go.navient.com
- Cloudflare, Inc. -
Issued by Cloudflare Inc RSA CA-2
About this certificate
This digital certificate with serial number 05:a2:34:ca:f6:0f:d2:72:f3:3a:a4:a2:69:05:63:24 was issued on by Cloudflare, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Cloudflare, Inc.
Organization:
Cloudflare, Inc.
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
Cloudflare, Inc.
Organization:
Cloudflare, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 05:a2:34:ca:f6:0f:d2:72:f3:3a:a4:a2:69:05:63:24Serial Number (int): 7488362835547879329361050149300036388
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 63:25:df:d5:4b:f5:a1:a4:77:3d:a4:2a:82:d8:10:e2:88:49:20:5e
AuthorityKeyId: 18:a9:1a:fc:b2:45:49:c1:6f:30:34:08:2b:d9:87:9c:b0:25:57:7a
Fingerprint (sha1): 7c:3e:ee:0d:fe:41:70:d6:d6:b9:19:63:4e:d3:02:09:dd:5c:bd:24
Fingerprint (sha256): 08:bb:dc:75:ec:89:08:69:36:38:a7:60:8c:3f:14:2d:d8:4e:a0:f8:a5:d7:67:59:6f:aa:15:f4:32:c3:6c:cf
Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncRSACA-2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/CloudflareIncRSACA-2.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncRSACA-2.crl
Check the revocation status for certificate go.navient.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for go.navient.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
go.navient.com
Other certificates including the domain name navient.com
(limited to 100 certificates)
images.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
filegateway.navient.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
rrp.navient.com
mediaserver.navient.com
payments.navient.com
panifiise010.navient.com
access.navient.com
tcpaupdateqa.navient.com
staging.gateway.msbpay.navient.com
www.navient.com
textresponsedev.navient.com
survey.navient.com
LyncExt.navient.com
b2bproxy.navient.com
accesslync.navient.com
leapfrog-ssl-4.gcs-web.com
leapfrog-ssl-4.gcs-web.com
payments.navient.com
upload.navient.com
bdm.navient.com
message.navient.com
go.navient.com
leapfrog-ssl-4.gcs-web.com
filegateway.navient.com
gogreen.navient.com
meteortest.navient.com
myaccount.navient.com
PEVSGW.navient.com
wsmb2bproxy.navient.com
myaccount.navient.com
exedge.navient.com
payments.navient.com
chat2.navient.com
twwsdlr.navient.com
services.navient.com
rsa.citrixcloud.navient.com
leapfrog-ssl-4.gcs-web.com
idrhelp.navient.com
assist.navient.com
leapfrog-ssl-4.gcs-web.com
rrp.navient.com
jobs.navient.com
gogreenqa.navient.com
leapfrog-ssl-4.gcs-web.com
acqueonapi-test.navient.com
vpgw.navient.com
ilp.navient.com
mediaserver.navient.com
punrasrly010.navient.com
tcpaupdateqa.navient.com
leapfrog-ssl-4.gcs-web.com
services2.navient.com
myaccount.navient.com
accesslync.navient.com
mediaserver.navient.com
services2.navient.com
preview-xtend.navient.com
twwsgw.navient.com
ilp.navient.com
accesslync.navient.com
Preview-xtend.navient.com
amzn-connect.navient.com
staging.gateway.msbpay.navient.com
mediaserver.cm.navient.com
fms.navient.com
rsa.citrixcloud.navient.com
punrfirly080.navient.com
leapfrog-ssl-4.gcs-web.com
*.navient.com
login.navient.com
www.navient.com
concierge-qa.navient.com
wsmb2bresp.navient.com
jobs.navient.com
rrp.navient.com
exedge.navient.com
www.navient.com
leapfrog-ssl-4.gcs-web.com
den1.navient.com
fms.navient.com
leapfrog-ssl-4.gcs-web.com
rsa.citrix.navient.com
navient.com
twwsdlr.navient.com
ree.navient.com
meteor.navient.com
webadvisor.navient.com
extnavi.usa-ed.net
leapfrog-ssl-4.gcs-web.com
sdu.navient.com
ssp.navient.com
webmail.navient.com
paymentstest.navient.com
gogreen.navient.com
go.navient.com
access-dr.navient.com
leapfrog-ssl-4.gcs-web.com
meteor.navient.com
services2.navient.com
vdi2.navient.com
message.navient.com
Certificate
