k8s-oidc.data-production.braintree-api.com
- PayPal, Inc. -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 0b:04:c8:47:70:22:b1:1e:f3:93:5d:cc:88:b0:10:fe was issued on by DigiCert Inc.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
PayPal, Inc.
Organization:
PayPal, Inc.
State / Province:
California
Locality: San Jose
Country: US
Locality: San Jose
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:04:c8:47:70:22:b1:1e:f3:93:5d:cc:88:b0:10:feSerial Number (int): 14646339282892743766987568773724115198
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 62:18:1f:7f:31:dd:f4:94:ab:e1:83:bf:dd:d3:d2:de:86:66:be:19
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): a8:fa:5e:e1:d1:fd:29:ea:a5:cc:35:be:42:e8:9d:6f:be:f8:bc:c4
Fingerprint (sha256): 0e:c6:13:24:fc:e5:5a:0d:d7:92:ab:d6:a5:7d:0e:03:c5:78:c2:b5:ab:20:6e:46:b4:47:53:c1:30:e7:43:62
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate k8s-oidc.data-production.braintree-api.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for k8s-oidc.data-production.braintree-api.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
k8s-oidc.data-production.braintree-api.com
k8s-oidc-dataprod-us-east-1.data-production.braintree-api.com
k8s-oidc-dataprod-us-east-2.data-production.braintree-api.com
k8s-oidc-dataprod-us-west-2.data-production.braintree-api.com
k8s-oidc-dataprod-ap-southeast-2.data-production.braintree-api.com
k8s-oidc-dataprod-eu-central-1.data-production.braintree-api.com
k8s-oidc-dataprod-us-east-1.data-production.braintree-api.com
k8s-oidc-dataprod-us-east-2.data-production.braintree-api.com
k8s-oidc-dataprod-us-west-2.data-production.braintree-api.com
k8s-oidc-dataprod-ap-southeast-2.data-production.braintree-api.com
k8s-oidc-dataprod-eu-central-1.data-production.braintree-api.com
Other certificates including the domain name braintree-api.com
(limited to 100 certificates)
aegis-proxy.sandbox.braintree-api.com
briskqa.braintree.tools
reader.sandbox.braintree-api.com
payments.sandbox.braintree-api.com
apply.qa.braintreepayments.com
arbiter-kubernetes-qa.dev.braintree-api.com
localpay-checkout.sandbox.braintree-api.com
k8s-oidc.sandbox.braintree-api.com
dimension-finder-stag.sandbox.braintree-api.com
origin-analytics-qa.dev.braintree-api.com
sentinel-prod.production.braintree-api.com
disputin.sandbox.braintree.tools
airflow.data-staging.braintree-api.com
transactions-prod-us.production.braintree-api.com
reader.braintree-api.com
gateway-sand.sandbox.braintree-api.com
functions.sandbox.braintree-api.com
graphql-docs-sand-us-east-1.sandbox.braintree-api.com
brisk.braintree.tools
provisioner.qa.braintreepayments.com
arbiter-kubernetes-sand.sandbox.braintree-api.com
k8s-oidc.data-production.braintree-api.com
localpay-checkout-test.sandbox.braintree-api.com
payments.braintree-api.com
aegis-proxy-sand-us-east-2.sandbox.braintree-api.com
origin-analytics-sand.sandbox.braintree-api.com
*.dev.braintree-api.com
brisk.sandbox.braintree.tools
sentinel-sand.sandbox.braintree-api.com
apply.qa.braintreepayments.com
batch-validation-prod-us-east-2.production.braintree-api.com
localpay-checkout.sandbox.braintree-api.com
k8s-oidc.data-production.braintree-api.com
panel.gateway.qa.braintreepayments.com
docs-qa-us-east-1.dev.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
*.bcoumes.dev.braintree-api.com
data-airflow.sand.braintree.tools
millennium-simulator.dev.braintree-api.com
k8s-oidc.data-production.braintree-api.com
mission-control.braintree-api.com
tugboat.dev.braintree-api.com
taskworker-flower.production.braintree-api.com
reader-service.sandbox.braintree-api.com
apply.braintreegateway.com
taskworker-auditor.production.braintree-api.com
data-airflow-webserver-datastag.data-staging.braintree-api.com
docs-prod-us-east-1.production.braintree-api.com
taskworker-flower.production.braintree-api.com
monitoring-tool-serv-sand-us-west-2.sandbox.braintree-api.com
bazaar.braintree.tools
event-sink-sand-us-west-2.sandbox.braintree-api.com
