*.jewels.com
- Sterling Jewelers Inc -
Issued by Trusted Secure Certificate Authority
About this certificate
This digital certificate with serial number cd:2d:f2:b9:84:2d:55:cf:d6:da:7a:d9:bd:10:0b:9e was issued on by Trusted Secure Certificate Authority.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Sterling Jewelers Inc
Organization:
Sterling Jewelers Inc
Organization unit: IT Infastructure
Organization unit: Enterprise SSL Wildcard
Organization unit: IT Infastructure
Organization unit: Enterprise SSL Wildcard
Address:
375 Ghent Road
Postal code: 44333
State / Province: OH
Locality: Akron
Country: US
Postal code: 44333
State / Province: OH
Locality: Akron
Country: US
Trusted Secure Certificate Authority
Organization:
Trusted Secure Certificate Authority
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): cd:2d:f2:b9:84:2d:55:cf:d6:da:7a:d9:bd:10:0b:9eSerial Number (int): 272730315535782798225118466039618735006
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: ae:6c:ff:fe:5f:fc:a5:3b:30:24:27:17:c0:8c:73:d8:fc:4a:a9:8e
AuthorityKeyId: cc:03:5b:96:5a:9e:16:cc:26:1e:bd:a3:70:fb:e3:cb:79:19:fc:4d
Fingerprint (sha1): 14:00:0b:68:d1:b6:6c:47:9a:44:18:c1:87:34:ba:6a:e1:ca:bd:62
Fingerprint (sha256): 0f:e7:b4:b6:fa:d4:17:cb:51:70:0b:f1:2e:98:ce:03:08:3c:dc:fc:6e:1d:6e:8f:54:83:57:b4:e6:c4:7e:04
Issuing Certificate URL: http://crt.csctrustedsecure.com/TrustedSecureCertificateAuthority_3.crt
Revocation information
OCSP Server: http://ocsp.csctrustedsecure.comCRL Distribution Point: http://crl.csctrustedsecure.com/TrustedSecureCertificateAuthority_3.crl
Check the revocation status for certificate *.jewels.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.jewels.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.jewels.com
jewels.com
jewels.com
Other certificates including the domain name jewels.com
(limited to 100 certificates)
qlqw10app00.jewels.com
srsprod.jewels.com
imperva.com
rmm.test.cloud.jewels.com
signet-identity-provider-test.jewels.com
plcosatadm01.jewels.com
credithub-test.azusnc-test.jewels.com
workordersapi-dev.jewels.com
sapbpcuxp.jewels.com
gp-akr.jewels.com
uluf20app00.jewels.com
sigctbanner.jewels.com
signet-cltin-prod-informatica-alb.cltin.cloud.jewels.com
sapfinance.jewels.com
*.jewels.com
jira.jewels.com
dldf10app00.jewels.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
web01-sigcapdev.jewels.com
archiva.jewels.com
vpn.jewels.com
plpb20app00.jewels.com
guest.jewels.com
PWAKSEPAPP01.jewels.com
credpmtcalc-dev.jewels.com
srsprod.jewels.com
credpmtcalc-dev.jewels.com
signethierarchyprovider.jewels.com
worswebdev.jewels.com
vhsigdi1ci.sap.jewels.com
dldw10app00.jewels.com
worswebuat.jewels.com
srsvendorportal.jewels.com
perf-creditapis.jewels.com
vhsigdi1ci.sap.jewels.com
signet-identity-provider-prod.jewels.com
data.jewels.com
mypc.jewels.com
*.jewels.com
PWAKSEPAPP01.jewels.com
api4.jewels.com
vhsigdi1ci.sap.jewels.com
xconnect.jewels.com
dwakivrweb01.jewels.com
skuserviceapi.dev.cloud.jewels.com
