q.ssl.shopify.com

- Shopify Inc. -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 0a:e5:43:f1:06:50:93:af:2d:13:c0:83:e8:40:3e:9c was issued on by DigiCert Inc.

With 124 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Shopify Inc.

Organization: Shopify Inc.
State / Province: Ontario
Locality: Ottawa
Country: CA

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:e5:43:f1:06:50:93:af:2d:13:c0:83:e8:40:3e:9c
Serial Number (int): 14482693955838566399393905684500201116
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: ea:60:64:23:f3:fd:6b:84:e8:cb:be:00:1e:f1:3b:2f:2d:16:65:ba
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): 88:f9:f2:9e:2d:36:ac:6b:d8:a8:03:d1:cb:8f:9d:4e:cf:67:3d:74
Fingerprint (sha256): 07:fe:75:42:32:ed:21:c0:5a:ad:42:35:b7:8b:cf:ec:df:c8:f1:61:97:3b:84:7f:66:e0:71:c5:c7:a3:b8:f7

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl

Check the revocation status for certificate q.ssl.shopify.com

124

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for q.ssl.shopify.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

q.ssl.shopify.com
www.siobeauty.com
www.bushofficialmerch.com
us.light.co
checkout.fanprint.com
www.cobbler-union.eu
www.truegloryhair.net
store.shopbottools.com
store.handibot.com
www.artizara.com
www.bonjoviofficialmerch.com
www.janesaddictionofficialmerch.com
www.nolanacarroll.com
checkout.nzxt.com
www.maria-black.dk
www.maria-black.com
www.maria-black.uk
www.luggageguy.com
www.trafalgarstore.com
www.paolocostagli.com
www.melimelo.com
us.melimelo.com
store.halftheanimal.com
ukstore.thehivesbroadcastingservice.com
store.thehivesbroadcastingservice.com
store.awolnationmusic.com
www.excisionmerch.com
www.getoutdoorsstore.com
usa.miista.com
www.electricfamily.com
www.thehealthfoodstore.com
www.oseamalibu.com
www.ecinewyork.com
www.minbie.com.au
www.minbie.com
www.minbie.co.uk
www.ryu.com
ca.ryu.com
www.jncojeans.com
shop.trump2016.com
new.fanprint.com
www.firsttactical.co.uk
us.gymshark.com
uk.gymshark.com
eu.gymshark.com
row.gymshark.com
no.gymshark.com
se.gymshark.com
fi.gymshark.com
dk.gymshark.com
www.asmarequestrian.com
www.noelasmar.com
www.dudegadgets.com
running-tings-shop.palaceskateboards.com
www.shopzenger.com
shop.pinchapenny.com
www.hellotix.com
www.miraclenoodle.de
store.minipakr.com
store.fpintl.com
www.hellofrontrow.co.uk
seattlefire.firsttactical.com
www.wildernessfamilynaturals.com
www.hickies.de
staging.harrisfarm.com.au
www.nicelaundry.com
www.reynspooner.com
www.ronniecoleman.net
store.esc13.net
www.elyxboutique.com
www.accessoryconcierge.com
www.pikeplacefish.com
www.cnc1971.com
pro.cnc1971.com
www.cnc1971.ca
www.lemyn.com
www.lemyn.ca
www.gadgetgear.fr
www.mobicity.co.uk
www.mobi-city.es
www.onedigitals.nl
www.mobicity.it
www.venturedirect.co.uk
www.onedigitals.at
www.onedigitals.com
www.onedigitals.de
www.onedigitals.ru
www.shoparchipelago.com
www.kvgsupply.com
shop.onpurple.com
www.thesurvivalistdepot.com
www.proteinmilkshakebar.com
www.the-citizenry.com
www.sleefs.com
www.chive.com
www.groundzeroprecision.com
www.ginseng.life
www.sentaifilmworks.com
www.localvape.com
www.fanauthentics.com
www.catalystlifestyle.com
checkout.tonicliving.com
www.mariashireen.com
get.whoop.com
www.ecoflower.com
www.stevenbrownart.co.uk
www.fitjoynutrition.com
www.bodyfab.com
www.bulova.com
checkout.cruisersup.com
www.evermarker.com
www.sommerswim.com
www.paiskincare.us
www.paiskincare.ie
www.paiskincare.fr
www.paiskincare.de
www.paiskincare.hk
www.barbellapparel.com
store.getqardio.com
shop.varsity.com
www.birdwell.com
checkout.fitjoynutrition.com
www.scotchporter.com
www.shopcatimini.com

