*.aws-origin.xfinity.com
- Comcast Corporation -
Issued by COMODO RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 0f:f8:a2:87:a8:e8:3a:41:00:f7:f5:c8:6e:b8:7a:af was issued on by COMODO CA Limited.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Comcast Corporation
Organization:
Comcast Corporation
State / Province:
Pennsylvania
Country: US
Country: US
COMODO CA Limited
Organization:
COMODO CA Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:f8:a2:87:a8:e8:3a:41:00:f7:f5:c8:6e:b8:7a:afSerial Number (int): 21229406056122333878227654882279062191
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 5f:bd:47:5c:6e:73:3f:5a:f8:7d:24:16:cb:d9:f0:02:ac:4e:bd:58
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24
Fingerprint (sha1): a6:db:96:be:37:21:1c:09:92:03:05:7d:90:7b:48:b0:21:ee:27:23
Fingerprint (sha256): 0a:af:eb:e9:ae:34:51:2a:52:e2:b9:7c:a9:e0:5d:ab:0f:53:04:87:d9:ee:df:76:51:0f:5d:ed:42:80:68:b9
Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.comodoca.comCRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate *.aws-origin.xfinity.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.aws-origin.xfinity.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.aws-origin.xfinity.com
Other certificates including the domain name xfinity.com
(limited to 100 certificates)
cdn-le4.arkadiumhosted.com
dns-test.np.gpe.xfinity.com
*.xfn-ops.xfinity.com
sit2-hop.cybersource.xfinity.com
*.identity.xfinity.com
approval.xfinity.com
payments.xfinity.com
www.xfinity.comcast.net
brand-staging.xfinity.com
imap.email.comcast.net
*.wifi-stage.connected.xfinity.com
*.iotplatform-int.eu.xfinity.com
*.xcp.xfinity.com
research.xfinity.com
wificouponmanager.xfinity.com
emailplus.xfinity.com
edge.cirrus-config.xcr.comcast.net
wifilogin-st.xfinity.com
design.comcast.com
pcat-beta.mobile.xfinity.com
*.xcp-ep-prod.xfinity.com
gamex-staging.np.gpe.xfinity.com
*.agentcoach.xfinity.com
iota-staging.xfinity.com
cms9.xfinity.com
developers.xfinity.com
communitystage.re.xfinity.com
developer.xfinity.com
pcat-alpha.mobile.xfinity.com
bill-pay-staging.maw-pci.xfinity.com
events.biggestfantour.com
api.wcdc.int.xfinity.com
stg-tech360-os-hoa-tdb-4.techtools.xfinity.com
missioncontrol.xfinity.com
research.staging.xfinity.com
movableink.xfinity.com
research.staging.xfinity.com
prod.mdu.xfinity.com
research.staging.xfinity.com
bill-pay-qa.maw-pci.xfinity.com
diagnosticapi-stage.traxion.xfinity.com
upload-qa.cvr.comcast.net
approval.xfinity.com
sit-hop.cybersource.xfinity.com
cdn-le4.arkadiumhosted.com
*.oauthlink.iot-prod.xfinity.com
bill-pay-pre-prod.maw-pci.xfinity.com
mobiletimetoswitch.xfinity.com
gql-dev-py.np.gpe.xfinity.com
cdn-le4.arkadiumhosted.com
stage.ipie.xfinity.com
cdn-le4.arkadiumhosted.com
nextray-preprod.traxion.xfinity.com
staging.cx.xfinity.com
gql-dev-node.np.gpe.xfinity.com
my.xfinity.com
*.spil.xfinity.com
bpm-auth.cac.xfinity.com
