digitalpin-app.gemalto.com
- THALES -
Issued by Corporation Service Company RSA OV SSL CA
About this certificate
This digital certificate with serial number ba:fa:3d:6a:3d:7e:a7:b5:2f:0c:55:c7:0a:c0:66:e4 was issued on by Corporation Service Company.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
THALES
Organization:
THALES
State / Province:
Ile-de-France
Country: FR
Country: FR
Corporation Service Company
Organization:
Corporation Service Company
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): ba:fa:3d:6a:3d:7e:a7:b5:2f:0c:55:c7:0a:c0:66:e4Serial Number (int): 248535727074830810760983370965710825188
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: f4:ea:6c:da:06:29:de:b9:c4:57:48:3b:37:b4:fb:27:1b:54:ff:98
AuthorityKeyId: 38:d1:f4:0e:87:6c:16:37:1b:65:74:dd:26:ce:9e:cc:28:ac:22:1d
Fingerprint (sha1): ba:aa:f0:f3:6b:7c:3c:f7:4c:9d:67:8c:44:c6:e0:1d:ac:4e:23:59
Fingerprint (sha256): 14:76:83:e7:7f:ff:10:2a:2d:d1:1f:5a:1e:13:33:6c:c4:f4:4c:09:07:c0:26:1d:91:36:f9:c8:4b:e4:26:9a
Issuing Certificate URL: http://crt.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crl
Check the revocation status for certificate digitalpin-app.gemalto.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for digitalpin-app.gemalto.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digitalpin-app.gemalto.com
www.digitalpin-app.gemalto.com
www.digitalpin-app.gemalto.com
Other certificates including the domain name gemalto.com
(limited to 100 certificates)
*.weballynis.gemalto.com
geolocsegm.spg.latallynis.gemalto.com
lync.gemalto.com
www.gemalto.com
*.eservices-lab.gemalto.com
lync.gemalto.com
*.mid.vrkfin.ew1.gp-dev02.acloud.gemalto.com
forums.charmhealth.com
scos3.gemalto.com
developer.gemalto.com
www6.gemalto.com
smtp2.gemalto.com
sip.gemalto.com
spring.gemalto.com
*.demo.gemalto.com
*.webaccess.gemalto.com
sspdev.bp-dev03.acloud.gemalto.com
ssp.bp03.acloud.gemalto.com
safenet.gemalto.com
status.appveyor.com
*.us.cbp.gemalto.com
selfservice.gemalto.com
*.latallynis.gemalto.com
boutique.gemalto.com
otp-api.latallynis.gemalto.com
*.idverification.gp.acloud.gemalto.com
www2.gemalto.com
tsh.portal.gemalto.com
pinbyweb.sgbrs.gemalto.com
stwp.gemalto.com
status.appveyor.com
ssp.bp03.acloud.gemalto.com
supportportal.gemalto.com
*.lte.dc.gemalto.com
barclaycard.gemalto.com
*.gemalto.com
*.gemalto.com
*.idverification.gp-staging.acloud.gemalto.com
go-videos.gemalto.com
odc-ops.gemalto.com
saas.lassoo.gemalto.com
gemalto.com
*.gemalto.com
*.latallynis.gemalto.com
jphsr-es4-in.osm.gemalto.com
forum.minicopters.nl
www.netsolutions.gemalto.com
www.aps.gemalto.com
*.ausdemo.gemalto.com
eventsregistration.gemalto.com
developer.gemalto.com
*.saas.gemalto.com
tbu-saleslms.gemalto.com
*.dlm.gemalto.com
vrkfin2.ew1.gp-dev02.acloud.gemalto.com
safenet.gemalto.com
odc-ops.gemalto.com
www6.gemalto.com
ddl-idp-uat.gemalto.com
tsh.portal.gemalto.com
*.gemalto.com
*.gemalto.com
wwwqa.aps.gemalto.com
shb.pindefinition.gemalto.com
latsmhub-client.tsm.gemalto.com
*.mobileconnect.gemalto.com
docs.sentinel.gemalto.com
gemalto.com
visio.gemalto.com
