staging-athena-mongo-cms.huffpo.net
- AOL, Inc -
Issued by DigiCert SHA2 High Assurance Server CA
About this certificate
This digital certificate with serial number 0d:12:70:9b:16:c0:3b:e4:35:28:3a:d9:03:16:5f:b7 was issued on by DigiCert Inc.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
AOL, Inc
Organization:
AOL, Inc
State / Province:
Virginia
Locality: Sterling
Country: US
Locality: Sterling
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:12:70:9b:16:c0:3b:e4:35:28:3a:d9:03:16:5f:b7Serial Number (int): 17375709205939398745868964424173641655
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 3a:25:8b:d2:6b:aa:16:b6:23:a4:49:14:6a:8d:16:9f:1a:91:c4:0f
AuthorityKeyId: 51:68:ff:90:af:02:07:75:3c:cc:d9:65:64:62:a2:12:b8:59:72:3b
Fingerprint (sha1): 65:09:4f:c9:85:7c:c2:4f:1f:21:de:df:d3:e9:26:22:45:01:10:bb
Fingerprint (sha256): 0e:e8:6a:ff:c0:dd:3a:7b:6c:cb:d7:f5:65:41:d3:65:a0:02:08:65:80:8d:65:6b:cf:3f:9b:d1:44:41:ab:1d
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ha-server-g6.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ha-server-g6.crl
Check the revocation status for certificate staging-athena-mongo-cms.huffpo.net
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for staging-athena-mongo-cms.huffpo.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
staging-athena-mongo-cms.huffpo.net
staging-athena-ea-mongo-cms-01.use1.huffpo.net
staging-athena-ea-mongo-cms-02.use1.huffpo.net
staging-athena-ea-mongo-cms-03.use1.huffpo.net
staging-athena-ea-mongo-cms-60-159.use1.huffpo.net
staging-athena-ea-mongo-cms-68-87.use1.huffpo.net
staging-athena-ea-mongo-cms-66-101.use1.huffpo.net
staging-athena-ea-mongo-cms-01.use1.huffpo.net
staging-athena-ea-mongo-cms-02.use1.huffpo.net
staging-athena-ea-mongo-cms-03.use1.huffpo.net
staging-athena-ea-mongo-cms-60-159.use1.huffpo.net
staging-athena-ea-mongo-cms-68-87.use1.huffpo.net
staging-athena-ea-mongo-cms-66-101.use1.huffpo.net
Other certificates including the domain name huffpo.net
(limited to 100 certificates)
qa-athena-mongo-image.huffpo.net
production-athenizer.use1.huffpo.net
staging-origin-life.huffpo.net
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
production-athena-mongo-cms.huffpo.net
buildbot.office.aol.com
staging-content-transform.use1.huffpo.net
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
production-modulous-tag-manager.use1.huffpo.net
beta-origin-cambria-alb.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
qa.preview.www.huffpost.com
*.utils.huffpo.net
qa.preview.www.huffpost.com
www.huffpost.com
origin-kraken.huffpo.net
origin-hanami.huffpo.net
beta-origin-cambria-alb.huffpo.net
qa.preview.www.huffpost.com
www.huffingtonpost.com
www.huffingtonpost.com
staging-modulous-api-lb.use1.huffpo.net
qa-origin-life.huffpo.net
staging-athena-mongo-cms.huffpo.net
beta.www.huffpost.com
src5.yahoo.com
src5.yahoo.com
qa-origin-life.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
origin-kraken.huffpo.net
src5.yahoo.com
staging-modulous-api-varnish.use1.huffpo.net
qa-origin-life.huffpo.net
staging-mtkiller-mongo.use1.huffpo.net
origin-identifiers.huffpost.net
