www.intheknow.com

- Oath Holdings Inc. -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 09:06:78:8a:4c:41:4e:f3:e6:12:20:0f:34:5a:1f:23 was issued on by DigiCert Inc.

With 32 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Oath Holdings Inc.

Organization: Oath Holdings Inc.
State / Province: California
Locality: Sunnyvale
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 09:06:78:8a:4c:41:4e:f3:e6:12:20:0f:34:5a:1f:23
Serial Number (int): 11996650589454130759254906390883999523
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: d6:cb:b8:81:ad:99:d9:1a:ab:9d:60:71:cd:9c:fd:ab:53:23:9b:24
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): 69:d0:01:47:b2:ed:3b:1b:48:0c:e4:83:5e:40:c9:38:86:53:2f:7b
Fingerprint (sha256): 0b:52:76:cd:db:b1:8f:58:b5:53:6f:e7:ce:f3:3a:e5:34:be:4f:c7:c9:f4:7e:0d:f0:e4:2e:72:f2:15:c9:68

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl

Check the revocation status for certificate www.intheknow.com

32

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.intheknow.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.intheknow.com
www.aol.jp
www.aol.de
www.aol.co.uk
www.aol.ca
welcomescreen.aol.de
w.sb.welcomescreen.aol.com
w.main.welcomescreen.aol.com
venta.automoviles.aol.com
toshiba.aol.ca
talktalk.aol.co.uk
shop.intheknow.com
premium.yahoofinance.com
pixel.techcrunch.com
o2.welcomescreen.aol.de
o2.aol.de
news.aol.jp
n.sb.welcomescreen.aol.com
n.main.welcomescreen.aol.com
fluxible.io.yahoo.net
engadget.com
brb.yahoo.net
autoblog.com
aolbroadband.welcomescreen.aol.co.uk
aol.com
acss.io.yahoo.net
*.shop.intheknow.com
*.finance-personalfinance-k8s.omega.yahoo.com
*.engadget.com
*.cashay.com
*.autoblog.com
*.aol.com

Other certificates including the domain name intheknow.com

(limited to 100 certificates)
login.yahoo.com
newsletter.comms.intheknow.com
*.add.my.aol.com
n.main.welcomescreen.aol.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
stage.consent.oath.com
*.answers.search.yahoo.com
*.aol.com
stage.consent.oath.com
login.yahoo.com
stage.oidc.oath.com
staging.intheknow.com
www.intheknow.com
oidc.oath.com
login.yahoo.com
*.add.my.aol.com
trunk.login.yahoo.com
*.login.yahoo.com
login.yahoo.com
www.makers.com
www.intheknow.com
*.aol.com
stage.login.yahoo.com
login.yahoo.com
login.yahoo.com
login.yahoo.com
*.stage.login.yahoo.com
*.search.yahoo.com
oidc.oath.com
consent.oath.com
consent.oath.com
newsletter.comms.intheknow.com
www.makers.com
intheknow.com
intheknow.com
stage.login.yahoo.com
stage.login.yahoo.com
consent.oath.com
*.answers.search.yahoo.com
stage.login.yahoo.com
src5.yahoo.com
www.builtbygirls.com
stage.consent.oath.com
www.builtbygirls.com
trunk.consent.oath.com
login.yahoo.com
*.aol.com
*.add.my.aol.com
www.intheknow.com
trunk.oidc.oath.com
dev.search.intheknow.com
*.aol.com
*.answers.search.yahoo.com
www.intheknow.com
dev.search.intheknow.com
src5.yahoo.com
n.main.welcomescreen.aol.com
trunk.consent.oath.com
trunk.oidc.oath.com
src5.yahoo.com
stage.consent.oath.com
consent.oath.com
*.trunk.login.yahoo.com
www.intheknow.com
*.aol.com
*.answers.search.yahoo.com
newsletter.comms.intheknow.com
*.add.my.aol.com
www.makers.com
oidc.oath.com
src5.yahoo.com
stage.oidc.oath.com
stage.oidc.oath.com
*.answers.search.yahoo.com
*.aol.com
oidc.oath.com
stage.oidc.oath.com
trunk.consent.oath.com
login.yahoo.com
stage.consent.oath.com
*.answers.search.yahoo.com
www.intheknow.com
trunk.oidc.oath.com
*.login.yahoo.com
stage.oidc.oath.com
*.aol.com
*.stage.login.yahoo.com
consent.oath.com
src5.yahoo.com
n.main.welcomescreen.aol.com
consent.oath.com
*.trunk.login.yahoo.com
*.answers.search.yahoo.com
src5.yahoo.com
stage.login.yahoo.com
www.intheknow.com
consent.oath.com
stage.consent.oath.com

