staging.www.huffingtonpost.com
- Verizon Digital Media Services, Inc. -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 04:e1:44:5f:24:18:63:d5:11:ef:3a:47:af:e0:7e:05 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Verizon Digital Media Services, Inc.
Organization:
Verizon Digital Media Services, Inc.
Organization unit: Huffington Post
Organization unit: Huffington Post
State / Province:
California
Locality: Los Angeles
Country: US
Locality: Los Angeles
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:e1:44:5f:24:18:63:d5:11:ef:3a:47:af:e0:7e:05Serial Number (int): 6486565518009432894705270781900783109
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 26:d2:a5:b5:28:55:28:42:34:d9:7c:fd:d6:d6:f3:0c:b4:6b:bf:88
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): a7:0d:5a:e3:e8:c9:18:e3:84:3d:c9:82:12:9e:87:4b:d4:d8:19:2f
Fingerprint (sha256): 0b:a3:3a:75:02:6c:d7:4e:27:9a:87:10:f9:44:0f:3c:5b:3c:46:56:c3:8a:34:04:99:d9:58:0e:ed:e6:a4:96
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g1.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g1.crl
Check the revocation status for certificate staging.www.huffingtonpost.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging.www.huffingtonpost.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging.www.huffingtonpost.com
staging.m.huffpost.com
staging.www.huffpost.com
staging.m.huffpost.com
staging.www.huffpost.com
Other certificates including the domain name huffingtonpost.com
(limited to 100 certificates)
qa5.add.my.aol.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
*.aol.com
*.add.my.aol.com
pr.huffingtonpost.com
img.huffingtonpost.com
www.huffingtonpost.com
*.contributor.huffingtonpost.com
content.huffingtonpost.com
staging-userapi.huffingtonpost.com
img.staging.huffingtonpost.com
accounts.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
beta-origin-cambria-alb.huffpo.net
staging.www.huffingtonpost.com
*.aol.com
stage.guce.oath.com
production-kraken-valencia-preview.use1.huffpo.net
accounts.huffingtonpost.com
*.search.yahoo.com
secure.huffingtonpost.com
b.aol.com
*.aol.com
huffingtonpost.com
athena.huffingtonpost.com
huffingtonpost.com
src1.yahoo.com
*.search.yahoo.com
trunk.guce.oath.com
trunk.guce.oath.com
qa.preview.www.huffpost.com
staging.www.huffingtonpost.com
www.huffpost.com
huffingtonpost.com
accounts.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
*.search.yahoo.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
stage.guce.oath.com
www.huffingtonpost.com
*.assets.huffingtonpost.com
origin-img.huffingtonpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
*.prod.buzzfeed.io
ifthisartcouldvote.huffingtonpost.com
origin-kraken.huffpo.net
src5.yahoo.com
staging-athena-mongo-cms.huffpost.net
ifthisartcouldvote.huffingtonpost.com
news.huffingtonpost.com
*.assets.huffingtonpost.com
stage.guce.oath.com
*.prod.buzzfeed.io
content.staging.huffingtonpost.com
dev.search.yahoo.com
ifthisartcouldvote.huffingtonpost.com
*.search.yahoo.com
guce.oath.com
www.huffingtonpost.com
editorial.huffingtonpost.com
src1.yahoo.com
staging.www.huffingtonpost.com
qa.preview.www.huffpost.com
*.search.yahoo.com
editorial.huffingtonpost.com
*.stage.buzzfeed.io
src6.yahoo.com
accounts.huffingtonpost.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
src1.yahoo.com
src6.yahoo.com
*.preview.www.huffpost.com
staging.preview.www.huffpost.com
secure.huffingtonpost.com
secure.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
*.app-west.buzzfeed.io
huffingtonpost.com
ws.huffingtonpost.com
qa.mapi.huffpost.com
secure.huffingtonpost.com
*.add.my.aol.com
preview.www.huffpost.com
origin-kraken.huffpo.net
trunk.guce.oath.com
sp.huffingtonpost.com
*.preview.www.huffpost.com
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
*.aol.com
*.add.my.aol.com
pr.huffingtonpost.com
img.huffingtonpost.com
www.huffingtonpost.com
*.contributor.huffingtonpost.com
content.huffingtonpost.com
staging-userapi.huffingtonpost.com
img.staging.huffingtonpost.com
accounts.huffingtonpost.com
