secure.novica.com

- Novica United Inc. -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 07:ff:4a:f5:42:49:2e:27:20:ac:aa:bb:b7:58:8f:62 was issued on by DigiCert Inc.

With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Novica United Inc.

Organization: Novica United Inc.
Organization unit: IT
State / Province: California
Locality: Santa Monica
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:ff:4a:f5:42:49:2e:27:20:ac:aa:bb:b7:58:8f:62
Serial Number (int): 10630151999145758557652326273137545058
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 2d:f3:5c:86:fd:b9:fb:15:2c:42:cd:4b:f4:9c:5e:9e:3b:ad:44:fe
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 6a:da:26:15:5c:47:ce:dc:94:36:ce:9e:9d:7b:77:88:cd:5a:d7:4e
Fingerprint (sha256): 09:af:57:ef:18:32:78:49:fe:ed:5a:f9:a7:f2:5f:72:ec:4b:be:db:1f:31:64:93:fd:12:db:db:b8:d8:15:04

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate secure.novica.com

23

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.novica.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.novica.com
market.unicefusa.org
secure.greatergood.com
www.novica.com
novica.com
extranet.novica.com
webserver1.novica.com
api.novica.com
secure.shop.unicef.org.uk
secure.market.unicef.org.uk
market.unicef.org.uk
www.artisan-gifts.com
artisan-gifts.com
store.kiva.org
secure.store.kiva.org
portal.novica.com
www.market.unicefusa.org
assets3.novica.net
secure1.novica.com
secure2.novica.com
shop.greatergood.com
content.novica.com
api.market.unicef.ca

Other certificates including the domain name novica.com

(limited to 100 certificates)
secure.novica.com
secure.novica.com
secure.novica.com
partners.novica.com
secure.novica.com
login.novica.com
origin.news.novica.com
*.novica.com
extranet.novica.com
login.novica.com
m.novica.com
go.novica.com
secure.novica.com
partners.novica.com
secure.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
webserver1.novica.com
mj.novica.com
novica.com
go.novica.com
novica.com
secure.novica.com
secure.novica.com
partners.novica.com
extranet.novica.com
origin.news.novica.com
extranet.novica.com
partners.novica.com
secure.novica.com
dev.blog.novica.com
secure.novica.com
partners.novica.com
go.novica.com
novica.com
novica.ca
novica.com
novica.com
partners.novica.com
secure.novica.com
dev.blog.novica.com
yspxar.novica.com
novica.com
secure.novica.com
secure.novica.com
secure.novica.com
go.novica.com
origin.news.novica.com
go.novica.com
rs.novica.com
novica.com
go.novica.com
origin.news.novica.com
secure.novica.com
secure.novica.com
origin.news.novica.com
secure.novica.com
*.novica.com
secure.novica.com
secure.novica.com
origin-blog.novica.com
dev.blog.novica.com
support.novica.com
dev.blog.novica.com
partners.novica.com
secure.novica.com
secure.novica.com
secure.novica.com
novica.com
rs.novica.com
secure.novica.com
yspxar.novica.com
secure.novica.com
secure.novica.com
origin.news.novica.com
origin-blog.novica.com
extranet.novica.com
data.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
undiscovered.novica.com
secure.novica.com
secure.novica.com
secure.novica.com
pics.novica.com
novica.ca
secure.novica.com
support.novica.com
yspxar.novica.com
secure.novica.com
rs.novica.com
secure.novica.com
go.novica.com
secure.novica.com
pics.novica.com
extranet.novica.com
extranet.novica.com
webserver1.novica.com

