digitalpin-web.gemalto.com
- THALES -
Issued by Corporation Service Company RSA OV SSL CA
About this certificate
This digital certificate with serial number 8f:6b:08:80:c7:cd:d5:3f:66:2a:dc:0b:f8:66:21:3b was issued on by Corporation Service Company.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
THALES
Organization:
THALES
State / Province:
Ile-de-France
Country: FR
Country: FR
Corporation Service Company
Organization:
Corporation Service Company
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 8f:6b:08:80:c7:cd:d5:3f:66:2a:dc:0b:f8:66:21:3bSerial Number (int): 190635351623424181201732110298990911803
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 5a:48:2c:17:f1:68:8a:56:42:58:c0:29:4f:ff:36:26:f4:20:3a:3f
AuthorityKeyId: 38:d1:f4:0e:87:6c:16:37:1b:65:74:dd:26:ce:9e:cc:28:ac:22:1d
Fingerprint (sha1): 38:03:13:d2:cc:7b:4e:9a:2a:15:a9:5b:60:7a:f6:ea:87:76:ae:d0
Fingerprint (sha256): 15:e3:0c:66:7b:9f:26:01:f9:af:91:62:58:c2:ed:16:fb:9c:84:38:29:41:93:ec:62:64:c7:2b:73:91:ba:d9
Issuing Certificate URL: http://crt.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crl
Check the revocation status for certificate digitalpin-web.gemalto.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for digitalpin-web.gemalto.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
digitalpin-web.gemalto.com
www.digitalpin-web.gemalto.com
www.digitalpin-web.gemalto.com
Other certificates including the domain name gemalto.com
(limited to 100 certificates)
*.weballynis.gemalto.com
geolocsegm.spg.latallynis.gemalto.com
lync.gemalto.com
www.gemalto.com
*.eservices-lab.gemalto.com
lync.gemalto.com
*.mid.vrkfin.ew1.gp-dev02.acloud.gemalto.com
forums.charmhealth.com
scos3.gemalto.com
developer.gemalto.com
www6.gemalto.com
smtp2.gemalto.com
sip.gemalto.com
spring.gemalto.com
*.demo.gemalto.com
*.webaccess.gemalto.com
sspdev.bp-dev03.acloud.gemalto.com
ssp.bp03.acloud.gemalto.com
safenet.gemalto.com
status.appveyor.com
*.us.cbp.gemalto.com
selfservice.gemalto.com
*.latallynis.gemalto.com
boutique.gemalto.com
otp-api.latallynis.gemalto.com
*.idverification.gp.acloud.gemalto.com
www2.gemalto.com
tsh.portal.gemalto.com
pinbyweb.sgbrs.gemalto.com
stwp.gemalto.com
status.appveyor.com
ssp.bp03.acloud.gemalto.com
supportportal.gemalto.com
*.lte.dc.gemalto.com
barclaycard.gemalto.com
*.gemalto.com
*.gemalto.com
*.idverification.gp-staging.acloud.gemalto.com
go-videos.gemalto.com
odc-ops.gemalto.com
saas.lassoo.gemalto.com
gemalto.com
*.gemalto.com
*.latallynis.gemalto.com
jphsr-es4-in.osm.gemalto.com
forum.minicopters.nl
www.netsolutions.gemalto.com
www.aps.gemalto.com
*.ausdemo.gemalto.com
eventsregistration.gemalto.com
developer.gemalto.com
*.saas.gemalto.com
tbu-saleslms.gemalto.com
*.dlm.gemalto.com
vrkfin2.ew1.gp-dev02.acloud.gemalto.com
safenet.gemalto.com
