imperva.com
Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1
About this certificate
This digital certificate with serial number 01:99:d1:21:95:67:cf:df:8e:d9:48:75:80:b9:f4:be was issued on by GlobalSign nv-sa.
With 28 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=imperva.com
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate will expire on
Certificate Details
Serial Number (hex): 01:99:d1:21:95:67:cf:df:8e:d9:48:75:80:b9:f4:beSerial Number (int): 2127891099516038146490661152736539838
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: a5:0c:65:52:6f:8c:db:8b:95:36:52:78:fe:32:cf:76:0e:a2:71:2c
AuthorityKeyId: 66:c0:c7:a3:9a:cd:fe:f3:ea:ce:4b:53:0b:61:5e:af:33:05:b3:e1
Fingerprint (sha1): 06:0b:d5:1f:de:b1:3e:9b:b0:de:d2:58:cc:3d:d9:5a:47:1a:71:ec
Fingerprint (sha256): 07:de:fa:62:71:36:eb:ac:3b:1e:91:d2:05:0b:b0:40:38:af:dd:8b:94:41:63:19:53:c6:93:b1:e0:41:41:12
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q1.crt
Revocation information
OCSP Server: http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2024q1CRL Distribution Point: http://crl.globalsign.com/ca/gsatlasr3dvtlsca2024q1.crl
Check the revocation status for certificate imperva.com
28
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for imperva.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cbdriver.com
menards.com
*.corporacionbi.com
www.kelvinretail.com
www.ingwe.ca
www.warrenkanders.com
elixirr.com
kelvinretail.com
warrenkanders.com
*.cbdriver.com
dev.secure.thedoctors.com
staging.callswithoutwalls.com
ingwe.ca
www.ericgoodlifejohnson.com
premierislandbrokerage.com
www.elixirr.com
imperva.com
debutart.com
www.ten-one.app
kompakt.fm
www.premierislandbrokerage.com
ten-one.app
www.kompakt.fm
*.menards.com
corporacionbi.com
ericgoodlifejohnson.com
www.debutart.com
extapps.childrenshospital.org
menards.com
*.corporacionbi.com
www.kelvinretail.com
www.ingwe.ca
www.warrenkanders.com
elixirr.com
kelvinretail.com
warrenkanders.com
*.cbdriver.com
dev.secure.thedoctors.com
staging.callswithoutwalls.com
ingwe.ca
www.ericgoodlifejohnson.com
premierislandbrokerage.com
www.elixirr.com
imperva.com
debutart.com
www.ten-one.app
kompakt.fm
www.premierislandbrokerage.com
ten-one.app
www.kompakt.fm
*.menards.com
corporacionbi.com
ericgoodlifejohnson.com
www.debutart.com
extapps.childrenshospital.org
Other certificates including the domain name imperva.com
(limited to 100 certificates)
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
incapsula.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
imperva.com
Certificate
The complete raw certificate details for imperva.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIbjCCB1agAwIBAgIQAZnRIZVnz9+O2Uh1gLn0vjANBgkqhkiG9w0BAQsFADBY MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEuMCwGA1UE AxMlR2xvYmFsU2lnbiBBdGxhcyBSMyBEViBUTFMgQ0EgMjAyNCBRMTAeFw0yNDAy MTIxODU1MzNaFw0yNDA4MTAxODU1MzNaMBYxFDASBgNVBAMMC2ltcGVydmEuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTmb7dL111NPcKauKGFk uaW7aa3DaFbcTctgjCCXXF1GlqzJJtEJbsRUzd41+ij9gj3EeN/SxOvOrcs5Wg5I pJPuGO5Is4r3Sv5HJPeqE2VpaaU4r1VQETnd56C4UhXx/N21mEvyc9VjIFMhLe96 IIXMaC3Kvp81aht1RntmzNqOCSiShKbrVywzzClNK81vE4h+N4Q67b2r1DuwLdyn vUQ5WOZlemhi1ue6Vn3g9XzpUHOTn5Q1c00WO087jVvn6Agsd0ss8J76F0idldVN qmnDnQD9d68VwUl+N+AefcB/9Ft7+RE71LH962s1JDpz+rnNz4XEiTkegF3y5gnF CQIDAQABo4IFdDCCBXAwggIpBgNVHREEggIgMIICHIIMY2Jkcml2ZXIuY29tggtt ZW5hcmRzLmNvbYITKi5jb3Jwb3JhY2lvbmJpLmNvbYIUd3d3LmtlbHZpbnJldGFp bC5jb22CDHd3dy5pbmd3ZS5jYYIVd3d3LndhcnJlbmthbmRlcnMuY29tggtlbGl4 aXJyLmNvbYIQa2VsdmlucmV0YWlsLmNvbYIRd2FycmVua2FuZGVycy5jb22CDiou