Other certificates including the domain name shopify.com

(limited to 100 certificates)
f4.shared.global.fastly.net
zh.shopify.com
ingress-imagery-us-central1-2.shopifycloud.com
statuspage.io
themes.shopify.com
l.ssl.shopify.com
merchandise.shopify.com
events.shopify.com
press.shopify.com
statuspage.io
dns-vetting1-jeffg-noah.map.fastly.net
statuspage.io
shopify-app-store.shopifycloud.com
o.ssl.shopify.com
statuspage.io
brochure2-staging12.shopifycloud.com
plusinfo.shopify.com
status.3dcart.com
savage-sign-on.shopifycloud.com
accounts.shopify.com
investor.shopify.com
meetups.shopify.com
shopify.com
linkpop.com
chat.shopify.com
commerceplus.shopify.com
marketplace.shopify.com
next.shopify.com
shopify-classifieds.shopifycloud.com
ir.shopify.com
ssl.shopify.com
marketplace.shopify.com
store.shopify.com
secure03.lithium.com
dev.shopify.com
somethingorother.shopify.com
commerceplus.shopify.com
pins.shopify.com
statuspage.io
ssl.cdngc.net
sourcing-admin.shopify.com
cardreader.shopify.com
www.shopify.com
www.shopify.com
secure03.stage.lithium.com
p.ssl.shopify.com
pointofsale.shopify.com
bourgeois.shopifycloud.com
unicorn.shopify.com
upcoming12.shopify.com
sl.shopify.com
tashboard.shopify.com
growthcenter.shopify.com
secure03.stage.lithium.com
statuspage.io
*.b.ssl.fastly.net
gtm.shopify.com
secure03.lithium.com
statuspage.io
analytics.shopify.com
collabs.shopify.com
unite-registration.shopify.com
photos.shopify.com
data-portal.shopifycloud.com
merch.shopify.com
plusacademy.shopify.com
www.shopify.com
shopify-plus-meet-up.shopify.com
collabs.shopify.com
statuspage.io
privacy.shopify.com
r.ssl.fastly.net
counter.shopify.com
shopify-app-store.shopifycloud.com
statuspage.io
statuspage.io
b.ssl.shopify.com
statuspage.io
shopify-app-store-staging.shopifycloud.com
sfn.shopify.com
growthcenter.shopify.com
bcs.shopify.com
statuspage.io
smiley-staging.shopify.com
secure03.lithium.com
statuspage.io
hardware.shopify.com
upcoming-pizx.shopify.com
shopify-classifieds.shopifycloud.com
ny.shopify.com
pursuit.shopify.com
cardreader-giveaway.shopifycloud.com
auth.data.shopify.com
hardware.shopify.com
statuspage.io
ssl.shopify.com
events.shopify.com
unite.shopify.com
linkpop.shopify.com
upcoming9.shopify.com

