qa.preview.www.huffpost.com
- Oath Inc. -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 0c:5e:eb:c3:d9:93:83:db:e0:2c:cd:f9:31:68:77:88 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Oath Inc.
Organization:
Oath Inc.
State / Province:
Virginia
Locality: Sterling
Country: US
Locality: Sterling
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:5e:eb:c3:d9:93:83:db:e0:2c:cd:f9:31:68:77:88Serial Number (int): 16443593737206394608737960624938055560
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 2d:51:24:8c:d6:8b:9e:a2:4a:49:36:ee:ad:08:35:21:bf:3d:56:e8
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 33:64:d2:b6:36:8b:cf:6f:d4:fd:0d:3f:49:bd:44:a6:4f:28:ba:04
Fingerprint (sha256): 08:5d:1e:fd:a3:0a:7e:70:1d:89:7f:0e:90:cd:52:a5:bf:77:1f:9d:3d:da:b3:27:63:18:bf:5e:83:dc:62:0e
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate qa.preview.www.huffpost.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for qa.preview.www.huffpost.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
qa.preview.www.huffpost.com
qa-origin-life-preview.huffpo.net
qa-origin-life-preview.huffpo.net
Other certificates including the domain name huffpost.com
(limited to 100 certificates)
checkout.yahoo.com
qa5.add.my.aol.com
staging-origin-life.huffpo.net
preview.www.huffpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
coupons.huffpost.com
link.huffpost.com
*.aol.com
*.add.my.aol.com
checkout.yahoo.com
img.huffingtonpost.com
www.huffingtonpost.com
*.login.yahoo.com
consent.oath.com
*.dev.buzzfeed.io
cmp.huffpost.com
production.mapi.huffpost.com
img.staging.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
beta-origin-cambria-alb.huffpo.net
staging.mapi.huffpost.com
staging.www.huffingtonpost.com
*.aol.com
stage.consent.oath.com
stage.guce2.oath.com
cmp.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.search.yahoo.com
secure.huffingtonpost.com
checkout.yahoo.com
link.huffpost.com
dev.checkout.yahoo.com
huffpost.com
qa.preview.www.huffpost.com
*.aol.com
stage.consent.oath.com
api.huffpost.com
link.huffpost.com
cmp.huffpost.com
*.dev.buzzfeed.io
*.trunk.login.yahoo.com
stage.consent.oath.com
cmp.huffpost.com
*.search.yahoo.com
stage.guce2.oath.com
modulous.huffpost.com
stage.oidc.oath.com
qa.preview.www.huffpost.com
stage.consent.oath.com
staging.www.huffingtonpost.com
www.huffpost.com
mapi.huffpost.com
*.stage.login.yahoo.com
auth.stage.huffpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
se.emails.huffpost.com
*.search.yahoo.com
assist.aol.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
*.login.yahoo.com
www.huffingtonpost.com
*.login.yahoo.com
beta.www.huffpost.com
modulous.huffpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
cmp.huffpost.com
guce2.oath.com
origin-kraken.huffpo.net
src5.yahoo.com
checkout.yahoo.com
checkout.yahoo.com
stage.guce2.oath.com
*.assets.huffingtonpost.com
*.stage.login.yahoo.com
dev.checkout.yahoo.com
dev.checkout.yahoo.com
auth.stage.huffpost.com
trunk.consent.oath.com
*.stage.login.yahoo.com
dev.search.yahoo.com
se.emails.huffpost.com
*.stage.login.yahoo.com
*.search.yahoo.com
huffpost.com
stage.guce.huffpost.com
www.huffingtonpost.com
auth.huffpost.com
consent.oath.com
qa5.add.my.aol.com
staging-origin-life.huffpo.net
preview.www.huffpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
coupons.huffpost.com
link.huffpost.com
*.aol.com
*.add.my.aol.com
checkout.yahoo.com
img.huffingtonpost.com
www.huffingtonpost.com
*.login.yahoo.com
consent.oath.com
