shop.sit1.va.anthem.com

- Anthem, Inc. -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 01:59:cc:9f:49:35:2f:6c:f3:86:0e:ac:0a:49:0d:16 was issued on by DigiCert Inc.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Anthem, Inc.

Organization: Anthem, Inc.
Organization unit: PKI
State / Province: Indiana
Locality: Indianapolis
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:59:cc:9f:49:35:2f:6c:f3:86:0e:ac:0a:49:0d:16
Serial Number (int): 1795492647688202987057733173621886230
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: bb:60:bd:06:7d:b4:3a:6c:0c:c5:05:9b:85:11:3d:5d:e3:ee:94:f6
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 3b:7e:c8:2b:67:be:5a:85:e1:52:3a:8f:05:8d:e0:8d:86:4b:30:5e
Fingerprint (sha256): 0e:91:71:cb:24:be:33:3d:59:ca:b5:d0:ed:8a:77:b1:bd:49:55:6e:34:de:89:9e:04:fe:49:69:cd:92:1e:1c

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate shop.sit1.va.anthem.com

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for shop.sit1.va.anthem.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

shop.sit1.va.anthem.com
shop.sit1.va.bcbsga.com
shop.sit1.va.partdkansas.com
shop.sit1.va.partdkansascity.com
shop.sit1.va.mpartdcoverage.com
shop.sit1.va.empireblue.com
mproducer.sit1.va.anthem.com
shop.sit1.va.amerigroup.com
shop.sit1.va.unicare.com
shop.sit1.va.simplyhealthcareplans.com

Other certificates including the domain name anthem.com

(limited to 100 certificates)
mcwprod.corp.anthem.com
www13.anthem.com
www.sbc.anthem.com
www.amerigroup.com
maaa.ext.proda.anthem.com
mma.api.ext.dev1.va.anthem.com
prod-coe-mulesoft.anthem.com
valuebasedcare.anthem.com
m.anthem.com
publicprogramsmn-proxy.anthem.com
www.anthem.com
wellpoint.com
telesalessfdc.uat.anthem.com
www22.anthem.com
salesdemo.anthem.com
aepsgw-psup.anthem.com
asca.sit.va.myamerigroup.com
qtnp.anthem.com
instantinsights.anthem.com
smcp.anthem.com
gbdmember.uat.va.myamerigroup.com
pd2.secure.anthem.com
lacountyduals.anthem.com
federal.anthem.com
gbdmember.uat.va.myamerigroup.com
mybcbswny.com
api.anthem.com
saml.anthem.com
mproducer.sit2.va.anthem.com
myconnection-east.antheminc.com
shop.anthem.com
shop.anthem.com
membersecure-origin.anthem.com
pares.anthem.com
member.sit.anthem.com
shop.prod.awse1.anthem.com
ccc6.anthem.com
www26.anthem.com
edibatch.anthem.com
employer.anthem.com
myt.anthem.com
shop.uat2.va.anthem.com
anthemproviderssoprod.anthem.com
anthemblue.com
api-np.anthem.com
gbdmember.uat.va.myamerigroup.com
secured.ols.anthem.com
sydmed-services.dev.va.anthem.com
member-origin.anthem.com
pp.anthem.com
sit1.shop.anthem.com
secure.authorization.antheminc.com
communityresourcelink.anthem.com
planchanges.anthem.com
anthemstudentadvantage.com
uat1-m.shop.anthem.com
mywellnessguide.anthem.com
legato.prod.anthem.com
poc.anthem.com
non-prods-ps-dp.ex.elevancehealth.com
mproducer-ak.anthem.com
KentFourthTest.anthem.com
m.anthem.com
*.hlthlink.com
findcare.anthem.com
sbc.anthem.com
blog.anthem.com
www.anthem.com
mobile.sit1.va.anthem.com
anthemblue.com
sydmed-dr-offline.anthem.com
appexchangedev.anthem.com
efx.anthem.com
member.perf.anthem.com
icr-help.anthem.com
rp.us.wellpoint.com
mymobiledevices.anthem.com
qme.anthem.com
alderum.anthem.com
secure-gateway.uat.va.antheminc.com
file.anthem.com
myanthemmember.anthem.com
aggregation-web.preprod.va.anthem.com
www.healthlink.com
zipdrugssoprod.anthem.com
wlp.soacoe.prod.gcpclient.anthem.com
www.anthem.com
saml.anthem.com
employer-origin.anthem.com
sbc.anthem.com
maaa.ext.uat.va.anthem.com
fepmssboxbusmember.anthem.com
planmatch.sit1.va.anthem.com
telehealthos-dr.anthem.com
aggregation-web.anthem.com
providercmsolutions-ak.anthem.com
anthemwtsdc.anthem.com
www-mo.providerfinder.anthem.com
membersecure-origin.anthem.com
poc.anthem.com

