k8s-oidc.data-production.braintree-api.com

- PayPal, Inc. -

Issued by DigiCert SHA2 High Assurance Server CA

About this certificate

This digital certificate with serial number 0b:04:c8:47:70:22:b1:1e:f3:93:5d:cc:88:b0:10:fe was issued on by DigiCert Inc.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

PayPal, Inc.

Organization: PayPal, Inc.
State / Province: California
Locality: San Jose
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:04:c8:47:70:22:b1:1e:f3:93:5d:cc:88:b0:10:fe
Serial Number (int): 14646339282892743766987568773724115198
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 62:18:1f:7f:31:dd:f4:94:ab:e1:83:bf:dd:d3:d2:de:86:66:be:19
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b

Fingerprint (sha1): a8:fa:5e:e1:d1:fd:29:ea:a5:cc:35:be:42:e8:9d:6f:be:f8:bc:c4
Fingerprint (sha256): 0e:c6:13:24:fc:e5:5a:0d:d7:92:ab:d6:a5:7d:0e:03:c5:78:c2:b5:ab:20:6e:46:b4:47:53:c1:30:e7:43:62

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl

Check the revocation status for certificate k8s-oidc.data-production.braintree-api.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for k8s-oidc.data-production.braintree-api.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

k8s-oidc.data-production.braintree-api.com
k8s-oidc-dataprod-us-east-1.data-production.braintree-api.com
k8s-oidc-dataprod-us-east-2.data-production.braintree-api.com
k8s-oidc-dataprod-us-west-2.data-production.braintree-api.com
k8s-oidc-dataprod-ap-southeast-2.data-production.braintree-api.com
k8s-oidc-dataprod-eu-central-1.data-production.braintree-api.com

Other certificates including the domain name braintree-api.com

(limited to 100 certificates)
aegis-proxy.sandbox.braintree-api.com
briskqa.braintree.tools
reader.sandbox.braintree-api.com
payments.sandbox.braintree-api.com
apply.qa.braintreepayments.com
arbiter-kubernetes-qa.dev.braintree-api.com
localpay-checkout.sandbox.braintree-api.com
k8s-oidc.sandbox.braintree-api.com
dimension-finder-stag.sandbox.braintree-api.com
origin-analytics-qa.dev.braintree-api.com
sentinel-prod.production.braintree-api.com
disputin.sandbox.braintree.tools
airflow.data-staging.braintree-api.com
transactions-prod-us.production.braintree-api.com
reader.braintree-api.com
gateway-sand.sandbox.braintree-api.com
functions.sandbox.braintree-api.com
graphql-docs-sand-us-east-1.sandbox.braintree-api.com
brisk.braintree.tools
provisioner.qa.braintreepayments.com
arbiter-kubernetes-sand.sandbox.braintree-api.com
k8s-oidc.data-production.braintree-api.com
localpay-checkout-test.sandbox.braintree-api.com
payments.braintree-api.com
aegis-proxy-sand-us-east-2.sandbox.braintree-api.com
origin-analytics-sand.sandbox.braintree-api.com
*.dev.braintree-api.com
brisk.sandbox.braintree.tools
sentinel-sand.sandbox.braintree-api.com
apply.qa.braintreepayments.com
batch-validation-prod-us-east-2.production.braintree-api.com
localpay-checkout.sandbox.braintree-api.com
k8s-oidc.data-production.braintree-api.com
panel.gateway.qa.braintreepayments.com
docs-qa-us-east-1.dev.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
*.bcoumes.dev.braintree-api.com
data-airflow.sand.braintree.tools
millennium-simulator.dev.braintree-api.com
k8s-oidc.data-production.braintree-api.com
mission-control.braintree-api.com
tugboat.dev.braintree-api.com
taskworker-flower.production.braintree-api.com
reader-service.sandbox.braintree-api.com
apply.braintreegateway.com
taskworker-auditor.production.braintree-api.com
data-airflow-webserver-datastag.data-staging.braintree-api.com
docs-prod-us-east-1.production.braintree-api.com
taskworker-flower.production.braintree-api.com
monitoring-tool-serv-sand-us-west-2.sandbox.braintree-api.com
bazaar.braintree.tools
event-sink-sand-us-west-2.sandbox.braintree-api.com
bazaar.braintree.tools
docs.sandbox.braintree-api.com
data-airflow.braintree.tools
aegis-proxy.production.braintree-api.com
billpay-validator-sand.sandbox.braintree-api.com
k8s-oidc.data-staging.braintree-api.com
provisioner.svc.braintreepayments.com
marketing-qa-us-east-1.dev.braintree-api.com
payments.sandbox.braintree-api.com
blue-front-door.braintree-api.com
infra-sso-token-converter.braintree-api.com
alert-notify-sand-us-west-2.sandbox.braintree-api.com
k8s-oidc.production.braintree-api.com
sentinel-dev.dev.braintree-api.com
origin-falcon.dev.braintree-api.com
tugboat.dev.braintree-api.com
reader.braintree-api.com
aegis-proxy-prod-us-east-2.production.braintree-api.com
pigeon.production.braintree-api.com
k8s-dashboard-qa-us-west-2.braintree.tools
pigeon.dev.braintree-api.com
pricing-prod.production.braintree-api.com
k8s-dashboard.sandbox.braintree-api.com
origin-analytics-sand.sandbox.braintree-api.com
infra-sso-token-converter.braintree-api.com
millennium-simulator.sandbox.braintree-api.com
functions.sandbox.braintree-api.com
airflow.dev.braintree-api.com
ppwr-sand.sandbox.braintree-api.com
signups.sand.braintreepayments.com
payments.sandbox.braintree-api.com
consul.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
localpay-checkout-test.sandbox.braintree-api.com
pigeon.sandbox.braintree-api.com
apply.braintreegateway.com
origin-analytics-qa.dev.braintree-api.com
twistlock-sand-us-east-1.sandbox.braintree-api.com
gateway-qa.dev.braintree-api.com
k8s-oidc.data-staging.braintree-api.com
processor-webhook-receiver.braintree-api.com
k8s-dashboard.data-production.braintree-api.com
gateway.braintree-api.com
sentintel-sand-us-west-2.sandbox.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
origin-falcon-prod.production.braintree-api.com
monitor-data-model-sand-us-west-2.sandbox.braintree-api.com
gateway.braintree-api.com

