info.palantir.com
- Cloudflare, Inc. -
Issued by Cloudflare Inc RSA CA-2
About this certificate
This digital certificate with serial number 01:e0:e7:fb:36:ba:15:34:2a:ff:c2:b9:26:cb:e3:68 was issued on by Cloudflare, Inc..
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Cloudflare, Inc.
Organization:
Cloudflare, Inc.
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
Cloudflare, Inc.
Organization:
Cloudflare, Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:e0:e7:fb:36:ba:15:34:2a:ff:c2:b9:26:cb:e3:68Serial Number (int): 2497007631921102742737502034813772648
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 9e:c1:02:bd:7b:e0:fc:c6:fa:f4:e4:11:ec:d3:82:ec:30:fd:30:af
AuthorityKeyId: 18:a9:1a:fc:b2:45:49:c1:6f:30:34:08:2b:d9:87:9c:b0:25:57:7a
Fingerprint (sha1): 5f:a1:43:d9:07:39:90:08:07:34:22:d2:2a:37:e2:96:52:06:fd:29
Fingerprint (sha256): 0b:13:fd:aa:37:dc:d2:0f:66:d7:ce:af:73:a4:ef:9f:cd:72:cc:79:2d:92:56:4e:6e:de:d2:d3:59:11:8d:1b
Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncRSACA-2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/CloudflareIncRSACA-2.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncRSACA-2.crl
Check the revocation status for certificate info.palantir.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for info.palantir.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
info.palantir.com
Other certificates including the domain name palantir.com
(limited to 100 certificates)
amkstatus.nhn.no
e.ssl.fastly.net
impact.palantir.com
amkstatus.nhn.no
gear.palantir.com
gpvpn.palantir.com
sj-ravpn.palantir.com
canada.status.coconutsoftware.com
foundry-usc-1.status.palantir.com
training.palantir.com
PALANTIR TECHNOLOGIES
amkstatus.nhn.no
gpvpn.palantir.com
canada.status.coconutsoftware.com
gerrit-tr.palantir.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
athena.palantir.com
amkstatus.nhn.no
guestwifi.palantir.com
cds2.cvent.com
canada.status.coconutsoftware.com
palantir.com
edge-eu-a.palantir.com
www.palantir.com
foundry-usz-1.status.palantir.com
amkstatus.nhn.no
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
devzone.palantir.com
appstatus.motorolasolutions.com
joyride-disp.palantir.com
files.palantir.com
gpvpn.palantir.com
blog.palantir.com
amkstatus.nhn.no
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
regalia.palantir.com
Palantir Technologies Inc.
gpvpn.palantir.com
foundry-usc-1.status.palantir.com
dc-ravpn.palantir.com
info.palantir.com
foundry-usc-1.status.palantir.com
joyride.palantir.com
cds2.cvent.com
go.palantir.com
esentry.mi.palantir.com
appstatus.motorolasolutions.com
files.palantir.com
appstatus.motorolasolutions.com
edge-usw-a.palantir.com
canada.status.coconutsoftware.com
amkstatus.nhn.no
cds2.cvent.com
legal.palantir.com
palantir.com
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
*.e.ssl.fastly.net
gear.palantir.com
regalia.palantir.com
resources.palantir.com
foundry-usc-1.status.palantir.com
regalia.palantir.com
*.e.ssl.fastly.net
foundry-usz-1.status.palantir.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
learning.palantir.com
PALANTIR TECHNOLOGIES
learn.palantir.com
plgpvpn.palantir.com
canada.status.coconutsoftware.com
mobile-gpvpn.palantir.com
amkstatus.nhn.no
foundry-usz-1.status.palantir.com
dns-vetting1.map.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
*.e.ssl.fastly.net
*.e.ssl.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usz-1.status.palantir.com
*.e.ssl.fastly.net
gear.palantir.com
appstatus.motorolasolutions.com
foundry-usz-1.status.palantir.com
e.ssl.fastly.net
impact.palantir.com
amkstatus.nhn.no
gear.palantir.com
gpvpn.palantir.com
sj-ravpn.palantir.com
canada.status.coconutsoftware.com
foundry-usc-1.status.palantir.com
training.palantir.com
PALANTIR TECHNOLOGIES
amkstatus.nhn.no
gpvpn.palantir.com
canada.status.coconutsoftware.com
gerrit-tr.palantir.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
athena.palantir.com
amkstatus.nhn.no
guestwifi.palantir.com
cds2.cvent.com
canada.status.coconutsoftware.com
palantir.com
edge-eu-a.palantir.com
www.palantir.com
foundry-usz-1.status.palantir.com
amkstatus.nhn.no
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
devzone.palantir.com
appstatus.motorolasolutions.com
joyride-disp.palantir.com
files.palantir.com
gpvpn.palantir.com
blog.palantir.com
amkstatus.nhn.no
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
regalia.palantir.com
Palantir Technologies Inc.