Certificate

The complete raw certificate details for q.ssl.shopify.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIPojCCDoqgAwIBAgIQCuVD8QZQk68tE8CD6EA+nDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNjA2MjEwMDAwMDBaFw0xNzA2MjYxMjAwMDBa
MGMxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRh
d2ExFTATBgNVBAoTDFNob3BpZnkgSW5jLjEaMBgGA1UEAxMRcS5zc2wuc2hvcGlm
eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC45mq4kDQaM8jW
BCUMClkOQ/kzE3SMUqqTADIx3VN8NvobJtv1YBZN2JiMcjTUw9PgpmoDKnwHEGqd
Wd34eLvTG5GE0foLAl6AfavoxH+ToybKBEpzMrjoDakgG4oLjbVPJBpapKfxNtAc
KrexK3TfTFGdDZNR35/4k9iAEfec0+kGFSBmPBs+5ud9pHHlD4dxc4zCEfockvPZ
nMoZH05mPZrUj6tLHS05WRZmR4jkuQ07iR6h1czmHEu8XyjoUY83y/wZU9Qe4NDx
jCBAsze2ewn79lTPEGUooVQYqd7YiNE/d6QYsQsEbr8tDfO3ix3GZUzQ3luXrnOK
1lJEf7FLAgMBAAGjggxDMIIMPzAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqIS
uFlyOzAdBgNVHQ4EFgQU6mBkI/P9a4Toy74AHvE7Ly0WZbowggpzBgNVHREEggpq
MIIKZoIRcS5zc2wuc2hvcGlmeS5jb22CEXd3dy5zaW9iZWF1dHkuY29tghl3d3cu
YnVzaG9mZmljaWFsbWVyY2guY29tggt1cy5saWdodC5jb4IVY2hlY2tvdXQuZmFu
cHJpbnQuY29tghR3d3cuY29iYmxlci11bmlvbi5ldYIVd3d3LnRydWVnbG9yeWhh
aXIubmV0ghZzdG9yZS5zaG9wYm90dG9vbHMuY29tghJzdG9yZS5oYW5kaWJvdC5j
b22CEHd3dy5hcnRpemFyYS5jb22CHHd3dy5ib25qb3Zpb2ZmaWNpYWxtZXJjaC5j
b22CI3d3dy5qYW5lc2FkZGljdGlvbm9mZmljaWFsbWVyY2guY29tghV3d3cubm9s
YW5hY2Fycm9sbC5jb22CEWNoZWNrb3V0Lm56eHQuY29tghJ3d3cubWFyaWEtYmxh
Y2suZGuCE3d3dy5tYXJpYS1ibGFjay5jb22CEnd3dy5tYXJpYS1ibGFjay51a4IS
d3d3Lmx1Z2dhZ2VndXkuY29tghZ3d3cudHJhZmFsZ2Fyc3RvcmUuY29tghV3d3cu
cGFvbG9jb3N0YWdsaS5jb22CEHd3dy5tZWxpbWVsby5jb22CD3VzLm1lbGltZWxv
LmNvbYIXc3RvcmUuaGFsZnRoZWFuaW1hbC5jb22CJ3Vrc3RvcmUudGhlaGl2ZXNi
cm9hZGNhc3RpbmdzZXJ2aWNlLmNvbYIlc3RvcmUudGhlaGl2ZXNicm9hZGNhc3Rp
bmdzZXJ2aWNlLmNvbYIZc3RvcmUuYXdvbG5hdGlvbm11c2ljLmNvbYIVd3d3LmV4
Y2lzaW9ubWVyY2guY29tghh3d3cuZ2V0b3V0ZG9vcnNzdG9yZS5jb22CDnVzYS5t
aWlzdGEuY29tghZ3d3cuZWxlY3RyaWNmYW1pbHkuY29tghp3d3cudGhlaGVhbHRo
Zm9vZHN0b3JlLmNvbYISd3d3Lm9zZWFtYWxpYnUuY29tghJ3d3cuZWNpbmV3eW9y
ay5jb22CEXd3dy5taW5iaWUuY29tLmF1gg53d3cubWluYmllLmNvbYIQd3d3Lm1p
bmJpZS5jby51a4ILd3d3LnJ5dS5jb22CCmNhLnJ5dS5jb22CEXd3dy5qbmNvamVh
bnMuY29tghJzaG9wLnRydW1wMjAxNi5jb22CEG5ldy5mYW5wcmludC5jb22CF3d3
dy5maXJzdHRhY3RpY2FsLmNvLnVrgg91cy5neW1zaGFyay5jb22CD3VrLmd5bXNo
YXJrLmNvbYIPZXUuZ3ltc2hhcmsuY29tghByb3cuZ3ltc2hhcmsuY29tgg9uby5n
eW1zaGFyay5jb22CD3NlLmd5bXNoYXJrLmNvbYIPZmkuZ3ltc2hhcmsuY29tgg9k
ay5neW1zaGFyay5jb22CF3d3dy5hc21hcmVxdWVzdHJpYW4uY29tghF3d3cubm9l
bGFzbWFyLmNvbYITd3d3LmR1ZGVnYWRnZXRzLmNvbYIocnVubmluZy10aW5ncy1z
aG9wLnBhbGFjZXNrYXRlYm9hcmRzLmNvbYISd3d3LnNob3B6ZW5nZXIuY29tghRz
aG9wLnBpbmNoYXBlbm55LmNvbYIQd3d3LmhlbGxvdGl4LmNvbYIUd3d3Lm1pcmFj
bGVub29kbGUuZGWCEnN0b3JlLm1pbmlwYWtyLmNvbYIQc3RvcmUuZnBpbnRsLmNv
bYIXd3d3LmhlbGxvZnJvbnRyb3cuY28udWuCHXNlYXR0bGVmaXJlLmZpcnN0dGFj
dGljYWwuY29tgiB3d3cud2lsZGVybmVzc2ZhbWlseW5hdHVyYWxzLmNvbYIOd3d3
LmhpY2tpZXMuZGWCGXN0YWdpbmcuaGFycmlzZmFybS5jb20uYXWCE3d3dy5uaWNl
bGF1bmRyeS5jb22CE3d3dy5yZXluc3Bvb25lci5jb22CFXd3dy5yb25uaWVjb2xl
bWFuLm5ldIIPc3RvcmUuZXNjMTMubmV0ghR3d3cuZWx5eGJvdXRpcXVlLmNvbYIa
d3d3LmFjY2Vzc29yeWNvbmNpZXJnZS5jb22CFXd3dy5waWtlcGxhY2VmaXNoLmNv
bYIPd3d3LmNuYzE5NzEuY29tgg9wcm8uY25jMTk3MS5jb22CDnd3dy5jbmMxOTcx
LmNhgg13d3cubGVteW4uY29tggx3d3cubGVteW4uY2GCEXd3dy5nYWRnZXRnZWFy
LmZyghJ3d3cubW9iaWNpdHkuY28udWuCEHd3dy5tb2JpLWNpdHkuZXOCEnd3dy5v
bmVkaWdpdGFscy5ubIIPd3d3Lm1vYmljaXR5Lml0ghd3d3cudmVudHVyZWRpcmVj
dC5jby51a4ISd3d3Lm9uZWRpZ2l0YWxzLmF0ghN3d3cub25lZGlnaXRhbHMuY29t
ghJ3d3cub25lZGlnaXRhbHMuZGWCEnd3dy5vbmVkaWdpdGFscy5ydYIXd3d3LnNo
b3BhcmNoaXBlbGFnby5jb22CEXd3dy5rdmdzdXBwbHkuY29tghFzaG9wLm9ucHVy
cGxlLmNvbYIbd3d3LnRoZXN1cnZpdmFsaXN0ZGVwb3QuY29tght3d3cucHJvdGVp
bm1pbGtzaGFrZWJhci5jb22CFXd3dy50aGUtY2l0aXplbnJ5LmNvbYIOd3d3LnNs
ZWVmcy5jb22CDXd3dy5jaGl2ZS5jb22CG3d3dy5ncm91bmR6ZXJvcHJlY2lzaW9u
LmNvbYIQd3d3LmdpbnNlbmcubGlmZYIXd3d3LnNlbnRhaWZpbG13b3Jrcy5jb22C
EXd3dy5sb2NhbHZhcGUuY29tghV3d3cuZmFuYXV0aGVudGljcy5jb22CGXd3dy5j
YXRhbHlzdGxpZmVzdHlsZS5jb22CGGNoZWNrb3V0LnRvbmljbGl2aW5nLmNvbYIU