The complete raw certificate details for go.navient.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIQBaI0yvYP0nLzOqSiaQVjJDANBgkqhkiG9w0BAQsFADBK MQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UE AxMXQ2xvdWRmbGFyZSBJbmMgUlNBIENBLTIwHhcNMjMwNTE3MDAwMDAwWhcNMjQw NTE2MjM1OTU5WjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5j LjEXMBUGA1UEAxMOZ28ubmF2aWVudC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKY5SvJfjobVuU0oH0PJ/BMi/v1aZRtDICut6spm2wPkTbvspn eNKsfujm9GTOnEgGDD+gVnLjx+2W47hgHKCMHAKcOs4YADx15bc1ZoTXHGjwKuuR cG29DR3NbKhx9SCkxlSR6Il1uohAMQwd0wJVWx+wrnSNn8FCCHvYs1DbvBU5YXoq yuza2b7towkQdH6dZJz0BIGSQonHjLkH0cehJO+KLPDKRN2KI2BzUVzx/dGD+tsi Ls2/kLLL5jYMDWbHvxJ8hgnADQISW0sA2pL/3rYHSHFbID1nYBgjT6pYquOb/pSF Atcpj7ELBUcGqxypsLE7YnUgJeKYpUV32CElAgMBAAGjggHmMIIB4jAfBgNVHSME GDAWgBQYqRr8skVJwW8wNAgr2YecsCVXejAdBgNVHQ4EFgQUYyXf1Uv1oaR3PaQq gtgQ4ohJIF4wGQYDVR0RBBIwEIIOZ28ubmF2aWVudC5jb20wDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDeg NaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY1JTQUNB LTIuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFy ZUluY1JTQUNBLTIuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUH AgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcw AoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNSU0FD QS0yLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqG SIb3DQEBCwUAA4IBAQCTAVIdr2/+vve9i+LXoTvDPYpWzyBGz2tG6ZDOApg9Kjxa vYtzDmXE2OIbi+FY/y2sYRhRN04a1fZqPhy4cBEBEeVjezkSoYo48Z9Kv/cKINne wEEQntq2LsboACmLdNtD5MQ1/9Ts3VzlMhY5QOtvB0W9DMQAD8CwDIzYcdDsbIDT Qy4e2+GbzFBMiup/sAEpmZg8VwMn1OfHqkFs8XzJkdFHQvNWhF6SNfCquI3sa0mK U95gbKSlaeLagkRgnNwAOvo70NmSTQ2lBezZVdg9c2nHIukQvW0jlrSKRHgcn8ee nYSdwfXfwbyw1aCln2fE+idRkrvL6lr0FzM5SghY -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymOUryX46G1blNKB9Dyf wTIv79WmUbQyArrerKZtsD5E277KZ3jSrH7o5vRkzpxIBgw/oFZy48ftluO4YByg jBwCnDrOGAA8deW3NWaE1xxo8CrrkXBtvQ0dzWyocfUgpMZUkeiJdbqIQDEMHdMC VVsfsK50jZ/BQgh72LNQ27wVOWF6Ksrs2tm+7aMJEHR+nWSc9ASBkkKJx4y5B9HH oSTviizwykTdiiNgc1Fc8f3Rg/rbIi7Nv5Cyy+Y2DA1mx78SfIYJwA0CEltLANqS /962B0hxWyA9Z2AYI0+qWKrjm/6UhQLXKY+xCwVHBqscqbCxO2J1ICXimKVFd9gh JQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7488362835547879329361050149300036388 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc RSA CA-2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-16 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'go.navient.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25549242724589382279864706056842540109658916009526935248365944917357648911730959330459045101619650386742645397283996919777555370146718110260582060274253449739606282893684444225059508474097320385499714811345456782748245172167829656073154318842218804035692187750338971412555910915848780861214252646389010382119072570730280919026146016083644990445091694187983969166893216241828621708067483671444245813506919506354907523561717012388127963151496358988949250838664552605655882062417817137505333160090662217091532961331541317296964186315650012169153193947621620485034037185566369713145736030906304024834422394981080358199589 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 18a91afcb24549c16f3034082bd9879cb025577a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6325dfd54bf5a1a4773da42a82d810e28849205e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'go.navient.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncRSACA-2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncRSACA-2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncRSACA-2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009301521daf6ffebef7bd8be2d7a13bc33d8a56cf2046cf6b46e990ce02983d2a3c5abd8b730e65c4d8e21b8be158ff2dac611851374e1ad5f66a3e1cb870110111e5637b3912a18a38f19f4abff70a20d9dec041109edab62ec6e800298b74db43e4c435ffd4ecdd5ce532163940eb6f0745bd0cc4000fc0b00c8cd871d0ec6c80d3432e1edbe19bcc504c8aea7fb0012999983c570327d4e7c7aa416cf17cc991d14742f356845e9235f0aab88dec6b498a53de606ca4a569e2da8244609cdc003afa3bd0d9924d0da505ecd955d83d7369c722e910bd6d2396b48a44781c9fc79e9d849dc1f5dfc1bcb0d5a0a59f67c4fa275192bbcbea5af41733394a0858