staging-securedrop.huffpost.net
- Oath Inc -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 09:ea:05:aa:ef:1a:17:e7:86:f2:e2:a0:96:2d:78:32 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Oath Inc
Organization:
Oath Inc
State / Province:
California
Locality: Sunnyvale
Country: US
Locality: Sunnyvale
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:ea:05:aa:ef:1a:17:e7:86:f2:e2:a0:96:2d:78:32Serial Number (int): 13178164381795500508462432859588491314
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: a3:3e:6f:35:7e:e1:59:87:5b:86:5b:bb:3a:e7:d9:e9:96:46:26:28
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 30:15:7d:8c:e9:8d:fa:c2:e0:70:4e:a3:aa:93:b0:37:2c:14:ed:fc
Fingerprint (sha256): 08:89:90:35:8f:89:50:a3:64:2b:bf:08:54:01:28:c3:09:ff:2b:ba:e2:35:97:49:e8:fb:0b:46:bd:fd:a6:ce
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate staging-securedrop.huffpost.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging-securedrop.huffpost.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging-securedrop.huffpost.net
Other certificates including the domain name huffpost.net
(limited to 100 certificates)
staging-securedrop.huffpost.net
*.app-west.buzzfeed.io
*.edit.huffpost.net
staging-elections.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
staging-securedrop.huffpost.net
production-securedrop.huffpost.net
staging-securedrop.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
secrets.huffpost.net
staging-athena-mongo-cms.huffpost.net
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
origin-identifiers.huffpost.net
huffpost.net
*.preview.huffpost.net
*.stage.buzzfeed.io
*.edit.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
yamas.huffpost.net
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
accounts.huffingtonpost.com
origin-identifiers.huffpost.net
42.huffpost.net
*.preview.huffpost.net
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-elections.huffpost.net
secrets.huffpost.net
*.app-west.buzzfeed.io
origin-identifiers.huffpost.net
*.stage.buzzfeed.io
*.app-west.buzzfeed.io
production-securedrop.huffpost.net
*.content-internal.huffpost.net
*.app-west.buzzfeed.io
staging-elections.huffpost.net
*.unstable.buzzfeed.io
*.edit.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.app-west.buzzfeed.io
staging-elections.huffpost.net
huffpost.net
*.content-internal.huffpost.net
*.preview.huffpost.net
*.preview.huffpost.net
*.unstable.buzzfeed.io
gamp.huffpost.net
secrets.huffpost.net
accounts.huffingtonpost.com
*.huffpost.net
*.prod.buzzfeed.io
*.unstable.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
huffpost.net
*.tools.huffpost.net
*.stage.buzzfeed.io
*.stage.buzzfeed.io
production-securedrop.huffpost.net
*.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
*.huffpost.net
origin-identifiers.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.stage.buzzfeed.io
*.unstable.buzzfeed.io
huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.prod.buzzfeed.io
production-securedrop.huffpost.net
docker.huffpost.net
jumpmanjumpmanjumpman.huffpost.net
*.tools.huffpost.net
*.edit.huffpost.net
*.app-west.buzzfeed.io
*.edit.huffpost.net
staging-elections.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
accounts.huffingtonpost.com
*.edit.huffpost.net
staging-securedrop.huffpost.net
production-securedrop.huffpost.net
