citi-prod.plaid.com
- Plaid Inc -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 02:63:13:31:3a:d8:32:bb:90:bb:c0:fc:6e:95:04:dd was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Plaid Inc
Organization:
Plaid Inc
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 02:63:13:31:3a:d8:32:bb:90:bb:c0:fc:6e:95:04:ddSerial Number (int): 3172882646738710386691931044828218589
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: e6:d7:1b:02:ed:75:c8:03:2a:0f:0f:0c:49:3e:95:0a:e8:94:4c:4c
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): 74:52:36:73:70:d7:a4:1f:30:08:40:6b:f7:be:7c:0f:c8:79:ea:13
Fingerprint (sha256): 0a:29:ac:0f:ae:3d:a2:db:db:4c:dd:5d:63:a4:3f:0a:89:1f:6f:30:34:8d:38:22:f9:31:68:4a:b4:b6:83:6f
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Check the revocation status for certificate citi-prod.plaid.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for citi-prod.plaid.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
citi-prod.plaid.com
www.citi-prod.plaid.com
www.citi-prod.plaid.com
Other certificates including the domain name plaid.com
(limited to 100 certificates)
*.plaid.com
*.plaid.com
*.testing.ue1.plaid.com
em.plaid.com
*.plaid.com
support.plaid.com
*.plaid.com
api.dashboard.plaid.com
ac.awesomedrives.com
*.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
*.tartan.ue1.plaid.com
ja.riws.status.ricoh.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
production-card.plaid.com
*.plaid.com
*.k8s-batch-2.prod.ue1.plaid.io
*.prod.ue1.plaid.com
amex-prod-api-20230127.plaid.com
consumer-portal.prod.ue1.plaid.com
*.plaid.com
api.my.plaid.com
*.plaid.com
api.dashboard.plaid.com
*.plaid.com
ac.awesomedrives.com
*.plaid.com
*.sandbox.ue1.plaid.com
*.testing.ue1.plaid.com
*.prod.ue1.plaid.com
api.my.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
cdn.plaid.com
support.plaid.com
tines.plaid.com
tines.zdrake.com
*.plaid.com
*.prod.ue1.plaid.com
my-testing.plaid.com
*.prod.ue1.plaid.com
euwest1a.tines.com
*.util.ue1.plaid.com
*.prod.ue1.plaid.com
api.dashboard.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
api.my-sandbox.plaid.com
*.plaid.com
citi-prod.plaid.com
*.testing.ue1.plaid.com
envoy-cxp.tartan.ue1.plaid.com
production.plaid.com
ice.status.symantec.com
api.my-testing.plaid.com
api.dashboard.plaid.com
ice.status.symantec.com
*.plaid.com
production.plaid.com
ac.awesomedrives.com
envoy-cxp.sandbox.ue1.plaid.com
*.plaid.com
fin.plaid.com
fin.plaid.com
go.plaid.com
*.prod.ue1.plaid.com
development-card.plaid.com
*.plaid.com
*.plaid.com
citi-test.plaid.com
cdn.plaid.com
*.plaid.com
plogger6.plaid.com
*.testing.ue1.plaid.com
api.my-commits.plaid.com
*.plaid.com
support.plaid.com
api.my-development.plaid.com
api.dashboard.plaid.com
api.my-sandbox.plaid.com
*.prod.ue1.plaid.com
ja.riws.status.ricoh.com
*.tartan.ue1.plaid.com
k8s.plaid.com
support.plaid.com
ac.awesomedrives.com
metrics.plaid.com
ac.awesomedrives.com
*.testing.ue1.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
ac.awesomedrives.com
px-integration-validator.testing.ue1.plaid.com
ja.riws.status.ricoh.com
api.plaid.com
pa-vpn2-ext.util.ue1.plaid.com
*.plaid.com
*.testing.ue1.plaid.com
em.plaid.com
*.plaid.com
support.plaid.com
*.plaid.com
api.dashboard.plaid.com
ac.awesomedrives.com
*.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
*.tartan.ue1.plaid.com
ja.riws.status.ricoh.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
production-card.plaid.com