Certificate

The complete raw certificate details for k8s-oidc.data-production.braintree-api.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIPTCCByWgAwIBAgIQCwTIR3AisR7zk13MiLAQ/jANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0yNDAyMjEwMDAwMDBaFw0yNTAyMjAyMzU5NTla
MIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMI
U2FuIEpvc2UxFTATBgNVBAoTDFBheVBhbCwgSW5jLjEzMDEGA1UEAxMqazhzLW9p
ZGMuZGF0YS1wcm9kdWN0aW9uLmJyYWludHJlZS1hcGkuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzowY3PL810Djdf8kxtNx4ef+AHW4wHdO1DQT
ReUkTWgSUsGwsR4CsRmNF1l82LrXhXeMJwKJ+y3UwKsy2d/wotIIPPifAwK+CFu6
1jYI6ImleM03xgtmZZtUhiGwql6L48rpKEu2rMI1fcVAWgNEL/46wpkzvcshmytW
HdHssjZbUDY6vkcLCyRusJowUWZSK1rTHQUWRxzb38/e8gE3PLImxayCjbKsBPmH
c8iNFoMNGTDumc+CU+J1Obj9H8nlJU90Sn8CptZeDd95tK3A9lI9KQuGOB7X93ao
oyVZaIR40HggyViUsNUtQMcGmgTH7TwR1EdsrSqzsgBTL4nklQIDAQABo4IEvzCC
BLswHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFGIY
H38x3fSUq+GDv93T0t6GZr4ZMIIBfAYDVR0RBIIBczCCAW+CKms4cy1vaWRjLmRh
dGEtcHJvZHVjdGlvbi5icmFpbnRyZWUtYXBpLmNvbYI9azhzLW9pZGMtZGF0YXBy
b2QtdXMtZWFzdC0xLmRhdGEtcHJvZHVjdGlvbi5icmFpbnRyZWUtYXBpLmNvbYI9
azhzLW9pZGMtZGF0YXByb2QtdXMtZWFzdC0yLmRhdGEtcHJvZHVjdGlvbi5icmFp
bnRyZWUtYXBpLmNvbYI9azhzLW9pZGMtZGF0YXByb2QtdXMtd2VzdC0yLmRhdGEt
cHJvZHVjdGlvbi5icmFpbnRyZWUtYXBpLmNvbYJCazhzLW9pZGMtZGF0YXByb2Qt
YXAtc291dGhlYXN0LTIuZGF0YS1wcm9kdWN0aW9uLmJyYWludHJlZS1hcGkuY29t
gkBrOHMtb2lkYy1kYXRhcHJvZC1ldS1jZW50cmFsLTEuZGF0YS1wcm9kdWN0aW9u
LmJyYWludHJlZS1hcGkuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYB
BQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAy
oDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5j
cmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZl
ci1nNi5jcmwwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29j
c3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdp
Y2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAM
BgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgBOdaMnXJoQ
wzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY3LXRHMAAAEAwBHMEUCIQCzmdLR
EKTu7mLrM3phnfrjoeGkm3vIHUaAZgQqJNrUrQIgfY9iKEahNXtLfzRbutOIABTF
9dcpkdltCuqFD7anGZQAdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55
uAAAAY3LXRGYAAAEAwBHMEUCIQCgJJqBY5ONdJyfH1SBKwBKNIt4k+vpIeCo0mFL
idzh0wIgfXZ5abHoytMsJiVhmWlDjC+hR16+XpW4HWBnDmSEnT4AdQDm0jFjQHeM
wRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY3LXRG8AAAEAwBGMEQCIGJexb8H
iUxdAndisd9Y8V++aUJ2L77d5E7lr22o2R5wAiB17AUKajRvdE13yEFMavvN4HYs
dC8rD9UKjkBEmt2eqTANBgkqhkiG9w0BAQsFAAOCAQEAPCU5/IL2WpQpbjIyh9+5
YUByR0yAMLoasnx5/ZojeC+HWE+h4ve9eVqHj/iOC9ze3RnECzJl3rL6KmpkSkOc
TvENSuTUujta5qaYJsSK3TI4vZNTUSE2pLyqa38dASUhFXxLvEoLVPfNhp4td1Qc
J5WrMsDvYB0TMgJJx6HM2tz2iEIpU0D8Gxt55XMaLy8/YK/9/H8AdMaJrgZwiAZI
tUJur7p4pGiVbpmJiK/BCZJFs76nf5VDhDs2JiKQNc0vw9noF3VGHyxyq5Duwakt
SlEKBvJPCIA7LA+/IMCpyutp4A3bOvmFVNjy+hiDf16VguZueZwDCJyQ+si+ugli
eA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzowY3PL810Djdf8kxtNx
4ef+AHW4wHdO1DQTReUkTWgSUsGwsR4CsRmNF1l82LrXhXeMJwKJ+y3UwKsy2d/w
otIIPPifAwK+CFu61jYI6ImleM03xgtmZZtUhiGwql6L48rpKEu2rMI1fcVAWgNE