bazaar.braintree.tools
docs.sandbox.braintree-api.com
data-airflow.braintree.tools
aegis-proxy.production.braintree-api.com
billpay-validator-sand.sandbox.braintree-api.com
k8s-oidc.data-staging.braintree-api.com
provisioner.svc.braintreepayments.com
marketing-qa-us-east-1.dev.braintree-api.com
payments.sandbox.braintree-api.com
blue-front-door.braintree-api.com
infra-sso-token-converter.braintree-api.com
alert-notify-sand-us-west-2.sandbox.braintree-api.com
k8s-oidc.production.braintree-api.com
sentinel-dev.dev.braintree-api.com
origin-falcon.dev.braintree-api.com
tugboat.dev.braintree-api.com
reader.braintree-api.com
aegis-proxy-prod-us-east-2.production.braintree-api.com
pigeon.production.braintree-api.com
k8s-dashboard-qa-us-west-2.braintree.tools
pigeon.dev.braintree-api.com
pricing-prod.production.braintree-api.com
k8s-dashboard.sandbox.braintree-api.com
origin-analytics-sand.sandbox.braintree-api.com
infra-sso-token-converter.braintree-api.com
millennium-simulator.sandbox.braintree-api.com
functions.sandbox.braintree-api.com
airflow.dev.braintree-api.com
ppwr-sand.sandbox.braintree-api.com
signups.sand.braintreepayments.com
payments.sandbox.braintree-api.com
consul.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
localpay-checkout-test.sandbox.braintree-api.com
pigeon.sandbox.braintree-api.com
apply.braintreegateway.com
origin-analytics-qa.dev.braintree-api.com
twistlock-sand-us-east-1.sandbox.braintree-api.com
gateway-qa.dev.braintree-api.com
k8s-oidc.data-staging.braintree-api.com
processor-webhook-receiver.braintree-api.com
k8s-dashboard.data-production.braintree-api.com
gateway.braintree-api.com
sentintel-sand-us-west-2.sandbox.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
origin-falcon-prod.production.braintree-api.com
monitor-data-model-sand-us-west-2.sandbox.braintree-api.com
gateway.braintree-api.com
briskqa.braintree.tools
reader.sandbox.braintree-api.com
payments.sandbox.braintree-api.com
apply.qa.braintreepayments.com
arbiter-kubernetes-qa.dev.braintree-api.com
localpay-checkout.sandbox.braintree-api.com
k8s-oidc.sandbox.braintree-api.com
dimension-finder-stag.sandbox.braintree-api.com
origin-analytics-qa.dev.braintree-api.com
sentinel-prod.production.braintree-api.com
disputin.sandbox.braintree.tools
airflow.data-staging.braintree-api.com
transactions-prod-us.production.braintree-api.com
reader.braintree-api.com
gateway-sand.sandbox.braintree-api.com
functions.sandbox.braintree-api.com
graphql-docs-sand-us-east-1.sandbox.braintree-api.com
brisk.braintree.tools
provisioner.qa.braintreepayments.com
arbiter-kubernetes-sand.sandbox.braintree-api.com
k8s-oidc.data-production.braintree-api.com
localpay-checkout-test.sandbox.braintree-api.com
payments.braintree-api.com
aegis-proxy-sand-us-east-2.sandbox.braintree-api.com
origin-analytics-sand.sandbox.braintree-api.com
*.dev.braintree-api.com
brisk.sandbox.braintree.tools
sentinel-sand.sandbox.braintree-api.com
apply.qa.braintreepayments.com
batch-validation-prod-us-east-2.production.braintree-api.com
localpay-checkout.sandbox.braintree-api.com
k8s-oidc.data-production.braintree-api.com
panel.gateway.qa.braintreepayments.com
docs-qa-us-east-1.dev.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
*.bcoumes.dev.braintree-api.com
data-airflow.sand.braintree.tools
millennium-simulator.dev.braintree-api.com
k8s-oidc.data-production.braintree-api.com
mission-control.braintree-api.com
tugboat.dev.braintree-api.com
taskworker-flower.production.braintree-api.com
reader-service.sandbox.braintree-api.com
apply.braintreegateway.com
taskworker-auditor.production.braintree-api.com
data-airflow-webserver-datastag.data-staging.braintree-api.com
docs-prod-us-east-1.production.braintree-api.com
taskworker-flower.production.braintree-api.com
monitoring-tool-serv-sand-us-west-2.sandbox.braintree-api.com
bazaar.braintree.tools
event-sink-sand-us-west-2.sandbox.braintree-api.com
bazaar.braintree.tools
docs.sandbox.braintree-api.com
data-airflow.braintree.tools