lab-controller.msn.comcast.net
research.staging.xfinity.com
xfinity.com
*.wifi-stage.connected.xfinity.com
internet.xfinity.com
san1.yext-cdn.com
pcat-alpha.mobile.xfinity.com
secure07.lithium.com
login-dev.comcast.net
xapi.xfinity.com
hawkeye.traxion.xfinity.com
autodiscover.comcast.net
carriers.xfinity.com
xray-stage.traxion.xfinity.com
*.xchat.xfinity.com
experience.xfinity.com
www.xfinity.com
api.dhtimeline.xfinity.com
es.xfinity.com
answers-autozone.pagescdn.com
import.xfinity.com
www.sc.xfinity.com
core.mqtt.iot-qa.eu.xfinity.com
secure07.lithium.com
client-events-gw.gpe.xfinity.com
www.xfinity.com
events.biggestfantour.com
signal-dev-vid.gslb2.xfinity.com
*.cws.xfinity.com
prod-hop.cybersource.xfinity.com
api.ch2.prd.xfinity.com
livecache-ng-prod.cvr.comcast.net
activatecablecard.xfinity.com
validation.slb.comcast.com
api.pdc.int.xfinity.com
communitytd3.re.xfinity.com
traffic-test.np.gpe.xfinity.com
livecache-stg-cvr.gslb2.xfinity.com
secure05.stage.lithium.com
*.np.sdp.xfinity.com
brand.xfinity.com
dns-test.np.gpe.xfinity.com
*.xfn-ops.xfinity.com
sit2-hop.cybersource.xfinity.com
*.identity.xfinity.com
approval.xfinity.com
payments.xfinity.com
www.xfinity.comcast.net
brand-staging.xfinity.com
imap.email.comcast.net
*.wifi-stage.connected.xfinity.com
*.iotplatform-int.eu.xfinity.com
*.xcp.xfinity.com
research.xfinity.com
wificouponmanager.xfinity.com
emailplus.xfinity.com
edge.cirrus-config.xcr.comcast.net
wifilogin-st.xfinity.com
design.comcast.com
pcat-beta.mobile.xfinity.com
*.xcp-ep-prod.xfinity.com
gamex-staging.np.gpe.xfinity.com
*.agentcoach.xfinity.com
iota-staging.xfinity.com
cms9.xfinity.com
developers.xfinity.com
communitystage.re.xfinity.com
developer.xfinity.com
pcat-alpha.mobile.xfinity.com
bill-pay-staging.maw-pci.xfinity.com
events.biggestfantour.com
api.wcdc.int.xfinity.com
stg-tech360-os-hoa-tdb-4.techtools.xfinity.com
missioncontrol.xfinity.com
research.staging.xfinity.com
movableink.xfinity.com
research.staging.xfinity.com
prod.mdu.xfinity.com
research.staging.xfinity.com
bill-pay-qa.maw-pci.xfinity.com
diagnosticapi-stage.traxion.xfinity.com
upload-qa.cvr.comcast.net
approval.xfinity.com
sit-hop.cybersource.xfinity.com
cdn-le4.arkadiumhosted.com
*.oauthlink.iot-prod.xfinity.com
bill-pay-pre-prod.maw-pci.xfinity.com
mobiletimetoswitch.xfinity.com
gql-dev-py.np.gpe.xfinity.com
cdn-le4.arkadiumhosted.com
stage.ipie.xfinity.com
cdn-le4.arkadiumhosted.com
nextray-preprod.traxion.xfinity.com
staging.cx.xfinity.com
gql-dev-node.np.gpe.xfinity.com
my.xfinity.com
*.spil.xfinity.com
bpm-auth.cac.xfinity.com
lab-controller.msn.comcast.net
research.staging.xfinity.com
xfinity.com
*.wifi-stage.connected.xfinity.com
internet.xfinity.com
san1.yext-cdn.com
pcat-alpha.mobile.xfinity.com
secure07.lithium.com
login-dev.comcast.net
xapi.xfinity.com
hawkeye.traxion.xfinity.com
autodiscover.comcast.net
carriers.xfinity.com
xray-stage.traxion.xfinity.com
