personalizedgems.zales.com
- Signet Group Services US Inc -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 01:c1:f0:d7:0c:7b:88:28:11:eb:04:f5:ac:68:0f:28 was issued on by Sectigo Limited.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Signet Group Services US Inc
Organization:
Signet Group Services US Inc
State / Province:
Ohio
Country: US
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 01:c1:f0:d7:0c:7b:88:28:11:eb:04:f5:ac:68:0f:28Serial Number (int): 2336226105705115547615827408772927272
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 9a:1c:a2:29:5b:59:90:99:68:87:c5:f7:58:ee:a8:6c:3d:82:78:b6
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): d5:7d:84:cd:a9:c7:01:2b:4e:59:d5:e1:d6:a6:3d:2a:89:ed:55:3e
Fingerprint (sha256): 08:1b:72:b7:e8:2f:36:2a:7c:e9:da:07:31:e8:fe:55:f9:6e:21:d3:ca:45:87:8c:ee:4e:5b:1d:96:54:06:35
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate personalizedgems.zales.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for personalizedgems.zales.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
personalizedgems.zales.com
personalizedgems.banter.com
personalizedgems.pagoda.com
personalizedgems.peoplesjewellers.com
personalizedgems.zalesoutlet.com
personalizedgems.banter.com
personalizedgems.pagoda.com
personalizedgems.peoplesjewellers.com
personalizedgems.zalesoutlet.com
Other certificates including the domain name zales.com
(limited to 100 certificates)
createyourown.zales.com
link.zales.com
m.zales.com
uat1-dc.gordonsjewelers.com
dev-configurator.azurejewelryinc.com
test.kay.com
events.biggestfantour.com
jewelersservices.zales.com
createyourown.zales.com
credithub-test.azusnc-test.jewels.com
smetrics.zales.com
storeinventorytest.zales.com
personalizedgems.zales.com
storeinventorytest.zales.com
events.biggestfantour.com
m.zales.com
smetrics.zales.com
www.kay.com
www.zales.com
configurator.azurejewelryinc.com
bridal.zales.com
suncor.zales.com
link.zales.com
m.zales.com
www.kay.com
em.zales.com
createyourown.zales.com
cbirings.zales.com
persona.zales.com
sni12701gl.wpc.edgecastcdn.net
suncor.zales.com
jewelcreator.zales.com
dev-configurator.azurejewelryinc.com
test.kay.com
www.zales.com
*.zales.com
smetrics.zales.com
www.zales.com
mbm.zales.com
creditservices.zales.com
storeinventorytest.zales.com
stores.zales.com
dc.gordonsjewelers.com
fashion.kay.com
dev-configurator.azurejewelryinc.com
www.zales.com
zalesqa.cbi-rings.com
dev-ccchat.zales.com
storeinventorynew.zales.com
wonderjewel.zales.com
www.kay.com
www.kay.com
wvw.zales.com
uat1-dc.gordonsjewelers.com
hampden.zales.com
test.kay.com
configurator.azurejewelryinc.com
smetrics.zales.com
ibb.zales.com
dev-configurator.azurejewelryinc.com
dev-configurator.azurejewelryinc.com
test.kay.com
mbm.zales.com
storiesofhope.zales.com
*.zales.com
www.zales.com
jewelers.services
stores.zales.com
ibb.zales.com
configurator.azurejewelryinc.com
test.kay.com
www.kay.com
mbm.zales.com
www.zales.com
dtm.zales.com
dev-configurator.azurejewelryinc.com
personalizedgems.zales.com
dev-configurator.azurejewelryinc.com
cbirings.zales.com
images.zales.com
sni12ff4gl.wpc.edgecastcdn.net
www.kay.com
ibb.zales.com
jewelcreator.zales.com
www.kay.com
www.zales.com
sni12979gl.wpc.edgecastcdn.net
www.kay.com
prd-ccchat.zales.com
www.kay.com
dev-configurator.azurejewelryinc.com
origingreen.zales.com
*.artcarved.zales.com
sni13040gl.wpc.edgecastcdn.net
sni130e2gl.wpc.edgecastcdn.net
test.kay.com
jsorigin.zales.com
e.zales.com
m.zales.com
personalizedgems.zales.com
link.zales.com
m.zales.com
uat1-dc.gordonsjewelers.com
dev-configurator.azurejewelryinc.com
test.kay.com
events.biggestfantour.com
jewelersservices.zales.com
createyourown.zales.com
credithub-test.azusnc-test.jewels.com
smetrics.zales.com
storeinventorytest.zales.com