aegis-proxy.production.braintree-api.com
billpay-validator-sand.sandbox.braintree-api.com
k8s-oidc.data-staging.braintree-api.com
provisioner.svc.braintreepayments.com
marketing-qa-us-east-1.dev.braintree-api.com
payments.sandbox.braintree-api.com
blue-front-door.braintree-api.com
infra-sso-token-converter.braintree-api.com
alert-notify-sand-us-west-2.sandbox.braintree-api.com
k8s-oidc.production.braintree-api.com
sentinel-dev.dev.braintree-api.com
origin-falcon.dev.braintree-api.com
tugboat.dev.braintree-api.com
reader.braintree-api.com
aegis-proxy-prod-us-east-2.production.braintree-api.com
pigeon.production.braintree-api.com
k8s-dashboard-qa-us-west-2.braintree.tools
pigeon.dev.braintree-api.com
pricing-prod.production.braintree-api.com
k8s-dashboard.sandbox.braintree-api.com
origin-analytics-sand.sandbox.braintree-api.com
infra-sso-token-converter.braintree-api.com
millennium-simulator.sandbox.braintree-api.com
functions.sandbox.braintree-api.com
airflow.dev.braintree-api.com
ppwr-sand.sandbox.braintree-api.com
signups.sand.braintreepayments.com
payments.sandbox.braintree-api.com
consul.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
localpay-checkout-test.sandbox.braintree-api.com
pigeon.sandbox.braintree-api.com
apply.braintreegateway.com
origin-analytics-qa.dev.braintree-api.com
twistlock-sand-us-east-1.sandbox.braintree-api.com
gateway-qa.dev.braintree-api.com
k8s-oidc.data-staging.braintree-api.com
processor-webhook-receiver.braintree-api.com
k8s-dashboard.data-production.braintree-api.com
gateway.braintree-api.com
sentintel-sand-us-west-2.sandbox.braintree-api.com
arbiter-kubernetes-prod.production.braintree-api.com
origin-falcon-prod.production.braintree-api.com
monitor-data-model-sand-us-west-2.sandbox.braintree-api.com
gateway.braintree-api.com
Certificate
The complete raw certificate details for k8s-oidc.data-production.braintree-api.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIPTCCByWgAwIBAgIQCwTIR3AisR7zk13MiLAQ/jANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0yNDAyMjEwMDAwMDBaFw0yNTAyMjAyMzU5NTla MIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMI U2FuIEpvc2UxFTATBgNVBAoTDFBheVBhbCwgSW5jLjEzMDEGA1UEAxMqazhzLW9p ZGMuZGF0YS1wcm9kdWN0aW9uLmJyYWludHJlZS1hcGkuY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzowY3PL810Djdf8kxtNx4ef+AHW4wHdO1DQT ReUkTWgSUsGwsR4CsRmNF1l82LrXhXeMJwKJ+y3UwKsy2d/wotIIPPifAwK+CFu6 1jYI6ImleM03xgtmZZtUhiGwql6L48rpKEu2rMI1fcVAWgNEL/46wpkzvcshmytW HdHssjZbUDY6vkcLCyRusJowUWZSK1rTHQUWRxzb38/e8gE3PLImxayCjbKsBPmH c8iNFoMNGTDumc+CU+J1Obj9H8nlJU90Sn8CptZeDd95tK3A9lI9KQuGOB7X93ao oyVZaIR40HggyViUsNUtQMcGmgTH7TwR1EdsrSqzsgBTL4nklQIDAQABo4IEvzCC BLswHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFGIY H38x3fSUq+GDv93T0t6GZr4ZMIIBfAYDVR0RBIIBczCCAW+CKms4cy1vaWRjLmRh dGEtcHJvZHVjdGlvbi5icmFpbnRyZWUtYXBpLmNvbYI9azhzLW9pZGMtZGF0YXBy b2QtdXMtZWFzdC0xLmRhdGEtcHJvZHVjdGlvbi5icmFpbnRyZWUtYXBpLmNvbYI9 azhzLW9pZGMtZGF0YXByb2QtdXMtZWFzdC0yLmRhdGEtcHJvZHVjdGlvbi5icmFp bnRyZWUtYXBpLmNvbYI9azhzLW9pZGMtZGF0YXByb2QtdXMtd2VzdC0yLmRhdGEt cHJvZHVjdGlvbi5icmFpbnRyZWUtYXBpLmNvbYJCazhzLW9pZGMtZGF0YXByb2Qt YXAtc291dGhlYXN0LTIuZGF0YS1wcm9kdWN0aW9uLmJyYWludHJlZS1hcGkuY29t gkBrOHMtb2lkYy1kYXRhcHJvZC1ldS1jZW50cmFsLTEuZGF0YS1wcm9kdWN0aW9u LmJyYWludHJlZS1hcGkuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYB BQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAy oDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5j cmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZl ci1nNi5jcmwwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29j c3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdp Y2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAM BgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgBOdaMnXJoQ wzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY3LXRHMAAAEAwBHMEUCIQCzmdLR EKTu7mLrM3phnfrjoeGkm3vIHUaAZgQqJNrUrQIgfY9iKEahNXtLfzRbutOIABTF 9dcpkdltCuqFD7anGZQAdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55 