Y2Jkcml2ZXIuY29tghlkZXYuc2VjdXJlLnRoZWRvY3RvcnMuY29tgh1zdGFnaW5n LmNhbGxzd2l0aG91dHdhbGxzLmNvbYIIaW5nd2UuY2GCG3d3dy5lcmljZ29vZGxp ZmVqb2huc29uLmNvbYIacHJlbWllcmlzbGFuZGJyb2tlcmFnZS5jb22CD3d3dy5l bGl4aXJyLmNvbYILaW1wZXJ2YS5jb22CDGRlYnV0YXJ0LmNvbYIPd3d3LnRlbi1v bmUuYXBwggprb21wYWt0LmZtgh53d3cucHJlbWllcmlzbGFuZGJyb2tlcmFnZS5j b22CC3Rlbi1vbmUuYXBwgg53d3cua29tcGFrdC5mbYINKi5tZW5hcmRzLmNvbYIR Y29ycG9yYWNpb25iaS5jb22CF2VyaWNnb29kbGlmZWpvaG5zb24uY29tghB3d3cu ZGVidXRhcnQuY29tgh1leHRhcHBzLmNoaWxkcmVuc2hvc3BpdGFsLm9yZzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud DgQWBBSlDGVSb4zbi5U2Unj+Ms92DqJxLDBXBgNVHSAEUDBOMAgGBmeBDAECATBC BgorBgEEAaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNp Z24uY29tL3JlcG9zaXRvcnkvMAwGA1UdEwEB/wQCMAAwgZ4GCCsGAQUFBwEBBIGR MIGOMEAGCCsGAQUFBzABhjRodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9jYS9n c2F0bGFzcjNkdnRsc2NhMjAyNHExMEoGCCsGAQUFBzAChj5odHRwOi8vc2VjdXJl Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2F0bGFzcjNkdnRsc2NhMjAyNHExLmNy dDAfBgNVHSMEGDAWgBRmwMejms3+8+rOS1MLYV6vMwWz4TBIBgNVHR8EQTA/MD2g O6A5hjdodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2NhL2dzYXRsYXNyM2R2dGxz Y2EyMDI0cTEuY3JsMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDuzdBk1dsa zsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAY2erMAuAAAEAwBHMEUCIGd1lruH 7Tgc8yGuhcq4A/qCmDHE8ykVWU+/+0qnH4GvAiEA9Qjip3qNj+8I9VnAYuHL5CJ6 VkkcJdAXPjdqVGFCUaUAdwA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7Phk bgAAAY2erMCBAAAEAwBIMEYCIQDwmKpryK4+dwHX080z8858hnuSkZgC/mvW52qJ 53IOugIhAPvx3NOZT1pgqKOXykOaEv5XIxq7uEI2ueWcfZMrp004AHUA2ra/az+1 tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGNnqzBIwAABAMARjBEAiA91HPi tc0tMvovS5lUCIAjmFFuNJ3UmeL2vYNB43SojAIgATLMviasSOLtpaYEX2PjZCos UYV50oA/r+kFX0KrsXowDQYJKoZIhvcNAQELBQADggEBAGbUruxGxYE5AOtaYqAf OMyHC6oyR6t/DGqD8uS76Zf91SplsilNIpF8O2pePaDHbyqGj5gDxFvkyzRzH6kB 1SfquHHOFaP8biFGqi/KfiNnIrcshxgxVkW4SPIhzuB9OSnTCTDMmyc8LlkJyPKy iW10NNryE/e3+CChgkoZ1KCye/gCHJuEO1oMpV1T75VNnlof3QHtaTWJiRsbVzZx l9cu3g8kS6t3+HHTwhyoQdW+ezsPoqOqO6a9AhWUzafSeVmKXL1IbCpilBAjS/oM g/Ko330j8ZzXEfrmZ+t8HKx2crrbRsyjR7kMy8i2wjqarFPqUef1peDRuUgkphZ/ b0M= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTmb7dL111NPcKauKGFk uaW7aa3DaFbcTctgjCCXXF1GlqzJJtEJbsRUzd41+ij9gj3EeN/SxOvOrcs5Wg5I pJPuGO5Is4r3Sv5HJPeqE2VpaaU4r1VQETnd56C4UhXx/N21mEvyc9VjIFMhLe96 IIXMaC3Kvp81aht1RntmzNqOCSiShKbrVywzzClNK81vE4h+N4Q67b2r1DuwLdyn vUQ5WOZlemhi1ue6Vn3g9XzpUHOTn5Q1c00WO087jVvn6Agsd0ss8J76F0idldVN qmnDnQD9d68VwUl+N+AefcB/9Ft7+RE71LH962s1JDpz+rnNz4XEiTkegF3y5gnF CQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2127891099516038146490661152736539838 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Atlas R3 DV TLS CA 2024 Q1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-12 18:55:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-10 18:55:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'imperva.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16313149445460905690141399151656060756904718517502110823388777702460578885795691135929259644314830628083766300861128140149993553215987507061362870036068991048705385913965622728955323640317095365089639073921344873088369922492435178366487253559060561622190287552938237671320302459413882189880730365106558866016627302860167634706150130770247670564438556743716251735127902454785883487658208434917822610931897087710926682635044212351760937177346364999672895867073106563289533509523775689170998051077395024506602136709845350142864576439599536227808401040672986998469534518667679308281238797316422203226544369633829986092297 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (544 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cbdriver.