sipca.icebreaker.com

- Icebreaker Limited -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 03:d4:9d:3f:2e:0a:3e:b6:68:6d:51:f9:86:4f:41:f0 was issued on by DigiCert Inc.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Icebreaker Limited

Organization: Icebreaker Limited
Organization unit: IT
State / Province: Auckland
Locality: Auckland
Country: NZ

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:d4:9d:3f:2e:0a:3e:b6:68:6d:51:f9:86:4f:41:f0
Serial Number (int): 5091640265294838648401853985133117936
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 5c:b9:3b:9a:db:b4:53:9c:f5:a0:ab:c9:01:ea:a3:94:be:6e:3e:2f
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): 3f:c3:c1:df:d2:e0:a6:31:d7:7c:ca:f3:46:60:33:b8:23:98:11:5e
Fingerprint (sha256): 0b:23:b0:6a:0a:d7:f4:a5:bd:07:7f:7c:a9:cd:31:4b:f5:13:c3:65:be:92:6a:4f:9a:3f:16:be:4d:f5:66:61

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl

Check the revocation status for certificate sipca.icebreaker.com

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sipca.icebreaker.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sipca.icebreaker.com
webconca.icebreaker.com
sipde.icebreaker.com
webconde.icebreaker.com
sipus.icebreaker.com
webconus.icebreaker.com
sip.icebreaker.com
icebreaker.com

Other certificates including the domain name icebreaker.com

(limited to 100 certificates)
ithelpdesk.endologix.com
link.icebreaker.com
ssl417474.cloudflaressl.com
helpdesk.enableinjections.com
sipca.icebreaker.com
helpdesk.dpsgroupglobal.com
icebreaker.com
*.icebreaker.com
secure.icebreaker.com
nhmail.icebreaker.com
sales.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
ssl417476.cloudflaressl.com
support.unpri.org
southernchronicles.icebreaker.com
mail.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
ithelpdesk.endologix.com
shmail.icebreaker.com
ssl417474.cloudflaressl.com
southernchronicles.icebreaker.com
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
sipca.icebreaker.com
ICEBREAKER.COM
secure.icebreaker.com
sts.icebreaker.com
helpdesk.dpsgroupglobal.com
*.icebreaker.com
link3.icebreaker.com
*.icebreaker.com
secure.icebreaker.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
ssl417475.cloudflaressl.com
*.icebreaker.com
shmail.icebreaker.com
support.unpri.org
southernchronicles.icebreaker.com
ithelpdesk.endologix.com
link.icebreaker.com
*.icebreaker.com
link3.icebreaker.com
mail.icebreaker.com
support.unpri.org
*.icebreaker.com
ithelpdesk.endologix.com
ssl417474.cloudflaressl.com
ithelpdesk.endologix.com
image.icebreaker.com
ssl417475.cloudflaressl.com
helpdesk.dpsgroupglobal.com
www.icebreaker.com
southernchronicles.icebreaker.com
ssl417474.cloudflaressl.com
*.icebreaker.com
southernchronicles.icebreaker.com
tbancs.icebreaker.com
ssl417476.cloudflaressl.com
*.icebreaker.com
preferences.icebreaker.com
*.icebreaker.com
*.icebreaker.com
ssl417474.cloudflaressl.com
support.unpri.org
sts.icebreaker.com
southernchronicles.icebreaker.com
helpdesk.dpsgroupglobal.com
ithelpdesk.endologix.com
secure.icebreaker.com
preferences.icebreaker.com
helpdesk.dpsgroupglobal.com
southernchronicles.icebreaker.com
servicedesk.acdlabs.com
southernchronicles.icebreaker.com
*.icebreaker.com
sts.icebreaker.com
ssl417476.cloudflaressl.com
ssl417476.cloudflaressl.com
as2.icebreaker.com
secure.icebreaker.com
*.icebreaker.com
ithelpdesk.endologix.com
preferences.icebreaker.com
secure.icebreaker.com
ithelpdesk.endologix.com
ssl417475.cloudflaressl.com
ithelpdesk.endologix.com
southernchronicles.icebreaker.com
support.unpri.org
servicedesk.smcm.edu
helpdesk.icebreaker.com
ithelpdesk.endologix.com
tbancs.icebreaker.com
helpdesk.enableinjections.com
*.icebreaker.com

