*.gemalto.com

- GEMALTO SA -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 07:6d:fc:a0:4f:1c:5c:ad:5e:dc:d0:2c:d8:e1:04:20 was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

GEMALTO SA

Organization: GEMALTO SA
State / Province: Meudon
Locality: Meudon
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:6d:fc:a0:4f:1c:5c:ad:5e:dc:d0:2c:d8:e1:04:20
Serial Number (int): 9875680196284433179751509226942432288
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ca:41:86:a9:c9:b7:24:03:a7:3a:b1:26:c5:77:91:72:0b:79:05:34
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): 4e:0e:19:19:d9:2a:ff:8b:57:4e:c1:81:5c:26:bf:4e:19:77:eb:04
Fingerprint (sha256): 08:ef:3e:d4:81:76:eb:d6:be:f9:9c:c4:88:0a:c1:71:f8:66:2d:d4:9e:0f:f1:91:32:f6:a7:f9:46:40:2a:28

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g5.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g5.crl

Check the revocation status for certificate *.gemalto.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.gemalto.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.gemalto.com
gemalto.com
www.esp.gemalto.com

Other certificates including the domain name gemalto.com

(limited to 100 certificates)
*.weballynis.gemalto.com
geolocsegm.spg.latallynis.gemalto.com
lync.gemalto.com
www.gemalto.com
*.eservices-lab.gemalto.com
lync.gemalto.com
*.mid.vrkfin.ew1.gp-dev02.acloud.gemalto.com
forums.charmhealth.com
scos3.gemalto.com
developer.gemalto.com
www6.gemalto.com
smtp2.gemalto.com
sip.gemalto.com
spring.gemalto.com
*.demo.gemalto.com
*.webaccess.gemalto.com
sspdev.bp-dev03.acloud.gemalto.com
ssp.bp03.acloud.gemalto.com
safenet.gemalto.com
status.appveyor.com
*.us.cbp.gemalto.com
selfservice.gemalto.com
*.latallynis.gemalto.com
boutique.gemalto.com
otp-api.latallynis.gemalto.com
*.idverification.gp.acloud.gemalto.com
www2.gemalto.com
tsh.portal.gemalto.com
pinbyweb.sgbrs.gemalto.com
stwp.gemalto.com
status.appveyor.com
ssp.bp03.acloud.gemalto.com
supportportal.gemalto.com
*.lte.dc.gemalto.com
barclaycard.gemalto.com
*.gemalto.com
*.gemalto.com
*.idverification.gp-staging.acloud.gemalto.com
go-videos.gemalto.com
odc-ops.gemalto.com
saas.lassoo.gemalto.com
gemalto.com
*.gemalto.com
*.latallynis.gemalto.com
jphsr-es4-in.osm.gemalto.com
forum.minicopters.nl
www.netsolutions.gemalto.com
www.aps.gemalto.com
*.ausdemo.gemalto.com
eventsregistration.gemalto.com
developer.gemalto.com
*.saas.gemalto.com
tbu-saleslms.gemalto.com
*.dlm.gemalto.com
vrkfin2.ew1.gp-dev02.acloud.gemalto.com
safenet.gemalto.com
odc-ops.gemalto.com
www6.gemalto.com
ddl-idp-uat.gemalto.com
tsh.portal.gemalto.com
*.gemalto.com
*.gemalto.com
wwwqa.aps.gemalto.com
shb.pindefinition.gemalto.com
latsmhub-client.tsm.gemalto.com
*.mobileconnect.gemalto.com
docs.sentinel.gemalto.com
gemalto.com
visio.gemalto.com
carta.dc1.prod.tsm.gemalto.com
*.mnfcweballynis.gemalto.com
*.gemalto.com
cel-auth.prod.odc-cloud.gemalto.com
selfcare.mobileconnect.gemalto.com
ibmp11vsharee01.smtp.ggsdc.gemalto.com
digitalpin-app.gemalto.com
lync.gemalto.com
project-s-client.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.allynisconnect.gemalto.com
digitalpin-web.gemalto.com
*.cbp.gemalto.com
int-tns.cbp-int.gemalto.com
telcodms.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.saas.gemalto.com
*.didarg.dwg.ue1.gp-dev03.acloud.gemalto.com
*.lab.ids-odc.gemalto.com
mail.aps.gemalto.com
go-videos.gemalto.com
ddl-sp-uat.gemalto.com
*.allynisconnect.gemalto.com
*.webaccess.gemalto.com
arkea.pinbyapp.gemalto.com
*.axtel.msi.acloud.gemalto.com
*.weballynis.gemalto.com
allynisconnect1.gemalto.com
m2m-communication.gemalto.com
status.appveyor.com
*.welcomeit.allynis.gemalto.com

