bnp22b.bnpparibas.com

- BNP PARIBAS SA -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0b:2b:e1:f4:cb:c5:b7:bf:7c:db:13:42:25:89:58:61 was issued on by DigiCert Inc.

With 92 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

BNP PARIBAS SA

Organization: BNP PARIBAS SA
State / Province: Île-de-France
Locality: MONTREUIL
Country: FR

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0b:2b:e1:f4:cb:c5:b7:bf:7c:db:13:42:25:89:58:61
Serial Number (int): 14849359655448030401900869939070851169
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 11:f3:51:e6:de:b2:ca:0b:06:b2:73:30:5e:6b:66:40:43:23:a3:0e
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 11:f6:81:c2:0d:1c:41:3e:4a:81:fb:90:6d:91:7e:aa:60:d5:c3:1d
Fingerprint (sha256): 15:8f:12:64:92:ce:77:33:c1:c9:93:a8:54:80:e2:f3:dc:76:fa:1c:4c:11:27:46:74:14:46:29:7a:b4:84:e8

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate bnp22b.bnpparibas.com

92

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bnp22b.bnpparibas.com

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Agreement

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bnp22b.bnpparibas.com
adobeconnector.uat.arval.com
api.dev.arval.com
apistore.bnpparibascardif.com
aprendecontuseguro.pe
assistanceconnector.pre.arval.com
atenciongexfalabella.cardif.com.pe
atenciongexsodimac.cardif.com.pe
atenciongextottus.cardif.com.pe
b2b.pre.arval.com
b2b.uat.arval.com
beneficioseguro.pe
bienvenidoatuseguro.pe
c-mfa.cardif.api.bnpparibas
c-mfa.cardif.api.staging.bnpparibas
cardif-europe-mfa.api.staging.bnpparibas
cardif-europe-pub.api.staging.bnpparibas
cardif-fr.developer.staging.api.bnpparibas
cardif-france.developer.staging.api.bnpparibas
ce.developer.api.bnpparibas
cidp-mfa.cardif.api.staging.bnpparibas
cidp-pub.cardif.api.staging.bnpparibas
cidp-sandbox-pub.cardif.api.staging.bnpparibas
cidpp.cardif.api.staging.bnpparibas
cidpsbp.cardif.api.staging.bnpparibas
clientegexfalabella.cardif.com.pe
clientegexsodimac.cardif.com.pe
clientegextottus.cardif.com.pe
cms-static.uat.arval.com
cms.pre.arval.com
cms.uat.arval.com
collections.uat.arval.com
controldefacturas.cardif.com.pe
core.corporate-mfa.cardif.api.staging.bnpparibas
corporate-mfa.cardif.api.bnpparibas
corporate-mfa.cardif.api.staging.bnpparibas
corporate-sandbox-mfa.cardif.api.staging.bnpparibas
corporate-sandbox-pub.cardif.api.staging.bnpparibas
current.corporate-mfa.cardif.api.bnpparibas
current.corporate-mfa.cardif.api.staging.bnpparibas
customer-reporting.uat.arval.com
cvo.pre.arval.com
e-services-it.uat.arval.com
e-services.pre.arval.it
ebizit.uat.arval.com
ecosistemas.cardif.com.pe
es-pub.cardif.api.bnpparibas
es-pub.cardif.api.staging.bnpparibas
expertws-remktg.pre.arval.com
expertws-remktg.uat.arval.com
ext-iam.uat.arval.com
falabellagexsiteasesores.cardif.com.pe
foundation.corporate-mfa.cardif.api.staging.bnpparibas
foundation.corporate-pub.cardif.api.staging.bnpparibas
fr-mfa-cardif-sd.api.bnpparibas
gexfalabella.cardif.com.pe
gexsodimac.cardif.com.pe
gextottus.cardif.com.pe
huweb.pre.arval.com
iam.uat.myrentingonline.com
identity.pre.arval.com
ifas-cz-p.cardif.api.staging.bnpparibas
ifas-cz-pub.cardif.api.bnpparibas
ifas-cz-sandbox-pub.cardif.api.staging.bnpparibas
monespace-ppd.partenairesautomobiles.fr
monespace.partenairesautomobiles.fr
monespace.staging.partenairesautomobiles.fr
motortrade.uat.arval.co.uk
my.pre.arval.com
partners.int.arval.fr
pifas-cz-p.cardif.api.bnpparibas
prev-ind-c03.staging.bnpparibas.net
registrazione.bnpparibascardif.it
remktg-rest.pre.arval.com
remktg-rest.uat.arval.com
segur.pe
segurocajaarequipa.pe
seguroscajaarequipa.cardif.com.pe
seguroscajacatperu.cardif.com.pe
seguroscajasullana.cardif.com.pe
segurosfinancieraconfianza.cardif.com.pe
segurosfinancieraoh.cardif.com.pe
segurosmaf.cardif.com.pe
sfdcconnector.uat.arval.fr
tusegurocontodo.pe
tuseguroh.pe
virtualniordinace.cardif.cz
www.monespace-ppd.partenairesautomobiles.fr
www.monespace.partenairesautomobiles.fr
www.monespace.staging.partenairesautomobiles.fr
www.registrazione.bnpparibascardif.it
www.virtualniordinace.cardif.cz

