ntam-prod-cus-agw.northerntrust.com
- The Northern Trust Company -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 0e:42:d3:6a:7d:b6:8b:8e:cd:a4:a3:dd:df:b1:da:c9 was issued on by DigiCert Inc.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
The Northern Trust Company
Organization:
The Northern Trust Company
State / Province:
Illinois
Locality: Chicago
Country: US
Locality: Chicago
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0e:42:d3:6a:7d:b6:8b:8e:cd:a4:a3:dd:df:b1:da:c9Serial Number (int): 18956171559170027628650471682460474057
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: bb:03:7e:34:c6:9d:1c:5f:25:50:f8:a0:e6:4d:61:ef:4d:b1:d9:5e
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): ca:6a:05:0f:7f:45:c1:36:0a:c8:92:35:84:58:9b:9c:39:cf:a4:e5
Fingerprint (sha256): 0b:d9:55:7c:83:9d:ed:a8:75:e1:cd:e8:88:34:13:e2:db:12:40:e9:8e:ec:d1:db:77:aa:df:7b:85:bb:58:91
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigicertSHA2SecureServerCA-1.crl
Check the revocation status for certificate ntam-prod-cus-agw.northerntrust.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ntam-prod-cus-agw.northerntrust.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ntam-prod-cus-agw.northerntrust.com
Other certificates including the domain name northerntrust.com
(limited to 100 certificates)
ntam-uat-cus-agw.northerntrust.com
www.northernfunds.com
san-001.ceros.com
uat.northerntrust.com
san-001.ceros.com
san-001.ceros.com
locations.northerntrust.com
san-001.ceros.com
san-001.ceros.com
san-001.ceros.com
wwww119.ntrs.com
san-001.ceros.com
deviaa.northerntrust.com
san-001.ceros.com
locations.northerntrust.com
san-001.ceros.com
uat.northerntrust.com
locations.northerntrust.com
wealth.northerntrust.com
pes1.northerntrust.com
san-001.ceros.com
san-001.ceros.com
www.northernfunds.com
wwww119.ntrs.com
northerntrust.com
ciscouc-emea-XMPP.ntrs.com
careers.northerntrust.com
www02710.ntrs.com
www.northernfunds.com
ntam-prod-cus-agw.northerntrust.com
uat.northerntrust.com
www.northernfunds.com
www.northernfunds.com
survey.northerntrust.com
san-001.ceros.com
smetrics.northerntrust.com
san-001.ceros.com
smetrics.northerntrust.com
www-ac.northerntrust.com
www02710.ntrs.com
northerntrust.com
www-ac.northerntrust.com
san-001.ceros.com
uat.northerntrust.com
ciscouc-indi-XMPP.ntrs.com
www02710.ntrs.com
ukpcuat2imp01.ntrs.com
amer-c4-expe.ntrs.com
www02710.ntrs.com
san-001.ceros.com
www02710.ntrs.com
web-xp3p-cdn.ntrs.com
san-001.ceros.com
www02710.ntrs.com
pages.e.northerntrust.com
san-001.ceros.com
www02710.ntrs.com
san-001.ceros.com
assetmanagement.northerntrust.com
san-001.ceros.com
pages.e.northerntrust.com
ciscouc-emea-XMPP.ntrs.com
northerntrust.com
wealth.northerntrust.com
www.northernfunds.com
survey.northerntrust.com
pages.e.northerntrust.com
pointofview.northerntrust.com
pages.e.northerntrust.com
san-001.ceros.com
san-001.ceros.com
wwww119.ntrs.com
pes1.northerntrust.com
www.northerntrust.com
www02710.ntrs.com
assetmanagement.northerntrust.com
www-ac.northerntrust.com
devotto.northerntrust.com
pes2.northerntrust.com
assetmanagement.northerntrust.com
uat.northerntrust.com
wwww119.ntrs.com
ukpcuat2imp01.ntrs.com
uat.northerntrust.com
careers.northerntrust.com
san-001.ceros.com
click.news.northerntrust.com
www.northernfunds.com