odc-ops.gemalto.com
www6.gemalto.com
ddl-idp-uat.gemalto.com
tsh.portal.gemalto.com
*.gemalto.com
*.gemalto.com
wwwqa.aps.gemalto.com
shb.pindefinition.gemalto.com
latsmhub-client.tsm.gemalto.com
*.mobileconnect.gemalto.com
docs.sentinel.gemalto.com
gemalto.com
visio.gemalto.com
carta.dc1.prod.tsm.gemalto.com
*.mnfcweballynis.gemalto.com
*.gemalto.com
cel-auth.prod.odc-cloud.gemalto.com
selfcare.mobileconnect.gemalto.com
ibmp11vsharee01.smtp.ggsdc.gemalto.com
digitalpin-app.gemalto.com
lync.gemalto.com
project-s-client.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.allynisconnect.gemalto.com
digitalpin-web.gemalto.com
*.cbp.gemalto.com
int-tns.cbp-int.gemalto.com
telcodms.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.saas.gemalto.com
*.didarg.dwg.ue1.gp-dev03.acloud.gemalto.com
*.lab.ids-odc.gemalto.com
mail.aps.gemalto.com
go-videos.gemalto.com
ddl-sp-uat.gemalto.com
*.allynisconnect.gemalto.com
*.webaccess.gemalto.com
arkea.pinbyapp.gemalto.com
*.axtel.msi.acloud.gemalto.com
*.weballynis.gemalto.com
allynisconnect1.gemalto.com
m2m-communication.gemalto.com
status.appveyor.com
*.welcomeit.allynis.gemalto.com
geolocsegm.spg.latallynis.gemalto.com
lync.gemalto.com
www.gemalto.com
*.eservices-lab.gemalto.com
lync.gemalto.com
*.mid.vrkfin.ew1.gp-dev02.acloud.gemalto.com
forums.charmhealth.com
scos3.gemalto.com
developer.gemalto.com
www6.gemalto.com
smtp2.gemalto.com
sip.gemalto.com
spring.gemalto.com
*.demo.gemalto.com
*.webaccess.gemalto.com
sspdev.bp-dev03.acloud.gemalto.com
ssp.bp03.acloud.gemalto.com
safenet.gemalto.com
status.appveyor.com
*.us.cbp.gemalto.com
selfservice.gemalto.com
*.latallynis.gemalto.com
boutique.gemalto.com
otp-api.latallynis.gemalto.com
*.idverification.gp.acloud.gemalto.com
www2.gemalto.com
tsh.portal.gemalto.com
pinbyweb.sgbrs.gemalto.com
stwp.gemalto.com
status.appveyor.com
ssp.bp03.acloud.gemalto.com
supportportal.gemalto.com
*.lte.dc.gemalto.com
barclaycard.gemalto.com
*.gemalto.com
*.gemalto.com
*.idverification.gp-staging.acloud.gemalto.com
go-videos.gemalto.com
odc-ops.gemalto.com
saas.lassoo.gemalto.com
gemalto.com
*.gemalto.com
*.latallynis.gemalto.com
jphsr-es4-in.osm.gemalto.com
forum.minicopters.nl
www.netsolutions.gemalto.com
www.aps.gemalto.com
*.ausdemo.gemalto.com
eventsregistration.gemalto.com
developer.gemalto.com
*.saas.gemalto.com
tbu-saleslms.gemalto.com
*.dlm.gemalto.com
vrkfin2.ew1.gp-dev02.acloud.gemalto.com
safenet.gemalto.com
odc-ops.gemalto.com
www6.gemalto.com
ddl-idp-uat.gemalto.com
tsh.portal.gemalto.com
*.gemalto.com
*.gemalto.com
wwwqa.aps.gemalto.com
shb.pindefinition.gemalto.com
latsmhub-client.tsm.gemalto.com
*.mobileconnect.gemalto.com
docs.sentinel.gemalto.com
gemalto.com
visio.gemalto.com
carta.dc1.prod.tsm.gemalto.com
*.mnfcweballynis.gemalto.com
*.gemalto.com
cel-auth.prod.odc-cloud.gemalto.com
