www.sonypictures.es

- Sony Pictures Entertainment -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0c:00:15:87:a4:5b:3e:e6:b4:2c:7b:f1:a4:d4:25:89 was issued on by DigiCert Inc.

With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Sony Pictures Entertainment

Organization: Sony Pictures Entertainment
State / Province: California
Locality: Culver City
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:00:15:87:a4:5b:3e:e6:b4:2c:7b:f1:a4:d4:25:89
Serial Number (int): 15951172626688457488351648244621911433
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 40:17:91:a4:71:eb:6d:6b:09:c1:13:c6:f8:5b:55:0d:50:40:1a:95
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): a0:b8:80:fe:af:11:d1:0d:2c:1c:1c:4c:a4:38:73:07:7b:4d:cc:5d
Fingerprint (sha256): 0e:0f:87:b5:21:b1:84:2e:34:b3:ef:ec:44:3d:7b:df:42:47:a6:50:56:52:f7:dd:77:c2:c4:bc:58:4a:47:60

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl

Check the revocation status for certificate www.sonypictures.es

18

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.sonypictures.es

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.sonypictures.es
www2.sonypictures.es
sonypictures.es
www.sonypictures.fr
sonypictures.fr
www.sonypictures.be
sonypictures.be
www.sonypictures.co.uk
sonypictures.co.uk
www.sonypictures.ca
sonypictures.ca
intl.sonypictures.com
www2.sonypictures.be
www2.sonypictures.co.uk
www2.sonypictures.ca
www.sonypictures.ie
sonypictures.ie
www2.sonypictures.ie

Other certificates including the domain name sonypictures.es

(limited to 100 certificates)
flash.sonypictures.com
flash.sonypictures.com
stage-microsites.sonypictures.com
perc.sonypictures.com
www.sonypictures.es
perc.sonypictures.com
flash.sonypictures.com
edge-micros2.sonypictures.com
perc.sonypictures.com
stage-microsites.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
www.sonypictures.es
microsites.sonypictures.com
perc.sonypictures.com
flash.sonypictures.com
portals.sonypictures.net
stage-perc.sonypictures.com
edge-micros1.sonypictures.com
edge-micros1.sonypictures.com
api.stg.sonypictures.es
microsites.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
www.sonypictures.es
stage-perc.sonypictures.com
flash.sonypictures.com
flash.sonypictures.com
edge-micros1.sonypictures.com
stage-perc.sonypictures.com
microsites.sonypictures.com
microsites.sonypictures.com
stage-perc.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
microsites.sonypictures.com
edge-micros2.sonypictures.com
flash.sonypictures.com
stage-microsites.sonypictures.com
dev.sonypictures.es
portals.sonypictures.net
flash.sonypictures.com
flash.sonypictures.com
dev.sonypictures.co.uk
flash.sonypictures.com
perc.sonypictures.com
microsites.sonypictures.com
flash.sonypictures.com
edge-affiliates.cinesony.com
stage-perc.sonypictures.com
microsites.sonypictures.com
www.sonypictures.es
microsites.sonypictures.com
flash.sonypictures.com
flash.sonypictures.com
edge-micros1.sonypictures.com
cms-prod.sonypictures.es
flash.sonypictures.com
stage-microsites.sonypictures.com
edge-micros1.sonypictures.com
www.sonypictures.es
microsites.sonypictures.com
stage-microsites.sonypictures.com
edge-micros2.sonypictures.com
stage-perc.sonypictures.com
stage.sonypictures.es
perc.sonypictures.com
edge-micros2.sonypictures.com
perc.sonypictures.com
flash.sonypictures.com
perc.sonypictures.com
dev.sonypictures.es
stage-microsites.sonypictures.com
edge-affiliates.cinesony.com
perc.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
edge-affiliates.cinesony.com
stage-microsites.sonypictures.com
stage-microsites.sonypictures.com
flash.sonypictures.com
portals.sonypictures.net
flash.sonypictures.com
edge-micros1.sonypictures.com
microsites.sonypictures.com
edge-micros2.sonypictures.com
perc.sonypictures.com
microsites.sonypictures.com
stage-microsites.sonypictures.com
portals.sonypictures.net
microsites.sonypictures.com
flash.sonypictures.com
flash.sonypictures.com
dev.sonypictures.co.uk
flash.sonypictures.com
sonypictures.es
stage-microsites.sonypictures.com
flash.sonypictures.com
portals.sonypictures.net
edge-micros2.sonypictures.com