www.huffingtonpost.com
staging-origin-hanami-alb.huffpo.net
origin-hanami-alb.huffpo.net
qa.preview.www.huffpost.com
production-athenizer.use1.huffpo.net
*.stage.buzzfeed.io
staging.modulous.aol.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
staging.preview.www.huffpost.com
*.use1.huffpo.net
preview.www.huffpost.com
preview.beta.www.huffpost.com
staging-athena-mongo-cms.huffpo.net
*.app-west.buzzfeed.io
*.edge.huffpo.net
qa.mapi.huffpost.com
beta.www.huffpost.com
preview.www.huffpost.com
origin-kraken.huffpo.net
qa-origin-life.huffpo.net
qa.www.huffpost.com
*.edge.huffpo.net
*.app-west.buzzfeed.io
src5.yahoo.com
www.huffpost.com
staging.preview.www.huffpost.com
origin-identifiers.huffpost.net
production-trait-manager.use1.huffpo.net
production-athenizer.use1.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
*.amp.edge.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
*.games.yahoo.com
src5.yahoo.com
www.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.cambria-production.huffpo.net
production-athenizer.use1.huffpo.net
www.huffingtonpost.com
qa.preview.www.huffpost.com
*.utils.huffpo.net
origin-hanami.huffpo.net
staging.preview.www.huffpost.com
modulous.aol.com
*.stage.buzzfeed.io
staging-audiogram.use1.huffpo.net
src5.yahoo.com
www.huffingtonpost.com
qa-athena-mongo-cms.huffpo.net
staging-content-transform.use1.huffpo.net
*.app-west.buzzfeed.io
*.use1.huffpo.net
src5.yahoo.com
origin-identifiers.huffpost.net
*.use1.huffpo.net
src5.yahoo.com
beta-preview-origin-cambria-alb.huffpo.net
*.app-west.buzzfeed.io
production-athenizer.use1.huffpo.net
staging-origin-life.huffpo.net
qa.mapi.huffpost.com
*.app-west.buzzfeed.io
production-athena-mongo-cms.huffpo.net
buildbot.office.aol.com
staging-content-transform.use1.huffpo.net
qa.mapi.huffpost.com
src5.yahoo.com
staging-origin-life.huffpo.net
production-modulous-tag-manager.use1.huffpo.net
beta-origin-cambria-alb.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
qa.preview.www.huffpost.com
*.utils.huffpo.net
qa.preview.www.huffpost.com
www.huffpost.com
origin-kraken.huffpo.net
origin-hanami.huffpo.net
beta-origin-cambria-alb.huffpo.net
qa.preview.www.huffpost.com
www.huffingtonpost.com
www.huffingtonpost.com
staging-modulous-api-lb.use1.huffpo.net
qa-origin-life.huffpo.net
staging-athena-mongo-cms.huffpo.net
beta.www.huffpost.com
src5.yahoo.com
src5.yahoo.com
qa-origin-life.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
origin-kraken.huffpo.net
src5.yahoo.com
staging-modulous-api-varnish.use1.huffpo.net
qa-origin-life.huffpo.net
staging-mtkiller-mongo.use1.huffpo.net
origin-identifiers.huffpost.net
www.huffingtonpost.com
staging-origin-hanami-alb.huffpo.net
origin-hanami-alb.huffpo.net
qa.preview.www.huffpost.com
production-athenizer.use1.huffpo.net
*.stage.buzzfeed.io
staging.modulous.aol.com
*.prod.buzzfeed.io
*.stage.buzzfeed.io
staging-athena-mongo-cms.huffpost.net
staging.preview.www.huffpost.com
*.use1.huffpo.net
preview.www.huffpost.com
preview.beta.www.huffpost.com
staging-athena-mongo-cms.huffpo.net
*.app-west.buzzfeed.io
*.edge.huffpo.net
qa.mapi.huffpost.com
beta.www.huffpost.com
preview.www.huffpost.com