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'menards.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.corporacionbi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kelvinretail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ingwe.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.warrenkanders.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'elixirr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kelvinretail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'warrenkanders.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cbdriver.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.secure.thedoctors.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.callswithoutwalls.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingwe.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ericgoodlifejohnson.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'premierislandbrokerage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.elixirr.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imperva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'debutart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ten-one.app' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kompakt.fm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.premierislandbrokerage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ten-one.app' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kompakt.fm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.menards.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporacionbi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ericgoodlifejohnson.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.debutart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extapps.childrenshospital.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a50c65526f8cdb8b95365278fe32cf760ea2712c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.10.1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (145 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2024q1' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 66c0c7a39acdfef3eace4b530b615eaf3305b3e1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/ca/gsatlasr3dvtlsca2024q1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d9eacc02e00000403004730450220677596bb87ed381cf321ae85cab803fa829831c4f32915594fbffb4aa71f81af022100f508e2a77a8d8fef08f559c062e1cbe4227a56491c25d0173e376a54614251a50077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018d9eacc0810000040300483046022100f098aa6bc8ae3e7701d7d3cd33f3ce7c867b92919802fe6bd6e76a89e7720eba022100fbf1dcd3994f5a60a8a397ca439a12fe57231abbb84236b9e59c7d932ba74d38007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018d9eacc123000004030046304402203dd473e2b5cd2d32fa2f4b995408802398516e349dd499e2f6bd8341e374a88c02200132ccbe26ac48e2eda5a6045f63e3642a2c518579d2803fafe9055f42abb17a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0066d4aeec46c5813900eb5a62a01f38cc870baa3247ab7f0c6a83f2e4bbe997fdd52a65b2294d22917c3b6a5e3da0c76f2a868f9803c45be4cb34731fa901d527eab871ce15a3fc6e2146aa2fca7e236722b72c8718315645b848f221cee07d3929d30930cc9b273c2e5909c8f2b2896d7434daf213f7b7f820a1824a19d4a0b27bf8021c9b843b5a0ca55d53ef954d9e5a1fdd01ed693589891b1b57367197d72ede0f244bab77f871d3c21ca841d5be7b3b0fa2a3aa3ba6bd021594cda7d279598a5cbd486c2a629410234bfa0c83f2a8df7d23f19cd711fae667eb7c1cac7672badb46cca347b90ccbc8b6c23a9aac53ea51e7f5a5e0d1b94824a6167f6f43