*.xchat.xfinity.com
experience.xfinity.com
www.xfinity.com
api.dhtimeline.xfinity.com
es.xfinity.com
answers-autozone.pagescdn.com
import.xfinity.com
www.sc.xfinity.com
core.mqtt.iot-qa.eu.xfinity.com
secure07.lithium.com
client-events-gw.gpe.xfinity.com
www.xfinity.com
events.biggestfantour.com
signal-dev-vid.gslb2.xfinity.com
*.cws.xfinity.com
prod-hop.cybersource.xfinity.com
api.ch2.prd.xfinity.com
livecache-ng-prod.cvr.comcast.net
activatecablecard.xfinity.com
validation.slb.comcast.com
api.pdc.int.xfinity.com
communitytd3.re.xfinity.com
traffic-test.np.gpe.xfinity.com
livecache-stg-cvr.gslb2.xfinity.com
secure05.stage.lithium.com
*.np.sdp.xfinity.com
brand.xfinity.com
Certificate
The complete raw certificate details for *.aws-origin.xfinity.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG5zCCBc+gAwIBAgIQD/iih6joOkEA9/XIbrh6rzANBgkqhkiG9w0BAQsFADCB ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yMjA4MTUwMDAwMDBaFw0yMzA4MTUyMzU5NTlaMGUxCzAJBgNV BAYTAlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExHDAaBgNVBAoTE0NvbWNhc3Qg Q29ycG9yYXRpb24xITAfBgNVBAMMGCouYXdzLW9yaWdpbi54ZmluaXR5LmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANzh4HMd6dMew0icP7qy1ZPU 3lbp+AiVr4W9RYy4cnzCa0pOI0ZOroaO3kPHEnBo3z4cIPoa0cOHOqKOBwkCYdSq +LlJQTOOd++4VaSsRVV6KlJ6Vd6GgOgIK5NqScFWt9ynkdRGMC4nBRy66PHVIyC5 MK311J6t56SOQxIXO+5IPHVrq6fiJG5XIj5X++vAPH6MlQ+16hJSIuo3NoYnFdBt GErHx0hh5BSbazdjcZYif4Sm17qtPDE5My7U64huSG5JEArCK5GUqeMSe6veSD2I QxKdepAf6+QnZvih+zRzJxLa0YLiLjn0qSgfni0VHyJQkA6LemZ/V9YjkW3fkGMC AwEAAaOCA18wggNbMB8GA1UdIwQYMBaAFJrzK9rPrU+2L7sqSEgqErcbQsEkMB0G A1UdDgQWBBRfvUdcbnM/Wvh9JBbL2fACrE69WDAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0g BEMwQTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0 aWdvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9j cmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25T ZWN1cmVTZXJ2ZXJDQS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBVBggrBgEFBQcwAoZJ aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFs aWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29j c3AuY29tb2RvY2EuY29tMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgCt9776 fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYKiudI8AAAEAwBHMEUCIFqh nA4IX7zEeUh1h1N19zzrqSsgz8f9hU5mFE+XiVc5AiEAnyvE8Ag6Afzg0BBlShZq BzpDXb89kZCtgFhYLpeSdggAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpX o1LrUgAAAYKiudIYAAAEAwBHMEUCIHDbBA1pqAsY7v96beAmbpuphE0bvHSPIvi0 dRHwYsXxAiEA8kBFFmEam9NujMYvIb0/OTZ59pTrATHeqVzahoTDIIsAdwDoPtDa PvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYKiudHXAAAEAwBIMEYCIQCg 93tGQRHtSJf9E6Yk520vYyoiNUprKR8hrn8tjRX2BAIhAJvQYdCQ1rm67nInjtPn LhkL3GmsnkvnOp3QzfPV+s4HMCMGA1UdEQQcMBqCGCouYXdzLW9yaWdpbi54Zmlu aXR5LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAHH4eigx79SVsV8a9Q3yHfXQO1MH4 iNcKJDHPt11G1/BxoY4wW93G/i0L5DLDAT6sR8uFqOL2J0PPngUVzOWOSpM1/n8b UUVFiMLH9XDjU9CIj9QtgB4ZNk0/3w1A6yKl2lwD/tR7NMu2ZgmPfxvsbukGfi2x