staging-securedrop.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
secrets.huffpost.net
staging-athena-mongo-cms.huffpost.net
*.prod.buzzfeed.io
staging-securedrop.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
origin-identifiers.huffpost.net
huffpost.net
*.preview.huffpost.net
*.stage.buzzfeed.io
*.edit.huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
yamas.huffpost.net
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.app-west.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
accounts.huffingtonpost.com
origin-identifiers.huffpost.net
42.huffpost.net
*.preview.huffpost.net
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-elections.huffpost.net
secrets.huffpost.net
*.app-west.buzzfeed.io
origin-identifiers.huffpost.net
*.stage.buzzfeed.io
*.app-west.buzzfeed.io
production-securedrop.huffpost.net
*.content-internal.huffpost.net
*.app-west.buzzfeed.io
staging-elections.huffpost.net
*.unstable.buzzfeed.io
*.edit.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.app-west.buzzfeed.io
staging-elections.huffpost.net
huffpost.net
*.content-internal.huffpost.net
*.preview.huffpost.net
*.preview.huffpost.net
*.unstable.buzzfeed.io
gamp.huffpost.net
secrets.huffpost.net
accounts.huffingtonpost.com
*.huffpost.net
*.prod.buzzfeed.io
*.unstable.buzzfeed.io
*.tools.huffpost.net
*.blog.huffpost.net
*.edit.huffpost.net
huffpost.net
*.tools.huffpost.net
*.stage.buzzfeed.io
*.stage.buzzfeed.io
production-securedrop.huffpost.net
*.huffpost.net
*.app-west.buzzfeed.io
*.prod.buzzfeed.io
*.huffpost.net
origin-identifiers.huffpost.net
*.prod.buzzfeed.io
*.app-west.buzzfeed.io
*.preview.huffpost.net
*.stage.buzzfeed.io
*.unstable.buzzfeed.io
huffpost.net
accounts.huffingtonpost.com
*.prod.buzzfeed.io
docker.huffpost.net
*.prod.buzzfeed.io
production-securedrop.huffpost.net
docker.huffpost.net
jumpmanjumpmanjumpman.huffpost.net
*.tools.huffpost.net
*.edit.huffpost.net
Certificate
The complete raw certificate details for staging-securedrop.huffpost.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYTCCBUmgAwIBAgIQCeoFqu8aF+eG8uKgli14MjANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0yMTAzMDgwMDAwMDBaFw0yMTA5MDEyMzU5NTla MHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlT dW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMSgwJgYDVQQDEx9zdGFnaW5nLXNl Y3VyZWRyb3AuaHVmZnBvc3QubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvzMLI7tsX0DUjXWU5WRn0Z384CHUXoGlci2GNM1HNqx8P+jjHQx5nxVN JKYlS9NmYYZ0rjN+vbK+lMqX+wsV733OjXy/h6de6Z7/hfEAuaGCbhjpn101xKXH 4I+6KOw7gsS5r4T6xxd9wygXqnkLKjc8Bw7NE2SrNruFJyGV8Cxx6p/mfFoKKbYd +3Vz4y766uG5I4CA63Ax0wPIvVHcJe06clKvkWf5Ko2ScS11G2sH2pAoGlNHhwt6 tRTXvzuMblN8Bw7oW0+Nhl241qc94rJAjMRRQ4ztMMZwxFFbGst02Bnz2U5V/Eb1 N9lst1gZ0x7AQpjKxN1Pe8R188BTgQIDAQABo4IC8jCCAu4wHwYDVR0jBBgwFoAU UWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFKM+bzV+4VmHW4Zbuzrn2emW RiYoMCoGA1UdEQQjMCGCH3N0YWdpbmctc2VjdXJlZHJvcC5odWZmcG9zdC5uZXQw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1 BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1o YS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20v c2hhMi1oYS1zZXJ2ZXItZzYuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYI KwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBgwYIKwYBBQUH AQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYI KwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNI QTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEEBgor BgEEAdZ5AgQCBIH1BIHyAPAAdgD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwvIAvM TvFk4wAAAXgR/cYqAAAEAwBHMEUCIAvIPv0Cz8GNRmg0UlkSxYmcIwQW6DjgJxNy UoIONgF8AiEApDpbC8FzsQk8Dt6/BDxXgrSNiSWdOofoLjece5tKHBgAdgBc3EOS /uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXgR/cZ8AAAEAwBHMEUCIQDi bbEYk222Sl12VN2CJC2r4b6jXwpQuVM6DS4QmccodwIgXDzF4JDy2z5tUJ2gfRrd FqYJxzhx26B1aEIDWJb95FAwDQYJKoZIhvcNAQELBQADggEBAJMZ+BjEgTlPvm5H ztGUuFVCVu8NAi7+5eCTa2aAWZ7EtggjBTd7kg4Gs5QKPDu5IvDxU9Lpub42Hf/9 wychPHaqn5ZILx7vqUqoFopQG7EyTd3xGiZAPkvk9uz5mr39QPZ1CDS9ctPBIl7R mMWtUEtYXDr0TV4EUpJws/c0ECfk3y5fSER5e/5AZoZp3+i/Du+lihVsG6ruloht /LDPfe26QazbTdhIWu1Fb/Gu4A6hlZFxFdA9zwEcUFiTf+o5aTwtCbDQz/iEW/go vz4rOY5oRNOE8qpV1yNheSGJrZVxiLd/wE5K4Ji/VtokygEtF/gPL5sgPcG7Qwca UYtx7vc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzMLI7tsX0DUjXWU5WRn 0Z384CHUXoGlci2GNM1HNqx8P+jjHQx5nxVNJKYlS9NmYYZ0rjN+vbK+lMqX+wsV 733OjXy/h6de6Z7/hfEAuaGCbhjpn101xKXH4I+6KOw7gsS5r4T6xxd9wygXqnkL Kjc8Bw7NE2SrNruFJyGV8Cxx6p/mfFoKKbYd+3Vz4y766uG5I4CA63Ax0wPIvVHc Je06clKvkWf5Ko2ScS11G2sH2pAoGlNHhwt6tRTXvzuMblN8Bw7oW0+Nhl241qc9 4rJAjMRRQ4ztMMZwxFFbGst02Bnz2U5V/Eb1N9lst1gZ0x7AQpjKxN1Pe8R188BT gQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13178164381795500508462432859588491314 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sunnyvale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oath Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging-securedrop.huffpost.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24136686743377391930547425313293990019957404135664394803728844486637253894331130102080397810968909818093600104718997816450785984770745767725889378729910930663098520167016938094502509833082958656396165105276852622405317022973664978330452381403509093343224731912412463349665829052823584311284157949491970207544990546051697638621941123991818978426805179829420844455309266983866567924320972617701632565441043488270522758671585117676995564919142474703915960052512154129884168168292696648089997723299375166604268685879698648295848820026532310832578730223144400772050432181705778420478413512651576561796191749845916036649857 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a33e6f357ee159875b865bbb3ae7d9e996462628 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-securedrop.huffpost.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000017811fdc62a000004030047304502200bc83efd02cfc18d466834525912c5899c230416e838e027137252820e36017c022100a43a5b0bc173b1093c0edebf043c5782b48d89259d3a87e82e379c7b9b4a1c180076005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000017811fdc67c0000040300473045022100e26db118936db64a5d7654dd82242dabe1bea35f0a50b9533a0d2e1099c7287702205c3cc5e090f2db3e6d509da07d1add16a609c73871dba0756842035896fde450 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009319f818c481394fbe6e47ced194b8554256ef0d022efee5e0936b6680599ec4b6082305377b920e06b3940a3c3bb922f0f153d2e9b9be361dfffdc327213c76aa9f96482f1eefa94aa8168a501bb1324dddf11a26403e4be4f6ecf99abdfd40f6750834bd72d3c1225ed198c5ad504b585c3af44d5e04529270b3f7341027e4df2e5f4844797bfe40668669dfe8bf0eefa58a156c1baaee96886dfcb0cf7dedba41acdb4dd8485aed456ff1aee00ea195917115d03dcf011c5058937fea39693c2d09b0d0cff8845bf828bf3e2b398e6844d384f2aa55d72361792189ad957188b77fc04e4ae098bf56da24ca012d17f80f2f9b203dc1bb43071a518b71eef7