selfcare.mobileconnect.gemalto.com
ibmp11vsharee01.smtp.ggsdc.gemalto.com
digitalpin-app.gemalto.com
lync.gemalto.com
project-s-client.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.allynisconnect.gemalto.com
digitalpin-web.gemalto.com
*.cbp.gemalto.com
int-tns.cbp-int.gemalto.com
telcodms.spg.latallynis.gemalto.com
*.kyceux.ew1.gp-dev.acloud.gemalto.com
*.saas.gemalto.com
*.didarg.dwg.ue1.gp-dev03.acloud.gemalto.com
*.lab.ids-odc.gemalto.com
mail.aps.gemalto.com
go-videos.gemalto.com
ddl-sp-uat.gemalto.com
*.allynisconnect.gemalto.com
*.webaccess.gemalto.com
arkea.pinbyapp.gemalto.com
*.axtel.msi.acloud.gemalto.com
*.weballynis.gemalto.com
allynisconnect1.gemalto.com
m2m-communication.gemalto.com
status.appveyor.com
*.welcomeit.allynis.gemalto.com
Certificate
The complete raw certificate details for digitalpin-web.gemalto.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFyTCCBDGgAwIBAgIRAI9rCIDHzdU/ZircC/hmITswDQYJKoZIhvcNAQEMBQAw ZzELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0NvcnBvcmF0aW9uIFNlcnZpY2UgQ29t cGFueTEyMDAGA1UEAxMpQ29ycG9yYXRpb24gU2VydmljZSBDb21wYW55IFJTQSBP ViBTU0wgQ0EwHhcNMjQwNjEyMDAwMDAwWhcNMjUwNzAyMjM1OTU5WjBbMQswCQYD VQQGEwJGUjEWMBQGA1UECBMNSWxlLWRlLUZyYW5jZTEPMA0GA1UEChMGVEhBTEVT MSMwIQYDVQQDExpkaWdpdGFscGluLXdlYi5nZW1hbHRvLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBANaNh/nEgxuFi2k3Sfl9yYlwCG63SZqy7hNJ Z3FUHK2b0UGbp/2bnYsSnwmh1/tnSonDPQwO9k0yJta73nh6QXcB6i9a48fVuB5p NrM5Ak7oODQ13zPPdjv4KJGRSvNbMALb0kFYPIKfLRfUb/l6X31RuqxM4mzj2RsU ZDPGr4lzGNlR15oNQ1HQNN52EGDUBXosr0brm9MbKUf/VJa4CahIKjQ/BHmIGykU Byw8/Bpjtv+71Zt+K+RnPfd0AR5wnyp8A3js4pLZrT0QaFPNZt//MUC/wWTEz8Eb INs+Xw76md872bJT7DHssSrtV3zLtUeILLOLZVWSvhvI+LirzRMCAwEAAaOCAfow ggH2MB8GA1UdIwQYMBaAFDjR9A6HbBY3G2V03SbOnsworCIdMB0GA1UdDgQWBBRa SCwX8WiKVkJYwClP/zYm9CA6PzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0Bgsr BgEEAbIxAQICCDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQ UzAIBgZngQwBAgIwTwYDVR0fBEgwRjBEoEKgQIY+aHR0cDovL2NybC5zZWN0aWdv LmNvbS9Db3Jwb3JhdGlvblNlcnZpY2VDb21wYW55UlNBT1ZTU0xDQS5jcmwwfwYI KwYBBQUHAQEEczBxMEoGCCsGAQUFBzAChj5odHRwOi8vY3J0LnNlY3RpZ28uY29t L0NvcnBvcmF0aW9uU2VydmljZUNvbXBhbnlSU0FPVlNTTENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wRQYDVR0RBD4wPIIaZGlnaXRh bHBpbi13ZWIuZ2VtYWx0by5jb22CHnd3dy5kaWdpdGFscGluLXdlYi5nZW1hbHRv LmNvbTATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQwFAAOCAYEAcn23 bPA4WgHs7o3fhGsmPJ/k7WU9dD/drxorCwfG10CS5aWLdRglyIbPYl6Hi8oIQouC GOpkOvXuJQgbq5u9fnj4flq+YserMf1o4d0f9eAE+pvR63KRs9CK7jrb0dOEu7fN 8cxHEeNqTKpHRDRCrG82XOfMZLwV0vDEq0gcfMCzDcAupTxmJGZXJfbkjqvSipBU zw0/Ncmg4p9h8bSBNu48PYgXveY6NQY7AnyYfeuFuxDabr9PJNNsY95hxDpos6wx cJEfvwqxeOhKEV2HzYUzuotm1F8Cftk4Qr0b2U08VdbE4X5eKJ+ToTj/8cNq1WTg K8DY3XFmxGSTnDUL9NN5F3pksRmPMW9nmrcXB0l6GtbZrIUHjTCtgf+fZeS3VDXr