*.dev.buzzfeed.io
cmp.huffpost.com
production.mapi.huffpost.com
img.staging.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
beta-origin-cambria-alb.huffpo.net
staging.mapi.huffpost.com
staging.www.huffingtonpost.com
*.aol.com
stage.consent.oath.com
stage.guce2.oath.com
cmp.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.search.yahoo.com
secure.huffingtonpost.com
checkout.yahoo.com
link.huffpost.com
dev.checkout.yahoo.com
huffpost.com
qa.preview.www.huffpost.com
*.aol.com
stage.consent.oath.com
api.huffpost.com
link.huffpost.com
cmp.huffpost.com
*.dev.buzzfeed.io
*.trunk.login.yahoo.com
stage.consent.oath.com
cmp.huffpost.com
*.search.yahoo.com
stage.guce2.oath.com
modulous.huffpost.com
stage.oidc.oath.com
qa.preview.www.huffpost.com
stage.consent.oath.com
staging.www.huffingtonpost.com
www.huffpost.com
mapi.huffpost.com
*.stage.login.yahoo.com
auth.stage.huffpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
se.emails.huffpost.com
*.search.yahoo.com
assist.aol.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
*.login.yahoo.com
www.huffingtonpost.com
*.login.yahoo.com
beta.www.huffpost.com
modulous.huffpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
cmp.huffpost.com
guce2.oath.com
origin-kraken.huffpo.net
src5.yahoo.com
checkout.yahoo.com
checkout.yahoo.com
stage.guce2.oath.com
*.assets.huffingtonpost.com
*.stage.login.yahoo.com
dev.checkout.yahoo.com
dev.checkout.yahoo.com
auth.stage.huffpost.com
trunk.consent.oath.com
*.stage.login.yahoo.com
dev.search.yahoo.com
se.emails.huffpost.com
*.stage.login.yahoo.com
*.search.yahoo.com
huffpost.com
stage.guce.huffpost.com
www.huffingtonpost.com
auth.huffpost.com
consent.oath.com
Certificate
The complete raw certificate details for qa.preview.www.huffpost.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHATCCBemgAwIBAgIQDF7rw9mTg9vgLM35MWh3iDANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xODA5MTgwMDAwMDBaFw0yMDA5MjIxMjAwMDBa MG0xCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5pYTERMA8GA1UEBxMIU3Rl cmxpbmcxEjAQBgNVBAoTCU9hdGggSW5jLjEkMCIGA1UEAxMbcWEucHJldmlldy53 d3cuaHVmZnBvc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA uX0lROCftjjPM3wv9GwFk8WywUdN3EeUagFAFgBxUry5KBxlOpwfhybzMFLghPOq vTp0bIWfGNghyG/DioaVLxPbp29ZC7/pvZJ5E7dh2ivEbNpx3tJFHziKNEphtGl8 OGvTgZi9sDNfKqVdGu9tAGjBFAq6bxJk7lCgr4NmK4NF4+4atcsrRkNHQeD9Ugdy esMKJCoIiizD2a4njH0mfZB7ji9gaqiQMb/RMVqLm/YCurvDKj8q68SkCOJKFyXd jsHugNK8rRevn6y5p6jrGawwtzsZLJCOjnsDK72a1OCoeVf1YHQS+U4rKdAZqmIX cZqFf9fYaWFrSYwJypBAAwIDAQABo4IDmDCCA5QwHwYDVR0jBBgwFoAUUWj/kK8C B3U8zNllZGKiErhZcjswHQYDVR0OBBYEFC1RJIzWi56iSkk27q0INSG/PVboMEkG A1UdEQRCMECCG3FhLnByZXZpZXcud3d3Lmh1ZmZwb3N0LmNvbYIhcWEtb3JpZ2lu LWxpZmUtcHJldmlldy5odWZmcG8ubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDov L2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYu aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBM BgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3 dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQG CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKG QWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNz dXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQC BIIBbQSCAWkBZwB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAAB Ze7AgC0AAAQDAEcwRQIgPmm6tiXl3DXsqEYoGcH2YN7GNg4wF7/LKtuyMsBDE2sC IQDBH4qlYK0kvGjXbJBVWPNF6BlxunzMu4ZQGgxBDisvSAB1AId1v+dZfPiMQ5lf vfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZe7AgCAAAAQDAEYwRAIgQ1i6eIHXiZQC KPJrN17Ez/sk9QlmQa2VdTGex9ch0KMCIB1GtPTqMRujGc6fgZIlM9pPjhuz/h78 