mobile-gpvpn.palantir.com
- Palantir Technologies Inc. -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 04:f1:6b:1d:e4:4f:44:2d:e2:51:a6:77:dd:7c:cb:7a was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Palantir Technologies Inc.
Organization:
Palantir Technologies Inc.
State / Province:
Colorado
Locality: Denver
Country: US
Locality: Denver
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:f1:6b:1d:e4:4f:44:2d:e2:51:a6:77:dd:7c:cb:7aSerial Number (int): 6570428112149269938840779011414346618
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 98:3b:b4:50:2b:9d:ea:ff:81:bc:86:54:30:99:71:98:d0:d8:3e:4d
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): 02:22:03:41:52:46:5b:1f:b2:40:f1:b7:22:14:43:c0:b5:c2:cb:48
Fingerprint (sha256): 14:10:7f:9c:f8:4a:4c:71:a4:82:76:b4:ba:15:55:87:30:84:d2:15:f2:d6:d1:56:b2:1e:ec:cb:3d:1f:0a:19
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate mobile-gpvpn.palantir.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mobile-gpvpn.palantir.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mobile-gpvpn.palantir.com
www.mobile-gpvpn.palantir.com
www.mobile-gpvpn.palantir.com
Other certificates including the domain name palantir.com
(limited to 100 certificates)
amkstatus.nhn.no
e.ssl.fastly.net
impact.palantir.com
amkstatus.nhn.no
gear.palantir.com
gpvpn.palantir.com
sj-ravpn.palantir.com
canada.status.coconutsoftware.com
foundry-usc-1.status.palantir.com
training.palantir.com
PALANTIR TECHNOLOGIES
amkstatus.nhn.no
gpvpn.palantir.com
canada.status.coconutsoftware.com
gerrit-tr.palantir.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
athena.palantir.com
amkstatus.nhn.no
guestwifi.palantir.com
cds2.cvent.com
canada.status.coconutsoftware.com
palantir.com
edge-eu-a.palantir.com
www.palantir.com
foundry-usz-1.status.palantir.com
amkstatus.nhn.no
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
devzone.palantir.com
appstatus.motorolasolutions.com
joyride-disp.palantir.com
files.palantir.com
gpvpn.palantir.com
blog.palantir.com
amkstatus.nhn.no
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
regalia.palantir.com
Palantir Technologies Inc.
gpvpn.palantir.com
foundry-usc-1.status.palantir.com
dc-ravpn.palantir.com
info.palantir.com
foundry-usc-1.status.palantir.com
joyride.palantir.com
cds2.cvent.com
go.palantir.com
esentry.mi.palantir.com
appstatus.motorolasolutions.com
files.palantir.com
appstatus.motorolasolutions.com
edge-usw-a.palantir.com
canada.status.coconutsoftware.com
amkstatus.nhn.no
cds2.cvent.com
legal.palantir.com
palantir.com
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
*.e.ssl.fastly.net
gear.palantir.com
regalia.palantir.com
resources.palantir.com
foundry-usc-1.status.palantir.com
regalia.palantir.com
*.e.ssl.fastly.net
foundry-usz-1.status.palantir.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
learning.palantir.com
PALANTIR TECHNOLOGIES
learn.palantir.com
plgpvpn.palantir.com
canada.status.coconutsoftware.com
mobile-gpvpn.palantir.com
amkstatus.nhn.no
foundry-usz-1.status.palantir.com
dns-vetting1.map.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
*.e.ssl.fastly.net
*.e.ssl.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usz-1.status.palantir.com
*.e.ssl.fastly.net
gear.palantir.com
appstatus.motorolasolutions.com
foundry-usz-1.status.palantir.com
e.ssl.fastly.net
impact.palantir.com
amkstatus.nhn.no
gear.palantir.com
gpvpn.palantir.com
sj-ravpn.palantir.com
canada.status.coconutsoftware.com
foundry-usc-1.status.palantir.com
training.palantir.com
PALANTIR TECHNOLOGIES
amkstatus.nhn.no
gpvpn.palantir.com
canada.status.coconutsoftware.com
gerrit-tr.palantir.com
canada.status.coconutsoftware.com
appstatus.motorolasolutions.com
athena.palantir.com
amkstatus.nhn.no
guestwifi.palantir.com
cds2.cvent.com
canada.status.coconutsoftware.com
palantir.com
edge-eu-a.palantir.com
www.palantir.com
foundry-usz-1.status.palantir.com
amkstatus.nhn.no
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
devzone.palantir.com
appstatus.motorolasolutions.com
joyride-disp.palantir.com
files.palantir.com
gpvpn.palantir.com
blog.palantir.com
amkstatus.nhn.no
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
canada.status.coconutsoftware.com
*.e.ssl.fastly.net
appstatus.motorolasolutions.com
regalia.palantir.com
Palantir Technologies Inc.