Certificate

The complete raw certificate details for *.gemalto.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIQB238oE8cXK1e3NAs2OEEIDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNjA1MDIwMDAwMDBaFw0xNzA2MTQxMjAwMDBa
MFwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIEwZNZXVkb24xDzANBgNVBAcTBk1ldWRv
bjETMBEGA1UEChMKR0VNQUxUTyBTQTEWMBQGA1UEAwwNKi5nZW1hbHRvLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALe/M1LYPBcpxLaPyfL0gqpS
shJwytTQL1VXiPPX+Z9b2B7b1sS8yDalexTjlJ0xW1zjNfxay6iePAcyI9yl+Ci2
/2vMpB1o8kG0P/AlYUhAgLT3YuqyRxMk3K+v0q/A9cjC2Tm5OI/5ratoSr5hG3Xv
MZMQMbgQY0DTAvC+iRZTXz0tXWeZcBpFFz4GpJ2uh1jeOPJeXfHMfm9AzmLZjmFO
FLbacC0Bnk//Bd5S/c/ig8/9Vc7Q7c7bB146t4yPP8LF7lynXibcPZsQdwySAAAE
lQIwHn8qSW4GOygQrGgHIzuhmFOPukAmhSpQwvEkJfTVvxh8M6TN6szWH0hqcn8C
AwEAAaOCAggwggIEMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0G
A1UdDgQWBBTKQYapybckA6c6sSbFd5FyC3kFNDA6BgNVHREEMzAxgg0qLmdlbWFs
dG8uY29tggtnZW1hbHRvLmNvbYITd3d3LmVzcC5nZW1hbHRvLmNvbTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRu
MGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZl
ci1nNS5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhh
LXNlcnZlci1nNS5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEF
BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwgYMG
CCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
Y29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
aUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZkwpqo63J335xZh1Zdjyr4mZwHfmYucA4JMtU
OGQd1Qme1RwNXHmEQqQsokNDzvjpgM0RHIDauX1+INpxh2SuFfmUwX2y+KaHeCTO
rmX8ubITCQ4UgITiy+IynJbT0+2+kGGnHX+BsPqjn4AW5zmsc2XKpPhU9xWMPrcw
wi0ELbgOBGhMuRNOkC+JgmuwwyBf9zTZfr5EvioAUDH3euVprtmqZuo9+FElxObY
P5q5HL26eBykyUBINmhpDC5/h7Pb28CP8eImF5/1wXWbqlRclIobo96QT3CuaSDt
z1cT+dAr982t97NMl06AOvx/saD0CYlMn98t6of5MMPkMGhY
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt78zUtg8FynEto/J8vSC
qlKyEnDK1NAvVVeI89f5n1vYHtvWxLzINqV7FOOUnTFbXOM1/FrLqJ48BzIj3KX4
KLb/a8ykHWjyQbQ/8CVhSECAtPdi6rJHEyTcr6/Sr8D1yMLZObk4j/mtq2hKvmEb
de8xkxAxuBBjQNMC8L6JFlNfPS1dZ5lwGkUXPgakna6HWN448l5d8cx+b0DOYtmO
YU4UttpwLQGeT/8F3lL9z+KDz/1VztDtztsHXjq3jI8/wsXuXKdeJtw9mxB3DJIA
AASVAjAefypJbgY7KBCsaAcjO6GYU4+6QCaFKlDC8SQl9NW/GHwzpM3qzNYfSGpy
fwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9875680196284433179751509226942432288
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-14 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Meudon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Meudon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEMALTO SA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.gemalto.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23195894280917046769918550108857903893453914407301682529209015537605634475265444359148751996302019519873062000698998662704224979521882035398258692971028531161824396917971378350129847757769801029503685747840561995438294540573260286635060323311775304913679415114873509174792232026562334389925043325869506968955081589629371116348157868020990678203333836938689050301482768783802454264174477216077299006272586535699302652148966330879127923684872336300436565483322353273991981109189889204546429316982695273894197648565888388551334175243128779503559094679461039219213463210456140123419163712143533085941553556301928737698431
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ca4186a9c9b72403a73ab126c57791720b790534
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gemalto.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gemalto.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.esp.gemalto.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0019930a6aa3adc9df7e71661d59763cabe266701df998b9c03824cb5438641dd5099ed51c0d5c798442a42ca24343cef8e980cd111c80dab97d7e20da718764ae15f994c17db2f8a6877824ceae65fcb9b213090e148084e2cbe2329c96d3d3edbe9061a71d7f81b0faa39f8016e739ac7365caa4f854f7158c3eb730c22d042db80e04684cb9134e902f89826bb0c3205ff734d97ebe44be2a005031f77ae569aed9aa66ea3df85125c4e6d83f9ab91cbdba781ca4c940483668690c2e7f87b3dbdbc08ff1e226179ff5c1759baa545c948a1ba3de904f70ae6920edcf5713f9d02bf7cdadf7b34c974e803afc7fb1a0f409894c9fdf2dea87f930c3e4306858