carta.dc1.prod.tsm.gemalto.com
*.mnfcweballynis.gemalto.com
*.gemalto.com
cel-auth.prod.odc-cloud.gemalto.com
selfcare.mobileconnect.gemalto.com
ibmp11vsharee01.smtp.ggsdc.gemalto.com
digitalpin-app.gemalto.com
lync.gemalto.com
project-s-client.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.allynisconnect.gemalto.com
digitalpin-web.gemalto.com
*.cbp.gemalto.com
int-tns.cbp-int.gemalto.com
telcodms.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.saas.gemalto.com
*.didarg.dwg.ue1.gp-dev03.acloud.gemalto.com
*.lab.ids-odc.gemalto.com
mail.aps.gemalto.com
go-videos.gemalto.com
ddl-sp-uat.gemalto.com
*.allynisconnect.gemalto.com
*.webaccess.gemalto.com
arkea.pinbyapp.gemalto.com
*.axtel.msi.acloud.gemalto.com
*.weballynis.gemalto.com
allynisconnect1.gemalto.com
m2m-communication.gemalto.com
status.appveyor.com
*.welcomeit.allynis.gemalto.com
geolocsegm.spg.latallynis.gemalto.com
lync.gemalto.com
www.gemalto.com
*.eservices-lab.gemalto.com
lync.gemalto.com
*.mid.vrkfin.ew1.gp-dev02.acloud.gemalto.com
forums.charmhealth.com
scos3.gemalto.com
developer.gemalto.com
www6.gemalto.com
smtp2.gemalto.com
sip.gemalto.com
spring.gemalto.com
*.demo.gemalto.com
*.webaccess.gemalto.com
sspdev.bp-dev03.acloud.gemalto.com
ssp.bp03.acloud.gemalto.com
safenet.gemalto.com
status.appveyor.com
*.us.cbp.gemalto.com
selfservice.gemalto.com
*.latallynis.gemalto.com
boutique.gemalto.com
otp-api.latallynis.gemalto.com
*.idverification.gp.acloud.gemalto.com
www2.gemalto.com
tsh.portal.gemalto.com
pinbyweb.sgbrs.gemalto.com
stwp.gemalto.com
status.appveyor.com
ssp.bp03.acloud.gemalto.com
supportportal.gemalto.com
*.lte.dc.gemalto.com
barclaycard.gemalto.com
*.gemalto.com
*.gemalto.com
*.idverification.gp-staging.acloud.gemalto.com
go-videos.gemalto.com
odc-ops.gemalto.com
saas.lassoo.gemalto.com
gemalto.com
*.gemalto.com
*.latallynis.gemalto.com
jphsr-es4-in.osm.gemalto.com
forum.minicopters.nl
www.netsolutions.gemalto.com
www.aps.gemalto.com
*.ausdemo.gemalto.com
eventsregistration.gemalto.com
developer.gemalto.com
*.saas.gemalto.com
tbu-saleslms.gemalto.com
*.dlm.gemalto.com
vrkfin2.ew1.gp-dev02.acloud.gemalto.com
safenet.gemalto.com
odc-ops.gemalto.com
www6.gemalto.com
ddl-idp-uat.gemalto.com
tsh.portal.gemalto.com
*.gemalto.com
*.gemalto.com
wwwqa.aps.gemalto.com
shb.pindefinition.gemalto.com
latsmhub-client.tsm.gemalto.com
*.mobileconnect.gemalto.com
docs.sentinel.gemalto.com
gemalto.com
visio.gemalto.com
carta.dc1.prod.tsm.gemalto.com
*.mnfcweballynis.gemalto.com
*.gemalto.com
cel-auth.prod.odc-cloud.gemalto.com
selfcare.mobileconnect.gemalto.com
ibmp11vsharee01.smtp.ggsdc.gemalto.com
digitalpin-app.gemalto.com
lync.gemalto.com
project-s-client.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.allynisconnect.gemalto.com
digitalpin-web.gemalto.com
*.cbp.gemalto.com
int-tns.cbp-int.gemalto.com
telcodms.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.saas.gemalto.com
*.didarg.dwg.ue1.gp-dev03.acloud.gemalto.com
*.lab.ids-odc.gemalto.com
mail.aps.gemalto.com
go-videos.gemalto.com
ddl-sp-uat.gemalto.com
*.allynisconnect.gemalto.com