*.plaid.com
*.k8s-batch-2.prod.ue1.plaid.io
*.prod.ue1.plaid.com
amex-prod-api-20230127.plaid.com
consumer-portal.prod.ue1.plaid.com
*.plaid.com
api.my.plaid.com
*.plaid.com
api.dashboard.plaid.com
*.plaid.com
ac.awesomedrives.com
*.plaid.com
*.sandbox.ue1.plaid.com
*.testing.ue1.plaid.com
*.prod.ue1.plaid.com
api.my.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
cdn.plaid.com
support.plaid.com
tines.plaid.com
tines.zdrake.com
*.plaid.com
*.prod.ue1.plaid.com
my-testing.plaid.com
*.prod.ue1.plaid.com
euwest1a.tines.com
*.util.ue1.plaid.com
*.prod.ue1.plaid.com
api.dashboard.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
api.my-sandbox.plaid.com
*.plaid.com
citi-prod.plaid.com
*.testing.ue1.plaid.com
envoy-cxp.tartan.ue1.plaid.com
production.plaid.com
ice.status.symantec.com
api.my-testing.plaid.com
api.dashboard.plaid.com
ice.status.symantec.com
*.plaid.com
production.plaid.com
ac.awesomedrives.com
envoy-cxp.sandbox.ue1.plaid.com
*.plaid.com
fin.plaid.com
fin.plaid.com
go.plaid.com
*.prod.ue1.plaid.com
development-card.plaid.com
*.plaid.com
*.plaid.com
citi-test.plaid.com
cdn.plaid.com
*.plaid.com
plogger6.plaid.com
*.testing.ue1.plaid.com
api.my-commits.plaid.com
*.plaid.com
support.plaid.com
api.my-development.plaid.com
api.dashboard.plaid.com
api.my-sandbox.plaid.com
*.prod.ue1.plaid.com
ja.riws.status.ricoh.com
*.tartan.ue1.plaid.com
k8s.plaid.com
support.plaid.com
ac.awesomedrives.com
metrics.plaid.com
ac.awesomedrives.com
*.testing.ue1.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
ac.awesomedrives.com
px-integration-validator.testing.ue1.plaid.com
ja.riws.status.ricoh.com
api.plaid.com
pa-vpn2-ext.util.ue1.plaid.com
Certificate
The complete raw certificate details for citi-prod.plaid.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGaTCCBVGgAwIBAgIQAmMTMTrYMruQu8D8bpUE3TANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzEyMTQwMDAwMDBa Fw0yNTAxMDYyMzU5NTlaMGwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRIwEAYDVQQKEwlQbGFpZCBJbmMx HDAaBgNVBAMTE2NpdGktcHJvZC5wbGFpZC5jb20wggIiMA0GCSqGSIb3DQEBAQUA A4ICDwAwggIKAoICAQCuCtJK1IcDd5brPaivhoX/pbqEEBklq8tU698iQhIL1f1Y 46eIdnabOgrJMjzsPR5qz9V513JWEcWbWPpygeKGJXTJnV6yCkFXMrO8hg4K8nlY xYOgMAAZEWXgfAIc3tFcWpmC9lnV5H8kHYi0vxu2Bd/UYrSsYerj2vaey4uB2ZbO 2juEyc/+VsslaphSg2Y2hSpZBvljZs5nmJN+oGdoaPH4/jG3lksnmAjAk4XQSeWV FkmPpDfOp/kKovjk5V0rpwWleH/n/HtX+LX67aPsg039jrVh264LXRHXek7f4nUZ 9DPsKDCIc+5rm+ZobY/5tgVyPpUb8niXO/gbfyl4ufmLkTGCc48koswSuf7AnQ6Y WEaWvp6WmWHNJucPHnzdi1yqp2BEEM0H0UrGRAAprD4upzaDl5QEsUEyb5qhRfx+ kiYQe1rbfmrLAxxeGYitihK2WybJhMKx4+tai5tdKgDEJOvorER2vkFDE053HPYw ZGJYUPxFfWRDrjdOmqlAF5/KPt0hpb2SA2K0J/xqY2da3JVCLx5ZMSYHUFagTlb0 mZZvrma3GwROdUb2qQD+TIb5po4lVH0VFqYFKmjUSK56dQFxmOsRf7tufn+PgI16 m5hfMTqxrEi7QIFXScDYJdfwg26tQ0zqbDgPdABIR6veo+NfVLrpnjZKFLlYiQID AQABo4ICIjCCAh4wHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYD VR0OBBYEFObXGwLtdcgDKg8PDEk+lQrolExMMDcGA1UdEQQwMC6CE2NpdGktcHJv ZC5wbGFpZC5jb22CF3d3dy5jaXRpLXByb2QucGxhaWQuY29tMD4GA1UdIAQ3MDUw MwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t L0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv bS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwQKA+oDyGOmh0dHA6 Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEt NC5jcmwwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k aWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0 LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/ BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjEky pw8UlFwp5EqjcTaQkfZ+Z9HYA23bzSQriAvVBU7QMROgs/mCHomkyv5Swhc4UIUt U49ENpZRlqVNMWQJ75wnOCo0Vd+lFZyr3+1kc1anb4low57U9JubHcLNQPUlby0/ GQum2eW44zDHYZEkcbKRrkZSdcedYvilUfasXdMs9oq2cP/TLfEJSGry4iWmjs3a FK3jHL45b1hD3isgKAkM/tdyyXx+TLL6GID4LoG9Nzl4ih6fys4VGHmS8mWyyOA9 67ni5vTB77E0xCZPNn6+rDPNLoYl9AW9y5Nfs+wiWf7PIvtDTrub2QeCHqwjLhZi Tdj612UTGYvVwn4MoA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArgrSStSHA3eW6z2or4aF /6W6hBAZJavLVOvfIkISC9X9WOOniHZ2mzoKyTI87D0eas/VeddyVhHFm1j6coHi hiV0yZ1esgpBVzKzvIYOCvJ5WMWDoDAAGRFl4HwCHN7RXFqZgvZZ1eR/JB2ItL8b tgXf1GK0rGHq49r2nsuLgdmWzto7hMnP/lbLJWqYUoNmNoUqWQb5Y2bOZ5iTfqBn aGjx+P4xt5ZLJ5gIwJOF0EnllRZJj6Q3zqf5CqL45OVdK6cFpXh/5/x7V/i1+u2j 7INN/Y61YduuC10R13pO3+J1GfQz7CgwiHPua5vmaG2P+bYFcj6VG/J4lzv4G38p eLn5i5ExgnOPJKLMErn+wJ0OmFhGlr6elplhzSbnDx583YtcqqdgRBDNB9FKxkQA Kaw+Lqc2g5eUBLFBMm+aoUX8fpImEHta235qywMcXhmIrYoStlsmyYTCsePrWoub XSoAxCTr6KxEdr5BQxNOdxz2MGRiWFD8RX1kQ643TpqpQBefyj7dIaW9kgNitCf8 amNnWtyVQi8eWTEmB1BWoE5W9JmWb65mtxsETnVG9qkA/kyG+aaOJVR9FRamBSpo 1EiuenUBcZjrEX+7bn5/j4CNepuYXzE6saxIu0CBV0nA2CXX8INurUNM6mw4D3QA SEer3qPjX1S66Z42ShS5WIkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3172882646738710386691931044828218589 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Plaid Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'citi-prod.plaid.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 710030519717985777064532840311281597235606002111472930425932146955018232415017834927534373440153951545736911909502570581889708771864219848173739902656273806062983106685184045367258189033623059096031081105166010273992456189934654756954893835309596866460563455474103709901887146279717976430090393247304658626288482041594617125308251058259724322883545349948721244424486777389326347945944273104109722061165260104107440178694229891096085756774354511541045279196228825086658535726351495539132083179578103248136243470712210332160965727973813842888029328824243066814116382087878577101554700987439083254606220596155520313535151020051990692262773999477655280835188757956903460048886026001528151536180705075874132266483140192693867302165905436188400150350144922767526183967666824880964851259644597332682939456194084963647361594782967671056727229928138126905901000802715171589125301181912708164143569540167347345320874272725051149706096131527701133710103326486119074531246653348577684527750690398020379771833540883885899258479416304387689900471795613289617614397663289404485961428313868729295081537062631001104459234980031803452705593494753102573664806069938505607811996428088878031984899901364266708629311639816587174166169654900765862928144521 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e6d71b02ed75c8032a0f0f0c493e950ae8944c4c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citi-prod.plaid.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citi-prod.plaid.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008c4932a70f14945c29e44aa371369091f67e67d1d8036ddbcd242b880bd5054ed03113a0b3f9821e89a4cafe52c2173850852d538f4436965196a54d316409ef9c27382a3455dfa5159cabdfed647356a76f8968c39ed4f49b9b1dc2cd40f5256f2d3f190ba6d9e5b8e330c761912471b291ae465275c79d62f8a551f6ac5dd32cf68ab670ffd32df109486af2e225a68ecdda14ade31cbe396f5843de2b2028090cfed772c97c7e4cb2fa1880f82e81bd3739788a1e9fcace15187992f265b2c8e03debb9e2e6f4c1efb134c4264f367ebeac33cd2e8625f405bdcb935fb3ec2259fecf22fb434ebb9bd907821eac232e16624dd8fad76513198bd5c27e0ca0