Other certificates including the domain name bnpparibas.com

(limited to 100 certificates)
bnp16b.bnpparibas.com
porta.bnpparibas.com
bnp04s.bnpparibas.com
bnp05b.bnpparibas.com
bnp12b.bnpparibas.com
bnp11b.bnpparibas.com
dna-wp.bnpparibas.com
pls-mytools-rec3.staging.bnpparibas.com
cdx-rec.bnpparibas.com
us-cortex.bnpparibas.com
planetshares-mytools.bnpparibas.com
eqd-globalmarkets.bnpparibas.com
securitiesrec-bluegreen.bnpparibas.com
vulcan-brio.sso-stg.bnpparibas.com
bnp02tpc.bnpparibas.com
f17aaabc20bfe045075927934fed52d21.bnpparibas.com
www.vendor-academy.leasingsolutions.bnpparibas.com
www.cards.bnpparibas.com
f17aaabc20bfe045075927934fed52d21.bnpparibas.com
group.bnpparibas.com
wow.bnpparibas.com
apis.bcef.caledonie.bnpparibas.com
indices-globalmarkets.bnpparibas.com
connexissupplychain.uat3.bnpparibas.com
clientportfolio.smartderivatives.bnpparibas.com
us-cortexfx.bnpparibas.com
europagoderec2.bnpparibas.com
bnp02tpc.bnpparibas.com
bnp05s.bnpparibas.com
bnp09b.bnpparibas.com
auth.staging.bnpparibas.com
bnp07s.bnpparibas.com
eqresearch.bnpparibas.com
front-rec.bnpparibas.com
www.gps-protocol.bnpparibas.com
india-netpay.bnpparibas.com
apac-faststream02.bnpparibas.com
mymobility-qual.staging.bnpparibas.com
bnp03sw.bnpparibas.com
imactions.uat.bnpparibas.com
bnp05b.bnpparibas.com
welcome-qual.staging.bnpparibas.com
connexissupplychain.uat1.bnpparibas.com
gctabsreporting-staging.bnpparibas.com
expe-122-opf.bnpparibas.com
bnp13b.bnpparibas.com
connexistrade-ls.bnpparibas.com
cxt-uat-ls.bnpparibas.com
staging.intdistrib-am.bnpparibas.com
brio.sso-stg.bnpparibas.com
int-qa2-cciweb.bnpparibas.com
sinmail3.asia.bnpparibas.com
bnp06s.bnpparibas.com
bnp05s.bnpparibas.com
entreprises.ere.bnpparibas
2016-u.leasingsolutions.bnpparibas.com
bnp07b.bnpparibas.com
smartderivatives.bnpparibas.com
account.onebank.bnpparibas.com
bnppf-dgi-collection.bnpparibas.com
fr-sdpp-prd-internet-stream01.bnpparibas.com
bnp07b.bnpparibas.com
int-bfx-newscci.bnpparibas.com
bnp03s.bnpparibas.com
bnp19b.bnpparibas.com
marketlinkedproducts.bnpparibas.com
wealthmanagement-staging.bnpparibas.com
wsgateway.bnpparibas.com
jp-cortexfx.bnpparibas.com
bnp01sw.bnpparibas.com
securitiesrec-link.bnpparibas.com
bnp09b.bnpparibas.com
bnp04s.bnpparibas.com
rewardsatwork.be
www.bnpparibas.com.br
spotbuying.mediaprocessing.bnpparibas.com
group.bnpparibas
clientportfolio.smartderivatives.bnpparibas.com
cce.bnpparibas.com
cdc-securities-link.portail-investisseur.com
markets360-test.bnpparibas.com
www.privalto.fr
push.connexiscash.bnpparibas.com
bnp09s.bnpparibas.com
matisse-compta.bnpparibas.com
ews-itg-ext.test.bnpparibas.com
www.primebroker.com
obbligazioni.bnpparibas.com
webtrends.bnpparibas.com
fao.bnpparibas.com
dna-promoter.bnpparibas.com
globalmarkets-pp.bnpparibas.com
bnp09b.bnpparibas.com
bnp04b.bnpparibas.com
cardif-asia-demo.dev.bnpparibas.com
bnp03s.bnpparibas.com
push.bnpparibas.com
bnp19b.bnpparibas.com
keys.bnpparibas.com
sinmail4.asia.bnpparibas.com

