL3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF BwMBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29t UlNBU1NMc3ViQ0EuY3JsMB0GA1UdDgQWBBRxcI/lZDGsDnlY6O0nZDCtxCR7nDAO BgNVHQ8BAf8EBAMCBaAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQEL BQADggIBAA+IETKHJ0eLr+epW4Ma4X2Eum2rrTNXNSQJbG/f1/KXBR2ykV1k8FKm Wr3KiOeP2/93EMHui8ljsyPlZkl1qBlE7uDGkW+JR/Nz/E62NkTZ3QlWPSsuDhGL VXZ/XAnYH2z0MlTPnS3Yegf0fxfcNON4Hq8FDbl1pdls+DNVN5nxC/5C8WAKFxcs WOnDqXrQDHMkHP/5gHeCI4C3RHXsjLBlT6gN0r4+aVQhYexce2nkibnc+IKXJhM7 iBgdREan7QwrUUBxqYTZcWxZBctde6I6LPCFRwOakQf1LCZ8vSvdwtp6DEeeGbCV YJ/R8cRJuV5za5VFUoSHeUbG1QCbNtm8LZBnTRzGRnmPunnYWnW3LiEys1rK50eM l1T1L223g0vwBDOq2cc2Ee1TADhpJYxfqTm205xLtpMWIidYhdSFRxuDK6yeJulS sjOnopU3EimrxVG+mzJlAn7gJDgabpFZI11vKxhVIYpXDm5Sky/AbXXm46ZdBFvh fqYTTIPkrN2pBB07DyWiSUjjTitbsF3uocJIlO3CpDcCVU9Wo9tFfI4L4y1P+N4F oKvCEGlvRK1kDMvQW1R/wegTfNXDvzqWEPp/v6wMYnVporu2kxYDk0M47bOU8Rz6 TqQUejXv137kXgDGZW0c4Wy5FdaoIeVllNVLwhC8MVaos2zZ6Nx9 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiN171qslC7ZK6Md6rg2 W0OqLM+Ovl3olfBRabOmI7uteIx6H2zpwp0yuAZQd7RtvXC7xMpezf/bNBQ+iz5s VdSyNc3eopMVwMn2132k6Ucsw6WtM3ze3f+W2v1M7T6rVws5FfC89JAt2R6obrEb c/psFe25qTloWcAhGe4h8VYcjQIQpDtxKi96pr1dQsTqO2HztqMRqmQpMH5Hjthk slCXBD0Ig0yBs+7XZCM/Ovd2Z5yIDzrTsykZ3Rx2GhanGrXvoB6ion+5Jfh0O+Ui 4ZsRwltNoOfuIixRJDamDdBYKwLLtRHIXpX9li0UE/P+aWYcqg+RLeI+oboWVINm PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 154977124023541116827201644559918852673 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Houston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL.com RSA SSL subCA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-20 19:30:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-19 19:30:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'zenith-cb.ad.medallia.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24507717478175655945146842620136533437452655457773802042349157883570111774246509070082025354313816050888440399419897020347313227968553928942063094151913086209520209492446449694498588427509333637717885074003831816357820272201687524655253664151442701920436817804949678924271766243217692034527310074572945123697300959784233220311114709074114907633383922728640724293801443201738346950067415664642556412237858381437786341843943225741618864997156105440563718855655857606266392728344577930775813394852893509354466079673029510885807843302975874343893347871629147454971457590200688407595284500274018370054306614471280640091709 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26147ee0dcd7a6f7e2d40427df61f1c2ece732ca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.ssl.com/repository/SSLcom-SubCA-SSL-RSA-4096-R1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zenith-cb.ad.medallia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zenith-cb.ad.medallia.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.ssl.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/SSLcomRSASSLsubCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 71708fe56431ac0e7958e8ed276430adc4247b9c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000f8811328727478bafe7a95b831ae17d84ba6dabad33573524096c6fdfd7f297051db2915d64f052a65abdca88e78fdbff7710c1ee8bc963b323e5664975a81944eee0c6916f8947f373fc4eb63644d9dd09563d2b2e0e118b55767f5c09d81f6cf43254cf9d2dd87a07f47f17dc34e3781eaf050db975a5d96cf833553799f10bfe42f1600a17172c58e9c3a97ad00c73241cfff98077822380b74475ec8cb0654fa80dd2be3e69542161ec5c7b69e489b9dcf8829726133b88181d4446a7ed0c2b514071a984d9716c5905cb5d7ba23a2cf08547039a9107f52c267cbd2bddc2da7a0c479e19b095609fd1f1c449b95e736b95455284877946c6d5009b36d9bc2d90674d1cc646798fba79d85a75b72e2132b35acae7478c9754f52f6db7834bf00433aad9c73611ed53003869258c5fa939b6d39c4bb6931622275885d485471b832bac9e26e952b233a7a295371229abc551be9b3265027ee024381a6e9159235d6f2b1855218a570e6e52932fc06d75e6e3a65d045be17ea6134c83e4acdda9041d3b0f25a24948e34e2b5bb05deea1c24894edc2a43702554f56a3db457c8e0be32d4ff8de05a0abc210696f44ad640ccbd05b547fc1e8137cd5c3bf3a9610fa7fbfac0c627569a2bbb6931603934338edb394f11cfa4ea4147a35efd77ee45e00c6656d1ce16cb915d6a821e56594d54bc210bc3156a8b36cd9e8dc7d