Certificate

The complete raw certificate details for secure.novica.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIDTCCBvWgAwIBAgIQB/9K9UJJLicgrKq7t1iPYjANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMDE5MDAwMDAwWhcN
MTgxMjA4MTIwMDAwWjB/MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p
YTEVMBMGA1UEBxMMU2FudGEgTW9uaWNhMRswGQYDVQQKExJOb3ZpY2EgVW5pdGVk
IEluYy4xCzAJBgNVBAsTAklUMRowGAYDVQQDExFzZWN1cmUubm92aWNhLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKpDatwTjRB6nEHFweXXt6p5
INWJvw19bx94EwgNcG9R9ZtPflz8aZ/+cOmoGtkhkHWnMyCffIS+/D2RiwKAwEkI
T74brBBaKHNkV4O/c/iUU9XCMu5HWTuEED2mCcmB0XFHX7L2uB4Ariz1rUqgbAci
pHZKJm9KNrKde28ZAtjYNtxEW8i0gtvwsvIU2a9SIoCcijeQCFYMJakvtyLwhlnq
Z+noz2WUl3gPnLlXDzfptB43JVipYNMVTf7vWLdiLfdnA5n+Pa2CaiisxEC8vybR
jzQrF4wyfmhfa2dmLq0szZn8SflVwKTZCttDqDJOOIyWOGAIctuFbb69IeZiN3EC
AwEAAaOCBLUwggSxMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0G
A1UdDgQWBBQt81yG/bn7FSxCzUv0nF6eO61E/jCCAe4GA1UdEQSCAeUwggHhghFz
ZWN1cmUubm92aWNhLmNvbYIUbWFya2V0LnVuaWNlZnVzYS5vcmeCFnNlY3VyZS5n
cmVhdGVyZ29vZC5jb22CDnd3dy5ub3ZpY2EuY29tggpub3ZpY2EuY29tghNleHRy
YW5ldC5ub3ZpY2EuY29tghV3ZWJzZXJ2ZXIxLm5vdmljYS5jb22CDmFwaS5ub3Zp
Y2EuY29tghlzZWN1cmUuc2hvcC51bmljZWYub3JnLnVrghtzZWN1cmUubWFya2V0
LnVuaWNlZi5vcmcudWuCFG1hcmtldC51bmljZWYub3JnLnVrghV3d3cuYXJ0aXNh
bi1naWZ0cy5jb22CEWFydGlzYW4tZ2lmdHMuY29tgg5zdG9yZS5raXZhLm9yZ4IV
c2VjdXJlLnN0b3JlLmtpdmEub3JnghFwb3J0YWwubm92aWNhLmNvbYIYd3d3Lm1h
cmtldC51bmljZWZ1c2Eub3JnghJhc3NldHMzLm5vdmljYS5uZXSCEnNlY3VyZTEu
bm92aWNhLmNvbYISc2VjdXJlMi5ub3ZpY2EuY29tghRzaG9wLmdyZWF0ZXJnb29k
LmNvbYISY29udGVudC5ub3ZpY2EuY29tghRhcGkubWFya2V0LnVuaWNlZi5jYTAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsG
A1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNo
YTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1z
aGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB
FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEF
BQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBG
BggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIBBQYKKwYBBAHW
eQIEAgSB9gSB8wDxAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csA
AAFmjR22zAAABAMARzBFAiEApGZygQy3cugE/OhLjLdtocacCrVMlJUUj48llQBd
gKgCIEWekTKJo2mT43lsMxX0Y2sdQ7dgXmKDxdY0e9bnN270AHcAh3W/51l8+IxD
mV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFmjR23hQAABAMASDBGAiEAs0T4AXYs
Th1CtnKpKXzEAzWEVxWC4/mNisvL5O6720MCIQCxW634E+TdUk9HGH+hCv9k0+v7
PCY8nE2Rxyejo01kgzANBgkqhkiG9w0BAQsFAAOCAQEAdHPa7fsq7tusjn7Iu/VS
FIG8FeHs5d88S4CGqyvAitXHLO0cCT9SdWwflUIcepuAZYvbFqo92Rk6FO3AFbwR
bfpeq920vYBfBB+05Jp9L+vckvj/Oo02iEyiOupmvrScb3w6uLEqTe5MqDtPBL0m
MfUZI70WfsjKRT8PMM/00KyfGbttLetZnDawmNYfhBNIjXaujfMNCAhcGxhu17xq
dmrEJZS8fUoMnFHaLCN0qq/QSuQ1j6PNHQH409JZkwZRMveNqSlinMrkyZuUFE0Q
JpPUXDAD+rTDqlUH2bTHWxQ6q7pRjolUiLQtRWHl7iuaFIkivSnThmAFph2wMnRb
wg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkNq3BONEHqcQcXB5de3
qnkg1Ym/DX1vH3gTCA1wb1H1m09+XPxpn/5w6aga2SGQdaczIJ98hL78PZGLAoDA
SQhPvhusEFooc2RXg79z+JRT1cIy7kdZO4QQPaYJyYHRcUdfsva4HgCuLPWtSqBs
ByKkdkomb0o2sp17bxkC2Ng23ERbyLSC2/Cy8hTZr1IigJyKN5AIVgwlqS+3IvCG
Wepn6ejPZZSXeA+cuVcPN+m0HjclWKlg0xVN/u9Yt2It92cDmf49rYJqKKzEQLy/
JtGPNCsXjDJ+aF9rZ2YurSzNmfxJ+VXApNkK20OoMk44jJY4YAhy24Vtvr0h5mI3
cQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10630151999145758557652326273137545058
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-08 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Santa Monica'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Novica United Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secure.novica.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21493756613376810616421882960941677121915868926621719542726097474657499001864911586574390656333822886161672245058163114501251765555353726487854093501376739807454344753150930819515121402231443964540245653403781088548453624708485684275005212400966282718869776784680972709260076672885451727527587920912090262710725639174935079665228861404010216789359199009465464683611521396948005093359788763249540414778666927981440265625525063592102434889524432419966549006632303636463856085562612118865748988206439978558989639922800432767536142944283195316366567641402476531256167042028059105201942116839703123025568043965237570975601
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2df35c86fdb9fb152c42cd4bf49c5e9e3bad44fe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'market.unicefusa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.greatergood.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webserver1.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.shop.unicef.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.market.unicef.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'market.unicef.org.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.artisan-gifts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'artisan-gifts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.kiva.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.store.kiva.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.market.unicefusa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets3.novica.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure1.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure2.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.greatergood.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'content.novica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.market.unicef.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001668d1db6cc0000040300473045022100a46672810cb772e804fce84b8cb76da1c69c0ab54c9495148f8f2595005d80a80220459e913289a36993e3796c3315f4636b1d43b7605e6283c5d6347bd6e7376ef40077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001668d1db7850000040300483046022100b344f801762c4e1d42b672a9297cc4033584571582e3f98d8acbcbe4eebbdb43022100b15badf813e4dd524f47187fa10aff64d3ebfb3c263c9c4d91c727a3a34d6483
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007473daedfb2aeedbac8e7ec8bbf5521481bc15e1ece5df3c4b8086ab2bc08ad5c72ced1c093f52756c1f95421c7a9b80658bdb16aa3dd9193a14edc015bc116dfa5eabddb4bd805f041fb4e49a7d2febdc92f8ff3a8d36884ca23aea66beb49c6f7c3ab8b12a4dee4ca83b4f04bd2631f51923bd167ec8ca453f0f30cff4d0ac9f19bb6d2deb599c36b098d61f8413488d76ae8df30d08085c1b186ed7bc6a766ac42594bc7d4a0c9c51da2c2374aaafd04ae4358fa3cd1d01f8d3d25993065132f78da929629ccae4c99b94144d102693d45c3003fab4c3aa5507d9b4c75b143aabba518e895488b42d4561e5ee2b9a148922bd29d3866005a61db032745bc2