qa.mapi.huffpost.com
src5.yahoo.com
beta-origin-cambria-alb.huffpo.net
staging.www.huffingtonpost.com
*.aol.com
stage.guce.oath.com
production-kraken-valencia-preview.use1.huffpo.net
accounts.huffingtonpost.com
*.search.yahoo.com
secure.huffingtonpost.com
b.aol.com
*.aol.com
huffingtonpost.com
athena.huffingtonpost.com
huffingtonpost.com
src1.yahoo.com
*.search.yahoo.com
trunk.guce.oath.com
trunk.guce.oath.com
qa.preview.www.huffpost.com
staging.www.huffingtonpost.com
www.huffpost.com
huffingtonpost.com
accounts.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
www.huffpost.com
dev.search.yahoo.com
origin-kraken.huffpo.net
beta-origin-cambria-alb.huffpo.net
*.search.yahoo.com
qa.preview.www.huffpost.com
www.huffingtonpost.com
stage.guce.oath.com
www.huffingtonpost.com
*.assets.huffingtonpost.com
origin-img.huffingtonpost.com
elections.huffingtonpost.com
src5.yahoo.com
src5.yahoo.com
*.aol.com
*.contributor.huffingtonpost.com
*.search.yahoo.com
*.prod.buzzfeed.io
ifthisartcouldvote.huffingtonpost.com
origin-kraken.huffpo.net
src5.yahoo.com
staging-athena-mongo-cms.huffpost.net
ifthisartcouldvote.huffingtonpost.com
news.huffingtonpost.com
*.assets.huffingtonpost.com
stage.guce.oath.com
*.prod.buzzfeed.io
content.staging.huffingtonpost.com
dev.search.yahoo.com
ifthisartcouldvote.huffingtonpost.com
*.search.yahoo.com
guce.oath.com
www.huffingtonpost.com
editorial.huffingtonpost.com
src1.yahoo.com
staging.www.huffingtonpost.com
qa.preview.www.huffpost.com
*.search.yahoo.com
editorial.huffingtonpost.com
*.stage.buzzfeed.io
src6.yahoo.com
accounts.huffingtonpost.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
src1.yahoo.com
src6.yahoo.com
*.preview.www.huffpost.com
staging.preview.www.huffpost.com
secure.huffingtonpost.com
secure.huffingtonpost.com
ifthisartcouldvote.huffingtonpost.com
*.app-west.buzzfeed.io
huffingtonpost.com
ws.huffingtonpost.com
qa.mapi.huffpost.com
secure.huffingtonpost.com
*.add.my.aol.com
preview.www.huffpost.com
origin-kraken.huffpo.net
trunk.guce.oath.com
sp.huffingtonpost.com
Certificate
The complete raw certificate details for staging.www.huffingtonpost.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHlDCCBnygAwIBAgIQBOFEXyQYY9UR7zpHr+B+BTANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMDI1MDAwMDAwWhcN MjAwNjA0MTIwMDAwWjCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju aWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMS0wKwYDVQQKEyRWZXJpem9uIERpZ2l0 YWwgTWVkaWEgU2VydmljZXMsIEluYy4xGDAWBgNVBAsTD0h1ZmZpbmd0b24gUG9z dDEnMCUGA1UEAxMec3RhZ2luZy53d3cuaHVmZmluZ3RvbnBvc3QuY29tMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi28sXk3qkhy9Ysh+VWEQoHinvjcK XqT1lthSe6A4VTyysANywiU1KJV2ypBxVgadVMZ9sYDfYhABP+fWOtJzKp4gXL1E qjN3SCUR37q5ZHaosbnkvah6NeeKpNcPiXDIPCh5DH8tXQ0e1iQ4gQI8dlrG5g3z 2cJl3YFizw5PeHUSzGMZBMEkXiNS7pvYlwGoq6oXJBoHdU3EL2YJzFSEHL3XwTiq L3eFo9i/ZfGBhnPdOdYi8hphzTkpUobds4SmxLOFf4SBs6HF6X2p1E37oLBWiOTF ec89Un3uAzpzZwhZ6uzCtHg2bbH5EEyv+BSYMA8AvFPnMvGw2J5hgQdHmQIDAQAB o4IEEDCCBAwwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0O BBYEFCbSpbUoVShCNNl8/dbW8wy0a7+IMFsGA1UdEQRUMFKCHnN0YWdpbmcud3d3 Lmh1ZmZpbmd0b25wb3N0LmNvbYIWc3RhZ2luZy5tLmh1ZmZwb3N0LmNvbYIYc3Rh Z2luZy53d3cuaHVmZnBvc3QuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2Ny bDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nMS5jcmwwL6AtoCuGKWh0dHA6Ly9j cmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzEuY3JsMEwGA1UdIARFMEMwNwYJ YIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNv bS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0 cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0 cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwG A1UdEwEB/wQCMAAwggH1BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB2AKS5CZC0GFgU h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABX1JevLEAAAQDAEcwRQIhAP7ONf1C DHoV9YCtfFadiees086X48vQSJbaPhVC7pHoAiA0aTFdrcL/YA4QH+8vEtG4f0vL Qv7qQEGsVni8v2oIOgB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDd AAABX1JevX0AAAQDAEYwRAIgRReoLTsYw0peOodJFZowj6udKUcpFaZXv3XHEblj