d3d3Lm1hcmlhc2hpcmVlbi5jb22CDWdldC53aG9vcC5jb22CEXd3dy5lY29mbG93
ZXIuY29tghh3d3cuc3RldmVuYnJvd25hcnQuY28udWuCF3d3dy5maXRqb3ludXRy
aXRpb24uY29tgg93d3cuYm9keWZhYi5jb22CDnd3dy5idWxvdmEuY29tghdjaGVj
a291dC5jcnVpc2Vyc3VwLmNvbYISd3d3LmV2ZXJtYXJrZXIuY29tghJ3d3cuc29t
bWVyc3dpbS5jb22CEnd3dy5wYWlza2luY2FyZS51c4ISd3d3LnBhaXNraW5jYXJl
LmllghJ3d3cucGFpc2tpbmNhcmUuZnKCEnd3dy5wYWlza2luY2FyZS5kZYISd3d3
LnBhaXNraW5jYXJlLmhrghZ3d3cuYmFyYmVsbGFwcGFyZWwuY29tghNzdG9yZS5n
ZXRxYXJkaW8uY29tghBzaG9wLnZhcnNpdHkuY29tghB3d3cuYmlyZHdlbGwuY29t
ghxjaGVja291dC5maXRqb3ludXRyaXRpb24uY29tghR3d3cuc2NvdGNocG9ydGVy
LmNvbYIUd3d3LnNob3BjYXRpbWluaS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRw
Oi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzUuY3JsMDSgMqAw
hi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzUuY3Js
MEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3MHUw
JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcw
AoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hB
c3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsF
AAOCAQEAT2gRe2N03BldMlDlMy22VWVeyKz8uMDtDs+1LSNsRF3eez+BdDN4g9Ov
4RaRW6Wlb6mlWlr+1AxDl7vGSHdKQh0dg+sol2T8ADJCNSUW8qFqP1eCbzb7HB9F
bbd0Rt9GxvyyRjOsTCseEyaFKaFdgPuS8ptSKhuAwVB9FMS41NSKJ65CcYKzm59r
xktoQgKOEN8m3UzW98uOg9MbpTij9SlTwmeyV5hO6eaB1mwAGehSOwInj6nL03Ll
KmltHhtOBu4b/sh2mf/a/snrkdX4oHtA9oPsTA6rcdaaGcR8NxIudjs+YiVI7QIm
kQPFJmyDFvR6moiM48MoDtQ6Bhfytg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOZquJA0GjPI1gQlDApZ
DkP5MxN0jFKqkwAyMd1TfDb6Gybb9WAWTdiYjHI01MPT4KZqAyp8BxBqnVnd+Hi7
0xuRhNH6CwJegH2r6MR/k6MmygRKczK46A2pIBuKC421TyQaWqSn8TbQHCq3sSt0
30xRnQ2TUd+f+JPYgBH3nNPpBhUgZjwbPubnfaRx5Q+HcXOMwhH6HJLz2ZzKGR9O
Zj2a1I+rSx0tOVkWZkeI5LkNO4keodXM5hxLvF8o6FGPN8v8GVPUHuDQ8YwgQLM3
tnsJ+/ZUzxBlKKFUGKne2IjRP3ekGLELBG6/LQ3zt4sdxmVM0N5bl65zitZSRH+x
SwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14482693955838566399393905684500201116
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-26 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ottawa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Shopify Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'q.ssl.shopify.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23341470911427527505295213585071057771876439979162241140469137109003493997499168693099330912318823117561493217407646324903567350069214522643623319166467153458533245065594498877349824313926730319038038455612103571617311060769947838396037954769428139727949335983406613720531879848654193587531519112171383810477194440132934087564178876673933191247317218865630998709399339116232931354404214038714523111540765514931559962002947428622442158114163112636505114898822385187724284977591762903406306606096843604722714952088827947787167463200169163234695009403797711420550582094796079183572800392921455952017702403143128764625227
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ea606423f3fd6b84e8cbbe001ef13b2f2d1665ba
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2666 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'q.ssl.shopify.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.siobeauty.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bushofficialmerch.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.light.co'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkout.fanprint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cobbler-union.eu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.truegloryhair.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.shopbottools.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.handibot.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.artizara.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bonjoviofficialmerch.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.janesaddictionofficialmerch.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nolanacarroll.