Certificate

The complete raw certificate details for www.intheknow.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH1TCCBr2gAwIBAgIQCQZ4ikxBTvPmEiAPNFofIzANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0yMzA5MjYwMDAwMDBaFw0yNDAzMjAyMzU5NTla
MG8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlT
dW5ueXZhbGUxGzAZBgNVBAoTEk9hdGggSG9sZGluZ3MgSW5jLjEaMBgGA1UEAxMR
d3d3LmludGhla25vdy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmyRRBjpwJVppb5RBFLw52Z69WJWTeRWus69OYnB7SM38FU36ocTvmr2yvXcfi
nlmSPzmT6rDW5r9qk+EuODr5uI9xk1OKF4oFbNuAfEx9xYMjodUg6JJLFLvTKijn
TYNbkNO1GXfyyukUhUYzJDTgk7kLe2i1MuLFafPwEROYsaNTOiMSwlxQ2CbifRnT
f4f+3Emlp7T0BujProzyQTTed598xcxCmsaJPh5PtpqbB1jbTsOJjWJm/CtkX2qb
Ak23aVyRtrUvIgVjMy8KhdYGkVZh23IM302HC2L0H0Ds/Tm3doS72+z6eMO3Yu9B
LKdpwcRCO4ZD9zq1tHF+BKpzAgMBAAGjggRqMIIEZjAfBgNVHSMEGDAWgBRRaP+Q
rwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQU1su4ga2Z2RqrnWBxzZz9q1MjmyQw
ggKTBgNVHREEggKKMIIChoIRd3d3LmludGhla25vdy5jb22CCnd3dy5hb2wuanCC
Cnd3dy5hb2wuZGWCDXd3dy5hb2wuY28udWuCCnd3dy5hb2wuY2GCFHdlbGNvbWVz
Y3JlZW4uYW9sLmRlghp3LnNiLndlbGNvbWVzY3JlZW4uYW9sLmNvbYIcdy5tYWlu
LndlbGNvbWVzY3JlZW4uYW9sLmNvbYIZdmVudGEuYXV0b21vdmlsZXMuYW9sLmNv
bYIOdG9zaGliYS5hb2wuY2GCEnRhbGt0YWxrLmFvbC5jby51a4ISc2hvcC5pbnRo
ZWtub3cuY29tghhwcmVtaXVtLnlhaG9vZmluYW5jZS5jb22CFHBpeGVsLnRlY2hj
cnVuY2guY29tghdvMi53ZWxjb21lc2NyZWVuLmFvbC5kZYIJbzIuYW9sLmRlggtu
ZXdzLmFvbC5qcIIabi5zYi53ZWxjb21lc2NyZWVuLmFvbC5jb22CHG4ubWFpbi53
ZWxjb21lc2NyZWVuLmFvbC5jb22CFWZsdXhpYmxlLmlvLnlhaG9vLm5ldIIMZW5n
YWRnZXQuY29tgg1icmIueWFob28ubmV0ggxhdXRvYmxvZy5jb22CJGFvbGJyb2Fk
YmFuZC53ZWxjb21lc2NyZWVuLmFvbC5jby51a4IHYW9sLmNvbYIRYWNzcy5pby55
YWhvby5uZXSCFCouc2hvcC5pbnRoZWtub3cuY29tgi0qLmZpbmFuY2UtcGVyc29u
YWxmaW5hbmNlLWs4cy5vbWVnYS55YWhvby5jb22CDiouZW5nYWRnZXQuY29tggwq
LmNhc2hheS5jb22CDiouYXV0b2Jsb2cuY29tggkqLmFvbC5jb20wPgYDVR0gBDcw
NTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5j
b20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29t
L3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNl
cnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDCBgwYIKwYBBQUHAQEEdzB1MCQG
CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKG
QWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNz
dXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB
/wQCBQAwDQYJKoZIhvcNAQELBQADggEBADkpuoB0QHomLfUsFvGCl+wxvcz7l8pW
QT8DnrQ54RZGlVVzfoOX6jpRZnXxwiY+hIqLiPyzQEmCVgHCK7OGvJCnVf4sbYdx
wJa7Gf4SjxR5IwzZX2cMzLU5ZKuXvjCytY9TNsePDdMvpWTPzwGggeNrSt86BIRU
d+w5Wsgrd2mAJHos/PSIRrjnYRZjqVR7+xfOTX7v31P/YR1M58SYBZtsCi2MDP9x
p3ga588ciiKIRNWNvbte6pCC7hr/qmTbg/E3WpkJ2mzQsq0zHYz1dCZF5uuh2U/Q
rk8Vpz3lG07l8VDGp/S4e2T9z0w9JkaADvw1K/0kjV4ASFl6pf2bpHg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApskUQY6cCVaaW+UQRS8O
dmevViVk3kVrrOvTmJwe0jN/BVN+qHE75q9sr13H4p5Zkj85k+qw1ua/apPhLjg6
+biPcZNTiheKBWzbgHxMfcWDI6HVIOiSSxS70yoo502DW5DTtRl38srpFIVGMyQ0
4JO5C3totTLixWnz8BETmLGjUzojEsJcUNgm4n0Z03+H/txJpae09Aboz66M8kE0
3neffMXMQprGiT4eT7aamwdY207DiY1iZvwrZF9qmwJNt2lckba1LyIFYzMvCoXW
BpFWYdtyDN9Nhwti9B9A7P05t3aEu9vs+njDt2LvQSynacHEQjuGQ/c6tbRxfgSq
cwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11996650589454130759254906390883999523
