www.dai-ichi-life.co.jp

- The Dai-ichi Life Insurance Company, Limited -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0a:30:9e:6c:b0:7c:06:c7:ad:93:3d:41:ad:65:77:6a was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

The Dai-ichi Life Insurance Company, Limited

Organization: The Dai-ichi Life Insurance Company, Limited
Organization unit: IT Business Process Planning Dept 01
State / Province: Tokyo
Locality: Chiyoda-ku
Country: JP

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:30:9e:6c:b0:7c:06:c7:ad:93:3d:41:ad:65:77:6a
Serial Number (int): 13544723439037059507480300136782198634
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 9a:1e:6c:30:3a:5b:12:57:bb:9e:f6:1d:bf:74:f4:a2:b7:9d:6d:07
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 1a:b0:f4:73:0b:99:11:78:f9:44:a3:17:5e:cd:46:dd:a8:45:68:4b
Fingerprint (sha256): 19:57:37:85:1d:c9:37:6e:dc:ba:28:59:dd:37:3a:4e:b1:d2:29:4b:16:ca:14:df:ef:6a:21:ba:1b:bb:1c:a3

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/ssca-sha2-g6.crl
CRL Distribution Point: http://crl4.digicert.com/ssca-sha2-g6.crl

Check the revocation status for certificate www.dai-ichi-life.co.jp

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.dai-ichi-life.co.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.dai-ichi-life.co.jp

Other certificates including the domain name dai-ichi-life.co.jp

(limited to 100 certificates)
image.ma.mirashiru.dai-ichi-life.co.jp
with-partner-sp-report-test2.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
M24EDV01.dept.dai-ichi-life.co.jp
stg5.mirashiru.dai-ichi-life.co.jp
selfs.dai-ichi-life.co.jp
with-partner.dai-ichi-life.co.jp
myportal-test.dai-ichi-life.co.jp
aa.dai-ichi-life.co.jp
aa.dai-ichi-life.co.jp
furikomm.dai-ichi-life.co.jp
mypage.dai-ichi-life.co.jp
successnet-system-test2.gp.dai-ichi-life.co.jp
M24EDV01.dept.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
rdvbov03.wdom.dai-ichi-life.co.jp
nenkintsushin.dai-ichi-life.co.jp
www.e4g.diagrams.dai-ichi-life.co.jp
furikomm.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
mypage.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
logi-sys.gp.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
www.consoli.dai-ichi-life.co.jp
selfs.dai-ichi-life.co.jp
with-partner-sp-report-test.dai-ichi-life.co.jp
furikomi.dai-ichi-life.co.jp
ssreport.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
ecommunication-test2.gp.dai-ichi-life.co.jp
c1-test.dai-ichi-life.co.jp
reportimage.dai-ichi-life.co.jp
www.e4g02.diagrams.dai-ichi-life.co.jp
furikomm.dai-ichi-life.co.jp
www.qa.dai-ichi-life.co.jp
with-partner-sp-report.dai-ichi-life.co.jp
M24EDV01.dept.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
www.eportal.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
ecom.dai-ichi-life.co.jp
wala.dai-ichi-life.co.jp
furikomi-st6.dai-ichi-life.co.jp
ecom.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
sp.dai-ichi-life.co.jp
M24EDV01.dept.dai-ichi-life.co.jp
wala.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
www.eportal.dai-ichi-life.co.jp
www.bo.diagrams.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
with-partner.dai-ichi-life.co.jp
selfs.dai-ichi-life.co.jp
furikomi.dai-ichi-life.co.jp
www.dai-ichi-life.co.jp
nenkintsushin.dai-ichi-life.co.jp
www.eportal.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
with-partner-sp-report-test2.dai-ichi-life.co.jp
with-partner-test.dai-ichi-life.co.jp
M24EDV01.dept.dai-ichi-life.co.jp
mirashiru.dai-ichi-life.co.jp
www.uploader-test.dai-ichi-life.co.jp
furikomm.dai-ichi-life.co.jp
selfs.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
qa-sys.dai-ichi-life.co.jp
rbi08104.wdom.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
selfs.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
furikomi-st6.dai-ichi-life.co.jp
tiss.dai-ichi-life.co.jp
mypage.dai-ichi-life.co.jp
group.dai-ichi-life.co.jp
c1-test.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
gexsus.dept.dai-ichi-life.co.jp
qa-sys.dai-ichi-life.co.jp
engage.dai-ichi-life.co.jp
c1-test.dai-ichi-life.co.jp
selfs.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
furikomm.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
www.dnavi.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
image.ma.mirashiru.dai-ichi-life.co.jp
www.wise.dai-ichi-life.co.jp
ecommunication.gp.dai-ichi-life.co.jp
qa-sys.dai-ichi-life.co.jp