Certificate

The complete raw certificate details for www.sonypictures.es in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGyzCCBbOgAwIBAgIQDAAVh6RbPua0LHvxpNQliTANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMDEyMDcwMDAwMDBa
Fw0yMTEyMTQyMzU5NTlaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
bmlhMRQwEgYDVQQHEwtDdWx2ZXIgQ2l0eTEkMCIGA1UEChMbU29ueSBQaWN0dXJl
cyBFbnRlcnRhaW5tZW50MRwwGgYDVQQDExN3d3cuc29ueXBpY3R1cmVzLmVzMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozVTzg9+gpwKFxys6IpLAVq8
Be3hRnfBGEapAJc2vRJZv0Rz0a6PBkQqXNyj1xKYl5A5ZVn4TL0y1fWpVVpRy61Q
DyxRdj+Pz4yeHiVF6X3vmwGfQaoQgC3fGClgsKToXZ5hzapVBzlP7Zlco+Q0fdIa
gTCoAm8ojd2SR+K8tC8OvL0SYKfrraiJvGLDaVbREk8fFnVfqNW5keIzGt6W6G73
IuXvO+G7+rwp4ZKqMHOSvgEufX2SXlNsA4cGOZ48p21bjDmINPZ0zwWTOTlg8/vW
aRfOAEG2KBMZSG8q5rmyLVCyXcVFStVg1EE1fWG9/qV4AzfqFAOkVzNlErBpXwID
AQABo4IDdDCCA3AwHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYD
VR0OBBYEFEAXkaRx621rCcETxvhbVQ1QQBqVMIIBfwYDVR0RBIIBdjCCAXKCE3d3
dy5zb255cGljdHVyZXMuZXOCFHd3dzIuc29ueXBpY3R1cmVzLmVzgg9zb255cGlj
dHVyZXMuZXOCE3d3dy5zb255cGljdHVyZXMuZnKCD3NvbnlwaWN0dXJlcy5mcoIT
d3d3LnNvbnlwaWN0dXJlcy5iZYIPc29ueXBpY3R1cmVzLmJlghZ3d3cuc29ueXBp
Y3R1cmVzLmNvLnVrghJzb255cGljdHVyZXMuY28udWuCE3d3dy5zb255cGljdHVy
ZXMuY2GCD3NvbnlwaWN0dXJlcy5jYYIVaW50bC5zb255cGljdHVyZXMuY29tghR3
d3cyLnNvbnlwaWN0dXJlcy5iZYIXd3d3Mi5zb255cGljdHVyZXMuY28udWuCFHd3
dzIuc29ueXBpY3R1cmVzLmNhghN3d3cuc29ueXBpY3R1cmVzLmllgg9zb255cGlj
dHVyZXMuaWWCFHd3dzIuc29ueXBpY3R1cmVzLmllMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYsGA1UdHwSBgzCBgDA+oDyg
OoY4aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2
MjAyMENBMS5jcmwwPqA8oDqGOGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp
Q2VydFRMU1JTQVNIQTI1NjIwMjBDQTEuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9
bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw
CAYGZ4EMAQICMH0GCCsGAQUFBwEBBHEwbzAkBggrBgEFBQcwAYYYaHR0cDovL29j
c3AuZGlnaWNlcnQuY29tMEcGCCsGAQUFBzAChjtodHRwOi8vY2FjZXJ0cy5kaWdp
Y2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLmNydDAMBgNVHRMB
Af8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA5
R+9f059L50s+05EDjZU1g/XAxTJhgAVyK4TNUFoPxE9QiwxxWdVTwetpv4iGhM55
sH4U/UB6PeoWl62DGvtVUEzu6A5sMgzhA+PV9vX74/FWyc3xCiXIR11Adu8drIPa
RReM32LR1H/gPkZkKFySTfBSJ24w92vH5Y2gB0dHUz2XRgPTbcLt2E/o3tJBZlgA
uIRIhN0fk1FGmsUfhFWKrrIrn+mLCV4GWJV+sSAHA8uO/0Beo2Omcc9YN9j1+t+H
sohrs9XSGr//cIigTbEYDlejEj9uqfC/x2bKobpLsiauQX5XaAKW/r6m8PXpLjD8
edK1OtW/JdAzTHEI0Cbc
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozVTzg9+gpwKFxys6IpL
AVq8Be3hRnfBGEapAJc2vRJZv0Rz0a6PBkQqXNyj1xKYl5A5ZVn4TL0y1fWpVVpR
y61QDyxRdj+Pz4yeHiVF6X3vmwGfQaoQgC3fGClgsKToXZ5hzapVBzlP7Zlco+Q0
fdIagTCoAm8ojd2SR+K8tC8OvL0SYKfrraiJvGLDaVbREk8fFnVfqNW5keIzGt6W
6G73IuXvO+G7+rwp4ZKqMHOSvgEufX2SXlNsA4cGOZ48p21bjDmINPZ0zwWTOTlg
8/vWaRfOAEG2KBMZSG8q5rmyLVCyXcVFStVg1EE1fWG9/qV4AzfqFAOkVzNlErBp
XwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15951172626688457488351648244621911433
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Culver City'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sony Pictures Entertainment'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sonypictures.es'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20603140412246535846368331643724386900551462540951486187809079714081045631545633521101012267119695862976123323398045526987611878189063356931536949599895831184074123371033479947658769280338088033237228590337001657380882723382135042443771008893453883456327352364924141939783036050589387968540097783958667871016789812884690874893338227326920047158439137698460010544462380955321125776022449826787516270541484375142689651397074057751369096143920162066542621686723804812985047536251438135780601483800914577610956113797874887856471076399556166779664109276293861182880859711825815462458955669603268041781109061054601695881567
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							401791a471eb6d6b09c113c6f85b550d50401a95
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (374 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypictures.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.sonypictures.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonypictures.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypictures.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonypictures.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypictures.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonypictures.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypictures.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonypictures.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypictures.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonypictures.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intl.sonypictures.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.sonypictures.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.sonypictures.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.sonypictures.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonypictures.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonypictures.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.sonypictures.ie'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003947ef5fd39f4be74b3ed391038d953583f5c0c532618005722b84cd505a0fc44f508b0c7159d553c1eb69bf888684ce79b07e14fd407a3dea1697ad831afb55504ceee80e6c320ce103e3d5f6f5fbe3f156c9cdf10a25c8475d4076ef1dac83da45178cdf62d1d47fe03e4664285c924df052276e30f76bc7e58da0074747533d974603d36dc2edd84fe8ded241665800b8844884dd1f9351469ac51f84558aaeb22b9fe98b095e0658957eb1200703cb8eff405ea363a671cf5837d8f5fadf87b2886bb3d5d21abfff7088a04db1180e57a3123f6ea9f0bfc766caa1ba4bb226ae417e57680296febea6f0f5e92e30fc79d2b53ad5bf25d0334c7108d026dc