uAAAAY3LXRGYAAAEAwBHMEUCIQCgJJqBY5ONdJyfH1SBKwBKNIt4k+vpIeCo0mFL idzh0wIgfXZ5abHoytMsJiVhmWlDjC+hR16+XpW4HWBnDmSEnT4AdQDm0jFjQHeM wRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY3LXRG8AAAEAwBGMEQCIGJexb8H iUxdAndisd9Y8V++aUJ2L77d5E7lr22o2R5wAiB17AUKajRvdE13yEFMavvN4HYs dC8rD9UKjkBEmt2eqTANBgkqhkiG9w0BAQsFAAOCAQEAPCU5/IL2WpQpbjIyh9+5 YUByR0yAMLoasnx5/ZojeC+HWE+h4ve9eVqHj/iOC9ze3RnECzJl3rL6KmpkSkOc TvENSuTUujta5qaYJsSK3TI4vZNTUSE2pLyqa38dASUhFXxLvEoLVPfNhp4td1Qc J5WrMsDvYB0TMgJJx6HM2tz2iEIpU0D8Gxt55XMaLy8/YK/9/H8AdMaJrgZwiAZI tUJur7p4pGiVbpmJiK/BCZJFs76nf5VDhDs2JiKQNc0vw9noF3VGHyxyq5Duwakt SlEKBvJPCIA7LA+/IMCpyutp4A3bOvmFVNjy+hiDf16VguZueZwDCJyQ+si+ugli eA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzowY3PL810Djdf8kxtNx 4ef+AHW4wHdO1DQTReUkTWgSUsGwsR4CsRmNF1l82LrXhXeMJwKJ+y3UwKsy2d/w otIIPPifAwK+CFu61jYI6ImleM03xgtmZZtUhiGwql6L48rpKEu2rMI1fcVAWgNE L/46wpkzvcshmytWHdHssjZbUDY6vkcLCyRusJowUWZSK1rTHQUWRxzb38/e8gE3 PLImxayCjbKsBPmHc8iNFoMNGTDumc+CU+J1Obj9H8nlJU90Sn8CptZeDd95tK3A 9lI9KQuGOB7X93aooyVZaIR40HggyViUsNUtQMcGmgTH7TwR1EdsrSqzsgBTL4nk lQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 14646339282892743766987568773724115198 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Jose' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PayPal, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'k8s-oidc.data-production.braintree-api.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26074175288391979644040339325238705713809731960478467798079592019579507493852588117642793521394372050852109280140859585260278104678269931766611974717393019778646292154641342505735272559157892912662280112666556048462627486949649748333552877229016016719503496688885857129585276381708122109869361542616114956530665751736807380944224733400151711927768652263785919069230146092492806769970204662098554935502243788950929051568799907409240577344815476068637584060146033419909093729204980055787011053809660782006191354818436782273791363682030648244925979660798820296330683669757532898787287676922131995128895160851987056682133 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 62181f7f31ddf494abe183bfddd3d2de8666be19 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (371 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc.data-production.braintree-api.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-us-east-1.data-production.braintree-api.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-us-east-2.data-production.braintree-api.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-us-west-2.data-production.braintree-api.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-ap-southeast-2.data-production.braintree-api.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'k8s-oidc-dataprod-eu-central-1.data-production.braintree-api.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018dcb5d11cc0000040300473045022100b399d2d110a4eeee62eb337a619dfae3a1e1a49b7bc81d468066042a24dad4ad02207d8f622846a1357b4b7f345bbad3880014c5f5d72991d96d0aea850fb6a719940076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018dcb5d11980000040300473045022100a0249a8163938d749c9f1f54812b004a348b7893ebe921e0a8d2614b89dce1d302207d767969b1e8cad32c2625619969438c2fa1475ebe5e95b81d60670e64849d3e007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018dcb5d11bc00000403004630440220625ec5bf07894c5d027762b1df58f15fbe6942762fbedde44ee5af6da8d91e70022075ec050a6a346f744d77c8414c6afbcde0762c742f2b0fd50a8e40449add9ea9 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003c2539fc82f65a94296e323287dfb9614072474c8030ba1ab27c79fd9a23782f87584fa1e2f7bd795a878ff88e0bdcdedd19c40b3265deb2fa2a6a644a439c4ef10d4ae4d4ba3b5ae6a69826c48add3238bd9353512136a4bcaa6b7f1d012521157c4bbc4a0b54f7cd869e2d77541c2795ab32c0ef601d13320249c7a1ccdadcf68842295340fc1b1b79e5731a2f2f3f60affdfc7f0074c689ae0670880648b5426eafba78a468956e998988afc1099245b3bea77f9543843b3626229035cd2fc3d9e81775461f2c72ab90eec1a92d4a510a06f24f08803b2c0fbf20c0a9caeb69e00ddb3af98554d8f2fa18837f5e9582e66e799c03089c90fac8beba096278