blog.firstchoice.co.uk
- TUI UK Ltd. -
Issued by DigiCert SHA2 Secure Server CA
About this certificate
This digital certificate with serial number 0e:37:eb:7c:e3:85:af:8c:3a:42:f4:f5:5f:ac:cc:2e was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
TUI UK Ltd.
Organization:
TUI UK Ltd.
Organization unit: TUI UK
Organization unit: TUI UK
State / Province:
Bedfordshire
Locality: Luton
Country: GB
Locality: Luton
Country: GB
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:37:eb:7c:e3:85:af:8c:3a:42:f4:f5:5f:ac:cc:2eSerial Number (int): 18899544529171961015880901270916877358
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 1f:d2:2f:48:d0:16:1a:29:5d:81:73:01:7d:e9:cf:2b:52:e1:30:54
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2
Fingerprint (sha1): e4:09:14:e4:cc:9d:eb:ad:12:5e:16:78:6f:8f:e7:6e:d2:d7:38:4c
Fingerprint (sha256): 13:24:99:30:1a:f3:e1:95:9e:23:89:cb:04:24:ea:9c:d8:a7:6a:6a:74:74:f2:b7:70:f6:b9:c4:9d:73:77:b7
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl
Check the revocation status for certificate blog.firstchoice.co.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for blog.firstchoice.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
blog.firstchoice.co.uk
Other certificates including the domain name firstchoice.co.uk
(limited to 100 certificates)
static.firstchoice.co.uk
ssl001.insnw.net
TUI AG
excursion.firstchoice.co.uk
ssl001.insnw.net
poweredby.firstchoice.co.uk
music.firstchoice.co.uk
ssl001.insnw.net
ssl003.insnw.net
ssl003.insnw.net
ssl001.insnw.net
flights.firstchoice.co.uk
ssl001.insnw.net
TUI AG
TUI AG
static.firstchoice.co.uk
digital.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
excursions.firstchoice.co.uk
ssl003.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
pay.firstchoice.co.uk
pay.excursions.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
blog.firstchoice.co.uk
m.pay.firstchoice.co.uk
t3e.firstchoice.co.uk
www.firstchoice.co.uk
ssl001.insnw.net
www.firstchoice.co.uk
blog.firstchoice.co.uk
poweredby.firstchoice.co.uk
pay.firstchoice.co.uk
www.firstchoice.co.uk
TUI AG
ssl001.insnw.net
TUI AG
ssl001.insnw.net
poweredby.firstchoice.co.uk
origin.firstchoice.co.uk
TUI AG
TUI AG
ssl001.insnw.net
ssl001.insnw.net
poweredby.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl003.insnw.net
m.excursion.firstchoice.co.uk
digital.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl003.insnw.net
pay.excursions.firstchoice.co.uk
t3e.firstchoice.co.uk
origin.firstchoice.co.uk
poweredby.firstchoice.co.uk
digital.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
origin.static.firstchoice.co.uk
ssl001.insnw.net
flights.firstchoice.co.uk
origin.firstchoice.co.uk
ssl003.insnw.net
digital.firstchoice.co.uk
ssl003.insnw.net
t3e.firstchoice.co.uk
static.firstchoice.co.uk
ssl001.insnw.net
www.firstchoice.co.uk
ssl001.insnw.net
flights.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
blog.firstchoice.co.uk
ssl003.insnw.net
www.firstchoice.co.uk
ssl003.insnw.net
TUI AG
ssl001.insnw.net
origin.pay.firstchoice.co.uk
carhire.firstchoice.co.uk
ssl001.insnw.net
static.firstchoice.co.uk
ssl001.insnw.net
TUI AG
excursion.firstchoice.co.uk
ssl001.insnw.net
poweredby.firstchoice.co.uk
music.firstchoice.co.uk
ssl001.insnw.net
ssl003.insnw.net
ssl003.insnw.net
ssl001.insnw.net
flights.firstchoice.co.uk
ssl001.insnw.net
TUI AG
TUI AG
static.firstchoice.co.uk
digital.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
excursions.firstchoice.co.uk
ssl003.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
pay.firstchoice.co.uk
pay.excursions.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
blog.firstchoice.co.uk
m.pay.firstchoice.co.uk
t3e.firstchoice.co.uk
www.firstchoice.co.uk
ssl001.insnw.net
www.firstchoice.co.uk
blog.firstchoice.co.uk
poweredby.firstchoice.co.uk
pay.firstchoice.co.uk
www.firstchoice.co.uk
TUI AG
ssl001.insnw.net
TUI AG
ssl001.insnw.net
poweredby.firstchoice.co.uk
origin.firstchoice.co.uk
TUI AG
TUI AG
ssl001.insnw.net
ssl001.insnw.net
poweredby.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl003.insnw.net
m.excursion.firstchoice.co.uk
digital.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
ssl003.insnw.net
pay.excursions.firstchoice.co.uk
t3e.firstchoice.co.uk
origin.firstchoice.co.uk
poweredby.firstchoice.co.uk
digital.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
origin.static.firstchoice.co.uk