gpvpn.palantir.com
foundry-usc-1.status.palantir.com
dc-ravpn.palantir.com
info.palantir.com
foundry-usc-1.status.palantir.com
joyride.palantir.com
cds2.cvent.com
go.palantir.com
esentry.mi.palantir.com
appstatus.motorolasolutions.com
files.palantir.com
appstatus.motorolasolutions.com
edge-usw-a.palantir.com
canada.status.coconutsoftware.com
amkstatus.nhn.no
cds2.cvent.com
legal.palantir.com
palantir.com
amkstatus.nhn.no
foundry-usc-1.status.palantir.com
appstatus.motorolasolutions.com
*.e.ssl.fastly.net
gear.palantir.com
regalia.palantir.com
resources.palantir.com
foundry-usc-1.status.palantir.com
regalia.palantir.com
*.e.ssl.fastly.net
foundry-usz-1.status.palantir.com
cds2.cvent.com
foundry-usc-1.status.palantir.com
learning.palantir.com
PALANTIR TECHNOLOGIES
learn.palantir.com
plgpvpn.palantir.com
canada.status.coconutsoftware.com
mobile-gpvpn.palantir.com
amkstatus.nhn.no
foundry-usz-1.status.palantir.com
dns-vetting1.map.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
*.e.ssl.fastly.net
*.e.ssl.fastly.net
canada.status.coconutsoftware.com
cds2.cvent.com
foundry-usz-1.status.palantir.com
*.e.ssl.fastly.net
gear.palantir.com
appstatus.motorolasolutions.com
foundry-usz-1.status.palantir.com
Certificate
The complete raw certificate details for mobile-gpvpn.palantir.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHFDCCBfygAwIBAgIQBPFrHeRPRC3iUaZ33XzLejANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx MjA1MDAwMDAwWhcNMjQxMjA0MjM1OTU5WjB6MQswCQYDVQQGEwJVUzERMA8GA1UE CBMIQ29sb3JhZG8xDzANBgNVBAcTBkRlbnZlcjEjMCEGA1UEChMaUGFsYW50aXIg VGVjaG5vbG9naWVzIEluYy4xIjAgBgNVBAMTGW1vYmlsZS1ncHZwbi5wYWxhbnRp ci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9U0mVV5Pn7m1B 5KSFex/sdYK89DSgqCdS9oMeMyRHYqw+I5zqE0n3l3su1nAh5+VV+zqHIt0kLguG 03k5cCrV6JeuQ/hZojJIXgBk1Wwy9YOZ/ercKXXEDR4PcClwtxhSd8y4nY/pW/5f B/LrXpB8fics9EElgQ5vq9s0ZSYREavoaaY31kpeKRhpRegjdgRx+31lKuhzjDzV /dLxEQr4cCIqVMKG5gGiuqMq8dF7DSaha4GDoKNSvTObBaUQqzZhYCJubJ7KZ1IS C7ryeJPWD/hlaRoqyiYkPKTPgYvdzvu3HF1FiNPT0pA1kYfSscb8n7rdw+Iohc+A 5z2wzdpvAgMBAAGjggO1MIIDsTAfBgNVHSMEGDAWgBR0hYDAZsffN97PvSk3qgMd vu3NFzAdBgNVHQ4EFgQUmDu0UCud6v+BvIZUMJlxmNDYPk0wQwYDVR0RBDwwOoIZ bW9iaWxlLWdwdnBuLnBhbGFudGlyLmNvbYIdd3d3Lm1vYmlsZS1ncHZwbi5wYWxh bnRpci5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0 cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0 cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEy NTYyMDIwQ0ExLTEuY3JsMEigRqBEhkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v RGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwgYcGCCsG AQUFBwEBBHsweTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t MFEGCCsGAQUFBzAChkVodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl cnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcnQwDAYDVR0TAQH/BAIw ADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHUA7s3QZNXbGs7FXLedtM0TojKH Rny87N7DUUhZRnEftZsAAAGMOs9vugAABAMARjBEAiBxJ5Pc9RoA8jgEmzqMCOuM 7qTHWD3doDkcFfKEhmZgAAIgN/Aa56eEWj74HnqxsykUDNc5nR+v3g7CyJqHQPSK JBYAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYw6z29mAAAE AwBIMEYCIQD7XznV9d/vuTfRw+dMWYVYSSydE6kd2OrVm1hHAT3z/gIhAPcSXhOw rNR/j9tEN0HZXfkGylKfyXBnAyDm8SlrqcL9AHcA2ra/az+1tiKfm8K7XGvocJFx bLtRhIU0vaQ9MEjX+6sAAAGMOs9vdAAABAMASDBGAiEAh7tcjsVFsUv3THQUxnbA WGya0UkGwNBD2Q6QfTxs8CECIQCqhwev03akfcqu2mkgjBfdbORfRfx4FUUqKOr5 