bzgTDpaK/PT2faz2gxu8HY4yFr+nKGSCJU/ECT0jv4V1jjTMMoYabacXsx3nJmJc VbBuKWzk0MeXidPZGJPCr5fXJbuH348Ty8AmxvBXHuJbn2oAUTI4o+WWzjWCOAIw iVsT5F8p1S0rsQP+nICVdKJPYZOrka8EtT56sJGsDj0hC59NxpI8eD/abQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OHgcx3p0x7DSJw/urLV k9TeVun4CJWvhb1FjLhyfMJrSk4jRk6uho7eQ8cScGjfPhwg+hrRw4c6oo4HCQJh 1Kr4uUlBM45377hVpKxFVXoqUnpV3oaA6Agrk2pJwVa33KeR1EYwLicFHLro8dUj ILkwrfXUnq3npI5DEhc77kg8dWurp+IkblciPlf768A8foyVD7XqElIi6jc2hicV 0G0YSsfHSGHkFJtrN2NxliJ/hKbXuq08MTkzLtTriG5IbkkQCsIrkZSp4xJ7q95I PYhDEp16kB/r5Cdm+KH7NHMnEtrRguIuOfSpKB+eLRUfIlCQDot6Zn9X1iORbd+Q YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 21229406056122333878227654882279062191 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Comcast Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.aws-origin.xfinity.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27883811072522389499737092754527857458141628958220530855932299085654504138115334523189745568300064285267216763694490879489892123003739262664573153271004389416349969031127093689393367150607562058144477679106116282733624108354319570347112537992689678699956215266383633345592911790697758277476882651440102212069586833340180293490324119101516793116465360985733955660599426690877078544070682594789174080671798445291051062864828943073942668779819131982285438191564329093464702585806531416771439870987826116676293433891524559928262196517674777908696295191548433662166193570902728951910347400382404432219749632027535595245667 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5fbd475c6e733f5af87d2416cbd9f002ac4ebd58 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000182a2b9d23c000004030047304502205aa19c0e085fbcc4794875875375f73ceba92b20cfc7fd854e66144f978957390221009f2bc4f0083a01fce0d010654a166a073a435dbf3d9190ad8058582e979276080076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000182a2b9d2180000040300473045022070db040d69a80b18eeff7a6de0266e9ba9844d1bbc748f22f8b47511f062c5f1022100f2404516611a9bd36e8cc62f21bd3f393679f694eb0131dea95cda8684c3208b007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000182a2b9d1d70000040300483046022100a0f77b464111ed4897fd13a624e76d2f632a22354a6b291f21ae7f2d8d15f6040221009bd061d090d6b9baee72278ed3e72e190bdc69ac9e4be73a9dd0cdf3d5face07 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aws-origin.xfinity.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001c7e1e8a0c7bf5256c57c6bd437c877d740ed4c1f888d70a2431cfb75d46d7f071a18e305bddc6fe2d0be432c3013eac47cb85a8e2f62743cf9e0515cce58e4a9335fe7f1b51454588c2c7f570e353d0888fd42d801e19364d3fdf0d40eb22a5da5c03fed47b34cbb666098f7f1bec6ee9067e2db16f38130e968afcf4f67dacf6831bbc1d8e3216bfa7286482254fc4093d23bf85758e34cc32861a6da717b31de726625c55b06e296ce4d0c79789d3d91893c2af97d725bb87df8f13cbc026c6f0571ee25b9f6a00513238a3e596ce3582380230895b13e45f29d52d2bb103fe9c809574a24f6193ab91af04b53e7ab091ac0e3d210b9f4dc6923c783fda6d