Certificate

The complete raw certificate details for bnp22b.bnpparibas.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIRzjCCELagAwIBAgIQCyvh9MvFt7982xNCJYlYYTANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yNDAxMTAwMDAwMDBa
Fw0yNDA1MjkyMzU5NTlaMHMxCzAJBgNVBAYTAkZSMRcwFQYDVQQIDA7DjmxlLWRl
LUZyYW5jZTESMBAGA1UEBxMJTU9OVFJFVUlMMRcwFQYDVQQKEw5CTlAgUEFSSUJB
UyBTQTEeMBwGA1UEAxMVYm5wMjJiLmJucHBhcmliYXMuY29tMFkwEwYHKoZIzj0C
AQYIKoZIzj0DAQcDQgAExTyUoEppr3DUPHKl0/K1a0tG4tkU22cNvYWckEFn8l/n
Jkn8DxQuIoQNkBkpLoyAJguVnGbgkNKJxUyx2COETaOCD0swgg9HMB8GA1UdIwQY
MBaAFLdrouqoqoSMeeq02g+YssWVdrn0MB0GA1UdDgQWBBQR81Hm3rLKCwayczBe
a2ZAQyOjDjCCC/EGA1UdEQSCC+gwggvkghVibnAyMmIuYm5wcGFyaWJhcy5jb22C
HGFkb2JlY29ubmVjdG9yLnVhdC5hcnZhbC5jb22CEWFwaS5kZXYuYXJ2YWwuY29t
gh1hcGlzdG9yZS5ibnBwYXJpYmFzY2FyZGlmLmNvbYIVYXByZW5kZWNvbnR1c2Vn
dXJvLnBlgiFhc3Npc3RhbmNlY29ubmVjdG9yLnByZS5hcnZhbC5jb22CImF0ZW5j
aW9uZ2V4ZmFsYWJlbGxhLmNhcmRpZi5jb20ucGWCIGF0ZW5jaW9uZ2V4c29kaW1h
Yy5jYXJkaWYuY29tLnBlgh9hdGVuY2lvbmdleHRvdHR1cy5jYXJkaWYuY29tLnBl
ghFiMmIucHJlLmFydmFsLmNvbYIRYjJiLnVhdC5hcnZhbC5jb22CEmJlbmVmaWNp
b3NlZ3Vyby5wZYIWYmllbnZlbmlkb2F0dXNlZ3Vyby5wZYIbYy1tZmEuY2FyZGlm
LmFwaS5ibnBwYXJpYmFzgiNjLW1mYS5jYXJkaWYuYXBpLnN0YWdpbmcuYm5wcGFy
aWJhc4IoY2FyZGlmLWV1cm9wZS1tZmEuYXBpLnN0YWdpbmcuYm5wcGFyaWJhc4Io
Y2FyZGlmLWV1cm9wZS1wdWIuYXBpLnN0YWdpbmcuYm5wcGFyaWJhc4IqY2FyZGlm
LWZyLmRldmVsb3Blci5zdGFnaW5nLmFwaS5ibnBwYXJpYmFzgi5jYXJkaWYtZnJh
bmNlLmRldmVsb3Blci5zdGFnaW5nLmFwaS5ibnBwYXJpYmFzghtjZS5kZXZlbG9w
ZXIuYXBpLmJucHBhcmliYXOCJmNpZHAtbWZhLmNhcmRpZi5hcGkuc3RhZ2luZy5i
bnBwYXJpYmFzgiZjaWRwLXB1Yi5jYXJkaWYuYXBpLnN0YWdpbmcuYm5wcGFyaWJh
c4IuY2lkcC1zYW5kYm94LXB1Yi5jYXJkaWYuYXBpLnN0YWdpbmcuYm5wcGFyaWJh
c4IjY2lkcHAuY2FyZGlmLmFwaS5zdGFnaW5nLmJucHBhcmliYXOCJWNpZHBzYnAu
Y2FyZGlmLmFwaS5zdGFnaW5nLmJucHBhcmliYXOCIWNsaWVudGVnZXhmYWxhYmVs
bGEuY2FyZGlmLmNvbS5wZYIfY2xpZW50ZWdleHNvZGltYWMuY2FyZGlmLmNvbS5w
ZYIeY2xpZW50ZWdleHRvdHR1cy5jYXJkaWYuY29tLnBlghhjbXMtc3RhdGljLnVh
dC5hcnZhbC5jb22CEWNtcy5wcmUuYXJ2YWwuY29tghFjbXMudWF0LmFydmFsLmNv
bYIZY29sbGVjdGlvbnMudWF0LmFydmFsLmNvbYIfY29udHJvbGRlZmFjdHVyYXMu
Y2FyZGlmLmNvbS5wZYIwY29yZS5jb3Jwb3JhdGUtbWZhLmNhcmRpZi5hcGkuc3Rh
Z2luZy5ibnBwYXJpYmFzgiNjb3Jwb3JhdGUtbWZhLmNhcmRpZi5hcGkuYm5wcGFy
aWJhc4IrY29ycG9yYXRlLW1mYS5jYXJkaWYuYXBpLnN0YWdpbmcuYm5wcGFyaWJh
c4IzY29ycG9yYXRlLXNhbmRib3gtbWZhLmNhcmRpZi5hcGkuc3RhZ2luZy5ibnBw
YXJpYmFzgjNjb3Jwb3JhdGUtc2FuZGJveC1wdWIuY2FyZGlmLmFwaS5zdGFnaW5n
LmJucHBhcmliYXOCK2N1cnJlbnQuY29ycG9yYXRlLW1mYS5jYXJkaWYuYXBpLmJu
cHBhcmliYXOCM2N1cnJlbnQuY29ycG9yYXRlLW1mYS5jYXJkaWYuYXBpLnN0YWdp
bmcuYm5wcGFyaWJhc4IgY3VzdG9tZXItcmVwb3J0aW5nLnVhdC5hcnZhbC5jb22C
EWN2by5wcmUuYXJ2YWwuY29tghtlLXNlcnZpY2VzLWl0LnVhdC5hcnZhbC5jb22C
F2Utc2VydmljZXMucHJlLmFydmFsLml0ghRlYml6aXQudWF0LmFydmFsLmNvbYIZ
ZWNvc2lzdGVtYXMuY2FyZGlmLmNvbS5wZYIcZXMtcHViLmNhcmRpZi5hcGkuYm5w
cGFyaWJhc4IkZXMtcHViLmNhcmRpZi5hcGkuc3RhZ2luZy5ibnBwYXJpYmFzgh1l
eHBlcnR3cy1yZW1rdGcucHJlLmFydmFsLmNvbYIdZXhwZXJ0d3MtcmVta3RnLnVh
dC5hcnZhbC5jb22CFWV4dC1pYW0udWF0LmFydmFsLmNvbYImZmFsYWJlbGxhZ2V4
