info.palantir.com

- Cloudflare, Inc. -

Issued by Cloudflare Inc RSA CA-2

About this certificate

This digital certificate with serial number 01:e0:e7:fb:36:ba:15:34:2a:ff:c2:b9:26:cb:e3:68 was issued on by Cloudflare, Inc..

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Cloudflare, Inc.

Organization: Cloudflare, Inc.
State / Province: California
Locality: San Francisco
Country: US

Cloudflare, Inc.

Organization: Cloudflare, Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 01:e0:e7:fb:36:ba:15:34:2a:ff:c2:b9:26:cb:e3:68
Serial Number (int): 2497007631921102742737502034813772648
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 9e:c1:02:bd:7b:e0:fc:c6:fa:f4:e4:11:ec:d3:82:ec:30:fd:30:af
AuthorityKeyId: 18:a9:1a:fc:b2:45:49:c1:6f:30:34:08:2b:d9:87:9c:b0:25:57:7a

Fingerprint (sha1): 5f:a1:43:d9:07:39:90:08:07:34:22:d2:2a:37:e2:96:52:06:fd:29
Fingerprint (sha256): 0b:13:fd:aa:37:dc:d2:0f:66:d7:ce:af:73:a4:ef:9f:cd:72:cc:79:2d:92:56:4e:6e:de:d2:d3:59:11:8d:1b

Issuing Certificate URL: http://cacerts.digicert.com/CloudflareIncRSACA-2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/CloudflareIncRSACA-2.crl
CRL Distribution Point: http://crl4.digicert.com/CloudflareIncRSACA-2.crl

Check the revocation status for certificate info.palantir.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for info.palantir.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

info.palantir.com

Other certificates including the domain name palantir.com

(limited to 100 certificates)
amkstatus.nhn.no
e.ssl.fastly.net
impact.palantir.com
amkstatus.nhn.no
gear.palantir.com
gpvpn.palantir.com
sj-ravpn.palantir.com
canada.status.coconutsoftware.com
foundry-usc-1.status.palantir.com
training.palantir.com
PALANTIR TECHNOLOGIES
amkstatus.nhn.no
gpvpn.palantir.com
canada.status.coconutsoftware.com
gerrit-tr.palantir.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
athena.palantir.com
amkstatus.nhn.no
guestwifi.palantir.com
cds2.cvent.com
canada.status.coconutsoftware.com
palantir.com
edge-eu-a.palantir.com
www.palantir.com
foundry-usz-1.status.palantir.com
amkstatus.nhn.no
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
devzone.palantir.com
appstatus.motorolasolutions.com
joyride-disp.palantir.com
files.palantir.com
gpvpn.palantir.com
blog.palantir.com
amkstatus.nhn.no
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
regalia.palantir.com
Palantir Technologies Inc.
gpvpn.palantir.com
foundry-usc-1.status.palantir.com
dc-ravpn.palantir.com
info.palantir.com
foundry-usc-1.status.palantir.com
joyride.palantir.com
cds2.cvent.com
go.palantir.com
esentry.mi.palantir.com
appstatus.motorolasolutions.com
files.palantir.com
appstatus.motorolasolutions.com
edge-usw-a.palantir.com
canada.status.coconutsoftware.com
amkstatus.nhn.no
cds2.cvent.com
legal.palantir.com
palantir.com
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
*.e.ssl.fastly.net
gear.palantir.com
regalia.palantir.com
resources.palantir.com
foundry-usc-1.status.palantir.com
regalia.palantir.com
*.e.ssl.fastly.net
foundry-usz-1.status.palantir.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
learning.palantir.com
PALANTIR TECHNOLOGIES
learn.palantir.com
plgpvpn.palantir.com
canada.status.coconutsoftware.com
mobile-gpvpn.palantir.com
amkstatus.nhn.no
foundry-usz-1.status.palantir.com
dns-vetting1.map.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
*.e.ssl.fastly.net
*.e.ssl.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usz-1.status.palantir.com
*.e.ssl.fastly.net
gear.palantir.com
appstatus.motorolasolutions.com
foundry-usz-1.status.palantir.com