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sunnyvale'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Oath Holdings Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.intheknow.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21054714436649485780525249478893364525626713660790522610074901432182365116850006945921313119649325026760160585999974330239710947787801172611497460492287913765149085332963248731627028112377685741884257699308216401574209394656035100285001076444105067873432225237871274042470582405462493429188121199273699117769657288392178220087902180948319954217958765944332085973567260766292559122853291494646610698250264022618913159763186480452065216393915581517041000326302206259424798475211236330692209620803475495132198190885198278942910816499740251648999289664191098591964180449177518637638770041351593360330771057239646850558579
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d6cbb881ad99d91aab9d6071cd9cfdab53239b24
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (650 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.intheknow.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aol.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aol.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aol.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aol.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'welcomescreen.aol.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'w.sb.welcomescreen.aol.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'w.main.welcomescreen.aol.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venta.automoviles.aol.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'toshiba.aol.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'talktalk.aol.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.intheknow.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'premium.yahoofinance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pixel.techcrunch.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'o2.welcomescreen.aol.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'o2.aol.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'news.aol.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'n.sb.welcomescreen.aol.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'n.main.welcomescreen.aol.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fluxible.io.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engadget.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brb.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autoblog.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aolbroadband.welcomescreen.aol.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aol.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acss.io.yahoo.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shop.intheknow.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.finance-personalfinance-k8s.omega.yahoo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engadget.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cashay.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.autoblog.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aol.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003929ba8074407a262df52c16f18297ec31bdccfb97ca56413f039eb439e116469555737e8397ea3a516675f1c2263e848a8b88fcb34049825601c22bb386bc90a755fe2c6d8771c096bb19fe128f1479230cd95f670cccb53964ab97be30b2b58f5336c78f0dd32fa564cfcf01a081e36b4adf3a04845477ec395ac82b776980247a2cfcf48846b8e7611663a9547bfb17ce4d7eefdf53ff611d4ce7c498059b6c0a2d8c0cff71a7781ae7cf1c8a228844d58dbdbb5eea9082ee1affaa64db83f1375a9909da6cd0b2ad331d8cf5742645e6eba1d94fd0ae4f15a73de51b4ee5f150c6a7f4b87b64fdcf4c3d2646800efc352bfd248d5e0048597aa5fd9ba478