iC678TANBgkqhkiG9w0BAQsFAAOCAQEANH5UQRDjfXPhb0k0czg/e120zrXzvTW/ Hhg3vy4AnkFLVpAS886N9MJIRcA48PWzpdaiIk2dMiSWHBiCyWRd4vWaw5CdHZd2 XvpunoI2CqqPlbH3VxETEQUrfyy+/kAWud9Xw7FeXEqzifGvUZQc7q16+qGHEFnU nND7UG9q39NtOC2eIrDFrNTnX+IQ2rHEg/NAobdAW08W1mtGOIeTJT6Js74wVyAR PwAtbhsSSuN6U3VR8GkfE93aLKHl+EJV1KyG8r53pnmukgqYcu2HPNaKUp/Mhsnl b6Jgei2Mjm5682R8UuFsIcmJxU4iH/XoOVLUdbNJBeJnxdpEt/hV6g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVNJlVeT5+5tQeSkhXsf 7HWCvPQ0oKgnUvaDHjMkR2KsPiOc6hNJ95d7LtZwIeflVfs6hyLdJC4LhtN5OXAq 1eiXrkP4WaIySF4AZNVsMvWDmf3q3Cl1xA0eD3ApcLcYUnfMuJ2P6Vv+Xwfy616Q fH4nLPRBJYEOb6vbNGUmERGr6GmmN9ZKXikYaUXoI3YEcft9ZSroc4w81f3S8REK +HAiKlTChuYBorqjKvHRew0moWuBg6CjUr0zmwWlEKs2YWAibmyeymdSEgu68niT 1g/4ZWkaKsomJDykz4GL3c77txxdRYjT09KQNZGH0rHG/J+63cPiKIXPgOc9sM3a bwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6570428112149269938840779011414346618 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Colorado' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Denver' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Palantir Technologies Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mobile-gpvpn.palantir.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23900110203519098688152218702431998020417952486429202013286014113717890608288962960565892462711405401766964192117323664832798241990600499967505765920119709055648768748232790730993420842388461386793806541004413150125518654872222609937637123926729028446099625983825537116008861175587028360825369819994197599710471032908781278785037304671868035570094080962641139536222170488113425142547171062915035963371990756464397901910181546940961571674805657594983351108199042287415768759281755573748630657971957471745009371557796423024210132377172160742036910820513700747704846723929560356334555093737036165906960294674435335379567 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 983bb4502b9deaff81bc865430997198d0d83e4d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile-gpvpn.palantir.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mobile-gpvpn.palantir.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c3acf6fba00000403004630440220712793dcf51a00f238049b3a8c08eb8ceea4c7583ddda0391c15f28486666000022037f01ae7a7845a3ef81e7ab1b329140cd7399d1fafde0ec2c89a8740f48a241600770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c3acf6f660000040300483046022100fb5f39d5f5dfefb937d1c3e74c598558492c9d13a91dd8ead59b5847013df3fe022100f7125e13b0acd47f8fdb443741d95df906ca529fc970670320e6f1296ba9c2fd007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018c3acf6f74000004030048304602210087bb5c8ec545b14bf74c7414c676c0586c9ad14906c0d043d90e907d3c6cf021022100aa8707afd376a47dcaaeda69208c17dd6ce45f45fc7815452a28eaf9882ebbf1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00347e544110e37d73e16f493473383f7b5db4ceb5f3bd35bf1e1837bf2e009e414b569012f3ce8df4c24845c038f0f5b3a5d6a2224d9d3224961c1882c9645de2f59ac3909d1d97765efa6e9e82360aaa8f95b1f757111311052b7f2cbefe4016b9df57c3b15e5c4ab389f1af51941ceead7afaa1871059d49cd0fb506f6adfd36d382d9e22b0c5acd4e75fe210dab1c483f340a1b7405b4f16d66b46388793253e89b3be305720113f002d6e1b124ae37a537551f0691f13ddda2ca1e5f84255d4ac86f2be77a679ae920a9872ed873cd68a529fcc86c9e56fa2607a2d8c8e6e7af3647c52e16c21c989c54e221ff5e83952d475b34905e267c5da44b7f855ea