gpvpn.palantir.com
foundry-usc-1.status.palantir.com
dc-ravpn.palantir.com
info.palantir.com
foundry-usc-1.status.palantir.com
joyride.palantir.com
cds2.cvent.com
go.palantir.com
esentry.mi.palantir.com
appstatus.motorolasolutions.com
files.palantir.com
appstatus.motorolasolutions.com
edge-usw-a.palantir.com
canada.status.coconutsoftware.com
amkstatus.nhn.no
cds2.cvent.com
legal.palantir.com
palantir.com
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
*.e.ssl.fastly.net
gear.palantir.com
regalia.palantir.com
resources.palantir.com
foundry-usc-1.status.palantir.com
regalia.palantir.com
*.e.ssl.fastly.net
foundry-usz-1.status.palantir.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
learning.palantir.com
PALANTIR TECHNOLOGIES
learn.palantir.com
plgpvpn.palantir.com
canada.status.coconutsoftware.com
mobile-gpvpn.palantir.com
amkstatus.nhn.no
foundry-usz-1.status.palantir.com
dns-vetting1.map.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
*.e.ssl.fastly.net
*.e.ssl.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usz-1.status.palantir.com
*.e.ssl.fastly.net
gear.palantir.com
appstatus.motorolasolutions.com
foundry-usz-1.status.palantir.com
Certificate
The complete raw certificate details for info.palantir.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIQAeDn+za6FTQq/8K5JsvjaDANBgkqhkiG9w0BAQsFADBK MQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UE AxMXQ2xvdWRmbGFyZSBJbmMgUlNBIENBLTIwHhcNMjMxMTI3MDAwMDAwWhcNMjQx MTI2MjM1OTU5WjBxMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5j LjEaMBgGA1UEAxMRaW5mby5wYWxhbnRpci5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCRKUjn5hRMle7F/d64fqSWoW2+oIIC3j6LxcKt7hiLywNt ysmnI6nbj7dCUdtzuSba8dCxrBDNgqUKbUxEvvIJh7+GXt89fmpmTfxhDY20e+vB q/rAUFXQz/782AoATy4TY0Q7ueYt7Fd4CqfTujvG276p1sADGcD3FnlM1VTZ2oW3 LAqh7QzuFttYoFZVeBRI++6PclzSiB91shuU3meORatQIGanmLczVF9QP/sQOH2+ pu88RYSBTMSGcOQQ0gIMCI5fsyvmY7fGzfy+aTD+gi3CGI89kq9hfdgo9zu5HJme KoDm02HWBVPF/W1KGTez6k6Sf23GbSnbaqrzlsZ3AgMBAAGjggHpMIIB5TAfBgNV HSMEGDAWgBQYqRr8skVJwW8wNAgr2YecsCVXejAdBgNVHQ4EFgQUnsECvXvg/Mb6 9OQR7NOC7DD9MK8wHAYDVR0RBBUwE4IRaW5mby5wYWxhbnRpci5jb20wPgYDVR0g BDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy dC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu Y29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNybDA3oDWgM4YxaHR0cDovL2NybDQu ZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNybDB2BggrBgEFBQcB AQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggr BgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJ bmNSU0FDQS0yLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUA MA0GCSqGSIb3DQEBCwUAA4IBAQAKOjiYM50AMx4Cx6opV1ieaPLY/S8LJj9bK1ho ygtk70QWuzMqwQ+zoppRpcSGHo68yti+YXUkZ1mY8BYb0Cp9Z5vDVWXqknj1U+LF legABgTDVS+tYkqA6p7ACA/bi5VnDclu1at+edwqkhDLaVHcanqYeyjfIS8rCi4T +SmcMCTx3pSQKM/bvYT38jmtCNOxWowgJtxxg9tUoQfOmd+fwLTWWwPaJPVutE31 /aWte/zmBJLk4zxgW73EhYhIXa2phYSVbvO4jjSXSwaoVK9Z3tZGz1Hem9wM7+gG jME2dbtgrDj55NTwUUSL4RbkihtWvNWpYqA2+8ggHKTpgyM5 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSlI5+YUTJXuxf3euH6k lqFtvqCCAt4+i8XCre4Yi8sDbcrJpyOp24+3QlHbc7km2vHQsawQzYKlCm1MRL7y CYe/hl7fPX5qZk38YQ2NtHvrwav6wFBV0M/+/NgKAE8uE2NEO7nmLexXeAqn07o7 xtu+qdbAAxnA9xZ5TNVU2dqFtywKoe0M7hbbWKBWVXgUSPvuj3Jc0ogfdbIblN5n jkWrUCBmp5i3M1RfUD/7EDh9vqbvPEWEgUzEhnDkENICDAiOX7Mr5mO3xs38vmkw /oItwhiPPZKvYX3YKPc7uRyZniqA5tNh1gVTxf1tShk3s+pOkn9txm0p22qq85bG dwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2497007631921102742737502034813772648 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc RSA CA-2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-26 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'info.palantir.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18324912508048708762709060628521012823739807949054818250047685049015933516559476770701325202874059137348667693181438906244149912774552263897936928542100391779960737354008979154328728173412397294455373228866012335486911926236067881184738929415531101354058118489669769228312992358506348437198204196525439325969107573060329457346724012177883832622078077148582077299261830281688658999373889525784700368568479374725296723974763230212909128534230472571159798815881237287316225408731177401992776756824755885008659288514999068569157066527069591385978986848873979164005317159635445709451990502616324591147421683894340665394807 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 18a91afcb24549c16f3034082bd9879cb025577a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9ec102bd7be0fcc6faf4e411ecd382ec30fd30af . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'info.palantir.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncRSACA-2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncRSACA-2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncRSACA-2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000a3a3898339d00331e02c7aa2957589e68f2d8fd2f0b263f5b2b5868ca0b64ef4416bb332ac10fb3a29a51a5c4861e8ebccad8be617524675998f0161bd02a7d679bc35565ea9278f553e2c595e8000604c3552fad624a80ea9ec0080fdb8b95670dc96ed5ab7e79dc2a9210cb6951dc6a7a987b28df212f2b0a2e13f9299c3024f1de949028cfdbbd84f7f239ad08d3b15a8c2026dc7183db54a107ce99df9fc0b4d65b03da24f56eb44df5fda5ad7bfce60492e4e33c605bbdc48588485dada98584956ef3b88e34974b06a854af59ded646cf51de9bdc0cefe8068cc13675bb60ac38f9e4d4f051448be116e48a1b56bcd5a962a036fbc8201ca4e9832339