c2l0ZWFzZXNvcmVzLmNhcmRpZi5jb20ucGWCNmZvdW5kYXRpb24uY29ycG9yYXRl
LW1mYS5jYXJkaWYuYXBpLnN0YWdpbmcuYm5wcGFyaWJhc4I2Zm91bmRhdGlvbi5j
b3Jwb3JhdGUtcHViLmNhcmRpZi5hcGkuc3RhZ2luZy5ibnBwYXJpYmFzgh9mci1t
ZmEtY2FyZGlmLXNkLmFwaS5ibnBwYXJpYmFzghpnZXhmYWxhYmVsbGEuY2FyZGlm
LmNvbS5wZYIYZ2V4c29kaW1hYy5jYXJkaWYuY29tLnBlghdnZXh0b3R0dXMuY2Fy
ZGlmLmNvbS5wZYITaHV3ZWIucHJlLmFydmFsLmNvbYIbaWFtLnVhdC5teXJlbnRp
bmdvbmxpbmUuY29tghZpZGVudGl0eS5wcmUuYXJ2YWwuY29tgidpZmFzLWN6LXAu
Y2FyZGlmLmFwaS5zdGFnaW5nLmJucHBhcmliYXOCIWlmYXMtY3otcHViLmNhcmRp
Zi5hcGkuYm5wcGFyaWJhc4IxaWZhcy1jei1zYW5kYm94LXB1Yi5jYXJkaWYuYXBp
LnN0YWdpbmcuYm5wcGFyaWJhc4InbW9uZXNwYWNlLXBwZC5wYXJ0ZW5haXJlc2F1
dG9tb2JpbGVzLmZygiNtb25lc3BhY2UucGFydGVuYWlyZXNhdXRvbW9iaWxlcy5m
coIrbW9uZXNwYWNlLnN0YWdpbmcucGFydGVuYWlyZXNhdXRvbW9iaWxlcy5mcoIa
bW90b3J0cmFkZS51YXQuYXJ2YWwuY28udWuCEG15LnByZS5hcnZhbC5jb22CFXBh
cnRuZXJzLmludC5hcnZhbC5mcoIgcGlmYXMtY3otcC5jYXJkaWYuYXBpLmJucHBh
cmliYXOCI3ByZXYtaW5kLWMwMy5zdGFnaW5nLmJucHBhcmliYXMubmV0giFyZWdp
c3RyYXppb25lLmJucHBhcmliYXNjYXJkaWYuaXSCGXJlbWt0Zy1yZXN0LnByZS5h
cnZhbC5jb22CGXJlbWt0Zy1yZXN0LnVhdC5hcnZhbC5jb22CCHNlZ3VyLnBlghVz
ZWd1cm9jYWphYXJlcXVpcGEucGWCIXNlZ3Vyb3NjYWphYXJlcXVpcGEuY2FyZGlm
LmNvbS5wZYIgc2VndXJvc2NhamFjYXRwZXJ1LmNhcmRpZi5jb20ucGWCIHNlZ3Vy
b3NjYWphc3VsbGFuYS5jYXJkaWYuY29tLnBlgihzZWd1cm9zZmluYW5jaWVyYWNv
bmZpYW56YS5jYXJkaWYuY29tLnBlgiFzZWd1cm9zZmluYW5jaWVyYW9oLmNhcmRp
Zi5jb20ucGWCGHNlZ3Vyb3NtYWYuY2FyZGlmLmNvbS5wZYIac2ZkY2Nvbm5lY3Rv
ci51YXQuYXJ2YWwuZnKCEnR1c2VndXJvY29udG9kby5wZYIMdHVzZWd1cm9oLnBl
ght2aXJ0dWFsbmlvcmRpbmFjZS5jYXJkaWYuY3qCK3d3dy5tb25lc3BhY2UtcHBk
LnBhcnRlbmFpcmVzYXV0b21vYmlsZXMuZnKCJ3d3dy5tb25lc3BhY2UucGFydGVu
YWlyZXNhdXRvbW9iaWxlcy5mcoIvd3d3Lm1vbmVzcGFjZS5zdGFnaW5nLnBhcnRl
bmFpcmVzYXV0b21vYmlsZXMuZnKCJXd3dy5yZWdpc3RyYXppb25lLmJucHBhcmli
YXNjYXJkaWYuaXSCH3d3dy52aXJ0dWFsbmlvcmRpbmFjZS5jYXJkaWYuY3owPgYD
VR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp
Y2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIDiDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS00LmNybDBAoD6g
PIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2
MjAyMENBMS00LmNybDB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0dHA6
Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2NhY2VydHMu
ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAM
BgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdQDuzdBk1dsa
zsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYzycTggAAAEAwBGMEQCIE1DzBsm
pSdGfPZySyh0KD2/VY9PKnkJszoS0vM5bhzjAiA71pm2x4EszFxrnOyiNpdJlI2D
QahnIEnA0rGGGuopTQB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABjPJxOB4AAAQDAEcwRQIgQ19A/woY9SKv4PoCVr1OufqXjZHYM6psXkdO8+Pd
8pcCIQCqJS59oNMLLJRp/t5l/h44BjcLqHHXQihrWRyrjhkV0QB3ANq2v2s/tbYi
n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABjPJxOHcAAAQDAEgwRgIhAJBBR6UW
DLH8DqpHVv3jiQIjxC3xrbd4txHiLf+2N2rJAiEA+IJqxlcIaBBZVXhQ2cYF6FLO
ntau5KOxAOK98M/H24AwDQYJKoZIhvcNAQELBQADggEBAKpgmvNDX3rV96ETqAzG
1T4brN9D8AklmaBFmFalohSA5AfXY0ZYkZXJ/FGkC6bKL9E+F7WpJHVGGlCvznpk