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkout.nzxt.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maria-black.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maria-black.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maria-black.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.luggageguy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.trafalgarstore.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paolocostagli.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.melimelo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.melimelo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.halftheanimal.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ukstore.thehivesbroadcastingservice.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.thehivesbroadcastingservice.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.awolnationmusic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.excisionmerch.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.getoutdoorsstore.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usa.miista.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.electricfamily.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thehealthfoodstore.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oseamalibu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ecinewyork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.minbie.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.minbie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.minbie.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ryu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ca.ryu.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jncojeans.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.trump2016.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'new.fanprint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.firsttactical.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uk.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eu.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'row.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'no.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'se.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fi.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dk.gymshark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.asmarequestrian.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.noelasmar.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dudegadgets.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'running-tings-shop.palaceskateboards.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shopzenger.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.pinchapenny.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hellotix.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.miraclenoodle.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.minipakr.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.fpintl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hellofrontrow.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seattlefire.firsttactical.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wildernessfamilynaturals.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hickies.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.harrisfarm.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nicelaundry.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.reynspooner.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ronniecoleman.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.esc13.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.elyxboutique.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.accessoryconcierge.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pikeplacefish.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cnc1971.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pro.cnc1971.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cnc1971.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lemyn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lemyn.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gadgetgear.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mobicity.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mobi-city.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onedigitals.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mobicity.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.venturedirect.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onedigitals.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onedigitals.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onedigitals.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onedigitals.ru'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shoparchipelago.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kvgsupply.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.onpurple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thesurvivalistdepot.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.proteinmilkshakebar.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.the-citizenry.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sleefs.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.chive.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.groundzeroprecision.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ginseng.life'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sentaifilmworks.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.localvape.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fanauthentics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.catalystlifestyle.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkout.tonicliving.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mariashireen.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'get.whoop.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ecoflower.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stevenbrownart.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fitjoynutrition.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bodyfab.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bulova.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkout.cruisersup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.evermarker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sommerswim.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paiskincare.us'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paiskincare.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paiskincare.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paiskincare.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.paiskincare.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.barbellapparel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.getqardio.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.varsity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.birdwell.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checkout.fitjoynutrition.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.scotchporter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.shopcatimini.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004f68117b6374dc195d3250e5332db655655ec8acfcb8c0ed0ecfb52d236c445dde7b3f8174337883d3afe116915ba5a56fa9a55a5afed40c4397bbc648774a421d1d83eb289764fc003242352516f2a16a3f57826f36fb1c1f456db77446df46c6fcb24633ac4c2b1e13268529a15d80fb92f29b522a1b80c1507d14c4b8d4d48a27ae427182b39b9f6bc64b6842028e10df26dd4cd6f7cb8e83d31ba538a3f52953c267b257984ee9e681d66c0019e8523b02278fa9cbd372e52a696d1e1b4e06ee1bfec87699ffdafec9eb91d5f8a07b40f683ec4c0eab71d69a19c47c37122e763b3e622548ed02269103c5266c8316f47a9a888ce3c3280ed43a0617f2b6