Certificate

The complete raw certificate details for sipca.icebreaker.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHhjCCBm6gAwIBAgIQA9SdPy4KPrZobVH5hk9B8DANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xODA3MTAwMDAwMDBaFw0yMDA5MTExMjAwMDBa
MHwxCzAJBgNVBAYTAk5aMREwDwYDVQQIEwhBdWNrbGFuZDERMA8GA1UEBxMIQXVj
a2xhbmQxGzAZBgNVBAoTEkljZWJyZWFrZXIgTGltaXRlZDELMAkGA1UECxMCSVQx
HTAbBgNVBAMTFHNpcGNhLmljZWJyZWFrZXIuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwABxMvzQTb6KC1XT8JA7ASfaRU0a+QnPpEKQyij1Sxmn
NlYakzCryFgSo41YEJ3MqEO/ogGIhrkiwHHpVEzDSdPbGNczvSK32ZBNplHjzvJ1
2bgW+ptFs9/MWAUMqxHGYGRnDfYBRwU0rEsG1h6l3qH4Of5QWTHbEYDHLog9XKK/
H67yFKQYO+QmNRF3f+Rlbwt38fIrl4K3/y1ZIR1jiPYZrXaautcJWmnrJ2AeRRek
GcrhtoPGmHzxIJ+H3RWumTkFfsG9V5r5uqKpTUXcEPTzgh3lO1V8hfZQ9hFiE/vj
59R6cfT+8wjsOYo6GgdkCn+U0vnOC7m6f1p6pVjc/wIDAQABo4IEDjCCBAowHwYD
VR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFFy5O5rbtFOc
9aCryQHqo5S+bj4vMIG8BgNVHREEgbQwgbGCFHNpcGNhLmljZWJyZWFrZXIuY29t
ghd3ZWJjb25jYS5pY2VicmVha2VyLmNvbYIUc2lwZGUuaWNlYnJlYWtlci5jb22C
F3dlYmNvbmRlLmljZWJyZWFrZXIuY29tghRzaXB1cy5pY2VicmVha2VyLmNvbYIX
d2ViY29udXMuaWNlYnJlYWtlci5jb22CEnNpcC5pY2VicmVha2VyLmNvbYIOaWNl
YnJlYWtlci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2Vy
dC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5k
aWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMEwGA1UdIARFMEMwNwYJ
YIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNv
bS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0
dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2Vy
dHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJD
QS5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYA
pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFkgmKSGQAABAMARzBF
AiEAqbORqKvR52Q1aozOAuF7Ty6FZRgxzDA+zpHL4axFcuMCIHcKBdDfuGUgGoMp
q2KrQ2yy0ThihhKi4GrQrBExsDAdAHcAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVg
wbTq/16ggw8AAAFkgmKS8wAABAMASDBGAiEA6KRE9GxJIoD4LcbS6UVy9uhvegXe
h7euaJa8UnHw5XcCIQC9W6k79Dq+bnhI5crhMknhanjvpTJ4z4HIyWiCQ7GjwwB2
ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZIJikwwAAAQDAEcw
RQIgXzHBypcPsjUdOIQ2h5kv360V9MycNBBbfBithKwk9xMCIQDtlI1/aDEhAxQj
M9DaMIxzrfosAHRjBzFzJVeJXVufwjANBgkqhkiG9w0BAQsFAAOCAQEAP0WxcCZy
SHWKk/X0c0+OfgE0gld2lWmAuUhJSDJs7pkLJp9sjlnPrEIGelDdoVb7Ahmp0nhC
W47Dha40KD72wl5oGl00L0HibZiU7yA8lLUmpVsqu9ogmhfUTECbjcFV1V+JYizM
ZLHjHEeJ6QrXVNh3kSSC+pO2t8PyH1bDep9qfydpRL6pDv/TIwU4e6Eh8Nsk3WaU
oeJNiOOAa2+K265S7K/BTdGei5/zFuKPZ2ly+Ij5rYWHmsEMUW/bZAq1/8HuOR0r
ai4rlyBuUo4NfEOO3XW3NvRPmp80RPh41k0YnAv5Xsn0dNEff+viCZrkmF6yJXgL
Z0JjVhSMjsjXiQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwABxMvzQTb6KC1XT8JA7
ASfaRU0a+QnPpEKQyij1SxmnNlYakzCryFgSo41YEJ3MqEO/ogGIhrkiwHHpVEzD
SdPbGNczvSK32ZBNplHjzvJ12bgW+ptFs9/MWAUMqxHGYGRnDfYBRwU0rEsG1h6l
3qH4Of5QWTHbEYDHLog9XKK/H67yFKQYO+QmNRF3f+Rlbwt38fIrl4K3/y1ZIR1j
iPYZrXaautcJWmnrJ2AeRRekGcrhtoPGmHzxIJ+H3RWumTkFfsG9V5r5uqKpTUXc
EPTzgh3lO1V8hfZQ9hFiE/vj59R6cfT+8wjsOYo6GgdkCn+U0vnOC7m6f1p6pVjc
/wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5091640265294838648401853985133117936
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-11 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Auckland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Auckland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Icebreaker Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sipca.icebreaker.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24237972602667838993970243002968265473413787275928108978770043337189417085314756960216315625024399396855729785090175074301078868484196512767173055523387384526067426047982970551853692636598229022779834300697414629969606575623670232295418051487653497396574384889026190038912512367321697132124719754156513915464683013721239279193762171423201458939819345649223666982260389359024748658741143108225275562430319456703651443936239769663406110891411825334928000418654269942786599369191247412162727734316702426098469253207792322828321739678280649685742190627854873110429206988349981899421727397775843673745798740255841357192447
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5cb93b9adbb4539cf5a0abc901eaa394be6e3e2f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (180 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sipca.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webconca.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sipde.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webconde.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sipus.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webconus.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip.icebreaker.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icebreaker.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000164826292190000040300473045022100a9b391a8abd1e764356a8cce02e17b4f2e85651831cc303ece91cbe1ac4572e30220770a05d0dfb865201a8329ab62ab436cb2d138628612a2e06ad0ac1131b0301d0077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f00000164826292f30000040300483046022100e8a444f46c492280f82dc6d2e94572f6e86f7a05de87b7ae6896bc5271f0e577022100bd5ba93bf43abe6e7848e5cae13249e16a78efa53278cf81c8c9688243b1a3c3007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001648262930c000004030047304502205f31c1ca970fb2351d38843687992fdfad15f4cc9c34105b7c18ad84ac24f713022100ed948d7f68312103142333d0da308c73adfa2c0074630731732557895d5b9fc2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003f45b170267248758a93f5f4734f8e7e0134825776956980b9484948326cee990b269f6c8e59cfac42067a50dda156fb0219a9d278425b8ec385ae34283ef6c25e681a5d342f41e26d9894ef203c94b526a55b2abbda209a17d44c409b8dc155d55f89622ccc64b1e31c4789e90ad754d877912482fa93b6b7c3f21f56c37a9f6a7f276944bea90effd32305387ba121f0db24dd6694a1e24d88e3806b6f8adbae52ecafc14dd19e8b9ff316e28f676972f888f9ad85879ac10c516fdb640ab5ffc1ee391d2b6a2e2b97206e528e0d7c438edd75b736f44f9a9f3444f878d64d189c0bf95ec9f474d11f7febe2099ae4985eb225780b67426356148c8ec8d789