R4kCIDsHhDHee2oe70Qo5KJeEI3CwNa4OuVtjxbQWYRq/Y+TAHYA7ku9t3XOYLrh Qmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFfUl6/qAAABAMARzBFAiEAqBuv1ikc Z6mBEzp2hTrjlpxUukjV9SzTAat9ZIplnYwCIEVb7s6PUMeOXXbLyPf3awJA3659 vLFdssL/BHMvCxIFAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUA AAFfUl69TAAABAMARzBFAiEAllP/rf1V1fLjKRFcrJ4TpttIRoUre7OK/11IFhYP wyACICrCXySDB3vFRd4WciZv07wGH5XlF1myq6M03h31AtYWMA0GCSqGSIb3DQEB CwUAA4IBAQCn6fCv//pCwWwhA9Wd6eb8IfaTYmwDuMRILGlwCPQaIjPtM2CqxXhf N6V+GBXNpj3OQGMGBAkOiU2RcCeYzkaretnLKxJ4Jizo0P9FTEufPDp67pebYHM4 4unZhCKByttSeVomqfuksha6XDN+7P7fL+Yuvqk1iUaVeqhVmJYMl0O+Qd7udHWw N+t9Mwc2Nd0H5MpmtylaG3JaC1aqUQlJkS2mWzAAXMjxlJ+9zZ6XsbwfDkNT4wEy 6fKlpJGJ2EbabyisTXhALXrzZ90gKY/Nrd2kQ+68I8jv7377YbJcah3OnNugGZp9 o2+mTRg2Z3rUDOcJpIIf01JQGVXQIURx -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi28sXk3qkhy9Ysh+VWEQ oHinvjcKXqT1lthSe6A4VTyysANywiU1KJV2ypBxVgadVMZ9sYDfYhABP+fWOtJz Kp4gXL1EqjN3SCUR37q5ZHaosbnkvah6NeeKpNcPiXDIPCh5DH8tXQ0e1iQ4gQI8 dlrG5g3z2cJl3YFizw5PeHUSzGMZBMEkXiNS7pvYlwGoq6oXJBoHdU3EL2YJzFSE HL3XwTiqL3eFo9i/ZfGBhnPdOdYi8hphzTkpUobds4SmxLOFf4SBs6HF6X2p1E37 oLBWiOTFec89Un3uAzpzZwhZ6uzCtHg2bbH5EEyv+BSYMA8AvFPnMvGw2J5hgQdH mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6486565518009432894705270781900783109 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Los Angeles' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Verizon Digital Media Services, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Huffington Post' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging.www.huffingtonpost.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17601945994630100722099290789861911726697759346722555272091315211688148976034206461019348260100332332834302085086355049062995860564526328596914691347398342926922462215756456230399040944939255729399777635351971485807643971969768824756364075154030699141660711359863356396234187003039513925091321709601390900883340506319669586347403616595893489915228535020020942886149504264772838926307059570091022463034212137890494974205004326882366295642066601727556388182110932060942632310896324372582433807049901018391724081619683390257509211825227442786956005648235357315790280658162696703641292019873595947099722393727701969487769 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 26d2a5b52855284234d97cfdd6d6f30cb46bbf88 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.www.huffingtonpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.m.huffpost.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.www.huffpost.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015f525ebcb10000040300473045022100fece35fd420c7a15f580ad7c569d89e7acd3ce97e3cbd04896da3e1542ee91e802203469315dadc2ff600e101fef2f12d1b87f4bcb42feea4041ac5678bcbf6a083a0075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000015f525ebd7d000004030046304402204517a82d3b18c34a5e3a8749159a308fab9d29472915a657bf75c711b963478902203b078431de7b6a1eef4428e4a25e108dc2c0d6b83ae56d8f16d059846afd8f93007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015f525ebfa80000040300473045022100a81bafd6291c67a981133a76853ae3969c54ba48d5f52cd301ab7d648a659d8c0220455beece8f50c78e5d76cbc8f7f76b0240dfae7dbcb15db2c2ff04732f0b1205007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000015f525ebd4c00000403004730450221009653ffadfd55d5f2e329115cac9e13a6db4846852b7bb38aff5d4816160fc32002202ac25f2483077bc545de1672266fd3bc061f95e51759b2aba334de1df502d616 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a7e9f0affffa42c16c2103d59de9e6fc21f693626c03b8c4482c697008f41a2233ed3360aac5785f37a57e1815cda63dce40630604090e894d91702798ce46ab7ad9cb2b1278262ce8d0ff454c4b9f3c3a7aee979b607338e2e9d9842281cadb52795a26a9fba4b216ba5c337eecfedf2fe62ebea9358946957aa85598960c9743be41deee7475b037eb7d33073635dd07e4ca66b7295a1b725a0b56aa510949912da65b30005cc8f1949fbdcd9e97b1bc1f0e4353e30132e9f2a5a49189d846da6f28ac4d78402d7af367dd20298fcdaddda443eebc23c8efef7efb61b25c6a1dce9cdba0199a7da36fa64d1836677ad40ce709a4821fd352501955d0214471