Certificate

The complete raw certificate details for shop.sit1.va.anthem.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgIQAVnMn0k1L2zzhg6sCkkNFjANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTE1MDAwMDAwWhcN
MTkwNTEyMTIwMDAwWjB9MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHSW5kaWFuYTEV
MBMGA1UEBxMMSW5kaWFuYXBvbGlzMRUwEwYDVQQKEwxBbnRoZW0sIEluYy4xDDAK
BgNVBAsTA1BLSTEgMB4GA1UEAxMXc2hvcC5zaXQxLnZhLmFudGhlbS5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU6KSv786z54YNs6FIN4i+bOkU
1sSr3W7tDm31yIwKkZUXeeckbFSbphu/tWQPI8Ukw+hb58jeVz1yd4sEgG01k8px
UrNIgofQBUHC0n3YGBwe3XoHM8gZBluxqUD1YBlA8TlxHShUOeZwzWVtgT0kvApy
/FZ7e2Y4XMvkg2HwHibbzgrfxAgfX4ZO7HdnrAovNaPazpXCPR8mD054VUKAwkdc
wuVzV7Iy8SJh2nbY7SxK/1rFMQaEHNpiNFCT510vZzVu0YEa1R5PDwgADGOKqDQQ
wYNBzTfELStNE7wH0j9CGEA1iyMDedDcpl+Yxi7rBcc0MNhYQJjqt2uoETBVAgMB
AAGjggMKMIIDBjAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNV
HQ4EFgQUu2C9Bn20OmwMxQWbhRE9XePulPYwggE6BgNVHREEggExMIIBLYIXc2hv
cC5zaXQxLnZhLmFudGhlbS5jb22CF3Nob3Auc2l0MS52YS5iY2JzZ2EuY29tghxz
aG9wLnNpdDEudmEucGFydGRrYW5zYXMuY29tgiBzaG9wLnNpdDEudmEucGFydGRr
YW5zYXNjaXR5LmNvbYIfc2hvcC5zaXQxLnZhLm1wYXJ0ZGNvdmVyYWdlLmNvbYIb
c2hvcC5zaXQxLnZhLmVtcGlyZWJsdWUuY29tghxtcHJvZHVjZXIuc2l0MS52YS5h
bnRoZW0uY29tghtzaG9wLnNpdDEudmEuYW1lcmlncm91cC5jb22CGHNob3Auc2l0
MS52YS51bmljYXJlLmNvbYImc2hvcC5zaXQxLnZhLnNpbXBseWhlYWx0aGNhcmVw
bGFucy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5j
b20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQu
Y29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAo
BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwB
AgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
bS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADATBgor
BgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJ/c9lSKd4sg4wO1
PjnT7C4dRXGQr2IlMreCitmSMcYPFQAC0xLAijyLlleC++IPQdDblldhmM5LR1gE
9njeehSwIvq/9i6ScX47Ju6qMsPelwCPtCySICReIpNI0gOjRKO3NnPQHIXM1HR7
NEISgwqI1VYcNu5qcwnmx0868yfCNXFrcWaBK0SZlEULxomNq+hJ1p8xWWgb/jGs
LYHJze+jD8c79blBivNvx1gybXT3qj1EgXzmeBBfSyhxCH/nuELotBmVHVtfMrZa
4PfdLRmRLLNkaCsWi/1IXMQnWPN6W1bqyp6oaK0DSzOnsSnQZ+ikERPU2/3NjaZX
L1yE4Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Oikr+/Os+eGDbOhSDeI
vmzpFNbEq91u7Q5t9ciMCpGVF3nnJGxUm6Ybv7VkDyPFJMPoW+fI3lc9cneLBIBt
NZPKcVKzSIKH0AVBwtJ92BgcHt16BzPIGQZbsalA9WAZQPE5cR0oVDnmcM1lbYE9
JLwKcvxWe3tmOFzL5INh8B4m284K38QIH1+GTux3Z6wKLzWj2s6Vwj0fJg9OeFVC
gMJHXMLlc1eyMvEiYdp22O0sSv9axTEGhBzaYjRQk+ddL2c1btGBGtUeTw8IAAxj
iqg0EMGDQc03xC0rTRO8B9I/QhhANYsjA3nQ3KZfmMYu6wXHNDDYWECY6rdrqBEw
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1795492647688202987057733173621886230
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-12 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indiana'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Indianapolis'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Anthem, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'shop.sit1.va.anthem.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26877241344457907246917349262120294455783335696320523013555365322775979347429586174560194124923119299640099528284221715099165169050269557328599080044294889358360146904831124704998522349798095237555214238697589392706452494808092022663935423066255949625542923805917211341063257546669358490317581781690028688204254300528608990417017639952932152443138279753808772407504873210562933978381954824397451303996197029238360728712365544549995823360869130771285077325938573614217610100031843914663583061280575839641583727150313550698471443734684950110426497762620152810148320353338645180496079274060900081862326794022794453659733
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bb60bd067db43a6c0cc5059b85113d5de3ee94f6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (305 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.anthem.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.bcbsga.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.partdkansas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.partdkansascity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.mpartdcoverage.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.empireblue.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mproducer.sit1.va.anthem.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.amerigroup.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.unicare.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.sit1.va.simplyhealthcareplans.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005c9fdcf6548a778b20e303b53e39d3ec2e1d457190af622532b7828ad99231c60f150002d312c08a3c8b965782fbe20f41d0db96576198ce4b475804f678de7a14b022fabff62e92717e3b26eeaa32c3de97008fb42c9220245e229348d203a344a3b73673d01c85ccd4747b344212830a88d5561c36ee6a7309e6c74f3af327c235716b7166812b449994450bc6898dabe849d69f3159681bfe31ac2d81c9cdefa30fc73bf5b9418af36fc758326d74f7aa3d44817ce678105f4b2871087fe7b842e8b419951d5b5f32b65ae0f7dd2d19912cb364682b168bfd485cc42758f37a5b56eaca9ea868ad034b33a7b129d067e8a41113d4dbfdcd8da6572f5c84e1