*.api.tpv.northerntrust.com
san-001.ceros.com
cm.demo.northerntrust.com
pointofview.northerntrust.com
san-001.ceros.com
www.northerntrust.com
uat.northerntrust.com
stores.cictitlepawn.com
www02710.ntrs.com
www-ac.northerntrust.com
www.northernfunds.com
careers.northerntrust.com
www.northernfunds.com
san-001.ceros.com
uat.northerntrust.com
san-001.ceros.com
san-001.ceros.com
locations.northerntrust.com
san-001.ceros.com
san-001.ceros.com
san-001.ceros.com
wwww119.ntrs.com
san-001.ceros.com
deviaa.northerntrust.com
san-001.ceros.com
locations.northerntrust.com
san-001.ceros.com
uat.northerntrust.com
locations.northerntrust.com
wealth.northerntrust.com
pes1.northerntrust.com
san-001.ceros.com
san-001.ceros.com
www.northernfunds.com
wwww119.ntrs.com
northerntrust.com
ciscouc-emea-XMPP.ntrs.com
careers.northerntrust.com
www02710.ntrs.com
www.northernfunds.com
ntam-prod-cus-agw.northerntrust.com
uat.northerntrust.com
www.northernfunds.com
www.northernfunds.com
survey.northerntrust.com
san-001.ceros.com
smetrics.northerntrust.com
san-001.ceros.com
smetrics.northerntrust.com
www-ac.northerntrust.com
www02710.ntrs.com
northerntrust.com
www-ac.northerntrust.com
san-001.ceros.com
uat.northerntrust.com
ciscouc-indi-XMPP.ntrs.com
www02710.ntrs.com
ukpcuat2imp01.ntrs.com
amer-c4-expe.ntrs.com
www02710.ntrs.com
san-001.ceros.com
www02710.ntrs.com
web-xp3p-cdn.ntrs.com
san-001.ceros.com
www02710.ntrs.com
pages.e.northerntrust.com
san-001.ceros.com
www02710.ntrs.com
san-001.ceros.com
assetmanagement.northerntrust.com
san-001.ceros.com
pages.e.northerntrust.com
ciscouc-emea-XMPP.ntrs.com
northerntrust.com
wealth.northerntrust.com
www.northernfunds.com
survey.northerntrust.com
pages.e.northerntrust.com
pointofview.northerntrust.com
pages.e.northerntrust.com
san-001.ceros.com
san-001.ceros.com
wwww119.ntrs.com
pes1.northerntrust.com
www.northerntrust.com
www02710.ntrs.com
assetmanagement.northerntrust.com
www-ac.northerntrust.com
devotto.northerntrust.com
pes2.northerntrust.com
assetmanagement.northerntrust.com
uat.northerntrust.com
wwww119.ntrs.com
ukpcuat2imp01.ntrs.com
uat.northerntrust.com
careers.northerntrust.com
san-001.ceros.com
click.news.northerntrust.com
www.northernfunds.com
*.api.tpv.northerntrust.com
san-001.ceros.com
cm.demo.northerntrust.com
pointofview.northerntrust.com
san-001.ceros.com
www.northerntrust.com
uat.northerntrust.com
stores.cictitlepawn.com
www02710.ntrs.com
www-ac.northerntrust.com
www.northernfunds.com
careers.northerntrust.com
Certificate
The complete raw certificate details for ntam-prod-cus-agw.northerntrust.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgIQDkLTan22i47NpKPd37HayTANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjQwNTIxMDAwMDAwWhcN MjUwNjIxMjM1OTU5WjCBhTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lz MRAwDgYDVQQHEwdDaGljYWdvMSMwIQYDVQQKExpUaGUgTm9ydGhlcm4gVHJ1c3Qg Q29tcGFueTEsMCoGA1UEAxMjbnRhbS1wcm9kLWN1cy1hZ3cubm9ydGhlcm50cnVz dC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPLVCphPeCUmi1 9Qc6tYUh9pGAgoMLYlo1ywpe0W1i8SoNCDA5amYVGTaaGHMK/9qclep3OChhvGyv s8s1gqsQ0yTys49XF+2JM89xp1Mfkm646VSpSeovsBG7j6pgNVcjhc+QKEw4MpPT uXk/FaQecmTosiDRZ3eZpnvgkOBzqhqRsGbgFpGE2xMCdg6R6pz4HuX8x0xj9O0M /BVhRdATwepcDOsUTsu18E7/IRJ6aV+1PnrGNf1rlWJqEdb+UrfkSe127CgEWQKZ Z5zT3rJcVCIM0X/jc4U9TQ1ljfVohBdl24xR+VzMIU8yCxmb0zvP64+P8jz9Um2i