L/46wpkzvcshmytWHdHssjZbUDY6vkcLCyRusJowUWZSK1rTHQUWRxzb38/e8gE3
PLImxayCjbKsBPmHc8iNFoMNGTDumc+CU+J1Obj9H8nlJU90Sn8CptZeDd95tK3A
9lI9KQuGOB7X93aooyVZaIR40HggyViUsNUtQMcGmgTH7TwR1EdsrSqzsgBTL4nk
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14646339282892743766987568773724115198
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Jose'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PayPal, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'k8s-oidc.data-production.braintree-api.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26074175288391979644040339325238705713809731960478467798079592019579507493852588117642793521394372050852109280140859585260278104678269931766611974717393019778646292154641342505735272559157892912662280112666556048462627486949649748333552877229016016719503496688885857129585276381708122109869361542616114956530665751736807380944224733400151711927768652263785919069230146092492806769970204662098554935502243788950929051568799907409240577344815476068637584060146033419909093729204980055787011053809660782006191354818436782273791363682030648244925979660798820296330683669757532898787287676922131995128895160851987056682133
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							62181f7f31ddf494abe183bfddd3d2de8666be19
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (371 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc.data-production.braintree-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-us-east-1.data-production.braintree-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-us-east-2.data-production.braintree-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-us-west-2.data-production.braintree-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-ap-southeast-2.data-production.braintree-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-eu-central-1.data-production.braintree-api.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dcb5d11cc0000040300473045022100b399d2d110a4eeee62eb337a619dfae3a1e1a49b7bc81d468066042a24dad4ad02207d8f622846a1357b4b7f345bbad3880014c5f5d72991d96d0aea850fb6a719940076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dcb5d11980000040300473045022100a0249a8163938d749c9f1f54812b004a348b7893ebe921e0a8d2614b89dce1d302207d767969b1e8cad32c2625619969438c2fa1475ebe5e95b81d60670e64849d3e007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dcb5d11bc00000403004630440220625ec5bf07894c5d027762b1df58f15fbe6942762fbedde44ee5af6da8d91e70022075ec050a6a346f744d77c8414c6afbcde0762c742f2b0fd50a8e40449add9ea9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003c2539fc82f65a94296e323287dfb9614072474c8030ba1ab27c79fd9a23782f87584fa1e2f7bd795a878ff88e0bdcdedd19c40b3265deb2fa2a6a644a439c4ef10d4ae4d4ba3b5ae6a69826c48add3238bd9353512136a4bcaa6b7f1d012521157c4bbc4a0b54f7cd869e2d77541c2795ab32c0ef601d13320249c7a1ccdadcf68842295340fc1b1b79e5731a2f2f3f60affdfc7f0074c689ae0670880648b5426eafba78a468956e998988afc1099245b3bea77f9543843b3626229035cd2fc3d9e81775461f2c72ab90eec1a92d4a510a06f24f08803b2c0fbf20c0a9caeb69e00ddb3af98554d8f2fa18837f5e9582e66e799c03089c90fac8beba096278