workordersapi.jewels.com
vpn.jewels.com
worsweb.jewels.com
uluw20app01.jewels.com
sappouxp.jewels.com
uk-alt.ecesb.test.cloud.jewels.com
test.sslvpn.jewels.com
credpmtcalc-prod.jewels.com
sjim-asa-vpn.jewels.com
signet-cltin-dev-inform-int-alb.cltin.dev.cloud.jewels.com
fed01.jewels.com
creditapis.jewels.com
CAR-C1-ISE-1.jewels.com
pacoclearpass01.jewels.com
credithub-test.azusnc-test.jewels.com
api4dev.zalecorp.com
xconnect.jewels.com
dlde10app00.jewels.com
www.kay.com
posapigateway-perf.jewels.com
dlde10app00.jewels.com
saps4huxp.jewels.com
plpf20app00.jewels.com
sjim-asa-vpn.jewels.com
stage-repair.jewels.com
credithub-dev.azusnc-test.jewels.com
vpn.jewels.com
PWAKRPAAPP01.jewels.com
rhesprodsat02.jewels.com
signetquota.cloud.jewels.com
cpayprod.jewels.com
uk-queue.ecesb.stage.cloud.jewels.com
www.kay.com
qlqw20app00.jewels.com
signetanalyticsservice.jewels.com
test.sslvpn.zalecorp.com
pwakslwnapp01.jewels.com
sma.jewels.com
signetwarrantyapp.jewels.com
cc.dev.cloud.jewels.com
sigctbanner.jewels.com
pwakivrweb02.jewels.com
travelevents-dev.jewels.com
vhsigdi1ci.sap.jewels.com
sapfioriuxp.jewels.com
vpn.jewels.com
qlqf10app00.jewels.com
www.kay.com
pwakivrweb02.jewels.com
api4dev.jewels.com
vhsigde1ci.sap.jewels.com
plpw20app00.jewels.com
test.sslvpn.zalecorp.com
www.kay.com
srsprod.jewels.com
imperva.com
rmm.test.cloud.jewels.com
signet-identity-provider-test.jewels.com
plcosatadm01.jewels.com
credithub-test.azusnc-test.jewels.com
workordersapi-dev.jewels.com
sapbpcuxp.jewels.com
gp-akr.jewels.com
uluf20app00.jewels.com
sigctbanner.jewels.com
signet-cltin-prod-informatica-alb.cltin.cloud.jewels.com
sapfinance.jewels.com
*.jewels.com
jira.jewels.com
dldf10app00.jewels.com
credithub-dev.azusnc-test.jewels.com
credithub-test.azusnc-test.jewels.com
web01-sigcapdev.jewels.com
archiva.jewels.com
vpn.jewels.com
plpb20app00.jewels.com
guest.jewels.com
PWAKSEPAPP01.jewels.com
credpmtcalc-dev.jewels.com
srsprod.jewels.com
credpmtcalc-dev.jewels.com
signethierarchyprovider.jewels.com
worswebdev.jewels.com
vhsigdi1ci.sap.jewels.com
dldw10app00.jewels.com
worswebuat.jewels.com
srsvendorportal.jewels.com
perf-creditapis.jewels.com
vhsigdi1ci.sap.jewels.com
signet-identity-provider-prod.jewels.com
data.jewels.com
mypc.jewels.com
*.jewels.com
PWAKSEPAPP01.jewels.com
api4.jewels.com
vhsigdi1ci.sap.jewels.com
xconnect.jewels.com
dwakivrweb01.jewels.com
skuserviceapi.dev.cloud.jewels.com
workordersapi.jewels.com
vpn.jewels.com
worsweb.jewels.com
uluw20app01.jewels.com
sappouxp.jewels.com
uk-alt.ecesb.test.cloud.jewels.com
test.sslvpn.jewels.com
credpmtcalc-prod.jewels.com
sjim-asa-vpn.jewels.com
signet-cltin-dev-inform-int-alb.cltin.dev.cloud.jewels.com
fed01.jewels.com
creditapis.jewels.com
CAR-C1-ISE-1.jewels.com
pacoclearpass01.jewels.com
credithub-test.azusnc-test.jewels.com
api4dev.zalecorp.com
xconnect.jewels.com
dlde10app00.jewels.com
www.kay.com
posapigateway-perf.jewels.com
dlde10app00.jewels.com
saps4huxp.jewels.com