origin-kraken.huffpo.net
qa-origin-life.huffpo.net
qa.www.huffpost.com
*.edge.huffpo.net
*.app-west.buzzfeed.io
src5.yahoo.com
www.huffpost.com
staging.preview.www.huffpost.com
origin-identifiers.huffpost.net
production-trait-manager.use1.huffpo.net
production-athenizer.use1.huffpo.net
production-kraken-valencia-preview.use1.huffpo.net
*.amp.edge.huffpo.net
*.prod.buzzfeed.io
qa-origin-life.huffpo.net
*.games.yahoo.com
src5.yahoo.com
www.huffpost.com
production-kraken-valencia-preview.use1.huffpo.net
*.cambria-production.huffpo.net
production-athenizer.use1.huffpo.net
www.huffingtonpost.com
qa.preview.www.huffpost.com
*.utils.huffpo.net
origin-hanami.huffpo.net
staging.preview.www.huffpost.com
modulous.aol.com
*.stage.buzzfeed.io
staging-audiogram.use1.huffpo.net
src5.yahoo.com
www.huffingtonpost.com
qa-athena-mongo-cms.huffpo.net
staging-content-transform.use1.huffpo.net
*.app-west.buzzfeed.io
*.use1.huffpo.net
src5.yahoo.com
origin-identifiers.huffpost.net
*.use1.huffpo.net
src5.yahoo.com
beta-preview-origin-cambria-alb.huffpo.net
*.app-west.buzzfeed.io
Certificate
The complete raw certificate details for staging-athena-mongo-cms.huffpo.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGsjCCBZqgAwIBAgIQDRJwmxbAO+Q1KDrZAxZftzANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xNzExMTYwMDAwMDBaFw0yMDExMjAxMjAwMDBa MHQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5pYTERMA8GA1UEBxMIU3Rl cmxpbmcxETAPBgNVBAoTCEFPTCwgSW5jMSwwKgYDVQQDEyNzdGFnaW5nLWF0aGVu YS1tb25nby1jbXMuaHVmZnBvLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAMF1Fk/4nIGJMvq2R+P4IGWljo4uZUleZ7uXLkzX9S7zGxewZij3RqO0 IZ5RAOGp1gazzEtM6hg84hhylQur4ByOqSoRkEl6RPMgBrzhWhmNCOOG/TJCO3+p 8vEyQzIrVCqk7MbinWqXBYA2/Qmr5mpmT6qXFXuYlnDnQnCon6qGOqOBikpYkqiz Ij30bb15i1O4canbIx9Hu/bGjfRHPMz+9gEVaS4/b3dMtz7HKSSVbQ6uCXuRZIBT s++OIstC61oKH5XpbB27ChBZctoChcjaEW3oiwuReXHsVOC4ejeHE0qsSWElbaLG Y5aWqbV8TiUOov2/kSl8opvcTqCL09sCAwEAAaOCA0IwggM+MB8GA1UdIwQYMBaA FFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQ6JYvSa6oWtiOkSRRqjRaf GpHEDzCCAV0GA1UdEQSCAVQwggFQgiNzdGFnaW5nLWF0aGVuYS1tb25nby1jbXMu aHVmZnBvLm5ldIIuc3RhZ2luZy1hdGhlbmEtZWEtbW9uZ28tY21zLTAxLnVzZTEu aHVmZnBvLm5ldIIuc3RhZ2luZy1hdGhlbmEtZWEtbW9uZ28tY21zLTAyLnVzZTEu aHVmZnBvLm5ldIIuc3RhZ2luZy1hdGhlbmEtZWEtbW9uZ28tY21zLTAzLnVzZTEu aHVmZnBvLm5ldIIyc3RhZ2luZy1hdGhlbmEtZWEtbW9uZ28tY21zLTYwLTE1OS51 c2UxLmh1ZmZwby5uZXSCMXN0YWdpbmctYXRoZW5hLWVhLW1vbmdvLWNtcy02OC04 Ny51c2UxLmh1ZmZwby5uZXSCMnN0YWdpbmctYXRoZW5hLWVhLW1vbmdvLWNtcy02 Ni0xMDEudXNlMS5odWZmcG8ubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2Ny bDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0 cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNV HSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k aWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsG AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0 dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJh bmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQC BQAwDQYJKoZIhvcNAQELBQADggEBADntmmp8LdEwNdXQILeHCPsLutT/mponZBZY 8xsSq0XTbA8AAfwVl6MInnNu4+LW8LI/5NtnpHUiCGXeNs6+PPOvbNCzNgHSkAst