Certificate

The complete raw certificate details for www.dai-ichi-life.co.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgIQCjCebLB8Bsetkz1BrWV3ajANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMjAzMDAwMDAwWhcN
MTkxMjA0MTIwMDAwWjCBujELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRMw
EQYDVQQHEwpDaGl5b2RhLWt1MTUwMwYDVQQKEyxUaGUgRGFpLWljaGkgTGlmZSBJ
bnN1cmFuY2UgQ29tcGFueSwgTGltaXRlZDEtMCsGA1UECxMkSVQgQnVzaW5lc3Mg
UHJvY2VzcyBQbGFubmluZyBEZXB0IDAxMSAwHgYDVQQDExd3d3cuZGFpLWljaGkt
bGlmZS5jby5qcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPOqn4p
S8SetdWUtJx69/Fx5/VFMwLuJ5G66a0+VCfl4TdRbyH7z8XJNcCuGjkyzpL2LBD4
Bil2vHSFgokgAKYDG3d4LwCfAAcN0atAe9UrX/6fgPvVMlsRJuBp8RiBPZ52gqOF
IV9UGF0QmVBObkOmepzRF1BFfJ+GGwV8eSPj+YDdJL5oo8lkPfxuKNR6ZwnULjIv
6JgdpnYiSoxy0QWQyJeM4koMHk6dGnY6KpzVIPQ0GzUMdkRoMMd8UjHG3ILmU2Wg
aoqXQjXo2idjcBr/9UFhkCHFYNaZb7wVu4QlZN3I9KQYZSOInhpZEjFdgwoKbztR
PN8dfx2A87rtXjECAwEAAaOCAuMwggLfMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjn
jUY4tCzhxtniMB0GA1UdDgQWBBSaHmwwOlsSV7ue9h2/dPSit51tBzAiBgNVHREE
GzAZghd3d3cuZGFpLWljaGktbGlmZS5jby5qcDAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0
dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilo
dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAE
RTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdp
Y2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUH
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDov
L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNB
LmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYApLkJkLQY
WBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFnceyV4AAABAMARzBFAiB+mK2O
jpbkzLzgZAtX+w+3QYa/98nRsWdOGBMxOuMCqAIhANadGKx/3wMyIfKNKk8ohHIP
Uk0R2LUNc/vMoNO1fwUUAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16g
gw8AAAFnceyWuAAABAMARzBFAiB7IH733zPdNL3dIH0iQUExRerSH5ovasIPLmgU
YJyEvwIhAKcxbxUlVdkMPbuiUZcQqgciAr0MKUzrJ07GOAyWKrThMA0GCSqGSIb3
DQEBCwUAA4IBAQA3OxaHtkaAiJKGGCCAFJR+/jvdMpJ5oVDSmoTJMut8O1p5W8WZ
ze9bX/ZsVBYv36knMNF+RGAidEjTEIBgYr2zNdcKyS5N2dK2LjV0ASB35i8g3EK9
OpHdgrxfxd3rzimuQ5v8nS6nzcD+RfXuhNhBMBo4GyQjUmENSm+SUC2/dzu18PB9
/HORxiSkTkEcVxpYpFgQUGX+UWU6n9lLWyILj/lbnSEBZz3/BSC1rUnEAYNJ3bkP
Rn7xskqHul1RGIW6e1AIquTQevppKx5l41dm88eYt6EBYyXL9ON3+hwWP1WS4UOY
Ey5cT/sMcxI2gg1jszM2sOdXxpcswJ0WIIRS
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs86qfilLxJ611ZS0nHr3
8XHn9UUzAu4nkbrprT5UJ+XhN1FvIfvPxck1wK4aOTLOkvYsEPgGKXa8dIWCiSAA
pgMbd3gvAJ8ABw3Rq0B71Stf/p+A+9UyWxEm4GnxGIE9nnaCo4UhX1QYXRCZUE5u
Q6Z6nNEXUEV8n4YbBXx5I+P5gN0kvmijyWQ9/G4o1HpnCdQuMi/omB2mdiJKjHLR
BZDIl4ziSgweTp0adjoqnNUg9DQbNQx2RGgwx3xSMcbcguZTZaBqipdCNejaJ2Nw
Gv/1QWGQIcVg1plvvBW7hCVk3cj0pBhlI4ieGlkSMV2DCgpvO1E83x1/HYDzuu1e
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13544723439037059507480300136782198634
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-04 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'JP'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Tokyo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chiyoda-ku'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Dai-ichi Life Insurance Company, Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT Business Process Planning Dept 01'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.dai-ichi-life.co.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22698567385662105104554336154457190762179484415273535899804992038347205048902083045625698505242587584398740760738475700255724612416914012039538757297980359134958791147064879669050692752684129173506488518524578079161447921249419482983115129513488768241070289064364012328368643958958535938918074230399351998144589933043692974534197050293383544524115562158688349944977402513522097073324990092394178797320115133836302408278817514814833939709891331481638923914038353576410603486756554603080381990139593044435799168355525897139757518596299576591458517552120665862632230073428969754853143869696161840663018720983413414518321
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9a1e6c303a5b1257bb9ef61dbf74f4a2b79d6d07
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dai-ichi-life.co.jp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/ssca-sha2-g6.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016771ec95e0000004030047304502207e98ad8e8e96e4ccbce0640b57fb0fb74186bff7c9d1b1674e1813313ae302a8022100d69d18ac7fdf033221f28d2a4f2884720f524d11d8b50d73fbcca0d3b57f05140076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016771ec96b8000004030047304502207b207ef7df33dd34bddd207d2241413145ead21f9a2f6ac20f2e6814609c84bf022100a7316f152555d90c3dbba2519710aa072202bd0c294ceb274ec6380c962ab4e1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00373b1687b6468088928618208014947efe3bdd329279a150d29a84c932eb7c3b5a795bc599cdef5b5ff66c54162fdfa92730d17e4460227448d310806062bdb335d70ac92e4dd9d2b62e3574012077e62f20dc42bd3a91dd82bc5fc5ddebce29ae439bfc9d2ea7cdc0fe45f5ee84d841301a381b242352610d4a6f92502dbf773bb5f0f07dfc7391c624a44e411c571a58a458105065fe51653a9fd94b5b220b8ff95b9d2101673dff0520b5ad49c4018349ddb90f467ef1b24a87ba5d511885ba7b5008aae4d07afa692b1e65e35766f3c798b7a1016325cbf4e377fa1c163f5592e14398132e5c4ffb0c731236820d63b33336b0e757c6972cc09d16208452