personalizedgems.zales.com
storeinventorytest.zales.com
events.biggestfantour.com
m.zales.com
smetrics.zales.com
www.kay.com
www.zales.com
configurator.azurejewelryinc.com
bridal.zales.com
suncor.zales.com
link.zales.com
m.zales.com
www.kay.com
em.zales.com
createyourown.zales.com
cbirings.zales.com
persona.zales.com
sni12701gl.wpc.edgecastcdn.net
suncor.zales.com
jewelcreator.zales.com
dev-configurator.azurejewelryinc.com
test.kay.com
www.zales.com
*.zales.com
smetrics.zales.com
www.zales.com
mbm.zales.com
creditservices.zales.com
storeinventorytest.zales.com
stores.zales.com
dc.gordonsjewelers.com
fashion.kay.com
dev-configurator.azurejewelryinc.com
www.zales.com
zalesqa.cbi-rings.com
dev-ccchat.zales.com
storeinventorynew.zales.com
wonderjewel.zales.com
www.kay.com
www.kay.com
wvw.zales.com
uat1-dc.gordonsjewelers.com
hampden.zales.com
test.kay.com
configurator.azurejewelryinc.com
smetrics.zales.com
ibb.zales.com
dev-configurator.azurejewelryinc.com
dev-configurator.azurejewelryinc.com
test.kay.com
mbm.zales.com
storiesofhope.zales.com
*.zales.com
www.zales.com
jewelers.services
stores.zales.com
ibb.zales.com
configurator.azurejewelryinc.com
test.kay.com
www.kay.com
mbm.zales.com
www.zales.com
dtm.zales.com
dev-configurator.azurejewelryinc.com
personalizedgems.zales.com
dev-configurator.azurejewelryinc.com
cbirings.zales.com
images.zales.com
sni12ff4gl.wpc.edgecastcdn.net
www.kay.com
ibb.zales.com
jewelcreator.zales.com
www.kay.com
www.zales.com
sni12979gl.wpc.edgecastcdn.net
www.kay.com
prd-ccchat.zales.com
www.kay.com
dev-configurator.azurejewelryinc.com
origingreen.zales.com
*.artcarved.zales.com
sni13040gl.wpc.edgecastcdn.net
sni130e2gl.wpc.edgecastcdn.net
test.kay.com
jsorigin.zales.com
e.zales.com
m.zales.com
personalizedgems.zales.com
Certificate
The complete raw certificate details for personalizedgems.zales.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHAjCCBeqgAwIBAgIQAcHw1wx7iCgR6wT1rGgPKDANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTI0MDYxMzAwMDAwMFoXDTI1MDcxMzIzNTk1OVowaDELMAkGA1UE BhMCVVMxDTALBgNVBAgTBE9oaW8xJTAjBgNVBAoTHFNpZ25ldCBHcm91cCBTZXJ2 aWNlcyBVUyBJbmMxIzAhBgNVBAMTGnBlcnNvbmFsaXplZGdlbXMuemFsZXMuY29t MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwODyI+8x+KBreKJ8hazs 31EGrRn448sbanzZa5bHbmKZcZq+tDk1T596IZ4GNP3yuYv/JpAq+cDuJBCYSdMY YAdB0hRj21tKzxbNVldiqRhRUYhg4k1NiEVjxRlXEjTStf0DGLjDvNu6R5h+u9Fo lU8sh/RHpNgOyeNbhWmcXIR66uA/nF2T2IYUOIp4nQTepeGF/JCue5lFG59HFnRj ebhV/uYPQpGeGIO9AYMiNdJL1yqtWckpn2wIhAtSoaWxaZa8YZZZTRU9UojSJbxl TEIoPuJhhsUB+CsVjpesut9F+y+VVyVvfb7lhEewUmQ7ZVkmvlcDoGnaHZA7LZQH x1ye/JXfjafLTbUxhFNHVc2kaxcnyzJ0qZO+DGdD9OrtadbjQjc1x67rr83/Yt2V F3zZzVLlKZzhqfFXhV42o+lWdyJbCYcPBW+URyl6k7w0QxlW9zt8YaZ8rj7Nc4M3 VwHlj907VcWE6SzErPFDSjEkoeiMXp2UoqjBduc8AhnISz+A8/OoXLotQsD7EJVY 99M0LLodFEuzkE+44fgbu1Zw2PmrrWWogQLV54KNz2vNRp0nQYT9unRpzIArOMyl gTOTmjOVkRvy0vhxMH4gUypnaryCvaG7Ah+sr4L9ec3x9I0s5OKbuaX+BNn8gqXM oaYhg/5NmsoP/6gmy2Ffr50CAwEAAaOCAngwggJ0MB8GA1UdIwQYMBaAFBfZ1iUn Z/kxwklD2TA2RIxsqU/rMB0GA1UdDgQWBBSaHKIpW1mQmWiHxfdY7qhsPYJ4tjAO BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEF BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRT MFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2Fu aXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEB BH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdv UlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggr BgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wEwYKKwYBBAHWeQIEAwEB /wQCBQAwgaoGA1UdEQSBojCBn4IacGVyc29uYWxpemVkZ2Vtcy56YWxlcy5jb22C G3BlcnNvbmFsaXplZGdlbXMuYmFudGVyLmNvbYIbcGVyc29uYWxpemVkZ2Vtcy5w YWdvZGEuY29tgiVwZXJzb25hbGl6ZWRnZW1zLnBlb3BsZXNqZXdlbGxlcnMuY29t giBwZXJzb25hbGl6ZWRnZW1zLnphbGVzb3V0bGV0LmNvbTANBgkqhkiG9w0BAQsF AAOCAQEAd44CfebVxsUYZGfy/4UDB3vwAvN7ZuZNomXIQF9F4Vygkj2LtgoBkKel