AE/AhJNLnheiPAwBjPo/8HR/5nTYiYA/7AiUOFz9OEx0APZqonLnsj0ml+QmHq75 E8BuJDtE1aqLduuxAlmSvRLPSe1vy5gdmblkEUqZqtZp58037a9FypC7CIppAYSE P+Qulw8wNklPuKSt5gSy6iq8idVVfe1qtbdAJERkZYzGrA/qtf6PLuMLrQF2QDFz fEDTS6FmpJcoedj8xC0vgNULf7BeRSI9bC5xGuRcclKsv3Xe/8M= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXUWT/icgYky+rZH4/gg ZaWOji5lSV5nu5cuTNf1LvMbF7BmKPdGo7QhnlEA4anWBrPMS0zqGDziGHKVC6vg HI6pKhGQSXpE8yAGvOFaGY0I44b9MkI7f6ny8TJDMitUKqTsxuKdapcFgDb9Cavm amZPqpcVe5iWcOdCcKifqoY6o4GKSliSqLMiPfRtvXmLU7hxqdsjH0e79saN9Ec8 zP72ARVpLj9vd0y3PscpJJVtDq4Je5FkgFOz744iy0LrWgoflelsHbsKEFly2gKF yNoRbeiLC5F5cexU4Lh6N4cTSqxJYSVtosZjlpaptXxOJQ6i/b+RKXyim9xOoIvT 2wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17375709205939398745868964424173641655 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 High Assurance Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-20 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sterling' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AOL, Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging-athena-mongo-cms.huffpo.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24421730687860486671263557503832787586629467776185111251320867721447707014562414133286566584039641731992155943532888198531410884465847913203506254167769302680523076348748595341683489995877144836926356240492551726589799598275204224848839181321989874915838694909043859381860995777546491412770652689308038638770539431958623495047282861379771440882223705866996916923789531614483934743541005721528980924624941877176446420113020170118498644044745212519720035610040767666759062844601139188843527400975264144476714330456134880741764113987585852857442895682921992630355313404549505041170436152116285212783873520588554702148571 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5168ff90af0207753cccd9656462a212b859723b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3a258bd26baa16b623a449146a8d169f1a91c40f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (340 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-mongo-cms.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-ea-mongo-cms-01.use1.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-ea-mongo-cms-02.use1.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-ea-mongo-cms-03.use1.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-ea-mongo-cms-60-159.use1.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-ea-mongo-cms-68-87.use1.huffpo.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-athena-ea-mongo-cms-66-101.use1.huffpo.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ha-server-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0039ed9a6a7c2dd13035d5d020b78708fb0bbad4ff9a9a27641658f31b12ab45d36c0f0001fc1597a3089e736ee3e2d6f0b23fe4db67a475220865de36cebe3cf3af6cd0b33601d2900b2d004fc084934b9e17a23c0c018cfa3ff0747fe674d889803fec0894385cfd384c7400f66aa272e7b23d2697e4261eaef913c06e243b44d5aa8b76ebb1025992bd12cf49ed6fcb981d99b964114a99aad669e7cd37edaf45ca90bb088a690184843fe42e970f3036494fb8a4ade604b2ea2abc89d5557ded6ab5b740244464658cc6ac0feab5fe8f2ee30bad01764031737c40d34ba166a4972879d8fcc42d2f80d50b7fb05e45223d6c2e711ae45c7252acbf75deffc3