*.webaccess.gemalto.com
arkea.pinbyapp.gemalto.com
*.axtel.msi.acloud.gemalto.com
*.weballynis.gemalto.com
allynisconnect1.gemalto.com
m2m-communication.gemalto.com
status.appveyor.com
*.welcomeit.allynis.gemalto.com
Certificate
The complete raw certificate details for digitalpin-app.gemalto.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHNTCCBZ2gAwIBAgIRALr6PWo9fqe1LwxVxwrAZuQwDQYJKoZIhvcNAQEMBQAw ZzELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0NvcnBvcmF0aW9uIFNlcnZpY2UgQ29t cGFueTEyMDAGA1UEAxMpQ29ycG9yYXRpb24gU2VydmljZSBDb21wYW55IFJTQSBP ViBTU0wgQ0EwHhcNMjQwNjEyMDAwMDAwWhcNMjUwNzAyMjM1OTU5WjBbMQswCQYD VQQGEwJGUjEWMBQGA1UECBMNSWxlLWRlLUZyYW5jZTEPMA0GA1UEChMGVEhBTEVT MSMwIQYDVQQDExpkaWdpdGFscGluLWFwcC5nZW1hbHRvLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBALBhB5z25UK6/QXMMcNAOVY1dlLYCbhg3Z9X 2haQnnR7NCSNm7eeNI7HEbBQ4ybqYqOF+fqKaVgOnI9NJiZPHO7C7/gYqYmeF8RE 8qC6XS23tiJJiiuPc5CgLIVefd/zHs2aM7lKO7z7p8539lo0VyjJ4SJH6eDqxjrW 289uHBU4K5DDAkgY0YEWHIuT6kNfszoQW8o6UK348N96nWuffnyJ1LOD3ILlCYAj stzkHP3td1nvF4pq3fKcHt5hYrMWzLtKaJYFlI9klGnHiI2gKc30bQEj5hRksbVw UNjDMSnZp9qt6HqSgrhJH82yQeSy+kAauocpjzVNtpFrwHqUXxkCAwEAAaOCA2Yw ggNiMB8GA1UdIwQYMBaAFDjR9A6HbBY3G2V03SbOnsworCIdMB0GA1UdDgQWBBT0 6mzaBineucRXSDs3tPsnG1T/mDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0Bgsr BgEEAbIxAQICCDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQ UzAIBgZngQwBAgIwTwYDVR0fBEgwRjBEoEKgQIY+aHR0cDovL2NybC5zZWN0aWdv LmNvbS9Db3Jwb3JhdGlvblNlcnZpY2VDb21wYW55UlNBT1ZTU0xDQS5jcmwwfwYI KwYBBQUHAQEEczBxMEoGCCsGAQUFBzAChj5odHRwOi8vY3J0LnNlY3RpZ28uY29t L0NvcnBvcmF0aW9uU2VydmljZUNvbXBhbnlSU0FPVlNTTENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wRQYDVR0RBD4wPIIaZGlnaXRh bHBpbi1hcHAuZ2VtYWx0by5jb22CHnd3dy5kaWdpdGFscGluLWFwcC5nZW1hbHRv LmNvbTCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUA3dzKNJXX4RYF55Uy+sef +D0cUN/bADoUEnYKLKy7yCoAAAGQC/LqEAAABAMARjBEAiAd9B73NZpY+mE98D5r sQCfMPcChMy0yi8HMZty5mmopgIgDg+7fX5q21qK2+sdf9ITTo/xC9RpkQSSYWI1 +MyUmH4AdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZAL8up3 AAAEAwBHMEUCIQD2QR2Uk3c3RZM1XWsp2FcN8VlfZoY04Fu+x04blZfniAIgN/07 bL6gv20OkMyC0AeR3zkQFWX61cHJ5fA/hx2uT0YAdgAS8U40vVNyTIQGGcOPP3oT +Oe1YoeInG0wBYTr5YYmOgAAAZAL8umpAAAEAwBHMEUCICNBO++gAW/vWPdDE9rR RdTUeZ7VGg4FITUUlmmk//YgAiEA9I5raULqCLVtbLVxzt9fYyDeVaPAvccNgGP8 0FviCA0wDQYJKoZIhvcNAQEMBQADggGBAIDP/1e0HoTbv87OchHNn0U7gDZh6hVg g7U1s6yALKGCwMcEoozzC1wGVzDzVK8d/bVuTzUsh7Mg+pEkGdRIMDO9iV0oGXGS pOdTlBzj7ngVIuiFPGO3RS5cWQM3n4FUAtB5Sl7q5BJbUmPkZ6mCOkn9qEsXCRGz t11CPCxHng3fn/0Aep3+6SL7AOEmxVkQox8PjMQAVmFqmwdfitce3TQZ7WC5ljiK qSkO44b2nClG21AxSgwHSCE4+vdl5EM2CCqlEhcS1O7GWE0c0D2Gw5AqKAqdIwZ0 HFLq85UW2k1PCKqhygCsZIciObq4LjtjmNgboOe1QGF7HTkcfe9wqp0Zt4Xpy9hd jdMOkaCcc0Q9dn1iRMdUuRgKJRkbzn9IMbShatXkoGNdKNl/79d/5fauZuUc097O z9wU2hsLBGlMCd5LQIuIZzfXe4TaF9VWTzzKbfo28H6ssi3eUlBZIMTX4waUG3Yl Dxwk9Xzjv3hzQAaJp7QqwC6eDzzmyWRm8Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGEHnPblQrr9Bcwxw0A5 VjV2UtgJuGDdn1faFpCedHs0JI2bt540jscRsFDjJupio4X5+oppWA6cj00mJk8c 7sLv+BipiZ4XxETyoLpdLbe2IkmKK49zkKAshV593/MezZozuUo7vPunznf2WjRX