plpf20app00.jewels.com
sjim-asa-vpn.jewels.com
stage-repair.jewels.com
credithub-dev.azusnc-test.jewels.com
vpn.jewels.com
PWAKRPAAPP01.jewels.com
rhesprodsat02.jewels.com
signetquota.cloud.jewels.com
cpayprod.jewels.com
uk-queue.ecesb.stage.cloud.jewels.com
www.kay.com
qlqw20app00.jewels.com
signetanalyticsservice.jewels.com
test.sslvpn.zalecorp.com
pwakslwnapp01.jewels.com
sma.jewels.com
signetwarrantyapp.jewels.com
cc.dev.cloud.jewels.com
sigctbanner.jewels.com
pwakivrweb02.jewels.com
travelevents-dev.jewels.com
vhsigdi1ci.sap.jewels.com
sapfioriuxp.jewels.com
vpn.jewels.com
qlqf10app00.jewels.com
www.kay.com
pwakivrweb02.jewels.com
api4dev.jewels.com
vhsigde1ci.sap.jewels.com
plpw20app00.jewels.com
test.sslvpn.zalecorp.com
www.kay.com
Certificate
The complete raw certificate details for *.jewels.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgIRAM0t8rmELVXP1tp62b0QC54wDQYJKoZIhvcNAQEFBQAw azELMAkGA1UEBhMCVVMxLTArBgNVBAoTJFRydXN0ZWQgU2VjdXJlIENlcnRpZmlj YXRlIEF1dGhvcml0eTEtMCsGA1UEAxMkVHJ1c3RlZCBTZWN1cmUgQ2VydGlmaWNh dGUgQXV0aG9yaXR5MB4XDTE1MDgyNzAwMDAwMFoXDTE2MDUxOTIzNTk1OVowgccx CzAJBgNVBAYTAlVTMQ4wDAYDVQQREwU0NDMzMzELMAkGA1UECBMCT0gxDjAMBgNV BAcTBUFrcm9uMRcwFQYDVQQJEw4zNzUgR2hlbnQgUm9hZDEeMBwGA1UEChMVU3Rl cmxpbmcgSmV3ZWxlcnMgSW5jMRkwFwYDVQQLExBJVCBJbmZhc3RydWN0dXJlMSAw HgYDVQQLExdFbnRlcnByaXNlIFNTTCBXaWxkY2FyZDEVMBMGA1UEAwwMKi5qZXdl bHMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto4+hF8pVugB arFwJ71uWkRT9diLNpzTNdRWUDamBMztpD6eHRY7sZY9xXbZWNHCyXzKVsgW2uhL e2D5fTuiPtr4u3Lk0hR1tGJF6tIHA371P5GaPejUXlYjMBRiR+kYs4ImTu+vzuuR cGcMg/yLrdhW+OuYBHVlW1UvZ/GpDEFs0R7Eb3K13KLZuc5Q89QiSxD7G54xftgp bZJ2oDd0ETJNXhEBtr9oBclDGCBfDLIPYUdI6nKP3T3m4Tbbs1xX+Gy/3Fb1XgMC 0291nDA9Dethc5UGJVZcZaMc+rEdCm6HUkQfyvDmiGILr8/2QjfGckBwknAQebFY Pnof8QTLQQIDAQABo4IB7TCCAekwHwYDVR0jBBgwFoAUzANbllqeFswmHr2jcPvj y3kZ/E0wHQYDVR0OBBYEFK5s//5f/KU7MCQnF8CMc9j8SqmOMA4GA1UdDwEB/wQE AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjBVBgNVHSAETjBMMEAGCysGAQQBsjEBAgIIMDEwLwYIKwYBBQUHAgEWI2h0dHA6 Ly93d3cuY3NjdHJ1c3RlZHNlY3VyZS5jb20vY3BzMAgGBmeBDAECAjBYBgNVHR8E UTBPME2gS6BJhkdodHRwOi8vY3JsLmNzY3RydXN0ZWRzZWN1cmUuY29tL1RydXN0 ZWRTZWN1cmVDZXJ0aWZpY2F0ZUF1dGhvcml0eV8zLmNybDCBkwYIKwYBBQUHAQEE gYYwgYMwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcnQuY3NjdHJ1c3RlZHNlY3VyZS5j b20vVHJ1c3RlZFNlY3VyZUNlcnRpZmljYXRlQXV0aG9yaXR5XzMuY3J0MCwGCCsG AQUFBzABhiBodHRwOi8vb2NzcC5jc2N0cnVzdGVkc2VjdXJlLmNvbTAjBgNVHREE HDAaggwqLmpld2Vscy5jb22CCmpld2Vscy5jb20wDQYJKoZIhvcNAQEFBQADggEB ABGqjJ0gjcjwVv+XdPg9sIQPJnlxnDK9BCSGpubQ3D0b2ua+eWSedsygF2hus27G /gGdQkZlM9+zeE4BrE5lLvVm/K9LS0Q9nr8alzy0shtRXOGRpGHXKgHQMarx/39P WOqNjCCozJXEsUijxi6AZRYUzXDA66sLn1DUxzpC3dLbnR0ZrW1zQi6cIkzhacPs /5BuVkf3YU4uYdVM96K95PaLRM542HW8lT8l7mywUXUBt7q9QqgWwxAYbMDI8SA9 Vf3JDKFuOu30faeGCgXVmCdAbegl1GwbEvu43eocdlqpIBVklxvtdeDJQ1eslJNO PqFLJQFBT43DOuePOrgz/jk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto4+hF8pVugBarFwJ71u WkRT9diLNpzTNdRWUDamBMztpD6eHRY7sZY9xXbZWNHCyXzKVsgW2uhLe2D5fTui