b+siigsu3ph9AHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFl 7sCAHAAABAMARzBFAiEAyrkb9IV1RlaPCNecjqSvm91sy4iQ8jzzy6ZOSJhh01kC IAL5p2FJDpNAOzW0bKP0eYBWRDJ2KT7E6q5pPsHMvQP+MA0GCSqGSIb3DQEBCwUA A4IBAQCGJqbdEGJgcLNcFiXHv+1ZroQvjT7iWv5A2SG2+BxTmQOUt4rapCJ4Vi4/ M64qEb1pZWeVLYojjYCybdhIYfrp7ldlrPb6GdI3bOQwXW29qyxptpdPA9j2PURZ ZdlH1ojt1ZIg+jmkwsSEYWZEmemBbGk0tKaFPxyZSVhdJrmOtMFu1/qeYhN6YnpB QguOlck6hbc0e22eZP2GBJAONXovU5SmV04fUqSnczt9/jsGRgOylmApvVaE/9/4 OFNkgJy8ICAQVxU4fVtp9Chs2TxyExy4f+vNFn9LdVU00m72X9ApUUJublPZnZNn MnTylnEkLZRNoH3DW2NRvLybsfDW -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX0lROCftjjPM3wv9GwF k8WywUdN3EeUagFAFgBxUry5KBxlOpwfhybzMFLghPOqvTp0bIWfGNghyG/DioaV LxPbp29ZC7/pvZJ5E7dh2ivEbNpx3tJFHziKNEphtGl8OGvTgZi9sDNfKqVdGu9t AGjBFAq6bxJk7lCgr4NmK4NF4+4atcsrRkNHQeD9UgdyesMKJCoIiizD2a4njH0m fZB7ji9gaqiQMb/RMVqLm/YCurvDKj8q68SkCOJKFyXdjsHugNK8rRevn6y5p6jr GawwtzsZLJCOjnsDK72a1OCoeVf1YHQS+U4rKdAZqmIXcZqFf9fYaWFrSYwJypBA AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16443593737206394608737960624938055560 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-22 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sterling' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oath Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'qa.preview.www.huffpost.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23415798005343887293630181319703853424980569156210599368701724262954520842379919856973423143258297642226815798270209905219720836714278105267758857186299097534803424372527715770791779847669143586612879592560206115743859413477369176270018372731482785394282994345271096547425910679914705819807256569993516407171817938569469349497354309275514353493342518867960844503149863998337124114778135922404639458448653064649544807696319466746292272567747225796788775319530595358253599763295391569960027401629682791338164228824061571922945979379891780217204821703281484425541304234504553729205573412058148082756395706808624051404803 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2d51248cd68b9ea24a4936eead083521bf3d56e8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.preview.www.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa-origin-life-preview.huffpo.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000165eec0802d000004030047304502203e69bab625e5dc35eca8462819c1f660dec6360e3017bfcb2adbb232c043136b022100c11f8aa560ad24bc68d76c905558f345e81971ba7cccbb86501a0c410e2b2f480075008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000165eec08020000004030046304402204358ba7881d789940228f26b375ec4cffb24f5096641ad9575319ec7d721d0a302201d46b4f4ea311ba319ce9f81922533da4f8e1bb3fe1efc6feb228a0b2ede987d007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000165eec0801c0000040300473045022100cab91bf4857546568f08d79c8ea4af9bdd6ccb8890f23cf3cba64e489861d359022002f9a761490e93403b35b46ca3f4798056443276293ec4eaae693ec1ccbd03fe . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008626a6dd10626070b35c1625c7bfed59ae842f8d3ee25afe40d921b6f81c53990394b78adaa42278562e3f33ae2a11bd696567952d8a238d80b26dd84861fae9ee5765acf6fa19d2376ce4305d6dbdab2c69b6974f03d8f63d445965d947d688edd59220fa39a4c2c48461664499e9816c6934b4a6853f1c9949585d26b98eb4c16ed7fa9e62137a627a41420b8e95c93a85b7347b6d9e64fd8604900e357a2f5394a6574e1f52a4a7733b7dfe3b064603b2966029bd5684ffdff8385364809cbc2020105715387d5b69f4286cd93c72131cb87febcd167f4b755534d26ef65fd02951426e6e53d99d93673274f29671242d944da07dc35b6351bcbc9bb1f0d6