ssl001.insnw.net
flights.firstchoice.co.uk
origin.firstchoice.co.uk
ssl003.insnw.net
digital.firstchoice.co.uk
ssl003.insnw.net
t3e.firstchoice.co.uk
static.firstchoice.co.uk
ssl001.insnw.net
www.firstchoice.co.uk
ssl001.insnw.net
flights.firstchoice.co.uk
ssl001.insnw.net
ssl001.insnw.net
ssl001.insnw.net
blog.firstchoice.co.uk
ssl003.insnw.net
www.firstchoice.co.uk
ssl003.insnw.net
TUI AG
ssl001.insnw.net
origin.pay.firstchoice.co.uk
carhire.firstchoice.co.uk
ssl001.insnw.net
static.firstchoice.co.uk
Certificate
The complete raw certificate details for blog.firstchoice.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgIQDjfrfOOFr4w6QvT1X6zMLjANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODAzMDAwMDAwWhcN MTkwODA0MTIwMDAwWjB8MQswCQYDVQQGEwJHQjEVMBMGA1UECBMMQmVkZm9yZHNo aXJlMQ4wDAYDVQQHEwVMdXRvbjEUMBIGA1UEChMLVFVJIFVLIEx0ZC4xDzANBgNV BAsTBlRVSSBVSzEfMB0GA1UEAxMWYmxvZy5maXJzdGNob2ljZS5jby51azCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMoHR+U3FBSDlUnUNBTERpqdoUAE G8yCtgfD+zMUuxIBXSdjJou4lKdaDGuiNZ0K/BvjDhNh5Wes4cwoG5YT8SqevfQi FbJpp8/Zsi9k5fwI3vvtxmilaR+WFnIB9C58rpA5uLXaU0KuBa4kv/bNx4u8Dy3f XNV/MnzsjdUPxbn1aWI+rucqU4GazQk4DvbeOhDOCT2i70KRubChx4MLhnzcAH2J GAtucpyMuN3YgXPrEBKSgJ5gwXnQZcu4d9mfIJ1WrUD9jzYKEKU5O/Q0JF+FbKGW f8x2K7Gwr1up4LE4VrUYoAvma2UGjWz3XqLtzk1UoshbwvJSKkFXV+l2RQsCAwEA AaOCAe8wggHrMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1Ud DgQWBBQf0i9I0BYaKV2BcwF96c8rUuEwVDAhBgNVHREEGjAYghZibG9nLmZpcnN0 Y2hvaWNlLmNvLnVrMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNl cnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2lj ZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEB MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYG Z4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAw EwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAMvTLxKN1iya 7hs/S41Gudf98/UjXG2NN0qNxIHSyp03y7ZsNRyot2oTTVFOmp0NsjkNGeDj6iYy 8XKS9GWjByMOfeqxAEYxZfm/kCUDhNNn8UhvtK/JevSECTknyXdem1n+fh5sUZWH fDollMkplEXoXDRyB0H6k2U6sCWbJcSAXCvVueuSv3fYzca+wO98X0oRI5O8Cjcd h3KBa1aelF/5TXVL/UbX+iJX0tzdDr0Vm54vhvnTnsJTJSaJb92Mr+g5iyXiGLtv 69VE2HNMAesb3YZPVJcdpODKn8kuGxVkkLBV+pAHAhPqvvC6wz81z/X25RkbBvBh /IjS2LVfvmI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygdH5TcUFIOVSdQ0FMRG mp2hQAQbzIK2B8P7MxS7EgFdJ2Mmi7iUp1oMa6I1nQr8G+MOE2HlZ6zhzCgblhPx Kp699CIVsmmnz9myL2Tl/Aje++3GaKVpH5YWcgH0LnyukDm4tdpTQq4FriS/9s3H i7wPLd9c1X8yfOyN1Q/FufVpYj6u5ypTgZrNCTgO9t46EM4JPaLvQpG5sKHHgwuG fNwAfYkYC25ynIy43diBc+sQEpKAnmDBedBly7h32Z8gnVatQP2PNgoQpTk79DQk X4VsoZZ/zHYrsbCvW6ngsThWtRigC+ZrZQaNbPdeou3OTVSiyFvC8lIqQVdX6XZF CwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18899544529171961015880901270916877358 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bedfordshire' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Luton' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TUI UK Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TUI UK' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blog.firstchoice.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25503727919799649175171033298997831514745416558998507840686743332629668736271875003327385323809496603207380010070579998351978126696523880847950659919541698058934620367798139379499518140141129654258930520478126465035933470300664722984623968466819914173532151616159073384776818332615060493768888330964656143826687909070694036847818605996933428320407872015564994011494152063421649887904648300547025170944424711163349584172075527425774469446688310744078802049715043079210749672597088299194889775554937353297229929369153928243658554604041696454434305825929873892755060022463095814120274247873426320292766176933520893953291 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1fd22f48d0161a295d8173017de9cf2b52e13054 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.firstchoice.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00cbd32f128dd62c9aee1b3f4b8d46b9d7fdf3f5235c6d8d374a8dc481d2ca9d37cbb66c351ca8b76a134d514e9a9d0db2390d19e0e3ea2632f17292f465a307230e7deab100463165f9bf90250384d367f1486fb4afc97af484093927c9775e9b59fe7e1e6c5195877c3a2594c9299445e85c34720741fa93653ab0259b25c4805c2bd5b9eb92bf77d8cdc6bec0ef7c5f4a112393bc0a371d8772816b569e945ff94d754bfd46d7fa2257d2dcdd0ebd159b9e2f86f9d39ec2532526896fdd8cafe8398b25e218bb6febd544d8734c01eb1bdd864f54971da4e0ca9fc92e1b156490b055fa90070213eabef0bac33f35cff5f6e5191b06f061fc88d2d8b55fbe62