7020XkS+3TVD7ZULPOuhmsUi85urUK6REgx6KUV/Ds7lUX7pI+RRC/r5Nvyl4IrY
W0Gzyw5byXA0l5Ap2ZeGjSXfMnk+Abu3YMDXRak6bhqlYHelO7f1YWdP3tPSsSdp
yhlC6XGlw6G541IUbZ73I2Q78sX9J+vDrr1OX7dL3xjKmHVDlpXIKzgnFtnGO3EF
jL7c9OK+ZKutbftcmVAV8YC7qHLu29OJL4eEVQDbhit6mL89ZPyuc+MZZ1CcxHjw
I+0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExTyUoEppr3DUPHKl0/K1a0tG4tkU
22cNvYWckEFn8l/nJkn8DxQuIoQNkBkpLoyAJguVnGbgkNKJxUyx2COETQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14849359655448030401900869939070851169
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-29 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Île-de-France'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MONTREUIL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BNP PARIBAS SA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bnp22b.bnpparibas.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004c53c94a04a69af70d43c72a5d3f2b56b4b46e2d914db670dbd859c904167f25fe72649fc0f142e22840d9019292e8c80260b959c66e090d289c54cb1d823844d
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							11f351e6deb2ca0b06b273305e6b66404323a30e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (3048 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bnp22b.bnpparibas.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adobeconnector.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.dev.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apistore.bnpparibascardif.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aprendecontuseguro.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assistanceconnector.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'atenciongexfalabella.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'atenciongexsodimac.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'atenciongextottus.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2b.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2b.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beneficioseguro.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bienvenidoatuseguro.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'c-mfa.cardif.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'c-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cardif-europe-mfa.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cardif-europe-pub.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cardif-fr.developer.staging.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cardif-france.developer.staging.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ce.developer.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cidp-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cidp-pub.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cidp-sandbox-pub.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cidpp.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cidpsbp.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clientegexfalabella.