Ptr4u3Lk0hR1tGJF6tIHA371P5GaPejUXlYjMBRiR+kYs4ImTu+vzuuRcGcMg/yL rdhW+OuYBHVlW1UvZ/GpDEFs0R7Eb3K13KLZuc5Q89QiSxD7G54xftgpbZJ2oDd0 ETJNXhEBtr9oBclDGCBfDLIPYUdI6nKP3T3m4Tbbs1xX+Gy/3Fb1XgMC0291nDA9 Dethc5UGJVZcZaMc+rEdCm6HUkQfyvDmiGILr8/2QjfGckBwknAQebFYPnof8QTL QQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 272730315535782798225118466039618735006 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-08-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-19 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '44333' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Akron' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '375 Ghent Road' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sterling Jewelers Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Infastructure' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Wildcard' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.jewels.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23045514736732280145985715808811819936588723663153995869082496810114245112436377098532667396002289420642124331819916787224929124162356752601066009279748872470576623712360898852573020858293758604328241508678298717142952361455130029803949607236779096467247404912869213760662316237410692060715024263485581355762115716995375697648881551895378519939727166033099836092060770817778907823938886593343833722967056329585849267078230000671427532255637873705851054360893148155822483702232334470761705014204960274850896631969329979698266081379047262834313582520298633938300104443346115595809720101086795865988603543090679593093953 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cc035b965a9e16cc261ebda370fbe3cb7919fc4d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ae6cfffe5ffca53b30242717c08c73d8fc4aa98e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (78 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.csctrustedsecure.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (81 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.csctrustedsecure.com/TrustedSecureCertificateAuthority_3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (134 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.csctrustedsecure.com/TrustedSecureCertificateAuthority_3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.csctrustedsecure.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jewels.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jewels.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011aa8c9d208dc8f056ff9774f83db0840f2679719c32bd042486a6e6d0dc3d1bdae6be79649e76cca017686eb36ec6fe019d42466533dfb3784e01ac4e652ef566fcaf4b4b443d9ebf1a973cb4b21b515ce191a461d72a01d031aaf1ff7f4f58ea8d8c20a8cc95c4b148a3c62e80651614cd70c0ebab0b9f50d4c73a42ddd2db9d1d19ad6d73422e9c224ce169c3ecff906e5647f7614e2e61d54cf7a2bde4f68b44ce78d875bc953f25ee6cb0517501b7babd42a816c310186cc0c8f1203d55fdc90ca16e3aedf47da7860a05d59827406de825d46c1b12fbb8ddea1c765aa9201564971bed75e0c94357ac94934e3ea14b2501414f8dc33ae78f3ab833fe39