HtT2R6YVAgMBAAGjggIWMIICEjAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs 4cbZ4jAdBgNVHQ4EFgQUuwN+NMadHF8lUPig5k1h702x2V4wLgYDVR0RBCcwJYIj bnRhbS1wcm9kLWN1cy1hZ3cubm9ydGhlcm50cnVzdC5jb20wPgYDVR0gBDcwNTAz BgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20v Q1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2NybDMuZGlnaWNlcnQuY29t L0RpZ2ljZXJ0U0hBMlNlY3VyZVNlcnZlckNBLTEuY3JsMD+gPaA7hjlodHRwOi8v Y3JsNC5kaWdpY2VydC5jb20vRGlnaWNlcnRTSEEyU2VjdXJlU2VydmVyQ0EtMS5j cmwwfgYIKwYBBQUHAQEEcjBwMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp Y2VydC5jb20wSAYIKwYBBQUHMAKGPGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv bS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS0yLmNydDAMBgNVHRMBAf8EAjAA MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQArbFK52DD7 tGZKTKDaqaBnXS9nu6GuECNXjNlNBT3KyPrcECYn/Yuqe/jTOH9lgAxkqnWVXkQP nhwXlskwihlfGFdf13XchG/UEVV6XN9g3P45Av95tc7by/SMdD8m3iOMYeqcPgbb fOIcuXxr7P4auESkXRSmXGy3h0r9x7tnVaTcIS6TzCJVFYUdeOLDpukguKWQACNG 4a2qB6x1HUCz7rSNcrpNqWnI0Fe4jbkaTewcE2L0BokCyIjUP3Cb0OcIljJTR7n3 DPCyoikwpeq3p7faVs5I7fSQCqyi7tRN1jeg3hRcHawR0kHduOBczltMK5fEPtA7 Zp/2wJ1VJMph -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy1QqYT3glJotfUHOrWF IfaRgIKDC2JaNcsKXtFtYvEqDQgwOWpmFRk2mhhzCv/anJXqdzgoYbxsr7PLNYKr ENMk8rOPVxftiTPPcadTH5JuuOlUqUnqL7ARu4+qYDVXI4XPkChMODKT07l5PxWk HnJk6LIg0Wd3maZ74JDgc6oakbBm4BaRhNsTAnYOkeqc+B7l/MdMY/TtDPwVYUXQ E8HqXAzrFE7LtfBO/yESemlftT56xjX9a5ViahHW/lK35EntduwoBFkCmWec096y XFQiDNF/43OFPU0NZY31aIQXZduMUflczCFPMgsZm9M7z+uPj/I8/VJtoh7U9kem FQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18956171559170027628650471682460474057 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Northern Trust Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ntam-prod-cus-agw.northerntrust.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26153674830042292942907049210431515763144807484883466220376878289226680771208882732312781979653150963068981430752789787636283654949058927978204023574501733920113590901643646585984743245661558606791132265531629338387136238369637636202228856264421508062245721227826161310967698689493883388576568818125224581810695534588492904780100843012756762970795260606938343714075683234433461685263837945659327943326529459557974370343870158993070358248364311643706553807392803238654485587393281036645577637226362069643735487325438245613806414430732278485988060133274208767453483517133144791341760844532444780318407966446520277378581 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bb037e34c69d1c5f2550f8a0e64d61ef4db1d95e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ntam-prod-cus-agw.northerntrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigicertSHA2SecureServerCA-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002b6c52b9d830fbb4664a4ca0daa9a0675d2f67bba1ae1023578cd94d053dcac8fadc102627fd8baa7bf8d3387f65800c64aa75955e440f9e1c1796c9308a195f18575fd775dc846fd411557a5cdf60dcfe3902ff79b5cedbcbf48c743f26de238c61ea9c3e06db7ce21cb97c6becfe1ab844a45d14a65c6cb7874afdc7bb6755a4dc212e93cc225515851d78e2c3a6e920b8a590002346e1adaa07ac751d40b3eeb48d72ba4da969c8d057b88db91a4dec1c1362f4068902c888d43f709bd0e70896325347b9f70cf0b2a22930a5eab7a7b7da56ce48edf4900aaca2eed44dd637a0de145c1dac11d241ddb8e05cce5b4c2b97c43ed03b669ff6c09d5524ca61