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clientegexsodimac.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clientegextottus.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms-static.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'collections.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'controldefacturas.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'core.corporate-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporate-mfa.cardif.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporate-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporate-sandbox-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporate-sandbox-pub.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'current.corporate-mfa.cardif.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'current.corporate-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'customer-reporting.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cvo.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'e-services-it.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'e-services.pre.arval.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ebizit.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecosistemas.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'es-pub.cardif.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'es-pub.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'expertws-remktg.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'expertws-remktg.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ext-iam.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'falabellagexsiteasesores.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foundation.corporate-mfa.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foundation.corporate-pub.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fr-mfa-cardif-sd.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gexfalabella.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gexsodimac.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gextottus.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'huweb.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iam.uat.myrentingonline.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'identity.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ifas-cz-p.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ifas-cz-pub.cardif.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ifas-cz-sandbox-pub.cardif.api.staging.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monespace-ppd.partenairesautomobiles.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monespace.partenairesautomobiles.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monespace.staging.partenairesautomobiles.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'motortrade.uat.arval.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partners.int.arval.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pifas-cz-p.cardif.api.bnpparibas'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prev-ind-c03.staging.bnpparibas.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'registrazione.bnpparibascardif.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'remktg-rest.pre.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'remktg-rest.uat.arval.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'segur.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'segurocajaarequipa.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seguroscajaarequipa.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seguroscajacatperu.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seguroscajasullana.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'segurosfinancieraconfianza.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'segurosfinancieraoh.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'segurosmaf.cardif.com.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sfdcconnector.uat.arval.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tusegurocontodo.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tuseguroh.pe'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'virtualniordinace.cardif.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.monespace-ppd.partenairesautomobiles.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.monespace.partenairesautomobiles.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.monespace.staging.partenairesautomobiles.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.registrazione.bnpparibascardif.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.virtualniordinace.cardif.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							0388
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cf2713820000004030046304402204d43cc1b26a527467cf6724b2874283dbf558f4f2a7909b33a12d2f3396e1ce302203bd699b6c7812ccc5c6b9ceca2369749948d8341a8672049c0d2b1861aea294d00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cf271381e00000403004730450220435f40ff0a18f522afe0fa0256bd4eb9fa978d91d833aa6c5e474ef3e3ddf297022100aa252e7da0d30b2c9469fede65fe1e3806370ba871d742286b591cab8e1915d1007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018cf27138770000040300483046022100904147a5160cb1fc0eaa4756fde3890223c42df1adb778b711e22dffb6376ac9022100f8826ac65708681059557850d9c605e852ce9ed6aee4a3b100e2bdf0cfc7db80
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00aa609af3435f7ad5f7a113a80cc6d53e1bacdf43f0092599a0459856a5a21480e407d76346589195c9fc51a40ba6ca2fd13e17b5a92475461a50afce7a64ef4db45e44bedd3543ed950b3ceba19ac522f39bab50ae91120c7a29457f0ecee5517ee923e4510bfaf936fca5e08ad85b41b3cb0e5bc97034979029d997868d25df32793e01bbb760c0d745a93a6e1aa56077a53bb7f561674fded3d2b12769ca1942e971a5c3a1b9e352146d9ef723643bf2c5fd27ebc3aebd4e5fb74bdf18ca9875439695c82b382716d9c63b71058cbedcf4e2be64abad6dfb5c995015f180bba872eedbd3892f87845500db862b7a98bf3d64fcae73e31967509cc478f023ed