KMnhIkfp4OrGOtbbz24cFTgrkMMCSBjRgRYci5PqQ1+zOhBbyjpQrfjw33qda59+ fInUs4PcguUJgCOy3OQc/e13We8Ximrd8pwe3mFisxbMu0polgWUj2SUaceIjaAp zfRtASPmFGSxtXBQ2MMxKdmn2q3oepKCuEkfzbJB5LL6QBq6hymPNU22kWvAepRf GQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 248535727074830810760983370965710825188 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company RSA OV SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ile-de-France' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'THALES' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digitalpin-app.gemalto.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22265788821534557378539749559793920841529700638477689034501187358571788783161342123126345135133594120078751319397318312828385444044788420265114641656463314134163688216886554363557763455542761305179595787195317271775518333010218829875378124150004125011782847412108553808226507350358782577891808354575931049978876130360557195705956974088220873839105210974278691358712046040268349162379784651454790490000363340363294599789248230640771735407776767668465332991845115145378587412088664115123779467161255335135468158450526467142108084155743020193660232771180087974900199813824022691973345012648964757581162073677714072821529 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 38d1f40e876c16371b6574dd26ce9ecc28ac221d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4ea6cda0629deb9c457483b37b4fb271b54ff98 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digitalpin-app.gemalto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.digitalpin-app.gemalto.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a000001900bf2ea10000004030046304402201df41ef7359a58fa613df03e6bb1009f30f70284ccb4ca2f07319b72e669a8a602200e0fbb7d7e6adb5a8adbeb1d7fd2134e8ff10bd469910492616235f8cc94987e0076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34000001900bf2ea770000040300473045022100f6411d949377374593355d6b29d8570df1595f668634e05bbec74e1b9597e788022037fd3b6cbea0bf6d0e90cc82d00791df39101565fad5c1c9e5f03f871dae4f4600760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a000001900bf2e9a90000040300473045022023413befa0016fef58f74313dad145d4d4799ed51a0e052135149669a4fff620022100f48e6b6942ea08b56d6cb571cedf5f6320de55a3c0bdc70d8063fcd05be2080d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 0080cfff57b41e84dbbfcece7211cd9f453b803661ea156083b535b3ac802ca182c0c704a28cf30b5c065730f354af1dfdb56e4f352c87b320fa912419d4483033bd895d28197192a4e753941ce3ee781522e8853c63b7452e5c5903379f815402d0794a5eeae4125b5263e467a9823a49fda84b170911b3b75d423c2c479e0ddf9ffd007a9dfee922fb00e126c55910a31f0f8cc40056616a9b075f8ad71edd3419ed60b996388aa9290ee386f69c2946db50314a0c07482138faf765e44336082aa5121712d4eec6584d1cd03d86c3902a280a9d2306741c52eaf39516da4d4f08aaa1ca00ac64872239bab82e3b6398d81ba0e7b540617b1d391c7def70aa9d19b785e9cbd85d8dd30e91a09c73443d767d6244c754b9180a25191bce7f4831b4a16ad5e4a0635d28d97fefd77fe5f6ae66e51cd3dececfdc14da1b0b04694c09de4b408b886737d77b84da17d5564f3cca6dfa36f07eacb22dde52505920c4d7e306941b76250f1c24f57ce3bf7873400689a7b42ac02e9e0f3ce6c96466f1