Certificate

The complete raw certificate details for info.palantir.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIQAeDn+za6FTQq/8K5JsvjaDANBgkqhkiG9w0BAQsFADBK
MQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UE
AxMXQ2xvdWRmbGFyZSBJbmMgUlNBIENBLTIwHhcNMjMxMTI3MDAwMDAwWhcNMjQx
MTI2MjM1OTU5WjBxMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW
MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5j
LjEaMBgGA1UEAxMRaW5mby5wYWxhbnRpci5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRKUjn5hRMle7F/d64fqSWoW2+oIIC3j6LxcKt7hiLywNt
ysmnI6nbj7dCUdtzuSba8dCxrBDNgqUKbUxEvvIJh7+GXt89fmpmTfxhDY20e+vB
q/rAUFXQz/782AoATy4TY0Q7ueYt7Fd4CqfTujvG276p1sADGcD3FnlM1VTZ2oW3
LAqh7QzuFttYoFZVeBRI++6PclzSiB91shuU3meORatQIGanmLczVF9QP/sQOH2+
pu88RYSBTMSGcOQQ0gIMCI5fsyvmY7fGzfy+aTD+gi3CGI89kq9hfdgo9zu5HJme
KoDm02HWBVPF/W1KGTez6k6Sf23GbSnbaqrzlsZ3AgMBAAGjggHpMIIB5TAfBgNV
HSMEGDAWgBQYqRr8skVJwW8wNAgr2YecsCVXejAdBgNVHQ4EFgQUnsECvXvg/Mb6
9OQR7NOC7DD9MK8wHAYDVR0RBBUwE4IRaW5mby5wYWxhbnRpci5jb20wPgYDVR0g
BDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy
dC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNybDA3oDWgM4YxaHR0cDovL2NybDQu
ZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNybDB2BggrBgEFBQcB
AQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggr
BgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJ
bmNSU0FDQS0yLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKOjiYM50AMx4Cx6opV1ieaPLY/S8LJj9bK1ho
ygtk70QWuzMqwQ+zoppRpcSGHo68yti+YXUkZ1mY8BYb0Cp9Z5vDVWXqknj1U+LF
legABgTDVS+tYkqA6p7ACA/bi5VnDclu1at+edwqkhDLaVHcanqYeyjfIS8rCi4T
+SmcMCTx3pSQKM/bvYT38jmtCNOxWowgJtxxg9tUoQfOmd+fwLTWWwPaJPVutE31
/aWte/zmBJLk4zxgW73EhYhIXa2phYSVbvO4jjSXSwaoVK9Z3tZGz1Hem9wM7+gG
jME2dbtgrDj55NTwUUSL4RbkihtWvNWpYqA2+8ggHKTpgyM5
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSlI5+YUTJXuxf3euH6k
lqFtvqCCAt4+i8XCre4Yi8sDbcrJpyOp24+3QlHbc7km2vHQsawQzYKlCm1MRL7y
CYe/hl7fPX5qZk38YQ2NtHvrwav6wFBV0M/+/NgKAE8uE2NEO7nmLexXeAqn07o7
xtu+qdbAAxnA9xZ5TNVU2dqFtywKoe0M7hbbWKBWVXgUSPvuj3Jc0ogfdbIblN5n
jkWrUCBmp5i3M1RfUD/7EDh9vqbvPEWEgUzEhnDkENICDAiOX7Mr5mO3xs38vmkw
/oItwhiPPZKvYX3YKPc7uRyZniqA5tNh1gVTxf1tShk3s+pOkn9txm0p22qq85bG
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2497007631921102742737502034813772648
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare Inc RSA CA-2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Cloudflare, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'info.palantir.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18324912508048708762709060628521012823739807949054818250047685049015933516559476770701325202874059137348667693181438906244149912774552263897936928542100391779960737354008979154328728173412397294455373228866012335486911926236067881184738929415531101354058118489669769228312992358506348437198204196525439325969107573060329457346724012177883832622078077148582077299261830281688658999373889525784700368568479374725296723974763230212909128534230472571159798815881237287316225408731177401992776756824755885008659288514999068569157066527069591385978986848873979164005317159635445709451990502616324591147421683894340665394807
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 18a91afcb24549c16f3034082bd9879cb025577a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9ec102bd7be0fcc6faf4e411ecd382ec30fd30af
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'info.palantir.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/CloudflareIncRSACA-2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/CloudflareIncRSACA-2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/CloudflareIncRSACA-2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000a3a3898339d00331e02c7aa2957589e68f2d8fd2f0b263f5b2b5868ca0b64ef4416bb332ac10fb3a29a51a5c4861e8ebccad8be617524675998f0161bd02a7d679bc35565ea9278f553e2c595e8000604c3552fad624a80ea9ec0080fdb8b95670dc96ed5ab7e79dc2a9210cb6951dc6a7a987b28df212f2b0a2e13f9299c3024f1de949028cfdbbd84f7f239ad08d3b15a8c2026dc7183db54a107ce99df9fc0b4d65b03da24f56eb44df5fda5ad7bfce60492e4e33c605bbdc48588485dada98584956ef3b88e34974b06a854af59ded646cf51de9bdc0cefe8068cc13675bb60ac38f9e4d4f051448be116e48a1b56bcd5a962a036fbc8201ca4e9832339