c0qsHb5rBCmZH+c0kA4RaoYNjGyqp0OIyDxwTx+3QzAqGw9GtkTYaTqe3jz4rdeU V70ckb+6C5/3Aud5CWDmXO1VJqccBjTbYa5mXj6eOVWM0kKE0qV7nh36KWww -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o2H+cSDG4WLaTdJ+X3J iXAIbrdJmrLuE0lncVQcrZvRQZun/ZudixKfCaHX+2dKicM9DA72TTIm1rveeHpB dwHqL1rjx9W4Hmk2szkCTug4NDXfM892O/gokZFK81swAtvSQVg8gp8tF9Rv+Xpf fVG6rEzibOPZGxRkM8aviXMY2VHXmg1DUdA03nYQYNQFeiyvRuub0xspR/9UlrgJ qEgqND8EeYgbKRQHLDz8GmO2/7vVm34r5Gc993QBHnCfKnwDeOziktmtPRBoU81m 3/8xQL/BZMTPwRsg2z5fDvqZ3zvZslPsMeyxKu1XfMu1R4gss4tlVZK+G8j4uKvN EwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 190635351623424181201732110298990911803 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company RSA OV SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ile-de-France' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'THALES' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'digitalpin-web.gemalto.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27084788876387543811331651105842737650661095428237740357131307047731112932737989542130016872802460293976180745161350390640346704447691342266566044184569148553926370718530520834216531880522029267711623300009729408819128888419383719861053278710061546249521818689306467006565187703584779051966726813382932400026750447070364905207421681860631009790890856319808958215649936263928511585105946670655764707796126464568931654595819497321116798635152625707370461603084182487071335315706506062534813517710197135918865139514033948371125609358432312997826727061818190757397969923035875601766078715554676199836749856323723359669523 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 38d1f40e876c16371b6574dd26ce9ecc28ac221d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a482c17f1688a564258c0294fff3626f4203a3f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/CorporationServiceCompanyRSAOVSSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digitalpin-web.gemalto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.digitalpin-web.gemalto.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00727db76cf0385a01ecee8ddf846b263c9fe4ed653d743fddaf1a2b0b07c6d74092e5a58b751825c886cf625e878bca08428b8218ea643af5ee25081bab9bbd7e78f87e5abe62c7ab31fd68e1dd1ff5e004fa9bd1eb7291b3d08aee3adbd1d384bbb7cdf1cc4711e36a4caa47443442ac6f365ce7cc64bc15d2f0c4ab481c7cc0b30dc02ea53c6624665725f6e48eabd28a9054cf0d3f35c9a0e29f61f1b48136ee3c3d8817bde63a35063b027c987deb85bb10da6ebf4f24d36c63de61c43a68b3ac3170911fbf0ab178e84a115d87cd8533ba8b66d45f027ed93842bd1bd94d3c55d6c4e17e5e289f93a138fff1c36ad564e02bc0d8dd7166c464939c350bf4d379177a64b1198f316f679ab71707497a1ad6d9ac85078d30ad81ff9f65e4b75435eb734aac1dbe6b0429991fe734900e116a860d8c6caaa74388c83c704f1fb743302a1b0f46b644d8693a9ede3cf8add79457bd1c91bfba0b9ff702e7790960e65ced5526a71c0634db61ae665e3e9e39558cd24284d2a57b9e1dfa296c30