m1pmaMUfmjbgEVzJoP18gm0Qdhl1P8uQQGqA/2fb3GkWjfpeXnunHlWcF44h/zot I0peO0rf1wTqTtrTij/BTTepHxhv1bs7w3bqu/J87wXKbFhVGPdZaXEztNXisEGX lh6MCkuYcP/s13gdk9M5OrHUZt9d33HJsZJlknEyHvfj0RAyexxMuacJlB+xNH0Q JiATF2NRm9TI+Bg2xBADP3xuYQrThvHObrQgG0jGc2dj5rLaiS3R854TQBFTx7T4 tvyhqjfpjHH4bBScY06PX/mvDf6nCw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwODyI+8x+KBreKJ8hazs 31EGrRn448sbanzZa5bHbmKZcZq+tDk1T596IZ4GNP3yuYv/JpAq+cDuJBCYSdMY YAdB0hRj21tKzxbNVldiqRhRUYhg4k1NiEVjxRlXEjTStf0DGLjDvNu6R5h+u9Fo lU8sh/RHpNgOyeNbhWmcXIR66uA/nF2T2IYUOIp4nQTepeGF/JCue5lFG59HFnRj ebhV/uYPQpGeGIO9AYMiNdJL1yqtWckpn2wIhAtSoaWxaZa8YZZZTRU9UojSJbxl TEIoPuJhhsUB+CsVjpesut9F+y+VVyVvfb7lhEewUmQ7ZVkmvlcDoGnaHZA7LZQH x1ye/JXfjafLTbUxhFNHVc2kaxcnyzJ0qZO+DGdD9OrtadbjQjc1x67rr83/Yt2V F3zZzVLlKZzhqfFXhV42o+lWdyJbCYcPBW+URyl6k7w0QxlW9zt8YaZ8rj7Nc4M3 VwHlj907VcWE6SzErPFDSjEkoeiMXp2UoqjBduc8AhnISz+A8/OoXLotQsD7EJVY 99M0LLodFEuzkE+44fgbu1Zw2PmrrWWogQLV54KNz2vNRp0nQYT9unRpzIArOMyl gTOTmjOVkRvy0vhxMH4gUypnaryCvaG7Ah+sr4L9ec3x9I0s5OKbuaX+BNn8gqXM oaYhg/5NmsoP/6gmy2Ffr50CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2336226105705115547615827408772927272 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ohio' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Signet Group Services US Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'personalizedgems.zales.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 786876422961030885447881222176792043036868291018579319842818942537322657406094259956041193439026861755573093087498024955603442002297581741120168157995081993297637904477395983900452749606266157521866046474761046671837586295000541080433011614490404103268747716236223753422290992714039255755375251692650953026275647251207959648712975874003668899789699938039899563026439212817326102685920055909068286723489898301148866393171770923736139138464180087182479219137567927356990292675827034807071364222722887620519360898636544296344565173134326897228806713271238028952415408134464837321123795545377695438854013276228501352555888459215399402409754443522033132382227786540050771187536393475807135304907011707776362593442455436117447268581461875521102537528952853900311305654370770694071844828165576391696366412550730287753221342081471333735685361492380181328732436784831455320733995635533887249531740881164224446027334419544421314846768369795705821408995135656505204580693071909706771188690797680401736388607215075265914053402593870241231391346800197161148321846584749391499083320911073804959089865631823481379348895340098007575455498673329281525616674875691889707996251758383919294557747910807852325621929616253037495927689107832283213932244893 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9a1ca2295b5990996887c5f758eea86c3d8278b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (162 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'personalizedgems.zales.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'personalizedgems.banter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'personalizedgems.pagoda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'personalizedgems.peoplesjewellers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'personalizedgems.zalesoutlet.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00778e027de6d5c6c5186467f2ff8503077bf002f37b66e64da265c8405f45e15ca0923d8bb60a0190a7a59b5a6668c51f9a36e0115cc9a0fd7c826d107619753fcb90406a80ff67dbdc69168dfa5e5e7ba71e559c178e21ff3a2d234a5e3b4adfd704ea4edad38a3fc14d37a91f186fd5bb3bc376eabbf27cef05ca6c585518f759697133b4d5e2b04197961e8c0a4b9870ffecd7781d93d3393ab1d466df5ddf71c9b192659271321ef7e3d110327b1c4cb9a709941fb1347d102620131763519bd4c8f81836c410033f7c6e610ad386f1ce6eb4201b48c6736763e6b2da892dd1f39e13401153c7b4f8b6fca1aa37e98c71f86c149c634e8f5ff9af0dfea70b